Asterisk - The Open Source Telephony Project
21.4.1
|
Provide Cryptographic Signature capability. More...
#include "asterisk.h"
#include <dirent.h>
#include <sys/stat.h>
#include <openssl/err.h>
#include <openssl/ssl.h>
#include <openssl/evp.h>
#include <openssl/md5.h>
#include <openssl/sha.h>
#include "asterisk/cli.h"
#include "asterisk/compat.h"
#include "asterisk/io.h"
#include "asterisk/linkedlists.h"
#include "asterisk/logger.h"
#include "asterisk/md5.h"
#include "asterisk/module.h"
#include "asterisk/options.h"
#include "asterisk/paths.h"
#include "asterisk/utils.h"
#include "asterisk/file.h"
#include "asterisk/crypto.h"
Go to the source code of this file.
Data Structures | |
struct | ast_key |
struct | crypto_load_on_file |
struct | keys |
Functions | |
static void | __reg_module (void) |
static void | __unreg_module (void) |
int AST_OPTIONAL_API_NAME() | ast_aes_decrypt (const unsigned char *in, unsigned char *out, const ast_aes_decrypt_key *key) |
int AST_OPTIONAL_API_NAME() | ast_aes_encrypt (const unsigned char *in, unsigned char *out, const ast_aes_encrypt_key *key) |
int AST_OPTIONAL_API_NAME() | ast_aes_set_decrypt_key (const unsigned char *key, ast_aes_decrypt_key *ctx) |
int AST_OPTIONAL_API_NAME() | ast_aes_set_encrypt_key (const unsigned char *key, ast_aes_encrypt_key *ctx) |
int AST_OPTIONAL_API_NAME() | ast_check_signature (struct ast_key *key, const char *msg, const char *sig) |
base64 decode then sent to __ast_check_signature_bin More... | |
int AST_OPTIONAL_API_NAME() | ast_check_signature_bin (struct ast_key *key, const char *msg, int msglen, const unsigned char *dsig) |
check signature of a message More... | |
int AST_OPTIONAL_API_NAME() | ast_crypto_loaded (void) |
int AST_OPTIONAL_API_NAME() | ast_crypto_reload (void) |
int AST_OPTIONAL_API_NAME() | ast_decrypt_bin (unsigned char *dst, const unsigned char *src, int srclen, struct ast_key *key) |
decrypt a message More... | |
int AST_OPTIONAL_API_NAME() | ast_encrypt_bin (unsigned char *dst, const unsigned char *src, int srclen, struct ast_key *key) |
encrypt a message More... | |
struct ast_key *AST_OPTIONAL_API_NAME() | ast_key_get (const char *kname, int ktype) |
return the ast_key structure for name More... | |
struct ast_module * | AST_MODULE_SELF_SYM (void) |
int AST_OPTIONAL_API_NAME() | ast_sign (struct ast_key *key, char *msg, char *sig) |
wrapper for __ast_sign_bin then base64 encode it More... | |
int AST_OPTIONAL_API_NAME() | ast_sign_bin (struct ast_key *key, const char *msg, int msglen, unsigned char *dsig) |
signs outgoing message with public key More... | |
static int | crypto_init (void) |
initialise the res_crypto module | |
static void | crypto_load (int ifd, int ofd) |
refresh RSA keys from file More... | |
static int | crypto_load_cb (const char *directory, const char *file, void *obj) |
static int | evp_cipher_aes_decrypt (const unsigned char *in, unsigned char *out, unsigned inlen, const ast_aes_decrypt_key *key) |
static int | evp_cipher_aes_encrypt (const unsigned char *in, unsigned char *out, unsigned inlen, const ast_aes_encrypt_key *key) |
static int | evp_pkey_decrypt (EVP_PKEY *pkey, const unsigned char *in, unsigned inlen, unsigned char *out, unsigned *outlen, unsigned padding) |
static int | evp_pkey_encrypt (EVP_PKEY *pkey, const unsigned char *in, unsigned inlen, unsigned char *out, unsigned *outlen, unsigned padding) |
static int | evp_pkey_sign (EVP_PKEY *pkey, const unsigned char *in, unsigned inlen, unsigned char *sig, unsigned *siglen, unsigned padding) |
static int | evp_pkey_verify (EVP_PKEY *pkey, const unsigned char *in, unsigned inlen, const unsigned char *sig, unsigned siglen, unsigned padding) |
static char * | handle_cli_keys_init (struct ast_cli_entry *e, int cmd, struct ast_cli_args *a) |
initialize all RSA keys More... | |
static char * | handle_cli_keys_show (struct ast_cli_entry *e, int cmd, struct ast_cli_args *a) |
show the list of RSA keys More... | |
static int | load_module (void) |
static void | md52sum (char *sum, unsigned char *md5) |
static int | pw_cb (char *buf, int size, int rwflag, void *userdata) |
setting of priv key More... | |
static int | reload (void) |
static struct ast_key * | try_load_key (const char *dir, const char *fname, int ifd, int ofd, int *not2) |
load RSA key from file More... | |
static int | unload_module (void) |
Variables | |
static struct ast_module_info | __mod_info = { .name = AST_MODULE, .flags = AST_MODFLAG_GLOBAL_SYMBOLS | AST_MODFLAG_LOAD_ORDER , .description = "Cryptographic Digital Signatures" , .key = "This paragraph is copyright (c) 2006 by Digium, Inc. \In order for your module to load, it must return this \key via a function called \"key\". Any code which \includes this paragraph must be licensed under the GNU \General Public License version 2 or later (at your \option). In addition to Digium's general reservations \of rights, Digium expressly reserves the right to \allow other parties to license this paragraph under \different terms. Any use of Digium, Inc. trademarks or \logos (including \"Asterisk\" or \"Digium\") without \express written permission of Digium, Inc. is prohibited.\n" , .buildopt_sum = "da6642af068ee5e6490c5b1d2cc1d238" , } |
static struct ast_cli_entry | cli_crypto [] |
static struct keys | keys = { .first = NULL, .last = NULL, .lock = { PTHREAD_RWLOCK_INITIALIZER , NULL, {1, 0} } , } |
Provide Cryptographic Signature capability.
