You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@apr.apache.org by mi...@apache.org on 2011/05/15 02:40:43 UTC
svn commit: r1103258 - in /apr/apr/trunk: crypto/apr_crypto.c
crypto/apr_crypto_nss.c crypto/apr_crypto_openssl.c include/apr_crypto.h
include/private/apr_crypto_internal.h test/testcrypto.c
Author: minfrin
Date: Sun May 15 00:40:42 2011
New Revision: 1103258
URL: http://svn.apache.org/viewvc?rev=1103258&view=rev
Log:
Reorder parameters. No functional change.
Modified:
apr/apr/trunk/crypto/apr_crypto.c
apr/apr/trunk/crypto/apr_crypto_nss.c
apr/apr/trunk/crypto/apr_crypto_openssl.c
apr/apr/trunk/include/apr_crypto.h
apr/apr/trunk/include/private/apr_crypto_internal.h
apr/apr/trunk/test/testcrypto.c
Modified: apr/apr/trunk/crypto/apr_crypto.c
URL: http://svn.apache.org/viewvc/apr/apr/trunk/crypto/apr_crypto.c?rev=1103258&r1=1103257&r2=1103258&view=diff
==============================================================================
--- apr/apr/trunk/crypto/apr_crypto.c (original)
+++ apr/apr/trunk/crypto/apr_crypto.c Sun May 15 00:40:42 2011
@@ -105,9 +105,9 @@ APR_DECLARE(apr_status_t) apr_crypto_ini
return ret;
}
-APR_DECLARE(apr_status_t) apr_crypto_get_driver(apr_pool_t *pool, const char *name,
- const apr_crypto_driver_t **driver, const apr_array_header_t *params,
- const apu_err_t **result) {
+APR_DECLARE(apr_status_t) apr_crypto_get_driver(const apr_crypto_driver_t **driver,
+ const char *name, const apr_array_header_t *params, const apu_err_t **result,
+ apr_pool_t *pool) {
#if APR_HAVE_MODULAR_DSO
char modname[32];
char symname[34];
@@ -185,8 +185,8 @@ APR_DECLARE(apr_status_t) apr_crypto_get
/**
* @brief Return the name of the driver.
*
- * @param pool - pool to register any shutdown cleanups, etc
- * @return APR_SUCCESS for success.
+ * @param driver - The driver in use.
+ * @return The name of the driver.
*/
APR_DECLARE(const char *)apr_crypto_driver_name (const apr_crypto_driver_t *driver)
{
@@ -196,25 +196,30 @@ APR_DECLARE(const char *)apr_crypto_driv
/**
* @brief Get the result of the last operation on a context. If the result
* is NULL, the operation was successful.
- * @param f - context pointer
* @param result - the result structure
+ * @param f - context pointer
* @return APR_SUCCESS for success
*/
-APR_DECLARE(apr_status_t) apr_crypto_error(
- const apr_crypto_t *f, const apu_err_t **result) {
- return f->provider->error(f, result);
+APR_DECLARE(apr_status_t) apr_crypto_error(const apu_err_t **result,
+ const apr_crypto_t *f) {
+ return f->provider->error(result, f);
}
/**
- * @brief Create a general encryption context
+ * @brief Create a context for supporting encryption. Keys, certificates,
+ * algorithms and other parameters will be set per context. More than
+ * one context can be created at one time. A cleanup will be automatically
+ * registered with the given pool to guarantee a graceful shutdown.
+ * @param f - context pointer will be written here
* @param driver - driver to use
- * @param pool - process pool
* @param params - array of key parameters
- * @param f - context pointer will be written here
+ * @param pool - process pool
+ * @return APR_ENOENGINE when the engine specified does not exist. APR_EINITENGINE
+ * if the engine cannot be initialised.
*/
-APR_DECLARE(apr_status_t) apr_crypto_make(const apr_crypto_driver_t *driver,
- apr_pool_t *pool, const apr_array_header_t *params, apr_crypto_t **f) {
- return driver->make(pool, driver, params, f);
+APR_DECLARE(apr_status_t) apr_crypto_make(apr_crypto_t **f, const apr_crypto_driver_t *driver,
+ const apr_array_header_t *params, apr_pool_t *pool) {
+ return driver->make(f, driver, params, pool);
}
/**
@@ -226,9 +231,9 @@ APR_DECLARE(apr_status_t) apr_crypto_mak
* operations.
* @note If *key is NULL, a apr_crypto_key_t will be created from a pool. If
* *key is not NULL, *key must point at a previously created structure.
- * @param driver - driver to use
- * @param p The pool to use.
- * @param f The context to use.
+ * @param key The key returned, see note.
+ * @param ivSize The size of the initialisation vector will be returned, based
+ * on whether an IV is relevant for this type of crypto.
* @param pass The passphrase to use.
* @param passLen The passphrase length in bytes
* @param salt The salt to use.
@@ -236,47 +241,49 @@ APR_DECLARE(apr_status_t) apr_crypto_mak
* @param type 3DES_192, AES_128, AES_192, AES_256.
* @param mode Electronic Code Book / Cipher Block Chaining.
* @param doPad Pad if necessary.
- * @param key The key returned, see note.
- * @param ivSize The size of the initialisation vector will be returned, based
- * on whether an IV is relevant for this type of crypto.
+ * @param iterations Number of iterations to use in algorithm
+ * @param f The context to use.
+ * @param p The pool to use.
