Wed Jan 8 2020 09:49:46

Asterisk developer's documentation


crypto.h
Go to the documentation of this file.
1 /*
2  * Asterisk -- An open source telephony toolkit.
3  *
4  * Copyright (C) 1999 - 2010, Digium, Inc.
5  *
6  * Mark Spencer <markster@digium.com>
7  *
8  * See http://www.asterisk.org for more information about
9  * the Asterisk project. Please do not directly contact
10  * any of the maintainers of this project for assistance;
11  * the project provides a web site, mailing lists and IRC
12  * channels for your use.
13  *
14  * This program is free software, distributed under the terms of
15  * the GNU General Public License Version 2. See the LICENSE file
16  * at the top of the source tree.
17  */
18 
19 /*! \file
20  * \brief Provide cryptographic signature routines
21  */
22 
23 #ifndef _ASTERISK_CRYPTO_H
24 #define _ASTERISK_CRYPTO_H
25 
26 #if defined(__cplusplus) || defined(c_plusplus)
27 extern "C" {
28 #endif
29 
30 #include "asterisk/optional_api.h"
31 #include "asterisk/logger.h"
32 
33 #ifdef HAVE_CRYPTO
34 #include "openssl/aes.h"
35 typedef AES_KEY ast_aes_encrypt_key;
36 typedef AES_KEY ast_aes_decrypt_key;
37 #else /* !HAVE_CRYPTO */
38 typedef char ast_aes_encrypt_key;
39 typedef char ast_aes_decrypt_key;
40 #endif /* HAVE_CRYPTO */
41 
42 #define AST_KEY_PUBLIC (1 << 0)
43 #define AST_KEY_PRIVATE (1 << 1)
44 
45 struct ast_key;
46 
47 /*!
48  * \brief Retrieve a key
49  * \param name of the key we are retrieving
50  * \param int type of key (AST_KEY_PUBLIC or AST_KEY_PRIVATE)
51  *
52  * \retval the key on success.
53  * \retval NULL on failure.
54  */
55 AST_OPTIONAL_API(struct ast_key *, ast_key_get, (const char *key, int type), { return NULL; });
56 
57 /*!
58  * \brief Check the authenticity of a message signature using a given public key
59  * \param key a public key to use to verify
60  * \param msg the message that has been signed
61  * \param sig the proposed valid signature in mime64-like encoding
62  *
63  * \retval 0 if the signature is valid.
64  * \retval -1 otherwise.
65  *
66  */
67 AST_OPTIONAL_API(int, ast_check_signature, (struct ast_key *key, const char *msg, const char *sig), { return -1; });
68 
69 /*!
70  * \brief Check the authenticity of a message signature using a given public key
71  * \param key a public key to use to verify
72  * \param msg the message that has been signed
73  * \param sig the proposed valid signature in raw binary representation
74  *
75  * \retval 0 if the signature is valid.
76  * \retval -1 otherwise.
77  *
78  */
79 AST_OPTIONAL_API(int, ast_check_signature_bin, (struct ast_key *key, const char *msg, int msglen, const unsigned char *sig), { return -1; });
80 
81 /*!
82  * \brief Sign a message signature using a given private key
83  * \param key a private key to use to create the signature
84  * \param msg the message to sign
85  * \param sig a pointer to a buffer of at least 256 bytes in which the
86  * mime64-like encoded signature will be stored
87  *
88  * \retval 0 on success.
89  * \retval -1 on failure.
90  *
91  */
92 AST_OPTIONAL_API(int, ast_sign, (struct ast_key *key, char *msg, char *sig), { return -1; });
93 
94 /*!
95  * \brief Sign a message signature using a given private key
96  * \param key a private key to use to create the signature
97  * \param msg the message to sign
98  * \param sig a pointer to a buffer of at least 128 bytes in which the
99  * raw encoded signature will be stored
100  *
101  * \retval 0 on success.
102  * \retval -1 on failure.
103  *
104  */
105 AST_OPTIONAL_API(int, ast_sign_bin, (struct ast_key *key, const char *msg, int msglen, unsigned char *sig), { return -1; });
106 
107 /*!
108  * \brief Encrypt a message using a given private key
109  * \param key a private key to use to encrypt
110  * \param src the message to encrypt
111  * \param srclen the length of the message to encrypt
112  * \param dst a pointer to a buffer of at least srclen * 1.5 bytes in which the encrypted
113  * answer will be stored
114  *
115  * \retval length of encrypted data on success.
116  * \retval -1 on failure.
117  *
118  */
119 AST_OPTIONAL_API(int, ast_encrypt_bin, (unsigned char *dst, const unsigned char *src, int srclen, struct ast_key *key), { return -1; });
120 
121 /*!
122  * \brief Decrypt a message using a given private key
123  * \param key a private key to use to decrypt
124  * \param src the message to decrypt
125  * \param srclen the length of the message to decrypt
126  * \param dst a pointer to a buffer of at least srclen bytes in which the decrypted
127  * answer will be stored
128  *
129  * \retval length of dencrypted data on success.
