Packetizer Forums

Re: error: cannot convert 'const EVP_MD* {aka const env_md_s

2012-02-03T16:03:35Z

shorne wrote:
The error was due to a change in the SSL_st struct between OpenSSL 0.9.x and 1.x. I have checked in compiler directives to check OpenSSL versions.

Thanks. Yes, my build is against openssl-1.0.0g library. Anyway, I just updated to include your latest changes and the cross compilation still gives (I believe the same) error messages as shown below:

arm-openwrt-linux-uclibcgnueabi-g++ -I/opt/openwrt-svn-trunk/build_dir/target-arm_v5te_uClibc-0.9.32_eabi/ptlib2_svn/include  -DPTRACING=2 -D_REENTRANT  -I/opt/openwrt-svn-trunk/staging_dir/target-arm_v5te_uClibc-0.9.32_eabi/usr/include     -fexceptions -I/opt/openwrt-svn-trunk/staging_dir/target-arm_v5te_uClibc-0.9.32_eabi/usr/include -I/opt/openwrt-svn-trunk/staging_dir/target-arm_v5te_uClibc-0.9.32_eabi/include -I/opt/openwrt-svn-trunk/staging_dir/toolchain-arm_v5te_gcc-4.6-linaro_uClibc-0.9.32_eabi/usr/include -I/opt/openwrt-svn-trunk/staging_dir/toolchain-arm_v5te_gcc-4.6-linaro_uClibc-0.9.32_eabi/include  -Wall  -Wformat -Wformat-security -D_FORTIFY_SOURCE=2  -fPIC -DPIC -DNDEBUG -Os  -I/opt/openwrt-svn-trunk/build_dir/target-arm_v5te_uClibc-0.9.32_eabi/h323plus_cvs/include -fno-strict-aliasing -felide-constructors -Wreorder -I/opt/openwrt-svn-trunk/staging_dir/target-arm_v5te_uClibc-0.9.32_eabi/usr/include -I/opt/openwrt-svn-trunk/staging_dir/target-arm_v5te_uClibc-0.9.32_eabi/include -I/opt/openwrt-svn-trunk/staging_dir/toolchain-arm_v5te_gcc-4.6-linaro_uClibc-0.9.32_eabi/usr/include -I/opt/openwrt-svn-trunk/staging_dir/toolchain-arm_v5te_gcc-4.6-linaro_uClibc-0.9.32_eabi/include   -c /opt/openwrt-svn-trunk/build_dir/target-arm_v5te_uClibc-0.9.32_eabi/h323plus_cvs/src/h235/h235con.cxx -o /opt/openwrt-svn-trunk/build_dir/target-arm_v5te_uClibc-0.9.32_eabi/h323plus_cvs/lib/obj/h235con.o

/opt/openwrt-svn-trunk/build_dir/target-arm_v5te_uClibc-0.9.32_eabi/h323plus_cvs/src/h235/h235con.cxx: In function 'void tls1_P_hash(const EVP_MD*, const unsigned char*, int, unsigned char*, int, unsigned char*, int)':

/opt/openwrt-svn-trunk/build_dir/target-arm_v5te_uClibc-0.9.32_eabi/h323plus_cvs/src/h235/h235con.cxx:67:15: warning: variable 'n' set but not used [-Wunused-but-set-variable]

/opt/openwrt-svn-trunk/build_dir/target-arm_v5te_uClibc-0.9.32_eabi/h323plus_cvs/src/h235/h235con.cxx: In function 'int tls_change_cipher_state(SSL*, int)':

/opt/openwrt-svn-trunk/build_dir/target-arm_v5te_uClibc-0.9.32_eabi/h323plus_cvs/src/h235/h235con.cxx:159:18: error: cannot convert 'const EVP_MD* {aka const env_md_st*}' to 'EVP_MD_CTX* {aka env_md_ctx_st*}' in assignment

/opt/openwrt-svn-trunk/build_dir/target-arm_v5te_uClibc-0.9.32_eabi/h323plus_cvs/src/h235/h235con.cxx:228:20: error: cannot convert 'EVP_MD_CTX* {aka env_md_ctx_st*}' to 'const EVP_MD* {aka const env_md_st*}' for argument '1' to 'int EVP_MD_size(const EVP_MD*)'

