00001 /* 00002 * Asterisk -- An open source telephony toolkit. 00003 * 00004 * Copyright (C) 1999 - 2010, Digium, Inc. 00005 * 00006 * Mark Spencer <markster@digium.com> 00007 * 00008 * See http://www.asterisk.org for more information about 00009 * the Asterisk project. Please do not directly contact 00010 * any of the maintainers of this project for assistance; 00011 * the project provides a web site, mailing lists and IRC 00012 * channels for your use. 00013 * 00014 * This program is free software, distributed under the terms of 00015 * the GNU General Public License Version 2. See the LICENSE file 00016 * at the top of the source tree. 00017 */ 00018 00019 /*! \file 00020 * \brief Provide cryptographic signature routines 00021 */ 00022 00023 #ifndef _ASTERISK_CRYPTO_H 00024 #define _ASTERISK_CRYPTO_H 00025 00026 #if defined(__cplusplus) || defined(c_plusplus) 00027 extern "C" { 00028 #endif 00029 00030 #include "asterisk/optional_api.h" 00031 #include "asterisk/logger.h" 00032 00033 #ifdef HAVE_CRYPTO 00034 #include "openssl/aes.h" 00035 typedef AES_KEY ast_aes_encrypt_key; 00036 typedef AES_KEY ast_aes_decrypt_key; 00037 #else /* !HAVE_CRYPTO */ 00038 typedef char ast_aes_encrypt_key; 00039 typedef char ast_aes_decrypt_key; 00040 #endif /* HAVE_CRYPTO */ 00041 00042 #define AST_KEY_PUBLIC (1 << 0) 00043 #define AST_KEY_PRIVATE (1 << 1) 00044 00045 struct ast_key; 00046 00047 /*! 00048 * \brief Retrieve a key 00049 * \param name of the key we are retrieving 00050 * \param int type of key (AST_KEY_PUBLIC or AST_KEY_PRIVATE) 00051 * 00052 * \retval the key on success. 00053 * \retval NULL on failure. 00054 */ 00055 AST_OPTIONAL_API(struct ast_key *, ast_key_get, (const char *key, int type), { return NULL; }); 00056 00057 /*! 00058 * \brief Check the authenticity of a message signature using a given public key 00059 * \param key a public key to use to verify 00060 * \param msg the message that has been signed 00061 * \param sig the proposed valid signature in mime64-like encoding 00062 * 00063 * \retval 0 if the signature is valid. 00064 * \retval -1 otherwise. 00065 * 00066 */ 00067 AST_OPTIONAL_API(int, ast_check_signature, (struct ast_key *key, const char *msg, const char *sig), { return -1; }); 00068 00069 /*! 00070 * \brief Check the authenticity of a message signature using a given public key 00071 * \param key a public key to use to verify 00072 * \param msg the message that has been signed 00073 * \param sig the proposed valid signature in raw binary representation 00074 * 00075 * \retval 0 if the signature is valid. 00076 * \retval -1 otherwise. 00077 * 00078 */ 00079 AST_OPTIONAL_API(int, ast_check_signature_bin, (struct ast_key *key, const char *msg, int msglen, const unsigned char *sig), { return -1; }); 00080 00081 /*! 00082 * \brief Sign a message signature using a given private key 00083 * \param key a private key to use to create the signature 00084 * \param msg the message to sign 00085 * \param sig a pointer to a buffer of at least 256 bytes in which the 00086 * mime64-like encoded signature will be stored 00087 * 00088 * \retval 0 on success. 00089 * \retval -1 on failure. 00090 * 00091 */ 00092 AST_OPTIONAL_API(int, ast_sign, (struct ast_key *key, char *msg, char *sig), { return -1; }); 00093 00094 /*! 00095 * \brief Sign a message signature using a given private key 00096 * \param key a private key to use to create the signature 00097 * \param msg the message to sign 00098 * \param sig a pointer to a buffer of at least 128 bytes in which the 00099 * raw encoded signature will be stored 00100 * 00101 * \retval 0 on success. 