Remove built-in AES code and use optional_api instead

Review: https://reviewboard.asterisk.org/r/793/ git-svn-id: http://svn.digium.com/svn/asterisk/trunk@278538 f38db490-d61c-443f-a65b-d21fe96a405b
author: twilson <twilson@f38db490-d61c-443f-a65b-d21fe96a405b> 2010-07-21 19:11:32 +0000
committer: twilson <twilson@f38db490-d61c-443f-a65b-d21fe96a405b> 2010-07-21 19:11:32 +0000
commit: 15f42844eff69ae1f2576497c2653a7423f42395 (patch)
tree: 702c8203da791c3e168d1a0ef5d07dbafea3dd54 /include/asterisk
parent: fe09035019d8f513addec09466170dfc180a1de3 (diff)
3 files changed, 54 insertions, 238 deletions
diff --git a/include/asterisk/aes.h b/include/asterisk/aes.h
deleted file mode 100644
index 2476aaa55..000000000
--- a/include/asterisk/aes.h
+++ /dev/null
@@ -1,68 +0,0 @@
-/*
- * Asterisk -- An open source telephony toolkit.
- *
- * Copyright (C) 20075, Digium, Inc.
- *
- * Kevin P. Fleming <kpfleming@digium.com>
- *
- * See http://www.asterisk.org for more information about
- * the Asterisk project. Please do not directly contact
- * any of the maintainers of this project for assistance;
- * the project provides a web site, mailing lists and IRC
- * channels for your use.
- *
- * This program is free software, distributed under the terms of
- * the GNU General Public License Version 2. See the LICENSE file
- * at the top of the source tree.
- */
-
-/*! \file
- * Wrappers for AES encryption/decryption
- *
- * \author Kevin P. Fleming <kpfleming@digium.com>
- *
- * These wrappers provided a generic interface to either the
- * AES methods provided by OpenSSL's crypto library, or the
- * AES implementation included with Asterisk.
- */
-
-#ifndef _ASTERISK_AES_H
-#define _ASTERISK_AES_H
-
-#ifdef HAVE_CRYPTO
-
-/* Use the OpenSSL crypto library */
-#include "openssl/aes.h"
-
-typedef AES_KEY ast_aes_encrypt_key;
-typedef AES_KEY ast_aes_decrypt_key;
-
-#define ast_aes_encrypt_key(key, context) AES_set_encrypt_key(key, 128, context)
-
-#define ast_aes_decrypt_key(key, context) AES_set_decrypt_key(key, 128, context)
-
-#define ast_aes_encrypt(in, out, context) AES_encrypt(in, out, context)
-
-#define ast_aes_decrypt(in, out, context) AES_decrypt(in, out, context)
-
-#else /* !HAVE_CRYPTO */
-
-/* Use the included AES implementation */
-
-#define AES_128
-#include "aes_internal.h"
-
-typedef aes_encrypt_ctx ast_aes_encrypt_key;
-typedef aes_decrypt_ctx ast_aes_decrypt_key;
-
-#define ast_aes_encrypt_key(key, context) aes_encrypt_key128(key, context)
-
-#define ast_aes_decrypt_key(key, context) aes_decrypt_key128(key, context)
-
-#define ast_aes_encrypt(in, out, context) aes_encrypt(in, out, context)
-
-#define ast_aes_decrypt(in, out, context) aes_decrypt(in, out, context)
-
-#endif /* !HAVE_CRYPTO */
-
-#endif /* _ASTERISK_AES_H */
diff --git a/include/asterisk/aes_internal.h b/include/asterisk/aes_internal.h
deleted file mode 100644
index 18c27a6d4..000000000
--- a/include/asterisk/aes_internal.h
+++ /dev/null
@@ -1,170 +0,0 @@
-/*
- * Asterisk -- An open source telephony toolkit.
- *
- * See http://www.asterisk.org for more information about
- * the Asterisk project. Please do not directly contact
- * any of the maintainers of this project for assistance;
- * the project provides a web site, mailing lists and IRC
- * channels for your use.
- */
-
-/*
- ---------------------------------------------------------------------------
- Copyright (c) 2003, Dr Brian Gladman <brg@gladman.me.uk>, Worcester, UK.
- All rights reserved.
-
- LICENSE TERMS
-
- The free distribution and use of this software in both source and binary
- form is allowed (with or without changes) provided that:
-
-   1. distributions of this source code include the above copyright
-      notice, this list of conditions and the following disclaimer;
-
-   2. distributions in binary form include the above copyright
-      notice, this list of conditions and the following disclaimer
-      in the documentation and/or other associated materials;
-
-   3. the copyright holder's name is not used to endorse products
-      built using this software without specific written permission.
-
- ALTERNATIVELY, provided that this notice is retained in full, this product
- may be distributed under the terms of the GNU General Public License (GPL),
- in which case the provisions of the GPL apply INSTEAD OF those given above.
-
- DISCLAIMER
-
