*/
extern int ast_check_signature(struct ast_key *key, char *msg, char *sig);
+//! Check the authenticity of a message signature using a given public key
+/*!
+ * \param key a public key to use to verify
+ * \param msg the message that has been signed
+ * \param sig the proposed valid signature in raw binary representation
+ *
+ * Returns 0 if the signature is valid, or -1 otherwise
+ *
+ */
+extern int ast_check_signature_bin(struct ast_key *key, char *msg, unsigned char *sig);
+
/*!
* \param key a private key to use to create the signature
* \param msg the message to sign
*
*/
extern int ast_sign(struct ast_key *key, char *msg, char *sig);
+/*!
+ * \param key a private key to use to create the signature
+ * \param msg the message to sign
+ * \param sig a pointer to a buffer of at least 128 bytes in which the
+ * raw encoded signature will be stored
+ *
+ * Returns 0 on success or -1 on failure.
+ *
+ */
+extern int ast_sign_bin(struct ast_key *key, char *msg, unsigned char *sig);
#if defined(__cplusplus) || defined(c_plusplus)
}
#endif
-int ast_sign(struct ast_key *key, char *msg, char *sig)
+int ast_sign_bin(struct ast_key *key, char *msg, unsigned char *dsig)
{
unsigned char digest[20];
- unsigned char dsig[128];
int siglen = sizeof(dsig);
int res;
return -1;
}
- /* Success -- encode (256 bytes max as documented) */
- ast_base64encode(sig, dsig, siglen, 256);
return 0;
}
-int ast_check_signature(struct ast_key *key, char *msg, char *sig)
+int ast_sign(struct ast_key *key, char *msg, char *sig)
{
- unsigned char digest[20];
unsigned char dsig[128];
+ int siglen = sizeof(dsig);
+ int res;
+ res = ast_sign_bin(key, msg, dsig);
+ if (!res)
+ /* Success -- encode (256 bytes max as documented) */
+ ast_base64encode(sig, dsig, siglen, 256);
+ return res;
+
+}
+
+int ast_check_signature_bin(struct ast_key *key, char *msg, unsigned char *dsig)
+{
+ unsigned char digest[20];
int res;
if (key->ktype != AST_KEY_PUBLIC) {
return -1;
}
- /* Decode signature */
- res = ast_base64decode(dsig, sig, sizeof(dsig));
- if (res != sizeof(dsig)) {
- ast_log(LOG_WARNING, "Signature improper length (expect %d, got %d)\n", (int)sizeof(dsig), (int)res);
- return -1;
- }
-
/* Calculate digest of message */
SHA1((unsigned char *)msg, strlen(msg), digest);
return 0;
}
+int ast_check_signature(struct ast_key *key, char *msg, char *sig)
+{
+ unsigned char dsig[128];
+ int res;
+
+ /* Decode signature */
+ res = ast_base64decode(dsig, sig, sizeof(dsig));
+ if (res != sizeof(dsig)) {
+ ast_log(LOG_WARNING, "Signature improper length (expect %d, got %d)\n", (int)sizeof(dsig), (int)res);
+ return -1;
+ }
+ res = ast_check_signature_bin(key, msg, dsig);
+ return res;
+}
+
static void crypto_load(int ifd, int ofd)
{
struct ast_key *key, *nkey, *last;