00102 * \retval -1 on failure. 00103 * 00104 */ 00105 AST_OPTIONAL_API(int, ast_sign_bin, (struct ast_key *key, const char *msg, int msglen, unsigned char *sig), { return -1; }); 00106 00107 /*! 00108 * \brief Encrypt a message using a given private key 00109 * \param key a private key to use to encrypt 00110 * \param src the message to encrypt 00111 * \param srclen the length of the message to encrypt 00112 * \param dst a pointer to a buffer of at least srclen * 1.5 bytes in which the encrypted 00113 * answer will be stored 00114 * 00115 * \retval length of encrypted data on success. 00116 * \retval -1 on failure. 00117 * 00118 */ 00119 AST_OPTIONAL_API(int, ast_encrypt_bin, (unsigned char *dst, const unsigned char *src, int srclen, struct ast_key *key), { return -1; }); 00120 00121 /*! 00122 * \brief Decrypt a message using a given private key 00123 * \param key a private key to use to decrypt 00124 * \param src the message to decrypt 00125 * \param srclen the length of the message to decrypt 00126 * \param dst a pointer to a buffer of at least srclen bytes in which the decrypted 00127 * answer will be stored 00128 * 00129 * \retval length of dencrypted data on success. 00130 * \retval -1 on failure. 00131 * 00132 */ 00133 AST_OPTIONAL_API(int, ast_decrypt_bin, (unsigned char *dst, const unsigned char *src, int srclen, struct ast_key *key), { return -1; }); 00134 00135 /*! 00136 * \brief Set an encryption key 00137 * \param key a 16 char key 00138 * \param ctx address of an aes encryption context 00139 * 00140 * \retval 0 success 00141 * \retval nonzero failure 00142 */ 00143 AST_OPTIONAL_API(int, ast_aes_set_encrypt_key, 00144 (const unsigned char *key, ast_aes_encrypt_key *ctx), 00145 { ast_log(LOG_WARNING, "AES encryption disabled. Install OpenSSL.\n"); return -1; }); 00146 00147 /*! 00148 * \brief Set a decryption key 00149 * \param key a 16 char key 00150 * \param ctx address of an aes encryption context 00151 * 00152 * \retval 0 success 00153 * \retval nonzero failure 00154 */ 00155 AST_OPTIONAL_API(int, ast_aes_set_decrypt_key, 00156 (const unsigned char *key, ast_aes_decrypt_key *ctx), 00157 { ast_log(LOG_WARNING, "AES encryption disabled. Install OpenSSL.\n"); return -1; }); 00158 00159 /*! 00160 * \brief AES encrypt data 00161 * \param in data to be encrypted 00162 * \param out pointer to a buffer to hold the encrypted output 00163 * \param ctx address of an aes encryption context filled in with ast_aes_set_encrypt_key 00164 */ 00165 AST_OPTIONAL_API(void, ast_aes_encrypt, 00166 (const unsigned char *in, unsigned char *out, const ast_aes_encrypt_key *ctx), 00167 { ast_log(LOG_WARNING, "AES encryption disabled. Install OpenSSL.\n");return; }); 00168 00169 /*! 00170 * \brief AES decrypt data 00171 * \param in encrypted data 00172 * \param out pointer to a buffer to hold the decrypted output 00173 * \param ctx address of an aes encryption context filled in with ast_aes_set_decrypt_key 00174 */ 00175 AST_OPTIONAL_API(void, ast_aes_decrypt, 00176 (const unsigned char *in, unsigned char *out, const ast_aes_decrypt_key *ctx), 00177 { ast_log(LOG_WARNING, "AES encryption disabled. Install OpenSSL.\n");return; }); 00178 00179 AST_OPTIONAL_API(int, ast_crypto_loaded, (void), { return 0; }); 00180 00181 #if defined(__cplusplus) || defined(c_plusplus) 00182 } 00183 #endif 00184 00185 #endif /* _ASTERISK_CRYPTO_H */