- This software is provided 'as is' with no explicit or implied warranties
- in respect of its properties, including, but not limited to, correctness
- and/or fitness for purpose.
- ---------------------------------------------------------------------------
- Issue Date: 26/08/2003
-*/
-/*!\file
-
- \brief This file contains the definitions required to use AES in C. See aesopt.h
- for optimisation details.
-*/
-
-#ifndef _AES_INTERNAL_H
-#define _AES_INTERNAL_H
-
-/*  This include is used to find 8 & 32 bit unsigned integer types  */
-#include "limits.h"
-
-#if defined(__cplusplus)
-extern "C"
-{
-#endif
-
-#define AES_128     /* define if AES with 128 bit keys is needed    */
-#undef AES_192     /* define if AES with 192 bit keys is needed    */
-#undef AES_256     /* define if AES with 256 bit keys is needed    */
-#undef AES_VAR     /* define if a variable key size is needed      */
-
-/* The following must also be set in assembler files if being used  */
-
-#define AES_ENCRYPT /* if support for encryption is needed          */
-#define AES_DECRYPT /* if support for decryption is needed          */
-#define AES_ERR_CHK /* for parameter checks & error return codes    */
-
-#if UCHAR_MAX == 0xff                   /* an unsigned 8 bit type   */
-  typedef unsigned char      aes_08t;
-#else
-#error Please define aes_08t as an 8-bit unsigned integer type in aes.h
-#endif
-
-#if UINT_MAX == 0xffffffff              /* an unsigned 32 bit type  */
-  typedef   unsigned int     aes_32t;
-#elif ULONG_MAX == 0xffffffff
-  typedef   unsigned long    aes_32t;
-#else
-#error Please define aes_32t as a 32-bit unsigned integer type in aes.h
-#endif
-
-#define AES_BLOCK_SIZE  16  /* the AES block size in bytes          */
-#define N_COLS           4  /* the number of columns in the state   */
-
-/* a maximum of 60 32-bit words are needed for the key schedule but */
-/* 64 are claimed to allow space at the top for a CBC xor buffer.   */
-/* If this is not needed, this value can be reduced to 60. A value  */
-/* of 64 may also help in maintaining alignment in some situations  */
-#define KS_LENGTH       64
-
-#ifdef  AES_ERR_CHK
-#define aes_ret     int
-#define aes_good    0
-#define aes_error  -1
-#else
-#define aes_ret     void
-#endif
-
-#ifndef AES_DLL                 /* implement normal/DLL functions   */
-#define aes_rval    aes_ret
-#else
-#define aes_rval    aes_ret __declspec(dllexport) _stdcall
-#endif
-
-/* This routine must be called before first use if non-static       */
-/* tables are being used                                            */
-
-void gen_tabs(void);
-
-/* The key length (klen) is input in bytes when it is in the range  */
-/* 16 <= klen <= 32 or in bits when in the range 128 <= klen <= 256 */
-
-#ifdef  AES_ENCRYPT
-
-typedef struct  
-{   aes_32t ks[KS_LENGTH];
-} aes_encrypt_ctx;
-
-#if defined(AES_128) || defined(AES_VAR)
-aes_rval aes_encrypt_key128(const void *in_key, aes_encrypt_ctx cx[1]);
-#endif
-
-#if defined(AES_192) || defined(AES_VAR)
-aes_rval aes_encrypt_key192(const void *in_key, aes_encrypt_ctx cx[1]);
-#endif
-
-#if defined(AES_256) || defined(AES_VAR)
-aes_rval aes_encrypt_key256(const void *in_key, aes_encrypt_ctx cx[1]);
-#endif
-
-#if defined(AES_VAR)
-aes_rval aes_encrypt_key(const void *in_key, int key_len, aes_encrypt_ctx cx[1]);
-#endif
-
-aes_rval aes_encrypt(const void *in_blk, void *out_blk, const aes_encrypt_ctx cx[1]);
-#endif
-
-#ifdef AES_DECRYPT
-
-typedef struct  
-{   aes_32t ks[KS_LENGTH];
-} aes_decrypt_ctx;
-
-#if defined(AES_128) || defined(AES_VAR)
-aes_rval aes_decrypt_key128(const void *in_key, aes_decrypt_ctx cx[1]);
-#endif
-
-#if defined(AES_192) || defined(AES_VAR)
-aes_rval aes_decrypt_key192(const void *in_key, aes_decrypt_ctx cx[1]);
-#endif
-
-#if defined(AES_256) || defined(AES_VAR)
-aes_rval aes_decrypt_key256(const void *in_key, aes_decrypt_ctx cx[1]);
-#endif
-
-#if defined(AES_VAR)
-aes_rval aes_decrypt_key(const void *in_key, int key_len, aes_decrypt_ctx cx[1]);
-#endif
-
-aes_rval aes_decrypt(const void *in_blk, void *out_blk, const aes_decrypt_ctx cx[1]);
-#endif
-
-#if defined(__cplusplus)
-}
-#endif
-
-#endif
diff --git a/include/asterisk/crypto.h b/include/asterisk/crypto.h
index c84728618..1f87811f4 100644
--- a/include/asterisk/crypto.h
+++ b/include/asterisk/crypto.h
@@ -28,6 +28,16 @@ extern "C" {
 #endif
 
