#Include debug symbols in the executables (-g) and profiling info (-pg)
DEBUG=-g #-pg
+#Set NOCRYPTO to yes if you do not want to have crypto support or
+#dependencies
+#NOCRYPTO=yes
+
# If you are running a radio application, define RADIO_RELAX so that the DTMF
# will be received more reliably
#OPTIONS += -DRADIO_RELAX
dsp.o chanvars.o indications.o autoservice.o db.o privacy.o \
astmm.o enum.o srv.o dns.o aescrypt.o aestab.o aeskey.o \
utils.o plc.o jitterbuf.o dnsmgr.o devicestate.o \
- netsock.o slinfactory.o ast_expr2.o ast_expr2f.o
+ netsock.o slinfactory.o ast_expr2.o ast_expr2f.o \
+ cryptostub.o
ifeq ($(wildcard $(CROSS_COMPILE_TARGET)/usr/include/sys/poll.h),)
OBJS+= poll.o
--- /dev/null
+/*
+ * Asterisk -- An open source telephony toolkit.
+ *
+ * Copyright (C) 1999 - 2005, Digium, Inc.
+ *
+ * Mark Spencer <markster@digium.com>
+ *
+ * See http://www.asterisk.org for more information about
+ * the Asterisk project. Please do not directly contact
+ * any of the maintainers of this project for assistance;
+ * the project provides a web site, mailing lists and IRC
+ * channels for your use.
+ *
+ * This program is free software, distributed under the terms of
+ * the GNU General Public License Version 2. See the LICENSE file
+ * at the top of the source tree.
+ */
+
+#include <asterisk/crypto.h>
+
+
+/* Hrm, I wonder if the compiler is smart enough to only create two functions
+ for all these... I could force it to only make two, but those would be some
+ really nasty looking casts. */
+
+static struct ast_key *stub_ast_key_get(const char *kname, int ktype)
+{
+ ast_log(LOG_NOTICE, "Crypto support not loaded!\n");
+ return NULL;
+}
+
+static int stub_ast_check_signature(struct ast_key *key, const char *msg, const char *sig)
+{
+ ast_log(LOG_NOTICE, "Crypto support not loaded!\n");
+ return -1;
+}
+
+static int stub_ast_check_signature_bin(struct ast_key *key, const char *msg, int msglen, const unsigned char *sig)
+{
+ ast_log(LOG_NOTICE, "Crypto support not loaded!\n");
+ return -1;
+}
+
+static int stub_ast_sign(struct ast_key *key, char *msg, char *sig)
+{
+ ast_log(LOG_NOTICE, "Crypto support not loaded!\n");
+ return -1;
+}
+
+static int stub_ast_sign_bin(struct ast_key *key, const char *msg, int msglen, unsigned char *sig)
+{
+ ast_log(LOG_NOTICE, "Crypto support not loaded!\n");
+ return -1;
+}
+
+static int stub_ast_encdec_bin(unsigned char *dst, const unsigned char *src, int srclen, struct ast_key *key)
+{
+ ast_log(LOG_NOTICE, "Crypto support not loaded!\n");
+ return -1;
+}
+
+struct ast_key *(*ast_key_get)(const char *key, int type) =
+ stub_ast_key_get;
+
+int (*ast_check_signature)(struct ast_key *key, const char *msg, const char *sig) =
+ stub_ast_check_signature;
+
+int (*ast_check_signature_bin)(struct ast_key *key, const char *msg, int msglen, const unsigned char *sig) =
+ stub_ast_check_signature_bin;
+
+int (*ast_sign)(struct ast_key *key, char *msg, char *sig) =
+ stub_ast_sign;
+
+int (*ast_sign_bin)(struct ast_key *key, const char *msg, int msglen, unsigned char *sig) =
+ stub_ast_sign_bin;
+
+int (*ast_encrypt_bin)(unsigned char *dst, const unsigned char *src, int srclen, struct ast_key *key) =
+ stub_ast_encdec_bin;
+
+int (*ast_decrypt_bin)(unsigned char *dst, const unsigned char *src, int srclen, struct ast_key *key) =
+ stub_ast_encdec_bin;
*
* Returns the key on success or NULL on failure
*/
-extern struct ast_key *ast_key_get(char *key, int type);
-
-/*! Initialize keys (that is, retrieve pass codes for all private keys) */
-/*!
- * \param fd a file descriptor for I/O for passwords
- *
- */
-extern int ast_key_init(int fd);
+extern struct ast_key *(*ast_key_get)(const char *key, int type);
/*! Check the authenticity of a message signature using a given public key */
/*!