/opt/openwrt-svn-trunk/build_dir/target-arm_v5te_uClibc-0.9.32_eabi/ptlib2_svn/include/ptlib/sound.h: At global scope:

/opt/openwrt-svn-trunk/build_dir/target-arm_v5te_uClibc-0.9.32_eabi/ptlib2_svn/include/ptlib/sound.h:761:1: warning: 'PPlugin_PSoundChannel_WAVFile_loader' defined but not used [-Wunused-variable]

/opt/openwrt-svn-trunk/build_dir/target-arm_v5te_uClibc-0.9.32_eabi/ptlib2_svn/include/ptlib/videoio.h:1176:1: warning: 'PPlugin_PVideoInputDevice_FakeVideo_loader' defined but not used [-Wunused-variable]

/opt/openwrt-svn-trunk/build_dir/target-arm_v5te_uClibc-0.9.32_eabi/ptlib2_svn/include/ptlib/videoio.h:1183:1: warning: 'PPlugin_PVideoInputDevice_FFMPEG_loader' defined but not used [-Wunused-variable]

/opt/openwrt-svn-trunk/build_dir/target-arm_v5te_uClibc-0.9.32_eabi/ptlib2_svn/include/ptlib/videoio.h:1187:1: warning: 'PPlugin_PVideoInputDevice_YUVFile_loader' defined but not used [-Wunused-variable]

/opt/openwrt-svn-trunk/build_dir/target-arm_v5te_uClibc-0.9.32_eabi/h323plus_cvs/include/h235auth.h:457:1: warning: 'PPlugin_H235Authenticator_Std1_loader' defined but not used [-Wunused-variable]

/opt/openwrt-svn-trunk/build_dir/target-arm_v5te_uClibc-0.9.32_eabi/h323plus_cvs/include/h235/h2356.h:131:1: warning: 'PPlugin_H235Authenticator_Std6_loader' defined but not used [-Wunused-variable]

/opt/openwrt-svn-trunk/build_dir/target-arm_v5te_uClibc-0.9.32_eabi/ptlib2_svn/include/ptlib/pluginmgr.h:175:1: warning: 'PFactoryLoader::PluginLoaderStartup_loader' defined but not used [-Wunused-variable]

make[5]: *** [/opt/openwrt-svn-trunk/build_dir/target-arm_v5te_uClibc-0.9.32_eabi/h323plus_cvs/lib/obj/h235con.o] Error 1

make[5]: Leaving directory `/opt/openwrt-svn-trunk/build_dir/target-arm_v5te_uClibc-0.9.32_eabi/h323plus_cvs/src'

make[4]: *** [optshared] Error 2

make[4]: Leaving directory `/opt/openwrt-svn-trunk/build_dir/target-arm_v5te_uClibc-0.9.32_eabi/h323plus_cvs/src'

make[3]: *** [optshared] Error 2

make[3]: Leaving directory `/opt/openwrt-svn-trunk/build_dir/target-arm_v5te_uClibc-0.9.32_eabi/h323plus_cvs'

make[2]: *** [/opt/openwrt-svn-trunk/build_dir/target-arm_v5te_uClibc-0.9.32_eabi/h323plus_cvs/.built] Error 2

make[2]: Leaving directory `/opt/OpenWRT/feeds/packages/libs/h323plus_cvs'

make[1]: *** [package/feeds/local/h323plus_cvs/compile] Error 2

make[1]: Leaving directory `/opt/openwrt-svn-trunk'

make: *** [package/h323plus_cvs/compile] Error 2

Re: error: cannot convert 'const EVP_MD* {aka const env_md_s

2012-02-03T13:36:03Z

The error was due to a change in the SSL_st struct between OpenSSL 0.9.x and 1.x. I have checked in compiler directives to check OpenSSL versions.

