certificate.c File Reference

#include "asterisk.h"
#include <sys/stat.h>
#include "asterisk/cli.h"
#include "asterisk/sorcery.h"
#include "stir_shaken.h"
#include "certificate.h"
#include "asterisk/res_stir_shaken.h"

Include dependency graph for certificate.c:

Go to the source code of this file.

Data Structures
struct	stir_shaken_certificate

Macros
#define	CONFIG_TYPE   "certificate"
#define	TEST_CONFIG_NAME   "test_stir_shaken_certificate"
#define	TEST_CONFIG_URL   "http://testing123"

Functions
static int	attestation_to_str (const void *obj, const intptr_t *args, char **buf)
static int	on_load_attestation (const struct aco_option *opt, struct ast_variable *var, void *obj)
static int	on_load_path (const struct aco_option *opt, struct ast_variable *var, void *obj)
static int	on_load_public_cert_url (const struct aco_option *opt, struct ast_variable *var, void *obj)
static int	path_to_str (const void *obj, const intptr_t *args, char **buf)
static int	public_cert_url_to_str (const void *obj, const intptr_t *args, char **buf)
static void *	stir_shaken_certificate_alloc (const char *name)
static int	stir_shaken_certificate_apply (const struct ast_sorcery *sorcery, void *obj)
static void	stir_shaken_certificate_destructor (void *obj)
static struct stir_shaken_certificate *	stir_shaken_certificate_get (const char *id)
static struct ao2_container *	stir_shaken_certificate_get_all (void)
const char *	stir_shaken_certificate_get_attestation (struct stir_shaken_certificate *cert)
	Get the attestation level associated with a certificate. More...
struct stir_shaken_certificate *	stir_shaken_certificate_get_by_caller_id_number (const char *caller_id_number)
	Get a STIR/SHAKEN certificate by caller ID number. More...
EVP_PKEY *	stir_shaken_certificate_get_private_key (struct stir_shaken_certificate *cert)
	Get the private key associated with a certificate. More...
const char *	stir_shaken_certificate_get_public_cert_url (struct stir_shaken_certificate *cert)
	Get the public key URL associated with a certificate. More...
int	stir_shaken_certificate_load (void)
	Load time initialization for the stir/shaken 'certificate' configuration. More...
static char *	stir_shaken_certificate_show (struct ast_cli_entry *e, int cmd, struct ast_cli_args *a)
static char *	stir_shaken_certificate_show_all (struct ast_cli_entry *e, int cmd, struct ast_cli_args *a)
int	stir_shaken_certificate_unload (void)
	Unload time cleanup for the stir/shaken 'certificate' configuration. More...
int	test_stir_shaken_cleanup_cert (const char *caller_id_number)
int	test_stir_shaken_create_cert (const char *caller_id_number, const char *file_path)

Variables
static struct ast_cli_entry	stir_shaken_certificate_cli []

Macro Definition Documentation

CONFIG_TYPE

#define CONFIG_TYPE   "certificate"

Definition at line 30 of file certificate.c.

Referenced by stir_shaken_certificate_get(), stir_shaken_certificate_get_all(), stir_shaken_certificate_load(), test_stir_shaken_cleanup_cert(), and test_stir_shaken_create_cert().

TEST_CONFIG_NAME

#define TEST_CONFIG_NAME   "test_stir_shaken_certificate"

Definition at line 276 of file certificate.c.

Referenced by test_stir_shaken_create_cert().

TEST_CONFIG_URL

#define TEST_CONFIG_URL   "http://testing123"

Definition at line 278 of file certificate.c.

Referenced by test_stir_shaken_create_cert().

Function Documentation

attestation_to_str()

static int attestation_to_str ( const void *  obj, const intptr_t *  args, char **  buf  )

static

Definition at line 264 of file certificate.c.

References ast_strdup, and stir_shaken_certificate::attestation.

Referenced by stir_shaken_certificate_load().

{
   const struct stir_shaken_certificate *cfg = obj;

   *buf = ast_strdup(cfg->attestation);

   return 0;
}

on_load_attestation()

static int on_load_attestation ( const struct aco_option *  opt, struct ast_variable *  var, void *  obj  )

static

Definition at line 251 of file certificate.c.

References ast_log, ast_sorcery_object_get_id(), ast_string_field_set, stir_shaken_certificate::attestation, LOG_ERROR, and ast_variable::value.

Referenced by stir_shaken_certificate_load().

