[EMAIL PROTECTED] wrote:
>
> Mike,
>
> Thank you for responding. I would like to take you up on the offer of
> guidance surrounding this issue.
>
> We have a custom encryption dll we created and would like to use
> (either by making explicit calls to it or by modifying it to allow for
> "drop-in" implementation).
>
> What would be the best way to use what we have already into what
> currently exists?
There is not a good drop-in solution for swapping out the encryption
provider (if you do come up with a 'drop-in' architecture, I think it
would be a great contribution to the project).
However, the code that invokes the secure sockets is pretty localized.
For SIP Signaling / SMIME:
So, there are a couple of new classes you will need to create:
1. An OsConnectionSocket derived class representing a secure client
connection socket.
(The analagous Mozilla NSS implementation is OsTLSConnectionSocket)
2. An OsServerSocket derived class representing a secure server.
(The analagous Mozilla NSS implementation is OsTLSServerSocket)
Take a look at the Mozilla NSS implementations (OsTLS*.cpp and OsTLS*.h)
for reference.
After you have created your own derived classes for secure sockets, you
can change SipClient.cpp and SipTlsServer.cpp to use your implementation.
For SRTP:
(This is for the sipxtapi branch, not sipxtapi-media-update, which may
be different).
In CpPhoneMediaInterface::startRtpSend, you can check to see if the call
has been created with a request for srtp by checking the mSrtpParameters
bit flags like so:
if (mSrtpParams.securityLevel & SRTP_SEND)
{
/* invoke new method on the MpConnection to indicate SRTP
for sending*/
}
likewise, in CpPhoneMediaInterface::startRtpReceive:
if (mSrtpParams.securityLevel & SRTP_RECEIVE)
{
/* invoke new method on the MpConnection to indicate SRTP
for receiving*/
}
As indicated by the comments above, you will need to pass along your
srtp parameters to MpConnection. In sipXmediaLib you could create a new
object for encrypting, and add it to the flow graph (using addResource()
and addLink() - in MpConnection.cpp). The same could be done for
decrypting. Good luck, and let us know if you need any more guidance.
-Mike
>
>
>
> Thank you for your help.
_______________________________________________
sipxtapi-dev mailing list
[email protected]
List Archive: http://list.sipfoundry.org/archive/sipxtapi-dev/