Re: error: cannot convert 'const EVP_MD* {aka const env_md_s

2012-02-02T20:03:32Z

I had the same problem with Simon's latest H.235 code on Linux. I've checked in a compile fix. Please update and let us know how it works for you.

error: cannot convert 'const EVP_MD* {aka const env_md_st*}'

2012-02-02T19:31:04Z

Today, after updated to the latest H323Plus from the CVS trunk, I encountered error messages as shown below when cross compiled for ARM platform.

arm-openwrt-linux-uclibcgnueabi-g++ -I/opt/openwrt-svn-trunk/build_dir/target-arm_v5te_uClibc-0.9.32_eabi/ptlib2_svn/include  -DPTRACING=2 -D_REENTRANT  -I/opt/openwrt-svn-trunk/staging_dir/target-arm_v5te_uClibc-0.9.32_eabi/usr/include     -fexceptions -I/opt/openwrt-svn-trunk/staging_dir/target-arm_v5te_uClibc-0.9.32_eabi/usr/include -I/opt/openwrt-svn-trunk/staging_dir/target-arm_v5te_uClibc-0.9.32_eabi/include -I/opt/openwrt-svn-trunk/staging_dir/toolchain-arm_v5te_gcc-4.6-linaro_uClibc-0.9.32_eabi/usr/include -I/opt/openwrt-svn-trunk/staging_dir/toolchain-arm_v5te_gcc-4.6-linaro_uClibc-0.9.32_eabi/include  -Wall  -Wformat -Wformat-security -D_FORTIFY_SOURCE=2  -fPIC -DPIC -DNDEBUG -Os  -I/opt/openwrt-svn-trunk/build_dir/target-arm_v5te_uClibc-0.9.32_eabi/h323plus_cvs/include -fno-strict-aliasing -felide-constructors -Wreorder -I/opt/openwrt-svn-trunk/staging_dir/target-arm_v5te_uClibc-0.9.32_eabi/usr/include -I/opt/openwrt-svn-trunk/staging_dir/target-arm_v5te_uClibc-0.9.32_eabi/include -I/opt/openwrt-svn-trunk/staging_dir/toolchain-arm_v5te_gcc-4.6-linaro_uClibc-0.9.32_eabi/usr/include -I/opt/openwrt-svn-trunk/staging_dir/toolchain-arm_v5te_gcc-4.6-linaro_uClibc-0.9.32_eabi/include   -c /opt/openwrt-svn-trunk/build_dir/target-arm_v5te_uClibc-0.9.32_eabi/h323plus_cvs/src/h235/h235con.cxx -o /opt/openwrt-svn-trunk/build_dir/target-arm_v5te_uClibc-0.9.32_eabi/h323plus_cvs/lib/obj/h235con.o

/opt/openwrt-svn-trunk/build_dir/target-arm_v5te_uClibc-0.9.32_eabi/h323plus_cvs/src/h235/h235con.cxx: In function 'void tls1_P_hash(const EVP_MD*, const unsigned char*, int, unsigned char*, int, unsigned char*, int)':

/opt/openwrt-svn-trunk/build_dir/target-arm_v5te_uClibc-0.9.32_eabi/h323plus_cvs/src/h235/h235con.cxx:66:12: warning: variable 'n' set but not used [-Wunused-but-set-variable]

/opt/openwrt-svn-trunk/build_dir/target-arm_v5te_uClibc-0.9.32_eabi/h323plus_cvs/src/h235/h235con.cxx: In function 'int tls_change_cipher_state(SSL*, int)':

/opt/openwrt-svn-trunk/build_dir/target-arm_v5te_uClibc-0.9.32_eabi/h323plus_cvs/src/h235/h235con.cxx:166:16: error: cannot convert 'const EVP_MD* {aka const env_md_st*}' to 'EVP_MD_CTX* {aka env_md_ctx_st*}' in assignment

/opt/openwrt-svn-trunk/build_dir/target-arm_v5te_uClibc-0.9.32_eabi/h323plus_cvs/src/h235/h235con.cxx:200:17: error: cannot convert 'const EVP_MD* {aka const env_md_st*}' to 'EVP_MD_CTX* {aka env_md_ctx_st*}' in assignment

/opt/openwrt-svn-trunk/build_dir/target-arm_v5te_uClibc-0.9.32_eabi/h323plus_cvs/src/h235/h235con.cxx:138:29: warning: unused variable 'empty' [-Wunused-variable]

/opt/openwrt-svn-trunk/build_dir/target-arm_v5te_uClibc-0.9.32_eabi/h323plus_cvs/src/h235/h235con.cxx: In member function 'unsigned char* H235Session::RawWrite(unsigned char*, int&)':