{
   struct stir_shaken_certificate *cfg = obj;

   if (strcmp(var->value, "A") && strcmp(var->value, "B") && strcmp(var->value, "C")) {
      ast_log(LOG_ERROR, "stir/shaken - attestation level must be A, B, or C (object=%s)\n",
         ast_sorcery_object_get_id(cfg));
      return -1;
   }

   return ast_string_field_set(cfg, attestation, var->value);
}

on_load_path()

static int on_load_path ( const struct aco_option *  opt, struct ast_variable *  var, void *  obj  )

static

Definition at line 203 of file certificate.c.

References ast_log, ast_string_field_set, LOG_ERROR, stir_shaken_certificate::path, and ast_variable::value.

Referenced by stir_shaken_certificate_load().

{
   struct stir_shaken_certificate *cfg = obj;
   struct stat statbuf;

   if (stat(var->value, &statbuf)) {
      ast_log(LOG_ERROR, "stir/shaken - path '%s' not found\n", var->value);
      return -1;
   }

   if (!S_ISREG(statbuf.st_mode)) {
      ast_log(LOG_ERROR, "stir/shaken - path '%s' is not a file\n", var->value);
      return -1;
   }

   return ast_string_field_set(cfg, path, var->value);
}

on_load_public_cert_url()

static int on_load_public_cert_url ( const struct aco_option *  opt, struct ast_variable *  var, void *  obj  )

static

Definition at line 230 of file certificate.c.

References ast_begins_with(), ast_log, ast_string_field_set, LOG_ERROR, stir_shaken_certificate::public_cert_url, and ast_variable::value.

Referenced by stir_shaken_certificate_load().

{
   struct stir_shaken_certificate *cfg = obj;

   if (!ast_begins_with(var->value, "http")) {
      ast_log(LOG_ERROR, "stir/shaken - public_cert_url scheme must be 'http[s]'\n");
      return -1;
   }

   return ast_string_field_set(cfg, public_cert_url, var->value);
}

path_to_str()

static int path_to_str ( const void *  obj, const intptr_t *  args, char **  buf  )

static

Definition at line 221 of file certificate.c.

References ast_strdup, and stir_shaken_certificate::path.

Referenced by stir_shaken_certificate_load().

{
   const struct stir_shaken_certificate *cfg = obj;

   *buf = ast_strdup(cfg->path);

   return 0;
}

public_cert_url_to_str()

static int public_cert_url_to_str ( const void *  obj, const intptr_t *  args, char **  buf  )

static

Definition at line 242 of file certificate.c.

References ast_strdup, and stir_shaken_certificate::public_cert_url.

Referenced by stir_shaken_certificate_load().

{
   const struct stir_shaken_certificate *cfg = obj;

   *buf = ast_strdup(cfg->public_cert_url);

   return 0;
}

stir_shaken_certificate_alloc()

static void* stir_shaken_certificate_alloc ( const char *  name )

static

Definition at line 67 of file certificate.c.

References ao2_ref, ast_sorcery_generic_alloc(), ast_string_field_init, NULL, and stir_shaken_certificate_destructor().

Referenced by stir_shaken_certificate_load().

{
   struct stir_shaken_certificate *cfg;

   cfg = ast_sorcery_generic_alloc(sizeof(*cfg), stir_shaken_certificate_destructor);
   if (!cfg) {
      return NULL;
   }

   if (ast_string_field_init(cfg, 512)) {
      ao2_ref(cfg, -1);
      return NULL;
   }

   return cfg;
}

stir_shaken_certificate_apply()

static int stir_shaken_certificate_apply ( const struct ast_sorcery *  sorcery, void *  obj  )

static

Definition at line 111 of file certificate.c.

References ast_log, ast_strlen_zero, stir_shaken_certificate::attestation, stir_shaken_certificate::caller_id_number, LOG_ERROR, stir_shaken_certificate::path, stir_shaken_certificate::private_key, and stir_shaken_read_key().

Referenced by stir_shaken_certificate_load().

{
   EVP_PKEY *private_key;
   struct stir_shaken_certificate *cert = obj;

   if (ast_strlen_zero(cert->caller_id_number)) {
      ast_log(LOG_ERROR, "Caller ID must be present\n");
      return -1;
   }

   if (ast_strlen_zero(cert->attestation)) {
      ast_log(LOG_ERROR, "Attestation must be present\n");
      return -1;
   }

   private_key = stir_shaken_read_key(cert->path, 1);
   if (!private_key) {
      return -1;
   }

   cert->private_key = private_key;

   return 0;
}

stir_shaken_certificate_destructor()

static void stir_shaken_certificate_destructor ( void *  obj )

static

Definition at line 59 of file certificate.c.

