한국어

스마트폰앱

온누리070 플레이스토어 다운로드
    acrobits softphone
     온누리 070 카카오 프러스 친구추가온누리 070 카카오 프러스 친구추가친추
     카카오톡 채팅 상담 카카오톡 채팅 상담카톡
    
     라인상담
     라인으로 공유

     페북공유

   ◎위챗 : speedseoul


  
     PAYPAL
     
     PRICE
     

pixel.gif

    before pay call 0088 from app


http://iprouteth0.blogspot.com/2013/04/csipsimple-srtp-and-sip-tls-with.html


I finally got SIP-TLS and sRTP working on my devices!  It was a little weird.  Haven't quite figured out how to run it just the way I want to run it.  Started by binding SIP-TLS port to a nonstandard port.  Turned out somewhere in the middle the traffic was wanting to go to port 5061.  I changed back to the standard port and things worked immediately.  One of the best bits is with openwrt trunk asterisk11-res-srtp is an installable package, so no compiling is needed.  Here is some of the reference material I used.
https://wiki.asterisk.org/wiki/display/AST/Secure+Calling+Tutorial

First I needed to grab the ast_tls_cert script from the Asterisk SVN.

wget http://svnview.digium.com/svn/asterisk/branches/11/contrib/scripts/ast_tls_cert
chmod +x ast_tls_cert
mkdir /etc/asterisk/keys
./ast_tls_cert -C voip.iprouteth0.org -O "iprouteth0 VoIP" -d /etc/asterisk/keys
./ast_tls_cert -m client -c /etc/asterisk/keys/ca.crt -k /etc/asterisk/keys/ca.key -C voip.iprouteth0.org -O "iprouteth0 VoIP" -d /etc/asterisk/keys -o 504

add these directives to your sip.conf [general] section


tlsenable=yes             
tlsbindaddr=192.168.0.30  
tlscertfile=/etc/asterisk/keys/asterisk.crt
tlsprivatekey=/etc/asterisk/keys/asterisk.key
tlscafile=/etc/asterisk/keys/ca.crt
tlscadir=/etc/asterisk/keys/
tlscipher=ALL
tlsclientmethod=tlsv1

And here is my peer configured for TLS transport and encryption


[504]
username=504
secret=yourpasswordhere 
type=friend
nat=force_rport,comedia
callerid="Mesmerize<504>"
host=dynamic
context=outbound-srtp
outgoinglimit=3
incominglimit=3
canreinvite=yes
transport=tls
encryption=yes
disallow=all
allow=ulaw
allow=alaw
allow=g722
allow=gsm
dtmfmode=inband
mailbox=504@default

and the incoming dial plan.  I am using chan_motif and google voice so this is in context [incoming-motif]


exten => iprouteth0, 1, NoOp(Callerid  ${CALLERID(name)})
exten => iprouteth0, n, Set(CALLERID(num)=${SHIFT(CALLERID(name),@)})
exten => iprouteth0, n, Set(CALLERID(name)=${DB(cidname/${CALLERID(num)})})
exten => iprouteth0, n, Set(_SIP_SRTP_SDES=1)
exten => iprouteth0, n, Set(_SIPSRTP=1)
exten => iprouteth0, n, Set(_SIPSRTP_CRYPTO=enable)
exten => iprouteth0, n, Dial(SIP/504, 180, D(:1))
exten => iprouteth0, n, Wait(3)
exten => iprouteth0, n, SendDTMF(1)
exten => iprouteth0, n(bridged),Bridge(${DB_DELETE(gv_dialout/channel)}, p)

and here is the outgoing dialplan.  This is in context [talk-numeric-outbound-srtp]

[talk-numeric-outbound-srtp]
exten => _1NXXNXXXXXX,1,Set(_SIP_SRTP_SDES=1)
exten => _1NXXNXXXXXX,n,Set(_SIPSRTP=1)
exten => _1NXXNXXXXXX,n,Set(_SIPSRTP_CRYPTO=enable)
exten => _1NXXNXXXXXX,n,Dial(Motif/iprouteth0/${EXTEN}@voice.google.com,,r)

exten => _+1NXXNXXXXXX,1,Set(_SIP_SRTP_SDES=1)
exten => _+1NXXNXXXXXX,n,Set(_SIPSRTP=1)
exten => _+1NXXNXXXXXX,n,Set(_SIPSRTP_CRYPTO=enable)
exten => _+1NXXNXXXXXX,n,Dial(Motif/iprouteth0/${EXTEN}@voice.google.com,,r)

finally the master context for this group of phones.

