Asterisk - The Open Source Telephony Project  18.5.0
crypto.h
Go to the documentation of this file.
1 /*
2  * Asterisk -- An open source telephony toolkit.
3  *
4  * Copyright (C) 1999 - 2010, Digium, Inc.
5  *
6  * Mark Spencer <[email protected]>
7  *
8  * See http://www.asterisk.org for more information about
9  * the Asterisk project. Please do not directly contact
10  * any of the maintainers of this project for assistance;
11  * the project provides a web site, mailing lists and IRC
12  * channels for your use.
13  *
14  * This program is free software, distributed under the terms of
15  * the GNU General Public License Version 2. See the LICENSE file
16  * at the top of the source tree.
17  */
18 
19 /*! \file
20  * \brief Provide cryptographic signature routines
21  */
22 
23 #ifndef _ASTERISK_CRYPTO_H
24 #define _ASTERISK_CRYPTO_H
25 
26 #if defined(__cplusplus) || defined(c_plusplus)
27 extern "C" {
28 #endif
29 
30 #include "asterisk/optional_api.h"
31 #include "asterisk/logger.h"
32 
33 #ifdef HAVE_CRYPTO
34 #include "openssl/aes.h"
35 typedef AES_KEY ast_aes_encrypt_key;
36 typedef AES_KEY ast_aes_decrypt_key;
37 #else /* !HAVE_CRYPTO */
38 typedef char ast_aes_encrypt_key;
39 typedef char ast_aes_decrypt_key;
40 #endif /* HAVE_CRYPTO */
41 
42 #define AST_KEY_PUBLIC (1 << 0)
43 #define AST_KEY_PRIVATE (1 << 1)
44 
45 struct ast_key;
46 
47 /*!
48  * \brief Retrieve a key
49  * \param key Name of the key we are retrieving
50  * \param type Intger type of key (AST_KEY_PUBLIC or AST_KEY_PRIVATE)
51  *
52  * \retval the key on success.
53  * \retval NULL on failure.
54  */
55 AST_OPTIONAL_API(struct ast_key *, ast_key_get, (const char *key, int type), { return NULL; });
56 
57 /*!
58  * \brief Check the authenticity of a message signature using a given public key
59  * \param key a public key to use to verify
60  * \param msg the message that has been signed
61  * \param sig the proposed valid signature in mime64-like encoding
62  *
63  * \retval 0 if the signature is valid.
64  * \retval -1 otherwise.
65  *
66  */
67 AST_OPTIONAL_API(int, ast_check_signature, (struct ast_key *key, const char *msg, const char *sig), { return -1; });
68 
69 /*!
70  * \brief Check the authenticity of a message signature using a given public key
71  * \param key a public key to use to verify
72  * \param msg the message that has been signed
73  * \param msglen
74  * \param sig the proposed valid signature in raw binary representation
75  *
76  * \retval 0 if the signature is valid.
77  * \retval -1 otherwise.
78  *
79  */
80 AST_OPTIONAL_API(int, ast_check_signature_bin, (struct ast_key *key, const char *msg, int msglen, const unsigned char *sig), { return -1; });
81 
82 /*!
83  * \brief Sign a message signature using a given private key
84  * \param key a private key to use to create the signature
85  * \param msg the message to sign
86  * \param sig a pointer to a buffer of at least 256 bytes in which the
87  * mime64-like encoded signature will be stored
88  *
89  * \retval 0 on success.
90  * \retval -1 on failure.
91  *
92  */
93 AST_OPTIONAL_API(int, ast_sign, (struct ast_key *key, char *msg, char *sig), { return -1; });
94 
95 /*!
96  * \brief Sign a message signature using a given private key
97  * \param key a private key to use to create the signature
98  * \param msg the message to sign
99  * \param msglen
100  * \param sig a pointer to a buffer of at least 128 bytes in which the
101  * raw encoded signature will be stored
102  *
103  * \retval 0 on success.
104  * \retval -1 on failure.
105  *
106  */
107 AST_OPTIONAL_API(int, ast_sign_bin, (struct ast_key *key, const char *msg, int msglen, unsigned char *sig), { return -1; });
108 
109 /*!
110  * \brief Encrypt a message using a given private key
111  * \param key a private key to use to encrypt
112  * \param src the message to encrypt
113  * \param srclen the length of the message to encrypt
114  * \param dst a pointer to a buffer of at least srclen * 1.5 bytes in which the encrypted
115  * answer will be stored
116  *
117  * \retval length of encrypted data on success.
118  * \retval -1 on failure.
119  *
120  */
121 AST_OPTIONAL_API(int, ast_encrypt_bin, (unsigned char *dst, const unsigned char *src, int srclen, struct ast_key *key), { return -1; });
122 
123 /*!
124  * \brief Decrypt a message using a given private key
125  * \param key a private key to use to decrypt
126  * \param src the message to decrypt
127  * \param srclen the length of the message to decrypt
128  * \param dst a pointer to a buffer of at least srclen bytes in which the decrypted
129  * answer will be stored
130  *
131  * \retval length of dencrypted data on success.
132  * \retval -1 on failure.
