freeswitch/libs/libzrtp/ChangeLog

556 lines
25 KiB
Plaintext
Raw Normal View History

2010-02-20 13:51:54 -05:00
* libZRTP SDK library, implements the ZRTP secure VoIP protocol.
* Copyright (c) 2006-2009 Philip R. Zimmermann. All rights reserved.
* Contact: http://philzimmermann.com
* For licensing and other legal details, see the file zrtp_legal.c.
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
SINCE LIBZRTP v0.80 CHANGELOG IS A PART OF HTML DOCUMENTATION.
Check generated html or doc/manuals/changelog.dox doxygen sources
2010-02-20 13:51:54 -05:00
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
libzrtp 0.7.1 18.11.2008
--------------------------------------------------------------------------------
1. Fixed bug with hardcoded AES128 cipher for generating SRTP keys. In this
version is selected according to ZRTP discovery.
2. Added initialization/deinitalization functions to zrtp helper functions.
libzrtp 0.7.0 04.11.2008
--------------------------------------------------------------------------------
1. Changes in libzrtp sources tree.
2. Improvements in libzrtp initialization routine:
- all global zrtp options were combined in zrtp_config_t structure;
- zrtp_init() allocates memory for zrtp global context;
- zrtp_config_defaults()
3. Improvements for Passive/Active mode support.
a) A passive endpoint never sends a commit message, period. Also, it
declares itself as a passive endpoint by setting the P flag it its own
Hello message;
b) A active endpoint does not send a commit to a passive endpoint, which it
recognizes by detecting the P flag;
c) A passive phone, if acting as a SIP initiator (meaning it initiated the
call), rejects all commit packets from everyone;
d) A passive phone rejects all commit messages from a PBX, which is easily
recognized by the M flag.
Passive mode support is built into the library logic and will be used
automatically if the developer specifies signaling role by setting
is_initiator flag in zrtp_init_session_ctx().
4. Improvements in ZRTP feedback interface and system-dependent functions.
There are two types of interface functions in libzrtp: system dependent API
and realization of helper functions and events. System dependent API in
defined in zrtp_iface_system.h as set of extern functions. System
functions are already implemented for several basic platforms in
zrtp_iface.sys.c libzrtp feedback and helper functions were re-factored
and implemented as set of callbacks. If the developer doesn't want to
handle one or another event it may just leave necessary pointer empty.
See zrtp_init() and zrtp_callback_t, zrtp_iface.h for more details.
5. ZRTP configuration approach was improved: zrtp_config_xxx.h contains
adjustments for necessary target platform. libzrtp contains default
configs for Linux, OS X, Windows, Window CE and Symbian platforms.
All ZRTP protocol and behavior related adjustments are collected in
zrtp_config_user.h. Edit this file to configure libzrtp for your
needs.
6. Implemented new functions in protocol according to the Internet Draft v 10.
7. Improved realization of built-in libzrtp scheduler. Fixed bug with crashing
on performing delay call when zrtp session have been already deleted.
8. Logging function was improved. Use ZRTP_LOG macro to print log messages. See
zrtp_log.h for more information.
libzrtp 0.6.8 03.09.2008
--------------------------------------------------------------------------------
ZRTP
1. Fixed bug with incorrect maximum value for T1 retry interval timer which
increased delay between LOOKING_FOR_ZRTP and NO_ZRTP_SUPPORT states.
Internal fix, no API changes required;
2. Implemented version negotiation according to the latest specification.
libzrtp v 0.6.8 supports ZRTP v0.90 only. No changes required in
applications that use the SDK.
3. Compilation flag WITH_ZFONE was removed. The developer, who wants to use
built-in ZRTP cache, has to set name of the ZRTP cache explicitly,
implementing zrtp_get_cache_path() function.
4. New libzrtp licensing scheme was implemented. It allows the licensing policy
to be changed at run time. See zrtp_license_mode_t doc. for more details.