References ast_string_field_free_memory, and stir_shaken_certificate::private_key.

Referenced by stir_shaken_certificate_alloc().

{
   struct stir_shaken_certificate *cfg = obj;

   EVP_PKEY_free(cfg->private_key);
   ast_string_field_free_memory(cfg);
}

stir_shaken_certificate_get()

static struct stir_shaken_certificate* stir_shaken_certificate_get ( const char *  id )

static

Definition at line 48 of file certificate.c.

References ast_sorcery_retrieve_by_id(), ast_stir_shaken_sorcery(), and CONFIG_TYPE.

Referenced by stir_shaken_certificate_show().

{
   return ast_sorcery_retrieve_by_id(ast_stir_shaken_sorcery(), CONFIG_TYPE, id);
}

stir_shaken_certificate_get_all()

static struct ao2_container* stir_shaken_certificate_get_all ( void  )

static

Definition at line 53 of file certificate.c.

References AST_RETRIEVE_FLAG_ALL, AST_RETRIEVE_FLAG_MULTIPLE, ast_sorcery_retrieve_by_fields(), ast_stir_shaken_sorcery(), CONFIG_TYPE, and NULL.

Referenced by stir_shaken_certificate_show(), and stir_shaken_certificate_show_all().

{
   return ast_sorcery_retrieve_by_fields(ast_stir_shaken_sorcery(), CONFIG_TYPE,
      AST_RETRIEVE_FLAG_MULTIPLE | AST_RETRIEVE_FLAG_ALL, NULL);
}

stir_shaken_certificate_get_attestation()

const char* stir_shaken_certificate_get_attestation

(

struct stir_shaken_certificate *

cert

)

Get the attestation level associated with a certificate.

Parameters

cert	The certificate

Return values

NULL	on failure
The	attestation on success

Definition at line 101 of file certificate.c.

References stir_shaken_certificate::attestation, and NULL.

Referenced by ast_stir_shaken_sign().

{
   return cert ? cert->attestation : NULL;
}

stir_shaken_certificate_get_by_caller_id_number()

struct stir_shaken_certificate* stir_shaken_certificate_get_by_caller_id_number

(

const char *

caller_id_number

)

Get a STIR/SHAKEN certificate by caller ID number.

Parameters

callier_id_number

The caller ID number

Return values

NULL	if not found
The	certificate on success

Definition at line 84 of file certificate.c.

References AST_RETRIEVE_FLAG_DEFAULT, ast_sorcery_retrieve_by_fields(), ast_stir_shaken_sorcery(), stir_shaken_certificate::caller_id_number, ast_variable::name, and NULL.

Referenced by ast_stir_shaken_sign(), and test_stir_shaken_cleanup_cert().

{
   struct ast_variable fields = {
      .name = "caller_id_number",
      .value = caller_id_number,
      .next = NULL,
   };

   return ast_sorcery_retrieve_by_fields(ast_stir_shaken_sorcery(),
      "certificate", AST_RETRIEVE_FLAG_DEFAULT, &fields);
}

stir_shaken_certificate_get_private_key()

EVP_PKEY* stir_shaken_certificate_get_private_key

(

struct stir_shaken_certificate *

cert

)

Get the private key associated with a certificate.

Parameters

cert	The certificate to get the private key from

Return values

NULL	on failure
The	private key on success

Definition at line 106 of file certificate.c.

References NULL, and stir_shaken_certificate::private_key.

Referenced by ast_stir_shaken_sign().

{
   return cert ? cert->private_key : NULL;
}

stir_shaken_certificate_get_public_cert_url()

const char* stir_shaken_certificate_get_public_cert_url

(

struct stir_shaken_certificate *

cert

)

Get the public key URL associated with a certificate.

Parameters

cert	The certificate to get the public key URL from

Return values

NULL	on failure
The	public key URL on success

Definition at line 96 of file certificate.c.

References NULL, and stir_shaken_certificate::public_cert_url.

Referenced by ast_stir_shaken_sign().

{
   return cert ? cert->public_cert_url : NULL;
}

stir_shaken_certificate_load()

int stir_shaken_certificate_load

(

void

)

Load time initialization for the stir/shaken 'certificate' configuration.

Return values

0	on success, -1 on error

Definition at line 355 of file certificate.c.

