Author |
|
speedvoip Vetran
Joined: August 07 2008 Location: Canada Posts: 156
|
Posted: December 12 2008 at 11:35am | IP Logged
|
|
|
Hi Support:
For latest v6.0.0.3 image, there is bug related to encrypt/decrypt SIP message. when I use proprietary algorithm which converts SIP message into non-ASCII byte stream, ModifySIPMessage API still regards it into string for process, therefore results in broken byte stream transmission or reception.
Most simple example is to use XOR byte by byte for encryption/decryption algorithm for testing.
On the whole, I think media engine must be carefully tested until release. In my opinion, there is far way to commercial level.
|
Back to Top |
|
|
support Administrator
Joined: January 26 2005 Location: United States Posts: 1666
|
Posted: December 12 2008 at 3:18pm | IP Logged
|
|
|
Hi George,
The media engine expects the encrypted SIP message to consist of printable ASCII characters – not binary data. This is by design.
Is there a fundamental reason that you insist on using binary data encryption? What am I missing?
Unless you are facing an encryption sip-inter-op issue with other equipment, take all of your XORed SIP data and perform a final convertion to ASCII hex characters then let the media engine transmit/receive that. The same level of SIP message obfuscation will be achieved.
If we have to support binary data for encrypted SIP, that should not be a problem. Give me your encrypt/decrypt algorithm and we will see if we can support it easily. Don’t worry, its all ok…..
Other Notes:
By the way, I am working on the “bo bo” noise update as we speak. Please email me with the SIP account information I can use to perform live testing if required.
Thanks,
Randal
|
Back to Top |
|
|
Suki Intermediate
Joined: December 13 2008 Location: China Posts: 1
|
Posted: December 13 2008 at 2:03am | IP Logged
|
|
|
Hi Support:
I'm Suki, a developer of speedvoip corporation.
Here, I post our encryption/decryption algorithm of sip message. This algorithm which is described as follows in ANSI C applies for both operation.
Code:
#define RF_SECURITY_KEY 0X4854
#define RF_END_KEY 0X53
void ByteAlgorithm(IN char *pMsg, IN unsigned short nMsglen)
{
int i;
unsigned short endnum = 0;
if(nMsglen <= 0)
{
return ;
}
endnum = nMsglen;
//if odd, encrypt the end byte
if(0 != nMsglen % 2)
{
endnum = nMsglen -1;
*(pMsg + endnum ) = *(pMsg + endnum) ^ RF_END_KEY;
}
for(i = 0; i<endnum; ++i)
{
*(pMsg + i) = RF_SECURITY_KEY^ *(pMsg + i);
}
*(pMsg + nMsglen) = '\0';
}
|
|
|
|
Back to Top |
|
|
support Administrator
Joined: January 26 2005 Location: United States Posts: 1666
|
Posted: December 13 2008 at 6:42am | IP Logged
|
|
|
Hi Suki,
Thanks for posting to this forum.
We will take a look and see what updates will allow the media engine to use binary data encoding/decoding for SIP messages. If its not too much of a change, then we may include the update when we remove the “bo bo” noise issue George reported.
Its Saturday today and I will be working on your behalf today.
Thanks,
Randal
|
Back to Top |
|
|
support Administrator
Joined: January 26 2005 Location: United States Posts: 1666
|
Posted: December 18 2008 at 3:36pm | IP Logged
|
|
|
Hi George and Suki,
We have looked at what it will take to support native binary data handling of SIP messages for encoding/decoding. It will take more than a few simple changes.
If you want to obfuscate media engine SIP messages, you will have to resort to the following method:
Encoding SIP Messages:
1)
Have your VOIP app process the SipModifySipMessage immediate event to access the “ready-to-be-transmitted” media engine SIP message.
2)
Use your XOR binary algorithm on the SIP message.
3)
Perform a final Base64 encoding of your binary data and call the ModifySipMessage API proc as normal.
Decoding SIP Messages:
1)
Have your VOIP app process the SipModifySipMessage immediate event.
2)
Take the received Base64 data you receive from the media engine and Base 64 decode it back to your XOR binary encoding.
3)
Use your XOR binary algorithm on data from step 2 to decode your XOR data back to the original SIP message.
As I previously stated, the media engine supports SIP message encoding/decoding for obfuscation purposes. By design the media engine expects to handle ASCII data with regards to SIP message flows.
We won’t be adding binary SIP message handling to the media engine unless it is absolutely necessary. If it is necessary, then we would consider this a custom version of the media engine and would perform the work only on a contract basis. If you can budget for us to add binary SIP message handling to the product – not a problem. We can get it scheduled right away.
Thanks,
Randal
|
Back to Top |
|
|
speedvoip Vetran
Joined: August 07 2008 Location: Canada Posts: 156
|
Posted: December 19 2008 at 11:35am | IP Logged
|
|
|
Hi Randal:
You have fully explained principle for SIP message obfuscation. We think your advice is constructive, so a thin base64 wrapper to binary-powered SIP message will be added into our application.
Thanks
|
Back to Top |
|
|