[outbound-srtp]
include => seven-digit
include => local-devices
include => default
include => incoming-motif
include => talk-numeric-outbound-srtp

then comes the setup of CSipSimple.  Setup your account.  I used expert mode.  To make it easier you can create the account with the basic wizard and switch the wizard once you've saved the account.



In CSipSimple's settings hit the menu button and enable expert mode.  Then go into the network section.  Find the Secure Transport menu.





Once you're in the Secure Transport sub-menu, you'll need to add your certificate files.  I grabbed them with AndFTP directly off of my openwrt router.  Bear in mine you'll need openssh-sftp-server installed.  Ignore the big 1 in the picture, it's from my screen shot capturing software.


For CA file I used /sdcard/keys/ca.crt
TLS Certificate I used /sdcard/keys/504.pem
TLS Private key was left blank since we're using a PEM file
TLS Password is the password used during key creation.
Also make sure to set sRTP mode to mandatory and disable zRTP. 
I checked both for verify server and client certificate, and have not noticed any trouble.

I am not even fully certain I am using the correct keys, however I have found that sipcrack is unable to detect login credentials from the TLS packet capture versus my normal sip packet capture having success decrypting using sipdump and sipcrack.
조회 수 :
3208
등록일 :
2018.06.05
19:02:37 (*.160.88.18)
엮인글 :
http://webs.co.kr/index.php?document_srl=3316205&act=trackback&key=3f9
게시글 주소 :
http://webs.co.kr/index.php?document_srl=3316205
List of Articles
번호 제목 글쓴이 날짜 조회 수
67 Pjsip 설명 정리 동작 함수 admin 2019-09-09 45
66 Basic registration test sourec code admin 2019-05-06 361
65 acrobits softphone 아크로비트 소프트폰 문제 해결 수신 발신 아크로빗 포럼 admin 2019-01-10 1341
64 acrobits softphone 아크로비트 소프트폰 문제 해결 수신 발신 아크로빗 한글설명 admin 2019-01-10 1212
63 acrobits softphone 아크로비트 소프트폰 문제 해결 수신 발신 아크로빗 admin 2019-01-10 1571
62 mDNS 덕분에 SIP 네트워크 배포가 쉬워졌습니다. admin 2018-09-01 2214
61 Pjsip datasheet OS SIP Media Video NAT admin 2018-07-03 2936
60 How to save battery power on the Samsung Galaxy S9 and S9+ admin 2018-06-09 2523
» CSipSimple, sRTP and SIP-TLS with Asterisk 11 admin 2018-06-05 3208
58 스마트폰 070 장점 국내전화 국제전화 로밍요금 해결 꼭 사용해보세요 admin 2018-01-07 3980
57 안드로이드 7.0 빳데리 최적화에서 온누리070 제외 방법 수신향상 방법 인터넷전화 admin 2018-01-01 4263
56 카카오톡PC에서 사용하는 오픈소스 라이브러리 admin 2017-12-03 4313
55 카카오톡PC에서 사용하는 오픈소스 라이브러리 admin 2017-12-01 4775
54 Using the raspberry pi for video monitoring Compiling linphone on the rasberry pi admin 2017-09-26 5545
53 iphone 아이폰 Linphone 070번호 설정 방법 발신 음질매우좋음 수신잘안됨 file admin 2016-01-30 10004
52 해외 로잉 무료 스마트폰 휴대폰 070 인터넷폰 인터넷전화 국내 해외 가입 상사 주재원 교민 유학생 여행 등 file admin 2015-02-28 23287
51 070가입 않고 국내 유선 무선 집전화 휴대폰 전화 해외 국내에서 전화 수신 받는 방법 admin 2015-02-28 222607
50 using a g729 codec in SipDroid Add G729 to Sipdroid admin 2014-12-28 13309
49 compile linphone android ubuntu 안드로이드 개발환경 구축 eclipse admin 2014-12-25 13468
48 How to add ID / Password for payment user ? file admin 2014-11-24 15011
47 SIP 샘플 소스 분석 - oSIP, Linphone - file admin 2014-10-21 20938
46 pjsip softphone 컴파일 방법 admin 2014-10-21 19182
45 GCM 서버 구현 예제(3)_JAVA를 이용한 푸시 서버 admin 2014-10-21 16054
44 Linphone 오픈소스 컴파일 admin 2014-10-21 42219
43 Install and configure Linphone admin 2014-10-21 13543
42 Compiling linphone 3.7.0 on Debian Wheezy admin 2014-10-21 15039
41 Jitsi Videobridge meets WebRTC admin 2014-10-18 15093
40 Compiling PJSIP for IOS : To specify the target platform is iOS admin 2014-10-10 15094
39 opus-codec Opus Interactive Audio Codec admin 2014-10-10 12446
38 HD-Voice의 정체 admin 2014-10-09 14634