/opt/openwrt-svn-trunk/build_dir/target-arm_v5te_uClibc-0.9.32_eabi/h323plus_cvs/src/h235/h235con.cxx:656:42: error: cannot convert 'EVP_MD_CTX* {aka env_md_ctx_st*}' to 'const EVP_MD* {aka const env_md_st*}' for argument '1' to 'int EVP_MD_size(const EVP_MD*)'

/opt/openwrt-svn-trunk/build_dir/target-arm_v5te_uClibc-0.9.32_eabi/ptlib2_svn/include/ptlib/sound.h: At global scope:

/opt/openwrt-svn-trunk/build_dir/target-arm_v5te_uClibc-0.9.32_eabi/ptlib2_svn/include/ptlib/sound.h:761:1: warning: 'PPlugin_PSoundChannel_WAVFile_loader' defined but not used [-Wunused-variable]

/opt/openwrt-svn-trunk/build_dir/target-arm_v5te_uClibc-0.9.32_eabi/ptlib2_svn/include/ptlib/videoio.h:1176:1: warning: 'PPlugin_PVideoInputDevice_FakeVideo_loader' defined but not used [-Wunused-variable]

/opt/openwrt-svn-trunk/build_dir/target-arm_v5te_uClibc-0.9.32_eabi/ptlib2_svn/include/ptlib/videoio.h:1183:1: warning: 'PPlugin_PVideoInputDevice_FFMPEG_loader' defined but not used [-Wunused-variable]

/opt/openwrt-svn-trunk/build_dir/target-arm_v5te_uClibc-0.9.32_eabi/ptlib2_svn/include/ptlib/videoio.h:1187:1: warning: 'PPlugin_PVideoInputDevice_YUVFile_loader' defined but not used [-Wunused-variable]

/opt/openwrt-svn-trunk/build_dir/target-arm_v5te_uClibc-0.9.32_eabi/h323plus_cvs/include/h235auth.h:457:1: warning: 'PPlugin_H235Authenticator_Std1_loader' defined but not used [-Wunused-variable]

/opt/openwrt-svn-trunk/build_dir/target-arm_v5te_uClibc-0.9.32_eabi/h323plus_cvs/include/h235/h2356.h:131:1: warning: 'PPlugin_H235Authenticator_Std6_loader' defined but not used [-Wunused-variable]

/opt/openwrt-svn-trunk/build_dir/target-arm_v5te_uClibc-0.9.32_eabi/ptlib2_svn/include/ptlib/pluginmgr.h:175:1: warning: 'PFactoryLoader::PluginLoaderStartup_loader' defined but not used [-Wunused-variable]

make[5]: *** [/opt/openwrt-svn-trunk/build_dir/target-arm_v5te_uClibc-0.9.32_eabi/h323plus_cvs/lib/obj/h235con.o] Error 1

make[5]: Leaving directory `/opt/openwrt-svn-trunk/build_dir/target-arm_v5te_uClibc-0.9.32_eabi/h323plus_cvs/src'

make[4]: *** [optshared] Error 2

make[4]: Leaving directory `/opt/openwrt-svn-trunk/build_dir/target-arm_v5te_uClibc-0.9.32_eabi/h323plus_cvs/src'

make[3]: *** [optshared] Error 2

make[3]: Leaving directory `/opt/openwrt-svn-trunk/build_dir/target-arm_v5te_uClibc-0.9.32_eabi/h323plus_cvs'

make[2]: *** [/opt/openwrt-svn-trunk/build_dir/target-arm_v5te_uClibc-0.9.32_eabi/h323plus_cvs/.built] Error 2

make[2]: Leaving directory `/opt/OpenWRT/feeds/packages/libs/h323plus_cvs'

make[1]: *** [package/feeds/local/h323plus_cvs/compile] Error 2

make[1]: Leaving directory `/opt/openwrt-svn-trunk'

make: *** [package/h323plus_cvs/compile] Error 2

Re: Sha256 executable

2012-01-31T18:16:37Z

We've been asked about including a verifiable hash before, but we do not do it because it provides a false sense of security. If you get AES Crypt directly from http://www.aescrypt.com, then you would be getting the genuine software. If we posted an SHA-1 or MD5 hash of the file, it might make you feel better to know it matches. However, if somebody was able to compromise the server and replace the AES Crypt executable code, then somebody would have the ability to also change the hash values. Thus, it provides a false sense of security. For that reason, we do not produce hash values. If you need absolute guarantees that the code has not been tampered with, it's best to build the software from the source code and to inspect the source code.