References ARRAY_LEN, ast_cli_register_multiple, ast_log, ast_sorcery_apply_default, ast_sorcery_object_field_register, ast_sorcery_object_field_register_custom, ast_sorcery_object_register, ast_stir_shaken_sorcery(), attestation_to_str(), stir_shaken_certificate::caller_id_number, CONFIG_TYPE, LOG_ERROR, NULL, on_load_attestation(), on_load_path(), on_load_public_cert_url(), OPT_NOOP_T, OPT_STRINGFIELD_T, path_to_str(), public_cert_url_to_str(), sorcery, stir_shaken_certificate_alloc(), stir_shaken_certificate_apply(), and STRFLDSET.

Referenced by load_module().

{
   struct ast_sorcery *sorcery = ast_stir_shaken_sorcery();

   ast_sorcery_apply_default(sorcery, CONFIG_TYPE, "config", "stir_shaken.conf,criteria=type=certificate");

   if (ast_sorcery_object_register(sorcery, CONFIG_TYPE, stir_shaken_certificate_alloc,
         NULL, stir_shaken_certificate_apply)) {
      ast_log(LOG_ERROR, "stir/shaken - failed to register '%s' sorcery object\n", CONFIG_TYPE);
      return -1;
   }

   ast_sorcery_object_field_register(sorcery, CONFIG_TYPE, "type", "", OPT_NOOP_T, 0, 0);
   ast_sorcery_object_field_register_custom(sorcery, CONFIG_TYPE, "path", "",
      on_load_path, path_to_str, NULL, 0, 0);
   ast_sorcery_object_field_register_custom(sorcery, CONFIG_TYPE, "public_cert_url", "",
      on_load_public_cert_url, public_cert_url_to_str, NULL, 0, 0);
   ast_sorcery_object_field_register_custom(sorcery, CONFIG_TYPE, "attestation", "",
      on_load_attestation, attestation_to_str, NULL, 0, 0);
   ast_sorcery_object_field_register(sorcery, CONFIG_TYPE, "caller_id_number", "", OPT_STRINGFIELD_T, 0, STRFLDSET(struct stir_shaken_certificate, caller_id_number));

   ast_cli_register_multiple(stir_shaken_certificate_cli,
      ARRAY_LEN(stir_shaken_certificate_cli));

   return 0;
}

stir_shaken_certificate_show()

static char* stir_shaken_certificate_show ( struct ast_cli_entry *  e, int  cmd, struct ast_cli_args *  a  )

static

Definition at line 136 of file certificate.c.

References ao2_cleanup, ast_cli_args::argc, ast_cli_args::argv, CLI_GENERATE, CLI_INIT, CLI_SHOWUSAGE, CLI_SUCCESS, ast_cli_entry::command, NULL, ast_cli_args::pos, stir_shaken_certificate_get(), stir_shaken_certificate_get_all(), stir_shaken_cli_show(), stir_shaken_tab_complete_name(), ast_cli_entry::usage, and ast_cli_args::word.

{
   struct stir_shaken_certificate *cfg;

   switch(cmd) {
   case CLI_INIT:
      e->command = "stir_shaken show certificate";
      e->usage =
         "Usage: stir_shaken show certificate <id>\n"
         "       Show the certificate stir/shaken settings for a given id\n";
      return NULL;
   case CLI_GENERATE:
      if (a->pos == 3) {
         return stir_shaken_tab_complete_name(a->word, stir_shaken_certificate_get_all());
      } else {
         return NULL;
      }
   }

   if (a->argc != 4) {
      return CLI_SHOWUSAGE;
   }

   cfg = stir_shaken_certificate_get(a->argv[3]);
   stir_shaken_cli_show(cfg, a, 0);
   ao2_cleanup(cfg);

   return CLI_SUCCESS;
}

stir_shaken_certificate_show_all()

static char* stir_shaken_certificate_show_all ( struct ast_cli_entry *  e, int  cmd, struct ast_cli_args *  a  )

static

Definition at line 166 of file certificate.c.

References ao2_callback, ao2_cleanup, ao2_container_count(), ao2_ref, ast_cli_args::argc, ast_cli(), CLI_GENERATE, CLI_INIT, CLI_SHOWUSAGE, CLI_SUCCESS, ast_cli_entry::command, container, ast_cli_args::fd, NULL, OBJ_NODATA, stir_shaken_certificate_get_all(), stir_shaken_cli_show(), and ast_cli_entry::usage.

