kenmirrors/asterisk
1
0
Fork 0
mirror of https://github.com/asterisk/asterisk.git synced 2025-09-03 11:25:35 +00:00
Code Issues Packages Projects Releases Wiki Activity

res_crypto: Use EVP API's instead of legacy API's

Browse Source 
ASTERISK-30046 #close

Change-Id: I5c738756de75fd27ebad54be144c0ac6193f21b2
This commit is contained in:
Philip Prindeville
2022-03-24 13:22:05 -06:00
committed by George Joseph
parent f82ec339fc
commit b1cf0e0069
4 changed files with 352 additions and 78 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
include/asterisk/crypto.h
View File

@@ -30,26 +30,22 @@ extern "C" {
#include "asterisk/optional_api.h"
#include "asterisk/logger.h"
#ifdef HAVE_CRYPTO
#include "openssl/aes.h"
typedef AES_KEY ast_aes_encrypt_key;
typedef AES_KEY ast_aes_decrypt_key;
#else /* !HAVE_CRYPTO */
typedef char ast_aes_encrypt_key;
typedef char ast_aes_decrypt_key;
#endif /* HAVE_CRYPTO */
/* We previously used the key length explicitly; replace with constant.
* For now, Asterisk is limited to 1024 bit (128 byte) RSA keys.
*/
#define AST_CRYPTO_RSA_KEY_BITS 1024
#define AST_CRYPTO_AES_BLOCKSIZE 128
struct aes_key {
unsigned char raw[AST_CRYPTO_AES_BLOCKSIZE / 8];
};
typedef struct aes_key ast_aes_encrypt_key;
typedef struct aes_key ast_aes_decrypt_key;
#define AST_KEY_PUBLIC (1 << 0)
#define AST_KEY_PRIVATE (1 << 1)
struct ast_key;
/*!
* \brief Retrieve a key
* \param kname Name of the key we are retrieving
@@ -169,20 +165,24 @@ AST_OPTIONAL_API(int, ast_aes_set_decrypt_key,
* \param in data to be encrypted
* \param out pointer to a buffer to hold the encrypted output
* \param ctx address of an aes encryption context filled in with ast_aes_set_encrypt_key
* \retval <= 0 failure
* \retval otherwise number of bytes in output buffer
*/
AST_OPTIONAL_API(void, ast_aes_encrypt,
(const unsigned char *in, unsigned char *out, const ast_aes_encrypt_key *ctx),
{ ast_log(LOG_WARNING, "AES encryption disabled. Install OpenSSL.\n");return; });
AST_OPTIONAL_API(int, ast_aes_encrypt,
(const unsigned char *in, unsigned char *out, const ast_aes_encrypt_key *key),
{ ast_log(LOG_WARNING, "AES encryption disabled. Install OpenSSL.\n");return -1; });
/*!
* \brief AES decrypt data
* \param in encrypted data
* \param out pointer to a buffer to hold the decrypted output
* \param ctx address of an aes encryption context filled in with ast_aes_set_decrypt_key
* \retval <= 0 failure
* \retval otherwise number of bytes in output buffer
*/
AST_OPTIONAL_API(void, ast_aes_decrypt,
(const unsigned char *in, unsigned char *out, const ast_aes_decrypt_key *ctx),
{ ast_log(LOG_WARNING, "AES encryption disabled. Install OpenSSL.\n");return; });
AST_OPTIONAL_API(int, ast_aes_decrypt,
(const unsigned char *in, unsigned char *out, const ast_aes_decrypt_key *key),
{ ast_log(LOG_WARNING, "AES encryption disabled. Install OpenSSL.\n");return -1; });
AST_OPTIONAL_API(int, ast_crypto_loaded, (void), { return 0; });