IP Phone User Manual
Grandstream Networks, Inc. XML Provisioning Guide Page 4 of 5
www.grandstream.com Last Updated: 7/2011
<gs_provision version="1">
<mac>000b82123456</mac>
<config version="1">
<P271>0</P271>
<P270>Account name</P270>
</config>
</gs_provision>
The mac element is not mandatory. It is designed this way because not all provision systems support
MAC address. If it is present, the provision program will validate the mac element with the actual MAC
address on the device.
XML FILE ENCRYPTION
The XML configuration file may be encrypted using AES-256-CBC algorithm. The encryption password is
defined in P1359 (XML Config File Password) of the configuration file. The encryption may use salt to
enhance security. The algorithm to derive the key and IV from a password is the same as the one used
by OpenSSL:
The OpenSSL command-line to encrypt the file is as follows:
Openssl enc –e –aes-256-cbc –k password –in config.xml –out cfgxxxxxxxxxxxx.xml
Alternatively, users can also set the XML Config File Password in the web UI of the phone.
Figure 2: Using web UI to define the XML Configuration File Password
When the XML configuration file is encrypted using this method, the phone would only be able to decrypt
and parse the file if user set the XML Config File Password in P1349 of binary configuration file or in the
web UI.