Hi, Michael and Tim,
Thanks for the help. It looks like Mark Spencer checked in some basic IAX encryption code in Dec, 2004. When "encryption" is set, IAX encrypts frames using AES128 which is the only supported algorithm. As of clients, I would think KIAX and DIAX would work as well.
Thanks
-Scott
Date: Wed, 28 Sep 2005 14:28:11 -0700
From: Michael Jia <[EMAIL PROTECTED]>
Subject: Re: [Asterisk-Users] Voice Encryption
To: Asterisk Users Mailing List - Non-Commercial Discussion
<[email protected]>
Cc: [EMAIL PROTECTED]
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset="iso-8859-1"
Hi, Scott
The source code I found is in chan_iax.c, from the name of parameters, it
looks like it is using
AES. Can anyone here confirm that?
static int encrypt_frame(aes_encrypt_ctx *ecx, struct ast_iax2_full_hdr *fh,
unsigned char *poo, int *datalen)
{
int padding;
unsigned char *workspace;
workspace = alloca(*datalen + 32);
if (!workspace)
return -1;
if (ntohs(fh->scallno) & IAX_FLAG_FULL) {
struct ast_iax2_full_enc_hdr *efh = (struct ast_iax2_full_enc_hdr *)fh;
if (option_debug)
ast_log(LOG_DEBUG, "Encoding full frame with length %d\n", *datalen);
padding = 16 - ((*datalen - sizeof(struct ast_iax2_full_enc_hdr)) % 16);
padding = 16 + (padding & 0xf);
memcpy(workspace, poo, padding);
memcpy(workspace + padding, efh->encdata, *datalen - sizeof(struct
ast_iax2_full_enc_hdr));
*datalen += padding;
workspace[15] &= 0xf0;
workspace[15] |= (padding & 0xf);
memcpy_encrypt(efh->encdata, workspace, *datalen, ecx);
if (*datalen >= 32 + sizeof(struct ast_iax2_full_enc_hdr))
memcpy(poo, workspace + *datalen - 32, 32);
} else {
struct ast_iax2_mini_enc_hdr *efh = (struct ast_iax2_mini_enc_hdr *)fh;
if (option_debug)
ast_log(LOG_DEBUG, "Encoding mini frame with length %d\n", *datalen);
padding = 16 - ((*datalen - sizeof(struct ast_iax2_mini_enc_hdr)) % 16);
padding = 16 + (padding & 0xf);
memset(workspace, 0, padding);
memcpy(workspace + padding, efh->encdata, *datalen - sizeof(struct
ast_iax2_mini_enc_hdr));
workspace[15] &= 0xf0;
workspace[15] |= (padding & 0x0f);
*datalen += padding;
memcpy_encrypt(efh->encdata, workspace, *datalen, ecx);
if (*datalen >= 32 + sizeof(struct ast_iax2_mini_enc_hdr))
memcpy(poo, workspace + *datalen - 32, 32);
}
return 0;
}
On 9/28/05, tim panton <[EMAIL PROTECTED]> wrote:
>
>
> On 28 Sep 2005, at 07:26, Michael Jia wrote:
>
> Hi, Scott
>
> This is Michael Jia. So far, I searched the lists and with the following
> email threads
> http://lists.digium.com/pipermail/asterisk-dev/2004-December/008295.html
> I don't know what is the current working status now. Maybe somone in the
> lists
> knows.
>
>
> Last I heard IAX2 in CVS Head has encryption that works between 2 asterisk
> systems. There is no documentation (yet) except the source code, and no
> clients that support it (yet).
>
> Tim.
>
>
>
_______________________________________________ --Bandwidth and Colocation sponsored by Easynews.com --
Asterisk-Users mailing list [email protected] http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
