crypto: set flags to encrypt/decrypt and functions for direction

src/modules/crypto/crypto_evcb.c

@@ -58,6 +58,7 @@ typedef struct _crypto_evroutes {
 static crypto_evroutes_t _crypto_rts;
 
 extern str _crypto_kevcb_netio;
+extern str _crypto_netio_key;
 
 static int _crypto_evcb_enabled = 0;
 
@@ -161,6 +162,10 @@ int crypto_nio_received(sr_event_param_t *evp)
 
 	LM_DBG("sent event callback - ret:%d - flags:%d\n", ret, evenv.mflags);
 
+	if(evenv.mflags & CRYPTO_NIO_DECRYPT) {
+		LM_DBG("decrypting\n");
+	}
+
     return 0;
 }
 
@@ -182,7 +187,11 @@ int crypto_nio_sent(sr_event_param_t *evp)
 
 	LM_DBG("sent event callback - ret:%d - flags:%d\n", ret, evenv.mflags);
 
-    return 0;
+	if(evenv.mflags & CRYPTO_NIO_ENCRYPT) {
+		LM_DBG("encrypting\n");
+	}
+
+	return 0;
 }
 
 /**

src/modules/crypto/crypto_mod.c

@@ -33,11 +33,12 @@
 #include "../../core/basex.h"
 #include "../../core/kemi.h"
 
+#include "crypto_aes.h"
 #include "crypto_uuid.h"
 #include "crypto_evcb.h"
 #include "api.h"
 
-#include <openssl/evp.h>
+
 
 #define AES_BLOCK_SIZE 256
 
@@ -72,6 +73,7 @@ static int _crypto_register_callid = 0;
 static int _crypto_register_evcb = 0;
 
 str _crypto_kevcb_netio = STR_NULL;
+str _crypto_netio_key = STR_NULL;
 
 static cmd_export_t cmds[]={
 	{"crypto_aes_encrypt", (cmd_function)w_crypto_aes_encrypt, 3,
@@ -95,6 +97,7 @@ static param_export_t params[]={
 	{ "register_callid", PARAM_INT, &_crypto_register_callid },
 	{ "register_evcb",   PARAM_INT, &_crypto_register_evcb },
 	{ "kevcb_netio",     PARAM_STR, &_crypto_kevcb_netio },
+	{ "netio_key",       PARAM_STR, &_crypto_netio_key },
 
 	{ 0, 0, 0 }
 };
@@ -407,127 +410,6 @@ static int fixup_crypto_aes_decrypt(void** param, int param_no)
 	return 0;
 }
 