Affected API - zrtp_init().
5. ZRTP Protocol version was changed to 0.90 according to ZRTP Internet Draft.
6. Some changes in Linux config files: surplus configuration flags were removed
from ./cfg.XXX templates.
7. Added experimental ZRTP messages retries scheduler for slow channels. As
ex ample for GSM CSD channel with average bandwidth 6Kb/s. To use this
option build library with BUILD_FOR_CSD flag.
libzrtp 0.6.6 27.06.2008
--------------------------------------------------------------------------------
ZRTP
1. Small bug was fixed in S0 calculation: when RS1 is corrupted the library uses
RS2 instead;
2. Some changes in Makefile and building process: unused header were eliminated
from the installation process.
3. -DBUILD_WITH_ZRTP_MUTEXES was replaced with --enable_mutexes option passed to
./configure script. This change allows not to specify any libzrtp compilation
flags during user application compilation. --enable-mutexes adds
BUILD_ZRTP_MUTEXES definition to the ./config/zrtp_unix_config.h so if you
build libzrtp on other platforms - define this flag manually (windows
configuration file already includes this option).
4. Clean-up in .h and .c comments was made.
libzrtp 0.6.5 04.06.2008
--------------------------------------------------------------------------------
ZRTP
1. New names for: other_secret - pbxs; srtps - auxs. In bits and secrets storages;
2. RS2 secret was eliminated form DH s0 calculation;
3. Protocol version number was increased to 0.85
libzrtp 0.6.4 19.05.2008
--------------------------------------------------------------------------------
ZRTP
1. According to the new version of the Internet Draft Signaling shared secret was
removed from the protocol and from the sources. It was not used by interface
functions and developers may change nothing in libzrtp based applications.
2. DH4K Key echange was eleminated from the specification and from the sources.
Now ECDH is used for all larger AES key sizes.
libzrtp 0.6.2 04.02.2008
--------------------------------------------------------------------------------
ZRTP
1. New behaviour for Secure --> Clear --> Secure scenario was implemnted. According
to ZRTP ID 06 section 5.7.2.1 new value of ZRTPSess computed as hash(ZRTPSess).
DOC:
Libzrtp documentation was updated up to version 0.6.2.
libzrtp 0.6.1 03.14.2008
--------------------------------------------------------------------------------
ZRTP
1. Multistream mode was implemented according to ZRTP Internet Draft 05.n:
- new stream mode zrtp_stream_mode_t:: ZRTP_STREAM_MODE_MULT;
- Multistream key exchange component was added with ID zrtp_pktype_id_t::
ZRTP_PKTYPE_MULT and symbolic name ZRTP_MULT. To allow libzrtp use Multistream
mode - ZRTP_PKTYPE_MULT have to be added to the stream profile in the first
position;
- According to the new draft SAS and ZRTPSess key are Session option and
were moved to the zrtp_conn_ctx_t structure. New specification defines
single SAS values for all streams within the session;
- ZRTP state-machine was changed to handle Multistream mode. In .Fast. mode
DH exchange is omitted and stream skips ZRTP_STATE_WAIT_CONFIRM1 and
ZRTP_STATE_PENDINGSECURE for the Initiator and Responder state-machines,
respectively;
2. Hash preimages were added to prevent DOS attacks. See ZRTP ID sec 9.0 for detail
information. This option is available using zrtp_set_signaling_hash() and
zrtp_get_signaling_hash() functions.
3. Hmac values were added to every packet to allow eliminate SAS validation
if SIP is protected;
4. Autosave. of the default realization of the ZRTP cache to the hard drive was
implemented;
5. Lot of other internal changes and improvements according to the latest ZRTP
specification v06.
libzrtp 0.4.5-6
--------------------------------------------------------------------------------
1. Full PBX support. Tested on GS-Labs Asterisk
API:
DOC:
2. Resolved problem with BG ciphers compilation: initialization of AES hash tables.
3. Fixed bug in SRTP replay protection. (Undeleted nodes for mulsy-stream encryption)
(May resulted in a error zrtp_protocol_error_t::zrtp_status_rp_fail)
4. Vrification is a session option. Input parameter of zrtp_set_verified() was
changed from stream to ZRTP session structure.
