Alexandre Lision | 51140e1 | 2013-12-02 10:54:09 -0500 | [diff] [blame^] | 1 | == GNU ZRTP 2.0.0 == |
| 2 | |
| 3 | Modify some files to use the new uCommon/commoncpp libraries instead |
| 4 | of the GNU CC++ commoncpp2. This affects the ccRTP depended modules |
| 5 | such as ZrtpQueue and the Timeout stuff. |
| 6 | |
| 7 | Updated to version 2.0.0 to be in synch with the ccRTP version number |
| 8 | scheme. |
| 9 | |
| 10 | |
| 11 | == GNU ZRTP 1.6.0 == |
| 12 | |
| 13 | This version implements the Elliptic Curve Diffie-Helman (ECDH) |
| 14 | public-key algorithm. |
| 15 | |
| 16 | ZRTP also supports new algorithms which are defined as optional |
| 17 | in the ZRTP RFC. These are: |
| 18 | - Skein Hash |
| 19 | - Skein MAC for authentication |
| 20 | - Twofish symmetric ciphers |
| 21 | |
| 22 | Twofish ciphers and Skein MAC are supported by GNU ccRTP SRTP |
| 23 | implmentation as well. |
| 24 | |
| 25 | |
| 26 | == GNU ZRTP 1.5.4 == |
| 27 | |
| 28 | The changes in this release affect the ZRTP Configure mechanism only. |
| 29 | Some housekeeping stuff (desctructors) was added and the C Wrapper |
| 30 | how support ZRTP configure as well. |
| 31 | |
| 32 | Because of some API changes (added destructors) clients must be compiled |
| 33 | and linked with the new library. |
| 34 | |
| 35 | |
| 36 | == GNU ZRTP 1.5.2 == |
| 37 | |
| 38 | Quite a lot of enhancements: |
| 39 | - a CMake based build process was added |
| 40 | - a C wrapper was added to enable C programs to use GNU ZRTP |
| 41 | - some fixes in the code (race condition solved) |
| 42 | - better support of multi-stream mode |
| 43 | - change the old cxx file extension to cpp, some build system don't |
| 44 | like the old cxx (Android NDK for example) |
| 45 | - and much more |
| 46 | |
| 47 | Because of API changes clients must be compiled and linked with the new |
| 48 | library. |
| 49 | |
| 50 | == GNU ZRTP 1.5.0 == |
| 51 | |
| 52 | Adds a first version of a ZrtpConfigure class that provides applications |
| 53 | to select which crypto and hash methods to use. |
| 54 | |
| 55 | Because of API changes clients must be compiled and linked with the new |
| 56 | library. |
| 57 | |
| 58 | == GNU ZRTP 1.4.5 == |
| 59 | |
| 60 | Modify the Hello repeat timer handling to accomodate slow connections and/or |
| 61 | slow devices. |
| 62 | |
| 63 | Fix a problem when the other party sends only ZRTP packets at the beginning |
| 64 | of a RTP session. |
| 65 | |
| 66 | === Interface changes in 1.4.5 === |
| 67 | |
| 68 | No external interfaces were changed, external API and ABI remain stable. |
| 69 | Internal interface modifications only to implement Ping/PingAck handling. |
| 70 | |
| 71 | |
| 72 | == GNU ZRTP 1.4.4 == |
| 73 | |
| 74 | Implement the Ping/PingAck packets and associated protocol extensions |
| 75 | as defined in [http://tools.ietf.org/html/draft-zimmermann-avt-zrtp-15]. |
| 76 | |
| 77 | === Interface changes in 1.4.4 === |
| 78 | |
| 79 | No external interfaces were changed, external API and ABI remain stable. |
| 80 | Internal interface modifications only to implement Ping/PingAck handling. |
| 81 | |
| 82 | |
| 83 | == GNU ZRTP 1.4.2 == |
| 84 | |
| 85 | Introduce the Key Derivation Function (KDF) as defined in |
| 86 | [http://tools.ietf.org/html/draft-zimmermann-avt-zrtp-12]. |
| 87 | |
| 88 | The ZRTP protocol version was updated to 1.10. |
| 89 | |
| 90 | === Interface changes in 1.4.2 === |
| 91 | |
| 92 | No interfaces were changed, API and ABI remain stable. |
| 93 | |
| 94 | |
| 95 | == GNU ZRTP 1.4.0 == |