 #include "asterisk/optional_api.h"
+#include "asterisk/logger.h"
+
+#ifdef HAVE_CRYPTO
+#include "openssl/aes.h"
+typedef AES_KEY ast_aes_encrypt_key;
+typedef AES_KEY ast_aes_decrypt_key;
+#else /* !HAVE_CRYPTO */
+typedef char ast_aes_encrypt_key;
+typedef char ast_aes_decrypt_key;
+#endif /* HAVE_CRYPTO */
 
 #define AST_KEY_PUBLIC	(1 << 0)
 #define AST_KEY_PRIVATE	(1 << 1)
@@ -122,6 +132,50 @@ AST_OPTIONAL_API(int, ast_encrypt_bin, (unsigned char *dst, const unsigned char
  */
 AST_OPTIONAL_API(int, ast_decrypt_bin, (unsigned char *dst, const unsigned char *src, int srclen, struct ast_key *key), { return -1; });
 
+/*!
+ * \brief Set an encryption key
+ * \param key a 16 char key
+ * \param ctx address of an aes encryption context
+ *
+ * \retval 0 success
+ * \retval nonzero failure
+ */
+AST_OPTIONAL_API(int, ast_aes_set_encrypt_key,
+	(const unsigned char *key, ast_aes_encrypt_key *ctx),
+	{ ast_log(LOG_WARNING, "AES encryption disabled. Install OpenSSL.\n"); return -1; });
+
+/*!
+ * \brief Set a decryption key
+ * \param key a 16 char key
+ * \param ctx address of an aes encryption context
+ *
+ * \retval 0 success
+ * \retval nonzero failure
+ */
+AST_OPTIONAL_API(int, ast_aes_set_decrypt_key,
+	(const unsigned char *key, ast_aes_decrypt_key *ctx),
+	{ ast_log(LOG_WARNING, "AES encryption disabled. Install OpenSSL.\n"); return -1; });
+
+/*!
+ * \brief AES encrypt data
+ * \param in data to be encrypted
+ * \param out pointer to a buffer to hold the encrypted output
+ * \param ctx address of an aes encryption context filled in with ast_aes_set_encrypt_key
+ */
+AST_OPTIONAL_API(void, ast_aes_encrypt,
+	(const unsigned char *in, unsigned char *out, const ast_aes_encrypt_key *ctx),
+	{ ast_log(LOG_WARNING, "AES encryption disabled. Install OpenSSL.\n");return; });
+
+/*!
+ * \brief AES decrypt data
+ * \param in encrypted data
+ * \param out pointer to a buffer to hold the decrypted output
+ * \param ctx address of an aes encryption context filled in with ast_aes_set_decrypt_key
+ */
+AST_OPTIONAL_API(void, ast_aes_decrypt,
+	(const unsigned char *in, unsigned char *out, const ast_aes_decrypt_key *ctx),
+	{ ast_log(LOG_WARNING, "AES encryption disabled. Install OpenSSL.\n");return; });
+
 AST_OPTIONAL_API(int, ast_crypto_loaded, (void), { return 0; });
 
 #if defined(__cplusplus) || defined(c_plusplus)
author	twilson <twilson@f38db490-d61c-443f-a65b-d21fe96a405b>	2010-07-21 19:11:32 +0000
committer	twilson <twilson@f38db490-d61c-443f-a65b-d21fe96a405b>	2010-07-21 19:11:32 +0000
commit	15f42844eff69ae1f2576497c2653a7423f42395 (patch)
tree	702c8203da791c3e168d1a0ef5d07dbafea3dd54 /include/asterisk
parent	fe09035019d8f513addec09466170dfc180a1de3 (diff)