5. Fixed bug with malformed ZRTP Hello packet.
5. fast video
libzrtp 0.4.4 31.07.2007
--------------------------------------------------------------------------------
1. New extra error code for replay protection was added.
See zrtp_status_t::zrtp_status_rp_fail.
2. Fixed bug which may resulted in a dammage with decrypt failed 7 error. It
was happen when libzrtp passed RTP alerts packet to the replay protection
engine and ROC was broken.
3. Fixed RTCP encryption/decryption.
4. Fixed bug with RS1 and RS2 swapping when one of the sides lost RS1.
(May resulted in a error zrtp_protocol_error_t::zrtp_error_auth_decrypt )
libzrtp 0.4.3 06.07.2007
--------------------------------------------------------------------------------
1. Beta version of API for PBX support according to the latest ZRTP draft.
Not tested. For internal development only. Follow // PBX comments;
- secret's cache format was changed.
2. S0 calculation according to NIST recommendations; Internal change
- ZRTP protocol version was increased to 0.07.
3. All libzrtp sources was audited with coverity code analyzer. http://coverity.com/
libzrtp (0.3.9 - 0.4.2) 27.06.2008
--------------------------------------------------------------------------------
1. Changes according to new draft 04a. All changes are internal.
a) new DH packets: pvi/pvr, nonce field is at the end of the DH packet.
In "Preshared" mode both DH packets contain nonce value instead of pvi/r;
b) new hvi value the same for all modes (DH and Preshared)
hvi = hash(initiator's DHPart2 message | responder's Hello message);
c) new algorithm of SAS computing: sasvalue = HMAC(hmackeyi,"SAS");
2. New GUI based test-unite forSymbian platform
3. Default implementation of the packet retries unite for Symbian was added
to the libzrtp package. Except besides scheduler, libzrtp includes
realization of some synchronization and threading routines. These
components written in C++ and can't be linked with the library. One should
add them to own Symbian project project.
4. Compilation of default realization of ZRTP mutexes was separated from
the other system interfaces. To build library with default mutexes
BUILD_ZRTP_MUTEXES flag should be used;
5. New clearing logic. Goals:
API:
- state-machine states were changed
- goclear reason was eliminated. Now we can switch to CLEAR just on
user action.
- ZRTP_EVENT_IS_INITIATINGCLEAR was removed as a uperfluous event. As a
result all event codes were changed.
- new clear_hmac = HMAC(hmakkeyi/r, "Clear Hmac")
6. New Errors handling logic. See updated state-macine diagram and "developers
guide".
API:
- ZRTP_STATE_ERROR was added to handle error requests. Libzrtp switches
to this state after the Error exchange. From ZRTP_STATE_ERROR stream
cxan be started again or destroyed, depending on application strategy.
- ZRTP_ERRORACK and ZRTP_ERROR packets were added
- new event ZRTP_ENEVT_NO_ZRTP inform's user that other side doesn't
support ZRTP encryption.
7. -D WITH_STACK_MINIM compilation flag allows to minimize coasts for the
system stack. In the most critical places dynamic allocation will be used
instead of static variables. This option can be useful on mobile platforms
in kernel mode, etc.
8. Several bug fixes in scheduler. Improved built-in realization of Symbian
platform. If you use our default realization on Symbian - please update.
9. David A. McGrew's srtp was replaced with our own. We did it to get control
over all crypto functions, generalize interface of crypto component. It
allows us to port libsrtp to any platforms more smoothly. We have one
configuration file, all platform-dependent function and definitions are
concentrated at one place. We eliminated superfluous functionality from
libsrtp, made it crossplatform and thread-safe. In SRTP engine we use our
own crypto-components based on by Dr. Brian Gladman's sources. Each component
has strong self-test function allows it to be tested on any platform and
in any environment.