| 96 | |
| 97 | This is the first release that is conformant to the ZRTP specification |
| 98 | that eventually will become a RFC. See: |
| 99 | [http://tools.ietf.org/html/draft-zimmermann-avt-zrtp-10] |
| 100 | |
| 101 | The ZRTP protocol version was updated to 1.00. |
| 102 | |
| 103 | |
| 104 | === Interface changes in 1.4.0 === |
| 105 | |
| 106 | The ZrtpQueue and ZRtp classes implement a new method to get the other |
| 107 | party's ZID (ZRTP identifier). An application, for example a SIP or XMPP |
| 108 | client, may use this method to get the other party's ZID and store it |
| 109 | together in a contact list. This enable the application to check the ZID |
| 110 | if the user calls the other party again. A client shall implement such |
| 111 | a feature to enhance security if user's don't compare the SAS on every |
| 112 | call after they confirmed a SAS once. |
| 113 | |
| 114 | Clients must be compiled and linked with the new library. |
| 115 | |
| 116 | |
| 117 | == GNU ZRTP 1.3.1 == |
| 118 | |
| 119 | This is an update to version 1.3.0 and implements the ZRTP multi-stream |
| 120 | mode handshake. The ZRTP protocl version was updated to 0.90 and |
| 121 | interoperability tests using the latest Zfone build and Zfone Beta |
| 122 | (dated September 6, 2008) were successful. |
| 123 | |
| 124 | No changes in the external API and ABI with respect to 1.3.0 - thus no |
| 125 | recompile or rebuild of clients are necessary if they use 1.3.0. |
| 126 | |
| 127 | To checkout version 1.3.1 specify revision 494 (-r 494). |
| 128 | |
| 129 | |
| 130 | == GNU ZRTP 1.3.0 == |
| 131 | |
| 132 | This version is and update to version 1.1.0 an implements the latest |
| 133 | changes define in the ZRTP draft. The changes resulted in an update of the |
| 134 | API, therefore existing applications must be recompiled. |
| 135 | |
| 136 | This version of GNU ZRTP is compatible to and was tested to work with |
| 137 | the latest Zfone beta (dated June, 10, see Zfone project site). Only |
| 138 | in one specific error case is a slight incompatibility that will be |
| 139 | fixed with the next Zfone beta. This incompatibility results in a |
| 140 | severe error information at the client. The error only happens if |
| 141 | someone modified the first retained shared secret entry in the |
| 142 | retained secret cache, for example disk/storage read error. This is |
| 143 | a very unlikely situation. |
| 144 | |
| 145 | === Interface changes in Version 1.3.0 === |
| 146 | |
| 147 | The Method ''setSipsSecret(...)'' is no longer available. ZRTP does |
| 148 | not support this additional secret anymore. |
| 149 | |
| 150 | The method ''setOtherSecret(...)'' was renamed to ''setPbxSecret(...)'' |
| 151 | to reflect the modification in the draft. |
| 152 | |
| 153 | The methos ''setSrtpsSecret(...)'' is was renamed to ''setAuxSecret(...)'' |
| 154 | to reflect the modification in the draft. |
| 155 | |
| 156 | |
| 157 | == GNU ZRTP 1.1.0 == |
| 158 | |
| 159 | GNU ZRTP 1.1.0 implements the basic ZRTP as specificied in the document |
| 160 | ''draft-zimmermann-avt-zrtp-06x''. You may access this at this URL: |
| 161 | [http://zfoneproject.com/zrtp_ietf.html] |
| 162 | |
| 163 | This version of GNU ZRTP does not support the additiona featur of ZRTP |
| 164 | such as Multi-stream mode, Pre-shared mode, PBX enrollement, and SAS |
| 165 | Signature. However, to keep the external interface as stable as |
| 166 | possible I already implmented stubs for the additional features. Some |
