Module: kamailio Branch: master Commit: 2024253fac4c4fda48f2b0c5b9a1f9717294aa22 URL: https://github.com/kamailio/kamailio/commit/2024253fac4c4fda48f2b0c5b9a1f97… Author: Daniel-Constantin Mierla <miconda(a)gmail.com> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: 2024-01-09T11:56:50+01:00 gcrypt: added aes_mode parameter - specify AES encryption mode: - 0: ECB (GCRY_CIPHER_MODE_ECB) - default - 1: CBC (GCRY_CIPHER_MODE_CBC) --- Modified: src/modules/gcrypt/gcrypt_mod.c --- Diff: https://github.com/kamailio/kamailio/commit/2024253fac4c4fda48f2b0c5b9a1f97… Patch: https://github.com/kamailio/kamailio/commit/2024253fac4c4fda48f2b0c5b9a1f97… --- diff --git a/src/modules/gcrypt/gcrypt_mod.c b/src/modules/gcrypt/gcrypt_mod.c index 1554154d9cc..8a5550139c8 100644 --- a/src/modules/gcrypt/gcrypt_mod.c +++ b/src/modules/gcrypt/gcrypt_mod.c @@ -53,6 +53,8 @@ static int fixup_gcrypt_aes_decrypt(void **param, int param_no); /* init vector value */ static str _gcrypt_init_vector = str_init("SIP/2.0 is RFC3261"); static int _gcrypt_register_callid = 0; +static int _gcrypt_aes_mode_param = 0; +static int _gcrypt_aes_mode = GCRY_CIPHER_MODE_ECB; /* clang-format off */ static cmd_export_t cmds[] = { @@ -66,6 +68,7 @@ static cmd_export_t cmds[] = { static param_export_t params[] = { {"init_vector", PARAM_STR, &_gcrypt_init_vector}, {"register_callid", PARAM_INT, &_gcrypt_register_callid}, + {"aes_mode", PARAM_INT, &_gcrypt_aes_mode_param}, {0, 0, 0} }; @@ -100,6 +103,9 @@ static int mod_init(void) } LM_DBG("registered crypto callid callback\n"); } + if(_gcrypt_aes_mode_param == 1) { + _gcrypt_aes_mode = GCRY_CIPHER_MODE_CBC; + } return 0; } @@ -140,7 +146,7 @@ static int ki_gcrypt_aes_encrypt_helper( gcry_ret = gcry_cipher_open(&cipher_hd, // gcry_cipher_hd_t *hd GCRY_CIPHER_AES256, // int algo - GCRY_CIPHER_MODE_ECB, // int mode + _gcrypt_aes_mode, // int mode 0); // unsigned int flags if(gcry_ret) { LM_ERR("gcry cipher open failed: %s/%s\n", gcry_strsource(gcry_ret), @@ -306,7 +312,7 @@ static int ki_gcrypt_aes_decrypt_helper( gcry_ret = gcry_cipher_open(&cipher_hd, // gcry_cipher_hd_t *hd GCRY_CIPHER_AES256, // int algo - GCRY_CIPHER_MODE_ECB, // int mode + _gcrypt_aes_mode, // int mode 0); // unsigned int flags if(gcry_ret) { LM_ERR("gcry cipher open failed: %s/%s\n", gcry_strsource(gcry_ret),