- project structure was changed;
- bgaes folder includes AES and SHA routines by Dr. Brian Gladman. For details
see dgaes/howto and bg2zrtp.h files;
- libzrtp supports external realizations of SRTP (Use zrtp_srtp.h API and flag
-D WITHOUT_BUILTIN_SRTP );
10. Header files were refactored: one can add just single zrtp.h include to use
any libzrtp function or data type;
11. Solved problem with deadlock during Video conferences. (One side starts
negotioation with Video and another one with Audio stream)
12. Some changes in test-unite:
- test vectores and test-cases for all cryptio components are available;
- zrtp_system_test.h checks environment and compilation flags
- use ZRTP_ENABLE_TEST flag to build library with all tests
13. Full documentation review and updating.
14. Sources clean up and some refactoring;
15. Fixing in "break the tie" logic. See diagrams and zrtp_preparse_commit(),
zrtp_preparse_init_commit();
16. Some changes according to the lates ZRTP specification:
- sasvalue was trancated to 32 bits and used mostleft parts of the hashvalue.
17. Small bug fixes (zrtp_can_start_dh and zrtp_can_start_preshared() mixed into
zrtp_can_start_stream);
18. New key derivation mechanism according to NIST standarts. See ZRTP Draft
5.4.4 and 5.5.4.
libzrtp (0.3.7)
--------------------------------------------------------------------------------
1. New, more clear and useful test-unite
2. Eliminated zrtp_stop_protocol(). Now zrtp_done_session_ctx() includes
protocol stopping.
3. Some simplifications in project structure: removed zrtp_inet.h and bnase32.h,
zrtp_iface.c was removed to src\iface folder;
4. ZSTR_GET_VALUE should be used to convert zrtp_stringxx_t to zrtp_stringn_t;
5. Some changes for windows CE;
6. Changed default options: SAS base256 enabled by defauld and "staysecure" is on.
libzrtp (0.3.6)
--------------------------------------------------------------------------------
FIXES:
a) CRC now covers the whole ZRTP packet, not just a body
b) improved names of some crypto-components in HELLO/COMMIT packets
c) improved messages hash: hash function covers all ZRTP message with
magic number and length fields;
d) fixed DHPart1 and DHPart2 packets format according to last version
of ZRTP Internet draft.
e) fixed retain secrets sorting algorithm according to the last version
of the internet draft.
1. Windows CE support. Now library is fully compatible with Windows CE.
- .\libzrtp\projects\libzrtp_wince_vc8.sln project file for MS VS 2005
- .\libzrtp\test\WinCE contains sources of simple test-unite ( We have
just started working in this direction and more intelligent test unite
will be available soon. Tested on HTC S620 with Windows CE 2005 )
2. Added previous state field to ZRTP stream structure. It can be used to
analyze conditions of switching from one state to another. (For libzrtp
developers only)
API:
- zrtp_stream_ctx_t#_prev_state was added
- _zrtp_change_state() MUST be used to switch from one state to another
3. Some changes in PENDING_CLEAR state handler. In case of error during
transition from CLEAR to SECURE state-machine will switch back to CLEAR
without the confirmation by user.
libzrtp (0.3.5)
--------------------------------------------------------------------------------
Full description is in progress
1. Support of all crypto futures according to the new ZRTP draft v 0.3. Lots
of internal changes were provided in ZRTP kernel.
2. Symbian support. Now you can build libzrtp and test unites on Symbian
platforms. There are .inf and .mmp files in corresponded directories.
(Symbian project files are a little bit row and we will appreciate any
suggestions and advices.)