| 167 | later versions may have these features implemented, depending if they |
| 168 | are required by the community. |
| 169 | |
| 170 | The current version of GNU ZRTP is compatible and was tested to work |
| 171 | with the latest Zfone beta (dated April, 2nd) (see Zfone project |
| 172 | site). |
| 173 | |
| 174 | === Interface changes == |
| 175 | |
| 176 | The ''SymmetricZRTPSession'' implements some new methods to control |
| 177 | ZRTP and its new features. An application usually uses only a few |
| 178 | methods to setup GNU ZRTP. All others are optional and an application |
| 179 | may use them only if it requires a special feature (which are not yet |
| 180 | implemented :-) ). |
| 181 | |
| 182 | The ''ZrtpUserCallback'' class was modified as well. From an |
| 183 | application's point of view |
| 184 | |
| 185 | * The methods in ''ZrtpUserCallback'' are not pure virtual anymore |
| 186 | but just virtual and have a default implementation, usually a |
| 187 | simple return. An application may extend this class and overwrite |
| 188 | only those methods it requires. |
| 189 | |
| 190 | * Change of the constructor - remove the queue parameter thus we have |
| 191 | a very simple standard constructor. This modifcation may requires a |
| 192 | small change in the application or class that uses or extends |
| 193 | ''ZrtpUserCallback''. |
| 194 | |
| 195 | * The method showSAS has an additional parameter: |
| 196 | |
| 197 | showSAS(std::string sas, bool verified); |
| 198 | |
| 199 | the verified flag is set to true in SAS is verified, false if not verified. |
| 200 | This allows a more flexible support to display the SAS even if SAS is |
| 201 | verified. Formerly ZRTP did not call "showSAS()" if SAS was verified. Now |
| 202 | ZRTP always calls showSAS and provides the verification information |
| 203 | explicitly. |
| 204 | |
| 205 | * The siganture of the following user callback methods was changed: |
| 206 | |
| 207 | showMessage(GnuZrtpCodes::MessageSeverity sev, int32_t subCode) |
| 208 | |
| 209 | zrtpNegotiationFailed(GnuZrtpCodes::MessageSeverity severity, |
| 210 | int32_t subCode) |
| 211 | |
| 212 | The GNU ZRTP core and the ZRTP ccRTP extension do not contain |
| 213 | message strings anymore. Both use codes to inform an application |
| 214 | about events, problems or failure. The folder ''demo'' contains a |
| 215 | small demo program that shows one way how to map the codes to |
| 216 | strings. Delegating string handling and formating to the application |
| 217 | simplifies internationalization etc. |
| 218 | |
| 219 | Plaese note: some new callback methods and ''SymmetricZRTPSession'' |
| 220 | methods are only stubs in the currect version. The real implementation |
| 221 | (filling the stubs with real code) will be done some time later (see |
| 222 | above about unsupported features). |
| 223 | |
| 224 | === Header files === |
| 225 | |
| 226 | The new version greatly reduces the number of header files installed |
| 227 | in the include directory. In the new version I decoupled the internal |
| 228 | header files and implementation from the external classes and |
| 229 | interfaces an application requires. Only six header files are |
| 230 | installed in GNU ZRTP's include directory (libzrtpcpp subdirectory in |
| 231 | the usual include paths) |
| 232 | |
| 233 | == Demo program == |
| 234 | |
| 235 | The new folder ''demo'' contains a small demo program that shows |
| 236 | various ways how to use GNU ZRTP to setup secure RTP (SRTP) sessions |
| 237 | even without signaling protocols |
| 238 | |