Hi Werner! Thanks for taking this up. AFAIK ZRTP requires to persistently store some data (e.g. for key continuity ...). Where will this be done? Automatically inside transport_zrtp or is it the application's task to store these date? regards Klaus Am 21.11.2010 11:07, schrieb Werner Dittmann: > Dear all, > > some members of this mailing list pointed me to the enhancement request to > implement ZRTP into the pjproject libraries. I browsed through the pj > sources and would like to make the following proposal to implement ZRTP > for pj. The follwing figure depicts at a high level the planned > implementation: > > +-----------+ > | | > | SRTP-ZRTP | > | | > +-----------+ > |C Wrapper | > +-----+-----+ > | > | uses > | > +----------------+ +-------+--------+ +-+-----------------+ > | App (pjsua) | | | |C| | > | creates a | uses | transport_zrtp | uses | | GNU ZRTP | > | ZRTP transport +------+ implements +------+W| core | > | and implements | | ZrtpCallback | |r| implementation | > |ZrtpUserCallback| | | |a| (ZRtp et al) | > +----------------+ +----------------+ |p| | > +-+-----------------+ > > Description: > > GNU ZRTP > GNU ZRTP is the existing ZRTP implementation that handles the ZRTP > protocol, performs necessary ZRTP computations, maintains some data in a > file etc. I implemented this part in C++ (it's stable, tested to work with > Phil Zimmermann's implementation) and it's licencse is GPL v3. Currently I > implemented a first version of a C Wrapper to make GNU ZRTP accessible to > C implementations. The C Wrapper covers the main functions already and will > be enhanced during the pj project implementation. GNU ZRTP is a library, > no requirement to have it as third party source in pjproject - it's already > available as part of the GNU ccRTP project. > > > transport_zrtp > This is a new pjmedia transport that links into the transport stream, > similar to the current SRTP transport. Thus transport acts as a filter that > controls the flow of ZRTP, RTP, and SRTP data. This is obviously a new > module. IMHO it should live in the pjmedia source, parallel to the other > transport modules. This module will be the main development during the > planned ZRTP integration. > > > SRTP-ZRTP > Instead of using the existing SRTP implementation I plan to use an own SRTP > implementation (also a C++ implementation that has a C Wrapper). Some > reasons why: the current libsrtp does not support AES 256 which is implemented > for ZRTP. In addition ZRTP defines some more modern authentiation mechanisms > in SRTP that I will implement step by step. In addition the ZRTP/SRTP module > uses either openSSL or libgcrpyt as crypto backends, thus no own implementation > of the AES cipher or bignum but reusing proven an well tested implementations. > This module would live in an apporpriate third party directory. > > > The callback stuff is implemented as usual. GNU ZRTP requires some external > support functions, for example to send data via RTP, get a mutex, etc. Because > these functions are system dependent the transport_zrtp module implements these > and provides them via callback to GNU ZRTP. transport_zrtp uses UserCallback > methods to inform the application about status changes, for example if security > was established, which cipher was engaded, and some other user interactions. > > To implement this stuff I obviously need some help from pjproject gurus, in > particular with the build and configuration stuff and the intrinsics of the > transport mechanisms. I would start to evaluate the transport_srtp and the > transport example to lower the learning curve. However, some support would > highly appreciated once I had a first rough draft of the transport_zrtp code. > > > Best regards, > Werner > > _______________________________________________ > Visit our blog: http://blog.pjsip.org > > pjsip mailing list > pjsip at lists.pjsip.org > http://lists.pjsip.org/mailman/listinfo/pjsip_lists.pjsip.org
