Xml File Encryption; Figure 2: Using Web Ui To Define The Xml Configuration File Password - Grandstream Networks SIP Device Provisioning Manual

</gs_provision>
The mac element is not mandatory. It is designed this way because not all provision systems
support MAC address. If it is present, the provision program will validate the mac element with
the actual MAC address on the device.
XML F E
ILE NCRYPTION
The XML configuration file may be encrypted using AES-256-CBC algorithm. The encryption
password is defined in P1359 (XML Config File Password) of the configuration file. The
encryption may use salt to enhance security. The algorithm to derive the key and IV from a
password is the same as the one used by OpenSSL:
The OpenSSL command-line to encrypt the file is as follows:
Openssl enc –e –aes-256-cbc –k password –in config.xml –out cfgxxxxxxxxxxxx.xml
Alternatively, users can also set the XML Config File Password in the web UI of the phone.

Figure 2: Using web UI to define the XML Configuration File Password

When the XML configuration file is encrypted using this method, the phone would only be able
to decrypt and parse the file if user set the XML Config File Password in P1349 of binary
configuration file or in the web UI.
Grandstream Networks, Inc. SIP Device Provisioning Guide Page 8 of 9
www.grandstream.com Last Updated: 9/2012