3. ZRTP stream became more independent. You can use different configurations
for different streams. So
ZRTP profile: profile;
"staysecure" flag: staysecure;
SAS values: sas_values;
cache TTL: cache_ttl;
and all used crypto components were removed from session context
(zrtp_conn_ctx_t) to stream context (zrtp_stream_ctx_t).
API:
- you should configure every stream in the same way as the whole session in
previous version has been done. See zrtp_init_session_ctx()
and zrtp_attach_stream()
4. "Multistream" mode was replaced by "Preshared" (based on retain secrets
from previous call. See http://zfoneproject.com/docs/ietf/draft-zimmermann-avt-zrtp-03.html#anchor19 .
Preshared mode is available as a normal ZRTP crypto component e.g."DH3K"
or "DH4K". If you enable Preshared mode in profile and libzrtp finds
secrets in your cache - "Preshared" mode will be used for all next calls
API:
- the choice of stream mode was removed from zrtp_start_stream() and
from zrtp_secure_stream().
5. Integer enumerations for all crypto components e.g. Hash type, cipher type
etc. You should use these values instead of character values for optional
profile configuration. (as an example for enabling "preshared" mode)
API:
- enumerations types zrtp_hash_id, zrtp_cipher_idzrtp_atl_id,
zrtp_pktype_id, zrtp_sas_id in zrtp_crypto.h
- all crypto components structures now have id field and libzrtp
operates with this field to find, register or delete crypto
components.
- ZRTP profile: zrtp_profile_t uses this integer values too. (list of
crypto-components is a zero terminated array of values of necessary
type)
- zrtp_find_in_profile() and zrtp_find_comp() operate with component
integer identifiers
- there are two special functions to convert component ID to ZRTP
character name: zrtp_comp_id2type(), zrtp_comp_type2id.
6. Integer error codes were provided instead of 4-character values. One should
use them to analyze zrtp_stream_ctx_t#last_error value in your ZRTP
errors handlers.
API:
- zrtp_protocol_error_t was added to zrtp_error.h.
- zrtp_stream_ctx_t#last_error now is an integer value from
zrtp_protocol_error_t space.
7. Special function for verification of SAS value was added. One should use
this function to set/unset SAS verification flag from his own
application.
API:
- zrtp_set_verified() was added to zrtp.h
8. Some optimization of types was provided. Here are some possible changes which you
need to make in your product:
- libzrtp uses it own strings (zrtp_stringXX_t group) to operate with
binary and character strings. In this version we made attempt to
minimize memory coasts and replaced zrtp_string_t with zrtp_stringXX_t
group, where XX - maximum length in bytes. zrtp_stringxx_t contains
its length and as a result all functions for work with strings are
type independent. So one should use one of these types to store binary
strings and zrtp_stringn_t as a type of operand in all global functions.
- all retain secrets holders and flags were removed to zrtp_secrets
structure in zrtp_conn_ctx_t#secrets.
- zrtp_packet_string4_t was replaced by zrtp_ucharXX_t group where XX -
type length in bytes. These types are used in library for packets
construction instead of char arrays.
9. Packets retries synchronization was added. zrtp_retry_task_t structure
from zrtp_types_t is used for all operations with scheduler. One should
use #callback and #timeout fields from this structure.
API:
- zrtp_send_packet_later(), zrtp_cancel_send_packet_later()
libzrtp (0.3.4)
--------------------------------------------------------------------------------
1. ZRTP state-macine was fully refactored. All transitions between states
are absolutely identical to diagram attached to documentation.
DOC:
- See doc/img/png/state_mach_ext.png
2. ZRTP uses new packets format according to draft-zimmermann-avt-zrtp-03i
3. Improved some mistakes in libbn make-files for windows. Unused
functions were omitted.
