Review Board 1.7.16


added AES_ENCRYPT and AES_DECRYPT dialplan functions

Review Request #128 - Created Jan. 22, 2009 and submitted

David Vossel
trunk
0014301
Reviewers
asterisk-dev
mmichelson, russell
Asterisk
Allows data to be encrypted and decrypted using AES in the dialplan.  

 

Diff revision 3

This is not the most recent revision of the diff. The latest diff is revision 5. See what's changed.

1 2 3 4 5
1 2 3 4 5

  1. /trunk/funcs/func_aes.c: Loading...
/trunk/funcs/func_aes.c
New File

    
   
1
/*

    
   
2
 * Asterisk -- An open source telephony toolkit.

    
   
3
 *

    
   
4
 * Copyright (C) 2009, Digium, Inc.

    
   
5
 *

    
   
6
 * See http://www.asterisk.org for more information about

    
   
7
 * the Asterisk project. Please do not directly contact

    
   
8
 * any of the maintainers of this project for assistance;

    
   
9
 * the project provides a web site, mailing lists and IRC

    
   
10
 * channels for your use.

    
   
11
 *

    
   
12
 * This program is free software, distributed under the terms of

    
   
13
 * the GNU General Public License Version 2. See the LICENSE file

    
   
14
 * at the top of the source tree.

    
   
15
 */

    
   
16

   

    
   
17
/*! \file

    
   
18
 *

    
   
19
 * \brief AES encryption/decryption dialplan functions

    
   
20
 *

    
   
21
 * \author David Vossel <dvossel@digium.com>

    
   
22
 * \ingroup functions

    
   
23
 */

    
   
24

   

    
   
25

   

    
   
26
#include "asterisk.h"

    
   
27

   

    
   
28
ASTERISK_FILE_VERSION(__FILE__, "$Revision$")

    
   
29

   

    
   
30
#include "asterisk/module.h"

    
   
31
#include "asterisk/pbx.h"

    
   
32
#include "asterisk/app.h"

    
   
33
#include "asterisk/aes.h"

    
   
34

   

    
   
35
#define AES_BLOCK_SIZE 16

    
   
36

   

    
   
37
/*** DOCUMENTATION

    
   
38
	<function name="AES_ENCRYPT" language="en_US">

    
   
39
		<synopsis>

    
   
40
			Encrypt a string with AES given a 16 character key.

    
   
41
		</synopsis>

    
   
42
		<syntax>

    
   
43
			<parameter name="string" required="true">

    
   
44
				<para>Input string</para>

    
   
45
			</parameter>

    
   
46
			<parameter name="key" required="true">

    
   
47
				<para>AES Key</para>

    
   
48
			</parameter>

    
   
49
		</syntax>

    
   
50
		<description>

    
   
51
			<para>Returns an AES encrypted string encoded in base64.</para>

    
   
52
		</description>

    
   
53
	</function>

    
   
54
	<function name="AES_DECRYPT" language="en_US">

    
   
55
		<synopsis>

    
   
56
			Decrypt a string encoded in base64 with AES given a 16 character key.

    
   
57
		</synopsis>

    
   
58
		<syntax>

    
   
59
			<parameter name="string" required="true">

    
   
60
				<para>Input string.</para>

    
   
61
			</parameter>

    
   
62
			<parameter name="key" required="true">

    
   
63
				<para>AES Key</para>

    
   
64
			</parameter>

    
   
65

   

    
   
66
		</syntax>

    
   
67
		<description>

    
   
68
			<para>Returns the plain text string.</para>

    
   
69
		</description>

    
   
70
	</function>

    
   
71
 ***/

    
   
72

   

    
   
73

   

    
   
74
static int aes_helper(struct ast_channel *chan, const char *cmd, char *data,

    
   
75
	       char *buf, size_t len)

    
   
76
{

    
   
77
	unsigned char curblock[AES_BLOCK_SIZE] = { 0, };

    
   
78
	char *src;

    
   
79
	char *dst;

    
   
80
	char *result;

    
   
81
	int data_len, encrypt;

    
   
82
	ast_aes_encrypt_key ecx;                       /*  AES 128 Encryption context */

    
   
83
	ast_aes_decrypt_key dcx;

    
   
84

   

    
   
85
	AST_DECLARE_APP_ARGS(args,

    
   
86
		AST_APP_ARG(key);

    
   
87
		AST_APP_ARG(data);

    
   
88
	);

    
   
89

   

    
   
90
	AST_STANDARD_APP_ARGS(args, data);

    
   
91

   