An encrypted file is larger, but the size is fixed. We allocate about 128 octets for non-encrypted extensions, like the CREATED_BY field. This is not required in the file format (it could be zero-length, just consuming two or three bytes). We also have encryption keys, IVs, HMACs, and other small pieces of data in each file. All of the details are documented in the .aes file format (http://www.aescrypt.com/aes_file_format.html)

Re: 64bit compilation

2012-01-31T11:26:49Z

Delete the existing 2010 project and upgrade the 2008 project. It should contain a x64 configuration.

Sha256 executable

2012-01-31T09:54:19Z

Hello... I just wanted to ask you about verifiable downloads or signature files like we see in gpg4win or truecrypt. Also i wanted to ask you that the file size of encrypted file is significantly larger by about 150 bytes (excluding AES CREATED_BY (windows) 3.06 etc) ! What is the extra data? Thankyou!

64bit compilation

2012-01-31T07:34:35Z

hello,

Is it possible for H.323plus to be compiled in Windows 7 - 64 bits (using Visual Studio 2010)? Can someone guide me on this? Thank you.

Best regards,
Jess

Re: AV bug in listener app

2012-01-24T09:45:23Z

Be careful using PTLIB SVN. It is suggested that you use the last stable release of PTLIB with h323plus CVS to avoid issues such as this. If you do use the SVN make sure you do regular SVN updates for fixes (and of course you WILL find new bugs)

The error you are trying to fix was fixed November last year.
http://opalvoip.svn.sourceforge.net/viewvc/opalvoip/ptlib/trunk/src/ptlib/msos/win32.cxx?r1=26095&r2=26698

Simon

Solution

2012-01-23T22:04:21Z

I tried to change PThread::SetAutoDelete() method at ..\h323DLL\PTLIB\src\ptlib\msos\win32.cxx:963.
The following code works fine so far.



void PThread::SetAutoDelete(AutoDeleteFlag deletion)

{

  PAssert(deletion != AutoDeleteThread || this != &PProcess::Current(), PLogicError);

  

  //OLD:

  //if (autoDelete == (deletion != AutoDeleteThread))

  //  return;

  //autoDelete = deletion == AutoDeleteThread;



  //NEW:

  const bool value_to_set = (deletion == AutoDeleteThread);

  if(autoDelete == value_to_set) //already set

	return;

  autoDelete = value_to_set;



  PProcess & process = PProcess::Current();



  process.deleteThreadMutex.Wait();

  if (autoDelete)

    process.autoDeleteThreads.Append(this);

  else {

    process.autoDeleteThreads.DisallowDeleteObjects();

    process.autoDeleteThreads.Remove(this);

    process.autoDeleteThreads.AllowDeleteObjects();

  }

  process.deleteThreadMutex.Signal();

}

Re: AV bug in listener app

2012-01-23T21:22:34Z

So far I find more info while debugging listener app.
The "problem" thread is H225TransportThread (..\h323plus\src\transports.cxx:55).
This thread has AutoDeleteThread flag set by default (PThread::autoDelete = true), so it should be deleted after termination.
Thread proc (..\h323plus\src\transports.cxx:135)



void H225TransportThread::Main()

{

  PTRACE(3, "H225\tStarted incoming call thread");



  if (!transport->HandleFirstSignallingChannelPDU(this))

    delete transport;

}

But HandleFirstSignallingChannelPDU() method has following code
(..\h323plus\src\transports.cxx:849)



PBoolean H323Transport::HandleFirstSignallingChannelPDU(PThread * thread)

{

<..........>

    thread->SetNoAutoDelete();

<..........>

}

The call to SetNoAutoDelete() (...\PTLIB\src\ptlib\msos\win32.cxx:963) passed by debugger, but don`t change PThread::autoDelete flag. So thread object deleted after termination and then deleted again by H323Transport in CleanUpOnTermination() method (..\h323plus\src\transports.cxx:888), this cause access violation error.

