diff options
author | Mark Purcell <msp@debian.org> | 2013-07-09 15:55:55 +0100 |
---|---|---|
committer | Mark Purcell <msp@debian.org> | 2013-07-09 15:55:55 +0100 |
commit | 669109e369a1be69ff7c4108eb545eff4c5c26d9 (patch) | |
tree | 73c117a2e7dd22a7a6ee315101f6357ab43386ec /README.md |
libzrtpcpp (2.3.4-1) unstable; urgency=medium
* New upstream release
- Fixes "CVE-2013-2221 CVE-2013-2222 CVE-2013-2223" (Closes: #714650)
# imported from the archive
Diffstat (limited to 'README.md')
-rw-r--r-- | README.md | 105 |
1 files changed, 105 insertions, 0 deletions
diff --git a/README.md b/README.md new file mode 100644 index 0000000..cac0592 --- /dev/null +++ b/README.md @@ -0,0 +1,105 @@ +## GNU ZRTP C++ + +This package provides a library that adds ZRTP support to the GNU +ccRTP stack. Phil Zimmermann developed ZRTP to allow ad-hoc, easy to +use key negotiation to setup Secure RTP (SRTP) sessions. GNU ZRTP works +together with GNU ccRTP (1.5.0 or later) and provides a ZRTP +implementation that can be directly embedded into client and server +applications. + +The GNU ZRTP implementation is compliant to [RFC 6189][]. Currently GNU ZRTP +C++ supports the following features: + +* multi-stream mode +* Finite field Diffie-Helman with 2048 and 3072 bit primes +* Elliptic curve Diffie-Helman with 256 and 384 bit curves +* AES-128 and AES-256 symmetric cipher +* Twofish-128 and Twofish-256 bit symmetric ciphers +* The SRTP authentication methods HMAC-SHA1 with 32 bit and 80 bit length and + the Skein MAC with 32 bit and 64 bit length +* The Short Authentication String (SAS) type with base 32 encoding (4 + characters) + +Enhanced features like PBX SAS relay aka *trusted Man-in-the-Middle* or +preshared mode are not supported but the GNU ZRTP C++ implementation defines +the necessary external interfaces and functions for these enhanced features +(stubs only). + +### Interoperability +During the development of ZRTP and its sister implementation ZRTP4J (the Java +version of the ZRTP) Phil Zimmermann, his developers, and I worked together to +make sure Phil's [Zfone][] implementation and the GNU ZRTP implementations can +work together. + +[zfone]: http://zfoneproject.com/index.html + + +### Other implementations based on GNU ZRTP C++ + +The ZRTP4J implementation is a copycat of the original C++ code. I used the +same overall class structure and copied a lot of C++ functionality to Java. Of +course some Java adaptation were done, for example to overcome the problem of +non-existing pointers :-), thus I use some non-obvious array handling. If you +are interessted in the Java implementation of ZRTP then you may have a look +[here][javazrtp]. The Jitsi project uses the Java implementation. Jitsi is a +powerfull communication client and is definitely worth a [look][jitsi]. + +To enable C based code to use ZRTP C++ I did a C wrapper that offers the same +functionality to C based RTP implementations. The first use of the ZRTP C +wrapper was for the [PJSIP][] library, actually the RTP part of this +library. The ZRTP handler for PJSIP is [here][pjzrtp]. This port enables PJSIP +based clients to use ZRTP. One of the first clients that use this feature is +*[CSipSimple][]*, an very good open source Android SIP client. + +[pjsip]: http://www.pjsip.org +[pjzrtp]: https://github.com/wernerd/ZRTP4PJ +[javazrtp]: https://github.com/wernerd/ZRTP4J +[jitsi]: http://www.jitsi.org +[csipsimple]: http://code.google.com/p/csipsimple + + +### Some notes on GNU ZRTP C++ history +The first application that demonstrated the embedded ZRTP was Minisp (now +defunct). Minisip has it's own RTP stack and the very first version of this +embedded ZRTP implementation worked together with this specific RTP stack. + +A few weeks later I implemented the GNU ccRTP glue code and ZRTP became part +of the official GNU ccRTP project and was named GNU ZRTP C++. The Twinkle +softphone uses GNU ccRTP and GNU ZRTP C++ since it's 0.8.2 release and Michel +de Boer, the implementor of Twinkle, created a nice user interface. All +following versions of Twinkle include GNU ZRTP C++ as well. + + +### License and further information +Please note, this library is licensed under the GNU GPL, version 3 or +later, and has been copyright assigned to the Free Software Foundation. + +For further information refer to the [ZRTP FAQ][zrtpfaq] and the +[GNU ZRTP howto][zrtphow]. Both are part of the GNU Telephony wiki and are +located in its documentation category. + +[zrtphow]: http://www.gnutelephony.org/index.php/GNU_ZRTP_How_To +[zrtpfaq]: http://www.gnutelephony.org/index.php/ZRTP_FAQ +[rfc 6189]: http://tools.ietf.org/html/rfc6189 + +## Building GNU ZRTP C++ +Since version 1.6 GNU ZRTP C++ supports the *cmake* based build process +only. The cmake build process is simpler than the GNU automake/autoconf +process. To build GNU ZRTP C++ perform the following steps after you unpacked +the source archive or pulled the source from [Github][]: + + cd <zrtpsrc_dir> + mkdir build + cd build + cmake .. + make + +Running cmake in a separate `build` directory is the preferred way. Cmake and +the following `make` generate all files in or below the build directory. Thus +the base directory and the source directories are not polluted with `*.o`, +`*.la`, or other files that result from the build process. You may delete the +build directory and create a new one to start from fresh (this is the ultimate +`make clean` :-) ) or you may create a second directory to build with +different settings without mixing the two builds. + +[github]: http://github.com/wernerd/ZRTPCPP |