    
   
92
	if (ast_strlen_zero(args.data) || ast_strlen_zero(args.key)) {

    
   
93
		ast_log(LOG_WARNING, "Syntax: %s(<key>,<data>) - missing argument!\n", cmd);

    
   
94
		return -1;

    
   
95
	}

    
   
96

   

    
   
97
	if (strlen(args.key) != AES_BLOCK_SIZE) {         /* key must be of 16 characters in length, 128 bits */

    
   
98
		ast_log(LOG_WARNING, "Syntax: %s(<key>,<data>) - <key> parameter must be exactly 16 characters!\n", cmd);

    
   
99
		return -1;

    
   
100
	}

    
   
101

   

    
   
102
	ast_aes_encrypt_key(args.key, &ecx);

    
   
103
	ast_aes_decrypt_key(args.key, &dcx);

    
   
104
	result = ast_calloc(1, len);			/* separate result buffer required due to base64 decode/encode */

    
   
105
	dst = result;

    
   
106
	encrypt = strcmp("AES_ENCRYPT", cmd);            /* 0 if encrypting, -1 if decrypting */

    
   
107

   

    
   
108
	if (encrypt != 0) {				/* if decrypting first decode src to base64 */

    
   
109
		src = ast_calloc(1, len);

    
   
110
		ast_base64decode((unsigned char *) src, args.data, len);

    
   
111
		data_len = strlen(src);

    
   
112
	} else {

    
   
113
		src = args.data;

    
   
114
		data_len = strlen(src);

    
   
115
	}

    
   
116

   

    
   
117
	if (data_len >= len) {                           /* make sure to not go over buffer len */

    
   
118
		ast_log(LOG_WARNING, "Syntax: %s(<keys>,<data>) - <data> exceeds buffer length.  Result may be truncated!\n", cmd);

    
   
119
		data_len = len - 1;

    
   
120
	}

    
   
121

   

    
   
122
	while (data_len > 0) {

    
   
123
		memset(curblock, 0, sizeof(curblock));

    
   
124
		memcpy(curblock, src, (data_len < AES_BLOCK_SIZE) ? data_len : AES_BLOCK_SIZE);

    
   
125
		if (encrypt == 0) {

    
   
126
			ast_aes_encrypt(curblock, dst, &ecx);

    
   
127
		} else {

    
   
128
			ast_aes_decrypt(curblock, dst, &dcx);

    
   
129
		}

    
   
130
		dst += AES_BLOCK_SIZE;

    
   
131
		src += AES_BLOCK_SIZE;

    
   
132
		data_len -= AES_BLOCK_SIZE;

    
   
133
	}

    
   
134

   

    
   
135
	if (encrypt == 0) { 				/* if encrypting encode result to base64 */

    
   
136
		ast_base64encode(buf, (unsigned char *) result, strlen(result), len);

    
   
137
	} else {

    
   
138
		memcpy(buf, result, len);

    
   
139
	}

    
   
140

   

    
   
141
	return 0;

    
   
142
}

    
   
143

   

    
   
144
static struct ast_custom_function aes_encrypt_function = {

    
   
145
	.name = "AES_ENCRYPT",

    
   
146
	.read = aes_helper,

    
   
147
};

    
   
148

   

    
   
149
static struct ast_custom_function aes_decrypt_function = {

    
   
150
	.name = "AES_DECRYPT",

    
   
151
	.read = aes_helper,

    
   
152
};

    
   
153

   

    
   
154

   

    
   
155
static int unload_module(void)

    
   
156
{

    
   
157
	int res = ast_custom_function_unregister(&aes_decrypt_function);

    
   
158
	return res | ast_custom_function_unregister(&aes_encrypt_function);

    
   
159
}

    
   
160

   

    
   
161
static int load_module(void)

    
   
162
{

    
   
163
	int res = ast_custom_function_register(&aes_decrypt_function);

    
   
164
	res |= ast_custom_function_register(&aes_encrypt_function);

    
   
165
	return res ? AST_MODULE_LOAD_DECLINE : AST_MODULE_LOAD_SUCCESS;

    
   
166
}

    
   
167

   

    
   
168
AST_MODULE_INFO_STANDARD(ASTERISK_GPL_KEY, "AES dialplan functions");
  1. /trunk/funcs/func_aes.c: Loading...

https://reviewboard.asterisk.org/ runs on a server provided by Digium, Inc. and uses bandwidth donated to the open source Asterisk community by API Digital Communications in Huntsville, AL USA.
Please report problems with this site to asteriskteam@digium.com.