AV bug in listener app

2012-01-18T23:43:14Z

Windows XP
MS VS 2008
ptlib-2.10.1
h323plus-1.23.0

I get AV when listener app tries to delete h245listener thread.
..\h323plus\src\transports.cxx:888



void H323Transport::CleanUpOnTermination()

{

  Close();



  if (thread != NULL) {

    PTRACE(3, "H323\tH323Transport::CleanUpOnTermination for " << thread->GetThreadName());

    PAssert(thread->WaitForTermination(10000), "Transport thread did not terminate");

    delete thread; //FAIL: it seems that thread  already deleted, but its pointer isn`t NULL

    thread = NULL;

  }

}

Call stack:

h323-listener.exe!H323Transport::CleanUpOnTermination() Line 888 + 0x22 bytes C++
h323-listener.exe!H323Connection::CleanUpOnCallEnd() Line 831 C++
h323-listener.exe!H323EndPoint::CleanUpConnections() Line 1983 C++
h323-listener.exe!H323ConnectionsCleaner::Main() Line 291 C++
h323-listener.exe!PThread::MainFunction(void * threadPtr=0x014c69a0) Line 723 C++
msvcr90d.dll!_callthreadstartex() Line 348 + 0xf bytes C
msvcr90d.dll!_threadstartex(void * ptd=0x014c80e0) Line 331 C

I written sample apps (h323-caller and h323-listener) to check how it works, but can`t go on.
Here they are http://share.netbynet.ru/291h323samples.zip (23 kb)

When I use h323-caller as caller with CallGen sample as listener (http://www.h323plus.org/source/download ... 1_23_0.zip) the same thing happens.

Re: Mac GUI crashes on startup

2012-01-18T02:53:11Z

Sorry for the delay. We have new Mac packages available at www.aescrypt.com. Hopefully, these will work appropriately for the x86 and PPC machines.

Re: H.323 vs. SIP

2012-01-17T01:38:22Z

Jim,

I think the answer to the question is actually fairly simple: because that is what the major service providers are offering. Given the rise in mobile phones, that's where carriers are looking to make the bulk of their revenue. They are also of the mind that people using those mobile phones will use their phone services. That's a logical assumption, but what protocols do they implement? That's where 3GPP comes in. They decided back in 1999 to adopt SIP as the protocol of choice on mobile networks. As a part of that work, they created IMS, which is a SIP network that sits in the service provider cloud. It's complex has heck and may or may not offer any better quality than Skype over 4G Certainly, IMS is not better at providing voice over 3G than the GSM protocols of old.

Nonetheless, carriers have adopted SIP for mobile. They're also adopting SIP on the land-line side, as that only makes sense. Some have even tried pushing the complex IMS stuff into the enterprise. I'm not convinced that's a good idea, but that's a debate for another day.

And so, the mere fact that SIP is what carriers are predominantly offering these days is probably the single biggest reason to use SIP for trunk connections between the enterprise and the rest of the world. It doesn't really matter that SIP is fairly weak in terms of many features. Service providers do not offer a rich set of features, anyway.

For enterprise video conferencing equipment that connects only to other enterprise video conferencing equipment (either over a LAN or WAN), then H.323 is a good choice. In that case, the protocol really does not matter (as far as the service provider is concerned) and H.323 provides a richer set of video capabilities.

Re: H.323 vs. SIP

2012-01-16T23:20:18Z

whshockey2000 wrote:
On the topic of H.323 vs SIP...after reviewing the site I have a couple of questions. I will be presenting benfits for video conferencing through SIP as well as how our company would benefit by migration from H.323 to SIP. It seems that after reading Packetizers "H.323 vs. SIP" article that this would be counter intuitive. Any suggestions?

By the way, I'd be interested to hear if anyone else has any more suggestions.

Thanks in advance,

-Jim

Re: Android Version?

2012-01-16T21:45:21Z

Paulej, you are quite correct that using a single file from Dropbox would make storage of AES encrypted private information a breeze for remote users. That was what I hoped to find.

Kenkendk, Thanks for the pointers to alternative solutions. I am, in fact, currently using APG for the Android end of this system. It's working okay, but could be a little simpler for the end-user to invoke decryptions.

Insofar as writing another notepad app, perhaps AES Crypt for Android could hook an existing file browser (such as Astro, an excellent product) for its file management use, and also call an existing text editor for base file creation and display (Jota is also an excellent choice). I suspect this would simplify the task of producing an Android version of AES Crypt, but, again, I'm not a programmer, so I really don't know if this idea would work.

