Open ikonst opened 9 years ago
superdump
commented
9 years ago I think OpenSSL has such support too. Can libsrtp be built against that? Also, we had problems using system OpenSSL just because of bugs in hardware accelerated crypto previously.
sdroege
commented
9 years ago Changing libsrtp to use crypto functions from openssl/gnutls should be the best way forward here, yes. It reduces code duplication.
superdump
commented
9 years ago It's unclear whether OpenSSL supports hardware AES on iOS.
...wrong button...
ikonst
commented
9 years ago I don't see any indication online of neither OpenSSL nor GnuTLS support for Apple's CCCrypt. Grepping the code for CCCrypt finds nothing.
BTW, I'm not saying we should do it right away, as it's potentially complicated and security-sensitive. I'm just opening a task.
Apparently some iOS devices have hardware accelerated AES and SHA-1: http://stackoverflow.com/questions/4812474/does-iphone-support-hardware-accelerated-aes-encryption
The API is: https://developer.apple.com/library/mac/documentation/Darwin/Reference/ManPages/man3/CCCrypt.3cc.html
This can be interesting for energy efficiency. The implementation should probably be in libsrtp, by implementing custom versions of AES_128_GCM, AES_256_GCM and AES_ICM. (Our build of libsrtp implements all of its own codecs, and does not use OpenSSL or GnuTLS.)