-
-/**
- * Create an 256 bit key and IV using the supplied key_data and salt.
- * Fills in the encryption and decryption ctx objects and returns 0 on success
- */
-int crypto_aes_init(unsigned char *key_data, int key_data_len,
-		unsigned char *salt, EVP_CIPHER_CTX *e_ctx, EVP_CIPHER_CTX *d_ctx)
-{
-	int i, nrounds = 5;
-	int x;
-	unsigned char key[32], iv[32];
-
-	/*
-	 * Gen key & IV for AES 256 CBC mode. A SHA1 digest is used to hash
-	 * the supplied key material.
-	 * nrounds is the number of times the we hash the material. More rounds
-	 * are more secure but slower.
-	 */
-	i = EVP_BytesToKey(EVP_aes_256_cbc(), EVP_sha1(), salt,
-			key_data, key_data_len, nrounds, key, iv);
-	if (i != 32) {
-		LM_ERR("key size is %d bits - should be 256 bits\n", i);
-		return -1;
-	}
-
-	for(x = 0; x<32; ++x)
-		LM_DBG("key: %x iv: %x \n", key[x], iv[x]);
-
-	for(x = 0; x<8; ++x)
-		LM_DBG("salt: %x\n", salt[x]);
-
-	if(e_ctx) {
-		EVP_CIPHER_CTX_init(e_ctx);
-		EVP_EncryptInit_ex(e_ctx, EVP_aes_256_cbc(), NULL, key, iv);
-	}
-	if(d_ctx) {
-		EVP_CIPHER_CTX_init(d_ctx);
-		EVP_DecryptInit_ex(d_ctx, EVP_aes_256_cbc(), NULL, key, iv);
-	}
-
-	return 0;
-}
-
-/*
- * Encrypt *len bytes of data
- * All data going in & out is considered binary (unsigned char[])
- */
-unsigned char *crypto_aes_encrypt(EVP_CIPHER_CTX *e, unsigned char *plaintext,
-		int *len)
-{
-	/* max ciphertext len for a n bytes of plaintext is
-	 * n + AES_BLOCK_SIZE -1 bytes */
-	int c_len = *len + AES_BLOCK_SIZE - 1, f_len = 0;
-	unsigned char *ciphertext = (unsigned char *)malloc(c_len);
-
-	if(ciphertext == NULL) {
-		LM_ERR("no more system memory\n");
-		return NULL;
-	}
-	/* allows reusing of 'e' for multiple encryption cycles */
-	if(!EVP_EncryptInit_ex(e, NULL, NULL, NULL, NULL)){
-		LM_ERR("failure in EVP_EncryptInit_ex \n");
-		free(ciphertext);
-		return NULL;
-	}
-
-	/* update ciphertext, c_len is filled with the length of ciphertext
-	 * generated, *len is the size of plaintext in bytes */
-	if(!EVP_EncryptUpdate(e, ciphertext, &c_len, plaintext, *len)){
-		LM_ERR("failure in EVP_EncryptUpdate \n");
-		free(ciphertext);
-		return NULL;
-	}
-
-	/* update ciphertext with the final remaining bytes */
-	if(!EVP_EncryptFinal_ex(e, ciphertext+c_len, &f_len)){
-		LM_ERR("failure in EVP_EncryptFinal_ex \n");
-		free(ciphertext);
-		return NULL;
-	}
-
-	*len = c_len + f_len;
-	return ciphertext;
-}
-
-/*
- * Decrypt *len bytes of ciphertext
- */
-unsigned char *crypto_aes_decrypt(EVP_CIPHER_CTX *e, unsigned char *ciphertext,
-		int *len)
-{
-	/* plaintext will always be equal to or lesser than length of ciphertext*/
-	int p_len = *len, f_len = 0;
-	unsigned char *plaintext = (unsigned char *)malloc(p_len);
-
-	if(plaintext==NULL) {
-		LM_ERR("no more system memory\n");
-		return NULL;
-	}
-	if(!EVP_DecryptInit_ex(e, NULL, NULL, NULL, NULL)){
-		LM_ERR("failure in EVP_DecryptInit_ex \n");
-		free(plaintext);
-		return NULL;
-	}
-
-	if(!EVP_DecryptUpdate(e, plaintext, &p_len, ciphertext, *len)){
-		LM_ERR("failure in EVP_DecryptUpdate\n");
-		free(plaintext);
-		return NULL;
-	}
-
-	if(!EVP_DecryptFinal_ex(e, plaintext+p_len, &f_len)){
-		LM_ERR("failure in EVP_DecryptFinal_ex\n");
-		free(plaintext);
-		return NULL;
-	}
-
-	*len = p_len + f_len;
-	return plaintext;
-}
-
 /**
  * testing function
  */
@@ -610,7 +492,7 @@ int crypto_aes_test(void)
  */
 static int w_crypto_nio_in(sip_msg_t* msg, char* p1, char* p2)
 {
-	return 1;
+	return crypto_nio_in(msg);
 }
 
 /**
@@ -618,7 +500,7 @@ static int w_crypto_nio_in(sip_msg_t* msg, char* p1, char* p2)
  */
 static int w_crypto_nio_out(sip_msg_t* msg, char* p1, char* p2)
 {
-	return 1;
+	return crypto_nio_out(msg);
 }
 
 /**
@@ -626,7 +508,7 @@ static int w_crypto_nio_out(sip_msg_t* msg, char* p1, char* p2)
  */
 static int w_crypto_nio_encrypt(sip_msg_t* msg, char* p1, char* p2)
 {
-	return 1;
+	return crypto_nio_encrypt(msg);
 }
 
 /**
@@ -634,7 +516,7 @@ static int w_crypto_nio_encrypt(sip_msg_t* msg, char* p1, char* p2)
  */
 static int w_crypto_nio_decrypt(sip_msg_t* msg, char* p1, char* p2)
 {
-	return 1;
+	return crypto_nio_decrypt(msg);
 }
 
 /**