4. Provided types optimization to decrease RAM memory costs.
5. Packets retries were synchronized.
6. zrtp_voip_proto_t was removed from the library
API:
- if you need this enumeration see zfone_types.h in zfone project
7. "GoClear reasons" support
8. Some internal changes according to draft-zimmermann-avt-zrtp-03i
a) Commit hash covers the whole Hello body
b) GoClear hmac includes "Reason string"
c) Confirm body encrypted by AES CDB cipher
d) Confirm hmac covers whole encrypted part of the packet
9. Use BUILD_ZRTP_DEBUG_LOG flag instead of BUILD_DEBUG_LOG to build the
library with debug logs.
libzrtp (0.3.3) 21.02.2007
--------------------------------------------------------------------------------
1. libzrtp test application refactored for better performance and usability.
For addition information see test application README file and
"libzrtp test suite" chapter in main documentation page.
2. Some changes in documentation for better English
3. Use microseconds in zrtp_time_t instead of milliseconds.
API changes:
- change zrtp_get_time() function realization if needed
4. Fixed several small mistakes
libzrtp (0.3.2) 09.02.2007
--------------------------------------------------------------------------------
1. Global context allocation removed to user space.
This was made to able RNG using before library initialization.
API changes:
- zrtp_init(), zrtp_down()
- zrtp_randstr(), zrtp_add_system_state()
2. Fixed bug in srtp SHA1 calculation for Windows.
3. Confirm and GoClear HMAC was truncated to 64 bits.
4. Calls stack minimized for library using in kernel mode
5. Default realization of secrets' cache is available. Cache was implemented
as a simple binary file and can be built using -DBUILD_DEFAULT_CACHE file.
API:
- realization at src\iface\zrtp_cache.c
DOC:
- 1.4 libZRTP setup and building
- 2.2 System-dependent functions
6. Default cross-platform realization of time-out sending unite is available.
This unite is available for Linux, MacOS and Windows. It can be built using
-DBUILD_DEFAULT_TIMER flag.
API:
- realization at src\iface\zrtp_scheduler.c
DOC:
- 1.4 libZRTP setup and building
- 2.2 System-dependent functions
7. "HOWTO libzrtp" was added to the library documentation
libzrtp (0.3.1) 06.12.2006
--------------------------------------------------------------------------------
1. Global variables were removed from c-files. Added global context
zrtp_global_ctx_t for necessary data storing. This was made to allow
to build library in some special environment as Symbian OS ed2.
DOC changes:
- 2.1.2 data structure
API changes:
- zrtp_global_ctx_t added
- zrtp_init(), zrtp_down(), zrtp_init_session(), zrtp_down_session()
2. Added multithreading support. Now libzrtp is thread-safe. About all
conditions of usage in multithreading application and synchronization
schemes see section "2.3.3 Multithreading and concurrent streams" in
developers guide.
DOC changes:
- 2.2.3 Multithreading and concurrent streams
API changes:
- mutex were added to main data structures
- mutex interface section at zrtp_iface.c, default realization at
zrtp_iface.c
3. Session configuration routine was simplified. ZRTP profile is applied on
session initialization. Some configuration functions were removed and
changed.
DOC changes:
- 2.3.1 Setup, initialization and deinitialization
API:
- zrtp_profile_autoload() removed
- zrtp_init_session(), zrtp_check_profile()
4. Default realizations of system interfaces was added (for Windows, Linux
and MacOS).
API:
- zrtp_iface.c added
5. Test suit developed.
Simple test-unite created. It runs several ZRTP sessions, enters SECURE
mode, shows statistics and is closed. To build test-suite on Unix - use C
flags -DBUILD_DEBUG_LOG -DBUILD_WITH_CFUNC -DBUILD_EMPTY_CACHE
-DBUILD_EMPTY_TIMER and configure param. --enable-test. To run tests:
make check. To build test-suite on Windows use necessary project files.
DOC changes:
- 1.4 libZRTP setup and building
API:
- Sources can be found at /test directory
6. Some changes in project structure, configuration and make files according
to new functionality.
DOC changes:
- 1.4 libZRTP setup and building