{
   struct ao2_container *container;

   switch(cmd) {
   case CLI_INIT:
      e->command = "stir_shaken show certificates";
      e->usage =
         "Usage: stir_shaken show certificates\n"
         "       Show all configured certificates for stir/shaken\n";
      return NULL;
   case CLI_GENERATE:
      return NULL;
   }

   if (a->argc != 3) {
      return CLI_SHOWUSAGE;
   }

   container = stir_shaken_certificate_get_all();
   if (!container || ao2_container_count(container) == 0) {
      ast_cli(a->fd, "No stir/shaken certificates found\n");
      ao2_cleanup(container);
      return CLI_SUCCESS;
   }

   ao2_callback(container, OBJ_NODATA, stir_shaken_cli_show, a);
   ao2_ref(container, -1);

   return CLI_SUCCESS;
}

stir_shaken_certificate_unload()

int stir_shaken_certificate_unload

(

void

)

Unload time cleanup for the stir/shaken 'certificate' configuration.

Return values

0	on success, -1 on error

Definition at line 347 of file certificate.c.

References ARRAY_LEN, and ast_cli_unregister_multiple().

Referenced by unload_module().

{
   ast_cli_unregister_multiple(stir_shaken_certificate_cli,
      ARRAY_LEN(stir_shaken_certificate_cli));

   return 0;
}

test_stir_shaken_cleanup_cert()

int test_stir_shaken_cleanup_cert

(

const char *

caller_id_number

)

Definition at line 280 of file certificate.c.

References ao2_cleanup, ast_log, ast_sorcery_delete(), ast_sorcery_remove_wizard_mapping, ast_stir_shaken_sorcery(), CONFIG_TYPE, LOG_ERROR, sorcery, and stir_shaken_certificate_get_by_caller_id_number().

Referenced by AST_TEST_DEFINE(), and test_stir_shaken_create_cert().

{
   struct stir_shaken_certificate *cert;
   struct ast_sorcery *sorcery;
   int res = 0;

   sorcery = ast_stir_shaken_sorcery();

   cert = stir_shaken_certificate_get_by_caller_id_number(caller_id_number);
   if (!cert) {
      return 0;
   }

   res = ast_sorcery_delete(sorcery, cert);
   ao2_cleanup(cert);
   if (res) {
      ast_log(LOG_ERROR, "Failed to delete sorcery object with caller ID "
         "'%s'\n", caller_id_number);
      return -1;
   }

   res = ast_sorcery_remove_wizard_mapping(sorcery, CONFIG_TYPE, "memory");

   return res;
}

test_stir_shaken_create_cert()

int test_stir_shaken_create_cert	(	const char *	caller_id_number,
		const char *	file_path
	)

Definition at line 306 of file certificate.c.

References ast_log, ast_sorcery_alloc(), ast_sorcery_create(), ast_sorcery_insert_wizard_mapping, ast_stir_shaken_sorcery(), ast_string_field_set, CONFIG_TYPE, LOG_ERROR, stir_shaken_certificate::path, stir_shaken_certificate::private_key, stir_shaken_certificate::public_cert_url, sorcery, stir_shaken_read_key(), TEST_CONFIG_NAME, TEST_CONFIG_URL, and test_stir_shaken_cleanup_cert().

Referenced by AST_TEST_DEFINE().

{
   struct stir_shaken_certificate *cert;
   struct ast_sorcery *sorcery;
   EVP_PKEY *private_key;
   int res = 0;

   sorcery = ast_stir_shaken_sorcery();

   res = ast_sorcery_insert_wizard_mapping(sorcery, CONFIG_TYPE, "memory", "testing", 0, 0);
   if (res) {
      ast_log(LOG_ERROR, "Failed to insert STIR/SHAKEN test certificate mapping\n");
      return -1;
   }

   cert = ast_sorcery_alloc(sorcery, CONFIG_TYPE, TEST_CONFIG_NAME);
   if (!cert) {
      ast_log(LOG_ERROR, "Failed to allocate test certificate\n");
      return -1;
   }

   ast_string_field_set(cert, path, file_path);
   ast_string_field_set(cert, public_cert_url, TEST_CONFIG_URL);
   ast_string_field_set(cert, caller_id_number, caller_id_number);

   private_key = stir_shaken_read_key(cert->path, 1);
   if (!private_key) {
      ast_log(LOG_ERROR, "Failed to read test key from %s\n", cert->path);
      test_stir_shaken_cleanup_cert(caller_id_number);
      return -1;
   }

   cert->private_key = private_key;

   ast_sorcery_create(sorcery, cert);

   return res;
}

Variable Documentation

stir_shaken_certificate_cli

struct ast_cli_entry stir_shaken_certificate_cli[]

static

Initial value:

= {
   { .handler =  stir_shaken_certificate_show , .summary =  "Show stir/shaken certificate configuration by id" ,},
   { .handler =  stir_shaken_certificate_show_all , .summary =  "Show all stir/shaken certificate configurations" ,},
}

Definition at line 198 of file certificate.c.