Create binary versions of signature functions

git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@3607 65c4cc65-6c06-0410-ace0-fbb531ad65f3

diff --git a/include/asterisk/crypto.h b/include/asterisk/crypto.h
index 4aac31b..d222e46 100755 (executable)
--- a/include/asterisk/crypto.h
+++ b/include/asterisk/crypto.h
@@ -53,6 +53,17 @@ extern int ast_key_init(int fd);
  */
 extern int ast_check_signature(struct ast_key *key, char *msg, char *sig);
 
+//! Check the authenticity of a message signature using a given public key
+/*!
+ * \param key a public key to use to verify
+ * \param msg the message that has been signed
+ * \param sig the proposed valid signature in raw binary representation
+ *
+ * Returns 0 if the signature is valid, or -1 otherwise
+ *
+ */
+extern int ast_check_signature_bin(struct ast_key *key, char *msg, unsigned char *sig);
+
 /*!
  * \param key a private key to use to create the signature
  * \param msg the message to sign
@@ -63,6 +74,16 @@ extern int ast_check_signature(struct ast_key *key, char *msg, char *sig);
  *
  */
 extern int ast_sign(struct ast_key *key, char *msg, char *sig);
+/*!
+ * \param key a private key to use to create the signature
+ * \param msg the message to sign
+ * \param sig a pointer to a buffer of at least 128 bytes in which the
+ * raw encoded signature will be stored
+ *
+ * Returns 0 on success or -1 on failure.
+ *
+ */
+extern int ast_sign_bin(struct ast_key *key, char *msg, unsigned char *sig);
 
 #if defined(__cplusplus) || defined(c_plusplus)
 }

diff --git a/res/res_crypto.c b/res/res_crypto.c
index 7061715..87339f2 100755 (executable)
--- a/res/res_crypto.c
+++ b/res/res_crypto.c
@@ -296,10 +296,9 @@ static char *binary(int y, int len)
 
 #endif
 
-int ast_sign(struct ast_key *key, char *msg, char *sig)
+int ast_sign_bin(struct ast_key *key, char *msg, unsigned char *dsig)
 {
        unsigned char digest[20];
-       unsigned char dsig[128];
        int siglen = sizeof(dsig);
        int res;
 
@@ -324,16 +323,26 @@ int ast_sign(struct ast_key *key, char *msg, char *sig)
                return -1;
        }
 
-       /* Success -- encode (256 bytes max as documented) */
-       ast_base64encode(sig, dsig, siglen, 256);
        return 0;
        
 }
 
-int ast_check_signature(struct ast_key *key, char *msg, char *sig)
+int ast_sign(struct ast_key *key, char *msg, char *sig)
 {
-       unsigned char digest[20];
        unsigned char dsig[128];
+       int siglen = sizeof(dsig);
+       int res;
+       res = ast_sign_bin(key, msg, dsig);
+       if (!res)
+               /* Success -- encode (256 bytes max as documented) */
+               ast_base64encode(sig, dsig, siglen, 256);
+       return res;
+       
+}
+
+int ast_check_signature_bin(struct ast_key *key, char *msg, unsigned char *dsig)
+{
+       unsigned char digest[20];
        int res;
 
        if (key->ktype != AST_KEY_PUBLIC) {
@@ -343,13 +352,6 @@ int ast_check_signature(struct ast_key *key, char *msg, char *sig)
                return -1;
        }
 
-       /* Decode signature */
-       res = ast_base64decode(dsig, sig, sizeof(dsig));
-       if (res != sizeof(dsig)) {
-               ast_log(LOG_WARNING, "Signature improper length (expect %d, got %d)\n", (int)sizeof(dsig), (int)res);
-               return -1;
-       }
-
        /* Calculate digest of message */
        SHA1((unsigned char *)msg, strlen(msg), digest);
 
@@ -364,6 +366,21 @@ int ast_check_signature(struct ast_key *key, char *msg, char *sig)
        return 0;
 }
 
+int ast_check_signature(struct ast_key *key, char *msg, char *sig)
+{
+       unsigned char dsig[128];
+       int res;
+
+       /* Decode signature */
+       res = ast_base64decode(dsig, sig, sizeof(dsig));
+       if (res != sizeof(dsig)) {
+               ast_log(LOG_WARNING, "Signature improper length (expect %d, got %d)\n", (int)sizeof(dsig), (int)res);
+               return -1;
+       }
+       res = ast_check_signature_bin(key, msg, dsig);
+       return res;
+}
+
 static void crypto_load(int ifd, int ofd)
 {
        struct ast_key *key, *nkey, *last;