Uses the OpenSSL library, available at http://www.openssl.org/
Definition in file res_crypto.c.
int AST_OPTIONAL_API_NAME() ast_check_signature | ( | struct ast_key * | key, |
const char * | msg, | ||
const char * | sig | ||
) |
base64 decode then sent to __ast_check_signature_bin
Definition at line 673 of file res_crypto.c.
References ast_base64decode(), and ast_check_signature_bin().
Referenced by register_verify().
int AST_OPTIONAL_API_NAME() ast_check_signature_bin | ( | struct ast_key * | key, |
const char * | msg, | ||
int | msglen, | ||
const unsigned char * | dsig | ||
) |
check signature of a message
Definition at line 634 of file res_crypto.c.
References ast_debug, ast_key::ktype, ast_key::name, and ast_key::pkey.
Referenced by ast_check_signature().
int AST_OPTIONAL_API_NAME() ast_decrypt_bin | ( | unsigned char * | dst, |
const unsigned char * | src, | ||
int | srclen, | ||
struct ast_key * | key | ||
) |
decrypt a message
Definition at line 472 of file res_crypto.c.
References ast_key::ktype, and ast_key::pkey.
int AST_OPTIONAL_API_NAME() ast_encrypt_bin | ( | unsigned char * | dst, |
const unsigned char * | src, | ||
int | srclen, | ||
struct ast_key * | key | ||
) |
encrypt a message
Definition at line 549 of file res_crypto.c.
References ast_key::ktype, and ast_key::pkey.
struct ast_key* AST_OPTIONAL_API_NAME() ast_key_get | ( | const char * | kname, |
int | ktype | ||
) |
return the ast_key structure for name
Definition at line 149 of file res_crypto.c.
References AST_RWLIST_RDLOCK, AST_RWLIST_UNLOCK, ast_key::ktype, and ast_key::name.
Referenced by register_verify().
int AST_OPTIONAL_API_NAME() ast_sign | ( | struct ast_key * | key, |
char * | msg, | ||
char * | sig | ||
) |
wrapper for __ast_sign_bin then base64 encode it
Definition at line 584 of file res_crypto.c.
References ast_base64encode(), and ast_sign_bin().
int AST_OPTIONAL_API_NAME() ast_sign_bin | ( | struct ast_key * | key, |
const char * | msg, | ||
int | msglen, | ||
unsigned char * | dsig | ||
) |
signs outgoing message with public key
Definition at line 390 of file res_crypto.c.
References ast_key::ktype, ast_key::name, and ast_key::pkey.
Referenced by ast_sign().
|
static |
refresh RSA keys from file
ifd | file descriptor |
ofd | file descriptor |
Definition at line 819 of file res_crypto.c.
References ast_debug, ast_file_read_dirs(), AST_RWLIST_UNLOCK, AST_RWLIST_WRLOCK, ast_key::delme, ast_key::ktype, ast_key::name, and ast_key::pkey.
|
static |
initialize all RSA keys
e | CLI command |
cmd | |
a | list of CLI arguments |
CLI_SUCCESS |
Definition at line 916 of file res_crypto.c.
References ast_copy_string(), AST_RWLIST_UNLOCK, AST_RWLIST_WRLOCK, ast_cli_entry::command, ast_key::fn, ast_key::ktype, try_load_key(), and ast_cli_entry::usage.
|
static |
show the list of RSA keys
e | CLI command |
cmd | |
a | list of CLI arguments |
CLI_SUCCESS |
Definition at line 870 of file res_crypto.c.
References AST_RWLIST_RDLOCK, AST_RWLIST_UNLOCK, ast_cli_entry::command, ast_key::digest, ast_key::ktype, ast_key::name, and ast_cli_entry::usage.
|
static |
setting of priv key
buf | |
size | |
rwflag | |
userdata |
Definition at line 112 of file res_crypto.c.
References ast_hide_password(), ast_restore_tty(), ast_key::infd, ast_key::ktype, ast_key::name, and ast_key::outfd.
Referenced by try_load_key().
|
static |
load RSA key from file
dir | directory string |
fname | name of file |
ifd | incoming file descriptor |
ofd | outgoing file descriptor |
not2 |
NULL | on failure. |
Definition at line 175 of file res_crypto.c.
References ast_calloc, ast_copy_string(), ast_debug, ast_key::delme, ast_key::digest, ast_key::fn, ast_key::infd, ast_key::ktype, ast_key::name, ast_key::outfd, ast_key::pkey, and pw_cb().
Referenced by handle_cli_keys_init().
|
static |
Definition at line 953 of file res_crypto.c.