> On March 14, 2014, 4:12 a.m., Matt Jordan wrote: > > Ship It!
I appreciate the enthusiasm but I don't think it's ready quite yet... The code isn't conditional in any way and as I said various autoconf checks will need to be included to test for feature-openssl support in system libsrtp as well as AES-GCM support in OpenSSL. If I find myself with some time on my hands I may look into both of these but I'm not sure when that will happen (it almost never does, for some reason)! - Kristian ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviewboard.asterisk.org/r/3350/#review11199 ----------------------------------------------------------- On March 13, 2014, 5:54 p.m., Kristian Kielhofner wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviewboard.asterisk.org/r/3350/ > ----------------------------------------------------------- > > (Updated March 13, 2014, 5:54 p.m.) > > > Review request for Asterisk Developers. > > > Bugs: ASTERISK-22832 > https://issues.asterisk.org/jira/browse/ASTERISK-22832 > > > Repository: Asterisk > > > Description > ------- > > There is a version of libsrtp that supports AES-NI and AES-GCM mode: > https://github.com/cisco/libsrtp/pull/34 > > More on AES-GCM mode: > http://tools.ietf.org/html/draft-ietf-avtcore-srtp-aes-gcm-10 > http://2013.diac.cr.yp.to/slides/gueron.pdf > > AES-GCM mode improves the performance of SRTP on systems with and without > support for the AES-NI instruction set. > > This patch implements 128 bit AES GCM mode with SRTP. Significantly more work > will be required to support 192 and 256 bit AES regardless of mode. Various > build stuffs will also need to be updated with the required checks for > AES-GCM support in libsrtp and OpenSSL. > > "Big AES" (including 256 GCM) should probably be implemented with a separate > patch/bug/review: > > http://tools.ietf.org/html/rfc6188 > > > Diffs > ----- > > /trunk/res/res_srtp.c 402525 > /trunk/main/sdp_srtp.c 402525 > /trunk/include/asterisk/sdp_srtp.h 402525 > /trunk/include/asterisk/res_srtp.h 402525 > > Diff: https://reviewboard.asterisk.org/r/3350/diff/ > > > Testing > ------- > > Successfully tested call setup and audio exchange with patched pjsip client > and FreeSWITCH. > > > Thanks, > > Kristian Kielhofner > >
-- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-dev mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-dev
