Review Board 1.7.16


added AES_ENCRYPT and AES_DECRYPT dialplan functions

Review Request #128 - Created Jan. 22, 2009 and submitted

David Vossel
trunk
0014301
Reviewers
asterisk-dev
mmichelson, russell
Asterisk
Allows data to be encrypted and decrypted using AES in the dialplan.  

 
Review request changed
Updated (Jan. 27, 2009, 9:56 a.m.)
fixed mark's comments. 
Ship it!
Posted (Jan. 27, 2009, 10:20 a.m.)
I'm marking this as "ship it" because I am confident that with the below two fixes, this code will be ready to merge.

Sorry I didn't find these earlier :(
/trunk/funcs/func_aes.c (Diff revision 5)
 
 
After thinking about this more, I realized that this memcpy is a bit superfluous here and could be replaced just as easily with ast_copy_string since args.data is null-terminated.

ast_copy_string(tmp, args.data, len);

Sorry for directing you down the memcpy route the first time. I wasn't thinking correctly and the fact that args.data is a normal string escaped me.
/trunk/funcs/func_aes.c (Diff revision 5)
 
 
 
I started thinking about this and I'm thinking that the code in this else block is incorrect.

Based on what Tilghman was saying earlier, AES-encrypted text could contain null bytes. If this is the case, then when we decode from base64, tmp may actually appear to "end" before we reach the end of the encrypted string due to an embedded null byte. This means that calling strlen with tmp as the argument could result in data_len being smaller than it should be.

Luckily, this is a simple fix. Just directly set data_len to what ast_base64decode returns.

https://reviewboard.asterisk.org/ runs on a server provided by Digium, Inc. and uses bandwidth donated to the open source Asterisk community by API Digital Communications in Huntsville, AL USA.
Please report problems with this site to asteriskteam@digium.com.