133  *
134  */
135 AST_OPTIONAL_API(int, ast_decrypt_bin, (unsigned char *dst, const unsigned char *src, int srclen, struct ast_key *key), { return -1; });
136 
137 /*!
138  * \brief Set an encryption key
139  * \param key a 16 char key
140  * \param ctx address of an aes encryption context
141  *
142  * \retval 0 success
143  * \retval nonzero failure
144  */
146  (const unsigned char *key, ast_aes_encrypt_key *ctx),
147  { ast_log(LOG_WARNING, "AES encryption disabled. Install OpenSSL.\n"); return -1; });
148 
149 /*!
150  * \brief Set a decryption key
151  * \param key a 16 char key
152  * \param ctx address of an aes encryption context
153  *
154  * \retval 0 success
155  * \retval nonzero failure
156  */
158  (const unsigned char *key, ast_aes_decrypt_key *ctx),
159  { ast_log(LOG_WARNING, "AES encryption disabled. Install OpenSSL.\n"); return -1; });
160 
161 /*!
162  * \brief AES encrypt data
163  * \param in data to be encrypted
164  * \param out pointer to a buffer to hold the encrypted output
165  * \param ctx address of an aes encryption context filled in with ast_aes_set_encrypt_key
166  */
168  (const unsigned char *in, unsigned char *out, const ast_aes_encrypt_key *ctx),
169  { ast_log(LOG_WARNING, "AES encryption disabled. Install OpenSSL.\n");return; });
170 
171 /*!
172  * \brief AES decrypt data
173  * \param in encrypted data
174  * \param out pointer to a buffer to hold the decrypted output
175  * \param ctx address of an aes encryption context filled in with ast_aes_set_decrypt_key
176  */
178  (const unsigned char *in, unsigned char *out, const ast_aes_decrypt_key *ctx),
179  { ast_log(LOG_WARNING, "AES encryption disabled. Install OpenSSL.\n");return; });
180 
181 AST_OPTIONAL_API(int, ast_crypto_loaded, (void), { return 0; });
182 
183 #if defined(__cplusplus) || defined(c_plusplus)
184 }
185 #endif
186 
187 #endif /* _ASTERISK_CRYPTO_H */
static const char type[]
Definition: chan_ooh323.c:109
Optional API function macros.
#define LOG_WARNING
Definition: logger.h:274
#define AST_OPTIONAL_API(result, name, proto, stub)
Declare an optional API function.
Definition: optional_api.h:230
#define NULL
Definition: resample.c:96
int AST_OPTIONAL_API_NAME() ast_check_signature(struct ast_key *key, const char *msg, const char *sig)
base64 decode then sent to __ast_check_signature_bin
Definition: res_crypto.c:445
AES_KEY ast_aes_encrypt_key
Definition: crypto.h:35
#define ast_log
Definition: astobj2.c:42
FILE * in
Definition: utils/frame.c:33
int AST_OPTIONAL_API_NAME() ast_crypto_loaded(void)
Definition: res_crypto.c:461
void AST_OPTIONAL_API_NAME() ast_aes_encrypt(const unsigned char *in, unsigned char *out, const ast_aes_encrypt_key *ctx)
Definition: res_crypto.c:476
int AST_OPTIONAL_API_NAME() ast_sign(struct ast_key *key, char *msg, char *sig)
wrapper for __ast_sign_bin then base64 encode it
Definition: res_crypto.c:399
int AST_OPTIONAL_API_NAME() ast_encrypt_bin(unsigned char *dst, const unsigned char *src, int srclen, struct ast_key *key)
encrypt a message
Definition: res_crypto.c:368
AES_KEY ast_aes_decrypt_key
Definition: crypto.h:36
int AST_OPTIONAL_API_NAME() ast_sign_bin(struct ast_key *key, const char *msg, int msglen, unsigned char *dsig)
signs outgoing message with public key
Definition: res_crypto.c:304
int AST_OPTIONAL_API_NAME() ast_check_signature_bin(struct ast_key *key, const char *msg, int msglen, const unsigned char *dsig)
check signature of a message
Definition: res_crypto.c:416
Support for logging to various files, console and syslog Configuration in file logger.conf.
FILE * out
Definition: utils/frame.c:33
int AST_OPTIONAL_API_NAME() ast_aes_set_encrypt_key(const unsigned char *key, ast_aes_encrypt_key *ctx)
Definition: res_crypto.c:466
struct ast_key *AST_OPTIONAL_API_NAME() ast_key_get(const char *kname, int ktype)
return the ast_key structure for name
Definition: res_crypto.c:141
int AST_OPTIONAL_API_NAME() ast_aes_set_decrypt_key(const unsigned char *key, ast_aes_decrypt_key *ctx)
Definition: res_crypto.c:471
void AST_OPTIONAL_API_NAME() ast_aes_decrypt(const unsigned char *in, unsigned char *out, const ast_aes_decrypt_key *ctx)
Definition: res_crypto.c:481
int AST_OPTIONAL_API_NAME() ast_decrypt_bin(unsigned char *dst, const unsigned char *src, int srclen, struct ast_key *key)
decrypt a message
Definition: res_crypto.c:336