130  * \retval -1 on failure.
131  *
132  */
133 AST_OPTIONAL_API(int, ast_decrypt_bin, (unsigned char *dst, const unsigned char *src, int srclen, struct ast_key *key), { return -1; });
134 
135 /*!
136  * \brief Set an encryption key
137  * \param key a 16 char key
138  * \param ctx address of an aes encryption context
139  *
140  * \retval 0 success
141  * \retval nonzero failure
142  */
144  (const unsigned char *key, ast_aes_encrypt_key *ctx),
145  { ast_log(LOG_WARNING, "AES encryption disabled. Install OpenSSL.\n"); return -1; });
146 
147 /*!
148  * \brief Set a decryption key
149  * \param key a 16 char key
150  * \param ctx address of an aes encryption context
151  *
152  * \retval 0 success
153  * \retval nonzero failure
154  */
156  (const unsigned char *key, ast_aes_decrypt_key *ctx),
157  { ast_log(LOG_WARNING, "AES encryption disabled. Install OpenSSL.\n"); return -1; });
158 
159 /*!
160  * \brief AES encrypt data
161  * \param in data to be encrypted
162  * \param out pointer to a buffer to hold the encrypted output
163  * \param ctx address of an aes encryption context filled in with ast_aes_set_encrypt_key
164  */
166  (const unsigned char *in, unsigned char *out, const ast_aes_encrypt_key *ctx),
167  { ast_log(LOG_WARNING, "AES encryption disabled. Install OpenSSL.\n");return; });
168 
169 /*!
170  * \brief AES decrypt data
171  * \param in encrypted data
172  * \param out pointer to a buffer to hold the decrypted output
173  * \param ctx address of an aes encryption context filled in with ast_aes_set_decrypt_key
174  */
176  (const unsigned char *in, unsigned char *out, const ast_aes_decrypt_key *ctx),
177  { ast_log(LOG_WARNING, "AES encryption disabled. Install OpenSSL.\n");return; });
178 
179 AST_OPTIONAL_API(int, ast_crypto_loaded, (void), { return 0; });
180 
181 #if defined(__cplusplus) || defined(c_plusplus)
182 }
183 #endif
184 
185 #endif /* _ASTERISK_CRYPTO_H */
int ast_decrypt_bin(unsigned char *dst, const unsigned char *src, int srclen, struct ast_key *key)
Decrypt a message using a given private key.
Definition: res_crypto.c:331
int ast_check_signature_bin(struct ast_key *key, const char *msg, int msglen, const unsigned char *sig)
Check the authenticity of a message signature using a given public key.
Definition: res_crypto.c:411
int ast_crypto_loaded(void)
Definition: res_crypto.c:456
Optional API function macros.
int ast_aes_set_encrypt_key(const unsigned char *key, ast_aes_encrypt_key *ctx)
Set an encryption key.
Definition: res_crypto.c:461
#define LOG_WARNING
Definition: logger.h:144
#define AST_OPTIONAL_API(result, name, proto, stub)
Define an optional API function.
Definition: optional_api.h:233
void ast_aes_decrypt(const unsigned char *in, unsigned char *out, const ast_aes_decrypt_key *ctx)
AES decrypt data.
Definition: res_crypto.c:476
AES_KEY ast_aes_encrypt_key
Definition: crypto.h:35
void ast_aes_encrypt(const unsigned char *in, unsigned char *out, const ast_aes_encrypt_key *ctx)
AES encrypt data.
Definition: res_crypto.c:471
int ast_encrypt_bin(unsigned char *dst, const unsigned char *src, int srclen, struct ast_key *key)
Encrypt a message using a given private key.
Definition: res_crypto.c:363
int ast_sign_bin(struct ast_key *key, const char *msg, int msglen, unsigned char *sig)
Sign a message signature using a given private key.
Definition: res_crypto.c:299
int ast_aes_set_decrypt_key(const unsigned char *key, ast_aes_decrypt_key *ctx)
Set a decryption key.
Definition: res_crypto.c:466
void ast_log(int level, const char *file, int line, const char *function, const char *fmt,...)
Used for sending a log message This is the standard logger function. Probably the only way you will i...
Definition: logger.c:1207
int ast_sign(struct ast_key *key, char *msg, char *sig)
Sign a message signature using a given private key.
Definition: res_crypto.c:394
AES_KEY ast_aes_decrypt_key
Definition: crypto.h:36
static const char type[]
Definition: chan_nbs.c:57
Support for logging to various files, console and syslog Configuration in file logger.conf.
int ast_check_signature(struct ast_key *key, const char *msg, const char *sig)
Check the authenticity of a message signature using a given public key.
Definition: res_crypto.c:440
struct ast_key * ast_key_get(const char *key, int type)
Retrieve a key.
Definition: res_crypto.c:136