Create binary versions of signature functions

git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@3607 65c4cc65-6c06-0410-ace0-fbb531ad65f3
21 years ago · 3ff53cd50b
parent 94f18868f1
commit 3ff53cd50b
2 changed files with 51 additions and 13 deletions
--- a/include/asterisk/crypto.h
+++ b/include/asterisk/crypto.h
@ -53,6 +53,17 @@ extern int ast_key_init(int fd);
 */
 extern int ast_check_signature(struct ast_key *key, char *msg, char *sig);

+//! Check the authenticity of a message signature using a given public key
+/*!
+ * \param key a public key to use to verify
+ * \param msg the message that has been signed
+ * \param sig the proposed valid signature in raw binary representation
+ *
+ * Returns 0 if the signature is valid, or -1 otherwise
+ *
+ */
+extern int ast_check_signature_bin(struct ast_key *key, char *msg, unsigned char *sig);
+
 /*!
 * \param key a private key to use to create the signature
 * \param msg the message to sign
@ -63,6 +74,16 @@ extern int ast_check_signature(struct ast_key *key, char *msg, char *sig);
 *
 */
 extern int ast_sign(struct ast_key *key, char *msg, char *sig);
+/*!
+ * \param key a private key to use to create the signature
+ * \param msg the message to sign
+ * \param sig a pointer to a buffer of at least 128 bytes in which the
+ * raw encoded signature will be stored
+ *
+ * Returns 0 on success or -1 on failure.
+ *
+ */
+extern int ast_sign_bin(struct ast_key *key, char *msg, unsigned char *sig);

 #if defined(__cplusplus) || defined(c_plusplus)
 }
--- a/res/res_crypto.c
+++ b/res/res_crypto.c
@ -296,10 +296,9 @@ static char *binary(int y, int len)

 #endif

-int ast_sign(struct ast_key *key, char *msg, char *sig)
+int ast_sign_bin(struct ast_key *key, char *msg, unsigned char *dsig)
 {
 	unsigned char digest[20];
-	unsigned char dsig[128];
 	int siglen = sizeof(dsig);
 	int res;

@ -324,16 +323,26 @@ int ast_sign(struct ast_key *key, char *msg, char *sig)
 		return -1;
 	}

-	/* Success -- encode (256 bytes max as documented) */
-	ast_base64encode(sig, dsig, siglen, 256);
 	return 0;
 	
 }

-int ast_check_signature(struct ast_key *key, char *msg, char *sig)
+int ast_sign(struct ast_key *key, char *msg, char *sig)
 {
-	unsigned char digest[20];
 	unsigned char dsig[128];
+	int siglen = sizeof(dsig);
+	int res;
+	res = ast_sign_bin(key, msg, dsig);
+	if (!res)
+		/* Success -- encode (256 bytes max as documented) */
+		ast_base64encode(sig, dsig, siglen, 256);
+	return res;
+	
+}
+
+int ast_check_signature_bin(struct ast_key *key, char *msg, unsigned char *dsig)
+{
+	unsigned char digest[20];
 	int res;

 	if (key->ktype != AST_KEY_PUBLIC) {
@ -343,13 +352,6 @@ int ast_check_signature(struct ast_key *key, char *msg, char *sig)
 		return -1;
 	}

-	/* Decode signature */
-	res = ast_base64decode(dsig, sig, sizeof(dsig));
-	if (res != sizeof(dsig)) {
-		ast_log(LOG_WARNING, "Signature improper length (expect %d, got %d)\n", (int)sizeof(dsig), (int)res);
-		return -1;
-	}
-
 	/* Calculate digest of message */
 	SHA1((unsigned char *)msg, strlen(msg), digest);

@ -364,6 +366,21 @@ int ast_check_signature(struct ast_key *key, char *msg, char *sig)
 	return 0;
 }

+int ast_check_signature(struct ast_key *key, char *msg, char *sig)
+{
+	unsigned char dsig[128];
+	int res;
+
+	/* Decode signature */
+	res = ast_base64decode(dsig, sig, sizeof(dsig));
+	if (res != sizeof(dsig)) {
+		ast_log(LOG_WARNING, "Signature improper length (expect %d, got %d)\n", (int)sizeof(dsig), (int)res);
+		return -1;
+	}
+	res = ast_check_signature_bin(key, msg, dsig);
+	return res;
+}
+
 static void crypto_load(int ifd, int ofd)
 {
 	struct ast_key *key, *nkey, *last;