GCRYPT Module

Daniel-Constantin Mierla

   <miconda@gmail.com>

Edited by

Daniel-Constantin Mierla

   <miconda@gmail.com>

   Copyright © 2024 asipto.com
     __________________________________________________________________

   Table of Contents

   1. Admin Guide

        1. Overview
        2. Dependencies

              2.1. Kamailio Modules
              2.2. External Libraries or Applications

        3. Parameters

              3.1. init_vector (str)
              3.2. aes_mode (int)
              3.3. register_callid (int)

        4. Functions

              4.1. gcrypt_aes_encrypt(text, key, res)
              4.2. gcrypt_aes_decrypt(text, key, res)

   List of Examples

   1.1. Set init_vector parameter
   1.2. Set aes_mode parameter
   1.3. Set register_callid parameter
   1.4. gcrypt_aes_encrypt usage
   1.5. gcrypt_aes_decrypt usage

Chapter 1. Admin Guide

   Table of Contents

   1. Overview
   2. Dependencies

        2.1. Kamailio Modules
        2.2. External Libraries or Applications

   3. Parameters

        3.1. init_vector (str)
        3.2. aes_mode (int)
        3.3. register_callid (int)

   4. Functions

        4.1. gcrypt_aes_encrypt(text, key, res)
        4.2. gcrypt_aes_decrypt(text, key, res)

1. Overview

   This module provides various cryptography tools for use in Kamailio
   configuration file using libgcrypt.

2. Dependencies

   2.1. Kamailio Modules
   2.2. External Libraries or Applications

2.1. Kamailio Modules

   The following modules must be loaded before this module:
     * none.

2.2. External Libraries or Applications

   The following libraries or applications must be installed before
   running Kamailio with this module loaded:
     * libgcrypt - part of GnuPG project
       (https://gnupg.org/software/libgcrypt/index.html).

3. Parameters

   3.1. init_vector (str)
   3.2. aes_mode (int)
   3.3. register_callid (int)

3.1. init_vector (str)

   The initialization vector used for the cryptographic operations. This
   needs to be a string value with 16 bytes lengths.

   Default value is set in the C code.

   Example 1.1. Set init_vector parameter
...
modparam("gcrypt", "init_vector", "abcdefghijklmnop")
...

3.2. aes_mode (int)

   Set it to 1 in order to do AES CBC encryption mode. By default, it does
   AES ECB mode.

   Default value is 0.

   Example 1.2. Set aes_mode parameter
...
modparam("gcrypt", "aes_mode", 1)
...

3.3. register_callid (int)

   Set it to 1 in order to register a callback to core for generation of
   callid values for requests generated by Kamailio tm module.

   This callid generator uses libcrypt random and hashing functions for
   generating RFC 4122 version 4 UUID with high quality entropy. It is
   useful when wanting to have new callids that cannot be predicted from
   previous values.

   Default value is 0.

   Example 1.3. Set register_callid parameter
...
modparam("gcrypt", "register_callid", 1)
...

4. Functions

   4.1. gcrypt_aes_encrypt(text, key, res)
   4.2. gcrypt_aes_decrypt(text, key, res)

4.1.  gcrypt_aes_encrypt(text, key, res)

   Encrypts the text with the key using AES256 ECB encryption algorithm.
   The result is encoded in base64 format and stored in res. The parameter
   res must be a read-write variables. The parameters text and key can be
   static strings or strings with variables (dynamic strings).

   This function can be used from ANY_ROUTE.

   Example 1.4. gcrypt_aes_encrypt usage
...
gcrypt_aes_encrypt("$rb", "my-secret-key", "$var(encrypted)");
...

4.2.  gcrypt_aes_decrypt(text, key, res)

   Decrypts the text with the key using AES256 ECB encryption algorithm.
   The text has to be encoded in base64 format. The parameter res must be
   a read-write variables. The parameters text and key can be static
   strings or strings with variables (dynamic strings).

   This function can be used from ANY_ROUTE.

   Example 1.5. gcrypt_aes_decrypt usage
...
gcrypt_aes_decrypt("$var(encrypted)", "my-secret-key", "$var(text)");
...