* Returns 0 if the signature is valid, or -1 otherwise
*
*/
-extern int ast_check_signature(struct ast_key *key, char *msg, char *sig);
+extern int (*ast_check_signature)(struct ast_key *key, const char *msg, const char *sig);
/*! Check the authenticity of a message signature using a given public key */
/*!
* Returns 0 if the signature is valid, or -1 otherwise
*
*/
-extern int ast_check_signature_bin(struct ast_key *key, char *msg, int msglen, unsigned char *sig);
+extern int (*ast_check_signature_bin)(struct ast_key *key, const char *msg, int msglen, const unsigned char *sig);
/*!
* \param key a private key to use to create the signature
* Returns 0 on success or -1 on failure.
*
*/
-extern int ast_sign(struct ast_key *key, char *msg, char *sig);
+extern int (*ast_sign)(struct ast_key *key, char *msg, char *sig);
/*!
* \param key a private key to use to create the signature
* \param msg the message to sign
* Returns 0 on success or -1 on failure.
*
*/
-extern int ast_sign_bin(struct ast_key *key, char *msg, int msglen, unsigned char *sig);
+extern int (*ast_sign_bin)(struct ast_key *key, const char *msg, int msglen, unsigned char *sig);
/*!
* \param key a private key to use to encrypt
* Returns length of encrypted data on success or -1 on failure.
*
*/
-extern int ast_encrypt_bin(unsigned char *dst, const unsigned char *src, int srclen, struct ast_key *key);
+extern int (*ast_encrypt_bin)(unsigned char *dst, const unsigned char *src, int srclen, struct ast_key *key);
/*!
* \param key a private key to use to decrypt
* Returns length of decrypted data on success or -1 on failure.
*
*/
-extern int ast_decrypt_bin(unsigned char *dst, const unsigned char *src, int srclen, struct ast_key *key);
+extern int (*ast_decrypt_bin)(unsigned char *dst, const unsigned char *src, int srclen, struct ast_key *key);
#if defined(__cplusplus) || defined(c_plusplus)
}
#endif
return -1;
}
-struct ast_key *ast_key_get(char *kname, int ktype)
+static struct ast_key *__ast_key_get(const char *kname, int ktype)
{
struct ast_key *key;
ast_mutex_lock(&keylock);
#endif
-int ast_sign_bin(struct ast_key *key, char *msg, int msglen, unsigned char *dsig)
+static int __ast_sign_bin(struct ast_key *key, const char *msg, int msglen, unsigned char *dsig)
{
unsigned char digest[20];
unsigned int siglen = 128;
}
-extern int ast_decrypt_bin(unsigned char *dst, const unsigned char *src, int srclen, struct ast_key *key)
+static int __ast_decrypt_bin(unsigned char *dst, const unsigned char *src, int srclen, struct ast_key *key)
{
int res;
int pos = 0;
return pos;
}
-extern int ast_encrypt_bin(unsigned char *dst, const unsigned char *src, int srclen, struct ast_key *key)
+static int __ast_encrypt_bin(unsigned char *dst, const unsigned char *src, int srclen, struct ast_key *key)
{
int res;
int bytes;
return pos;
}
-int ast_sign(struct ast_key *key, char *msg, char *sig)
+static int __ast_sign(struct ast_key *key, char *msg, char *sig)
{
unsigned char dsig[128];
int siglen = sizeof(dsig);
}
-int ast_check_signature_bin(struct ast_key *key, char *msg, int msglen, unsigned char *dsig)
+static int __ast_check_signature_bin(struct ast_key *key, const char *msg, int msglen, const unsigned char *dsig)
{
unsigned char digest[20];
int res;
SHA1((unsigned char *)msg, msglen, digest);
/* Verify signature */
- res = RSA_verify(NID_sha1, digest, sizeof(digest), dsig, 128, key->rsa);
+ res = RSA_verify(NID_sha1, digest, sizeof(digest), (unsigned char *)dsig, 128, key->rsa);
if (!res) {
ast_log(LOG_DEBUG, "Key failed verification: %s\n", key->name);
return 0;
}
-int ast_check_signature(struct ast_key *key, char *msg, char *sig)
+static int __ast_check_signature(struct ast_key *key, const char *msg, const char *sig)
{
unsigned char dsig[128];
int res;
ERR_load_crypto_strings();
ast_cli_register(&cli_show_keys);
ast_cli_register(&cli_init_keys);
+
+ /* Install ourselves into stubs */
+ ast_key_get = __ast_key_get;
+ ast_check_signature = __ast_check_signature;
+ ast_check_signature_bin = __ast_check_signature_bin;
+ ast_sign = __ast_sign;
+ ast_sign_bin = __ast_sign_bin;
+ ast_encrypt_bin = __ast_encrypt_bin;
+ ast_decrypt_bin = __ast_decrypt_bin;
return 0;
}