My current goal is to administer the Private_File information from one desktop system, encrypt it, then overwrite the existing file in whatever single location is accesible to all devices. This makes administration of the base information much easier, since only one system needs to be bulletproofed for local storage and processing, and the others can use the AES file on a (hopefully) secure, as-needed basis, deleting the file when the current access/task is complete. This method should lessen the possibility of the unencrypted file falling into the wrong hands.

The only other piece of this puzzle would be a sniffer program running on each client to intercept malware attempts to tap into AES Crypt, or to sniff the system bus (or some such method) in order to get access to the private information. Of course, that is an entirely different project, and not a simple one.

Once again, Thanks!

Bohamut

number of encryption rounds

2012-01-15T16:24:03Z

why AES 128 number of round 10?
so also with 192 = 12, and 256 = 14?

information please

thank you

Re: Secure Password Generator

2012-01-10T08:07:56Z

I start to work immediately, thanks for the binary and the C code

Re: Secure Password Generator

2012-01-09T22:17:10Z

As you requested, I created C code to do the same thing. It will work on Linux or Windows. I took the Perl script, C code, 32-bit Linux binary, and 32-bit Windows binary and put it into a ZIP file that can be downloaded from the pwgen page.

Re: Secure Password Generator

2012-01-09T17:19:28Z

Good, i have convert the perl into exe but is soo slow to process new password, the original .pl is so fast instead.
I'd like to add this function to my software ( my software now can process file/folder/and text on-the-fly-encryption all with your software ) but i don't know C, if you have some time Paul can you make a binary command-line version of pwgen?
It will be the Icing on the cake

Thanks for your work,
John

Re: Secure Password Generator

2012-01-09T14:15:38Z

The second argument is only used by the function that generates passwords. I didn't write the command-line tool to accept a second argument. If you want to always generate special characters, then change this:

print GeneratePassword($password_length,0) . "\n";

to this:

print GeneratePassword($password_length,1) . "\n";

If you really want a command-line argument, then you could change the MAIN routine to look like this:



#

# MAIN

#

{

    my $password_length;

    my $use_special_characters = 0;



    #

    # Grab the requested password length from the command-line

    #

    if ($#ARGV >= 0)

    {

        $password_length = $ARGV[0];

        if (!($password_length > 0))

        {

            $password_length = $main::default_password_length;

        }

    }

    else

    {

        $password_length = $main::default_password_length;

    }



    #

    # Use special characters?

    #

    if ($#ARGV >= 1)

    {

        if ($ARGV[1] == 1)

        {

            $use_special_characters = 1;

        }

    }



    # We will not utilize special char

    print GeneratePassword($password_length,$use_special_characters) . "\n";

}

As I indicated in on this page, use of special characters provides very little additional strength and adding just one more normal character on most passwords would provide more strength against attacks. I'm not a fan of using special characters given that they're hard for normal users to deal with and they add no significant value.

Re: Secure Password Generator

2012-01-09T07:10:17Z

The second argument seems not work for me. I have try to do:
Pwgen 15 1
The result is a psw with 12 character with no special. If the second argument is 1, it generate always default psw with 12 letter.
What i'm do wrong?
Thanks

Re: Secure Password Generator

2012-01-08T23:36:49Z

The function that generates the password strings will select characters at random. If the second argument is '1', it will use special characters. However, I do not and will not force the routine to generate a certain number of special characters. Doing so would mean the result is not entirely random.

Further, I see no real value in the special characters, as I mention on the web page. Many system admins believe that is provides extra security. But, if you do the math, you see the additional security is virtually non-existent. Just one additional alpha-numeric character in the password far exceeds the strength of the same size password that uses special characters. What is important is the "strength" in terms of the number of random bits. (Unicode would help produce shorter passwords with significant strength, but most of us are not able to deal with Unicode character strings right now. I certainly would not have the ability to type in certain characters used in Asia, for example.)

As for getting the pwgen script to work on Windows, it would to work just fine if you do two things:
1) convert the script to have LF/CR at the end (rather than just LF as used on Linux)
2) Install Perl on Windows, including the required Math library for generating random numbers

I'm not sure if the Math library is dependent on Linux's /dev/random or not. You could just change the call to irand() to int(rand()) and use Perl's default pseudo-random number generator. But, I prefer to go with strength and use the better random number generator. That's what is used to generate passwords on the web page.

It would also be fairly easy to create a C version of this program, too. Windows has some crypto APIs for generating random numbers. I used those in AES Crypt for Windows. Given how simple the program is, if you want an exe (versus a Perl script), just re-write it in C.

Re: Secure Password Generator

2012-01-08T09:09:17Z

Seems nice, can you post the command-line exe for pwgen?
I have windows and i have try to compile the perl into .exe but without success.
Thanks

Another thing, i think is useful to add another command. Now is
Pwgen lenght
It think is better to do:
Pwgen "lenght" "special character" like:
Pwgen 12 5
Result is a password of 12 letter with 5 special character, the second command can't be > lenght

Regarding 128 bit encryption

2012-01-07T06:13:59Z

I have down loaded the java source file from AESCrypt.com and executed this program (successfully encrypt and decrypt file) . But this is programs runs only when JCE policy files are included in jdk security folder(ie programs is 256 bit encryption type). I am trying this programs to encrypt file using 128 bit but i was not able get logic.
Please can you explain me, How i can make use of this 128 bit encrypt er for this code(i mean what changes i have to do).

thanks,

Secure Password Generator

2012-01-06T06:38:42Z

I have been asked many times about creating secure passwords. Passwords do not have to be significantly long to be secure. so, I put together this page that will generate useful and secure passwords for web sites and AES Crypt.

https://secure.packetizer.com/pwgen/

I would welcome any comments, especially if you find an error in the math.

Re: How to make H323 call with H.460(18 and 19) enabled? Tha

2012-01-05T00:01:50Z

You will need GnuGk v3. For baseline endpoint support for H.460.18/.19 you will need h323plus v1.23 For more advanced features like multiplexing use the CVS

GNU Gatekeeper 3.0

2012-01-04T14:10:37Z

I'm pleased to announce GnuGk 3.0.

You can download the new version at
http://www.gnugk.org/h323download.html

New features:

full traversal zone support (gatekeeper-to-gatekeeper H.460.18/.19)
Now you can place one GnuGk behind a firewall and let it tunnel out
the calls for all other devices behind the firewall eg. to a VCS or
to another GnuGk.
This was probably the most request feature in the past.
full IPv6 support (incl. IPv4-IPv6 proxying)
With the proxy function, you can let GnuGk manage a network of IPv6
endpoints and connect them to the IPv4 network or make legacy
endpoints reachable for IPv6 calls.
RTP multiplexing (all calls to and from devices supporting H.460.19
will only use 2 sockets total)
rewrite destination IPs into aliases
ENUM, SRV and RDS routing policies extended for LRQs, in case the
calling gatekeeper isn't able to do this
notifications when GnuGk opens listen ports
This allows you to update firewall rules on the fly, so you only have
the minimum amount of ports open.
improved H.235 password authentication with neighbors
massive performance improvement when (re-)loading large numbers of GW
rewrites
interop fixes for Polycom m100 and Sorenson endpoints
fixes in the underlying libraries so *BSD systems can get the latest
GnuGk features
a few bug fixes

We provide executables for Linux (32 and 64 bit), Windows, MacOS X,
FreeBSD, OpenBSD, NetBSD and Solaris.

Re: Android Version?

2012-01-04T01:24:56Z

There are some good reasons for wanting an Android app that reads/writes the AES Crypt file format. I'd like to have one myself. Where I would like use AES Crypt for Android is when transferring files to the phone or tablet via services like Dropbox, and doing so without the fear that somebody might hack into my Dropbox account and/or convince a customer service rep to hand over the password.

How to make H323 call with H.460(18 and 19) enabled? Thanks!

2012-01-03T21:26:06Z

Hello,

I am new to H323plus, I have some questions about H.460, Thanks in advance for your time!

I just did the following today:
- compiled ptlib-2.10.1-src
- compiled h323plus-v1_23_0
- running simpleplus in my two PCs, and make them call each other ( no gatekeeper) successfully

now I want to test and be familiar with H.460: could you tell me how I can setup a H.460 enabled call with H323plus? which kind of termial (simpleplus? or MyPhone2?) ) I need to use and how to setup the configaration?
do I need to start gnugk-2.3.5 for H.460? Thanks!

Regards,
Bo Xu