* @return Returns APR_ENOKEY if the pass phrase is missing or empty, or if a backend
* error occurred while generating the key. APR_ENOCIPHER if the type or mode
* is not supported by the particular backend. APR_EKEYTYPE if the key type is
* not known. APR_EPADDING if padding was requested but is not supported.
* APR_ENOTIMPL if not implemented.
*/
-APR_DECLARE(apr_status_t) apr_crypto_passphrase(apr_pool_t *p, const apr_crypto_t *f,
- const char *pass, apr_size_t passLen, const unsigned char * salt,
- apr_size_t saltLen, const apr_crypto_block_key_type_e type,
+APR_DECLARE(apr_status_t) apr_crypto_passphrase(apr_crypto_key_t **key,
+ apr_size_t *ivSize, const char *pass, apr_size_t passLen,
+ const unsigned char * salt, apr_size_t saltLen,
+ const apr_crypto_block_key_type_e type,
const apr_crypto_block_key_mode_e mode, const int doPad,
- const int iterations, apr_crypto_key_t **key, apr_size_t *ivSize) {
- return f->provider->passphrase(p, f, pass, passLen, salt, saltLen, type, mode,
- doPad, iterations, key, ivSize);
+ const int iterations, const apr_crypto_t *f, apr_pool_t *p)
+{
+ return f->provider->passphrase(key, ivSize, pass, passLen, salt, saltLen,
+ type, mode, doPad, iterations, f, p);
}
/**
* @brief Initialise a context for encrypting arbitrary data using the given key.
* @note If *ctx is NULL, a apr_crypto_block_t will be created from a pool. If
* *ctx is not NULL, *ctx must point at a previously created structure.
- * @param driver - driver to use
- * @param p The pool to use.
- * @param f The block context to use.
- * @param key The key structure to use.
+ * @param ctx The block context returned, see note.
* @param iv Optional initialisation vector. If the buffer pointed to is NULL,
* an IV will be created at random, in space allocated from the pool.
* If the buffer pointed to is not NULL, the IV in the buffer will be
* used.
- * @param ctx The block context returned, see note.
+ * @param key The key structure to use.
* @param blockSize The block size of the cipher.
+ * @param f The block context to use.
+ * @param p The pool to use.
* @return Returns APR_ENOIV if an initialisation vector is required but not specified.
* Returns APR_EINIT if the backend failed to initialise the context. Returns
* APR_ENOTIMPL if not implemented.
*/
-APR_DECLARE(apr_status_t) apr_crypto_block_encrypt_init(apr_pool_t *p,
- const apr_crypto_t *f, const apr_crypto_key_t *key,
- const unsigned char **iv, apr_crypto_block_t **ctx,
- apr_size_t *blockSize) {
- return f->provider->block_encrypt_init(p, f, key, iv, ctx, blockSize);
+APR_DECLARE(apr_status_t) apr_crypto_block_encrypt_init(
+ apr_crypto_block_t **ctx, const unsigned char **iv,
+ const apr_crypto_key_t *key, apr_size_t *blockSize,
+ const apr_crypto_t *f, apr_pool_t *p)
+{
+ return f->provider->block_encrypt_init(ctx, iv, key, blockSize, f, p);
}
/**
@@ -288,21 +295,21 @@ APR_DECLARE(apr_status_t) apr_crypto_blo
* to NULL, a buffer sufficiently large will be created from
* the pool provided. If *out points to a not-NULL value, this
* value will be used as a buffer instead.
- * @param driver - driver to use
- * @param ctx The block context to use.
* @param out Address of a buffer to which data will be written,
* see note.
* @param outlen Length of the output will be written here.
* @param in Address of the buffer to read.
* @param inlen Length of the buffer to read.
+ * @param f The block context to use.
+ * @param ctx The block context to use.
* @return APR_ECRYPT if an error occurred. Returns APR_ENOTIMPL if
* not implemented.
*/
-APR_DECLARE(apr_status_t) apr_crypto_block_encrypt(
- const apr_crypto_t *f, apr_crypto_block_t *ctx,
- unsigned char **out, apr_size_t *outlen, const unsigned char *in,
- apr_size_t inlen) {
- return f->provider->block_encrypt(ctx, out, outlen, in, inlen);
+APR_DECLARE(apr_status_t) apr_crypto_block_encrypt(unsigned char **out,
+ apr_size_t *outlen, const unsigned char *in, apr_size_t inlen,
+ const apr_crypto_t *f, apr_crypto_block_t *ctx)
+{
+ return f->provider->block_encrypt(out, outlen, in, inlen, ctx);
}
/**
@@ -313,43 +320,43 @@ APR_DECLARE(apr_status_t) apr_crypto_blo
* number of bytes returned as actually written by the
* apr_crypto_block_encrypt() call. After this call, the context
* is cleaned and can be reused by apr_crypto_block_encrypt_init().
- * @param driver - driver to use
- * @param ctx The block context to use.
* @param out Address of a buffer to which data will be written. This
* buffer must already exist, and is usually the same
* buffer used by apr_evp_crypt(). See note.
* @param outlen Length of the output will be written here.
+ * @param f The block context to use.
+ * @param ctx The block context to use.
* @return APR_ECRYPT if an error occurred.
* @return APR_EPADDING if padding was enabled and the block was incorrectly
* formatted.
* @return APR_ENOTIMPL if not implemented.
*/
-APR_DECLARE(apr_status_t) apr_crypto_block_encrypt_finish(
- const apr_crypto_t *f, apr_crypto_block_t *ctx,
- unsigned char *out, apr_size_t *outlen) {
- return f->provider->block_encrypt_finish(ctx, out, outlen);
+APR_DECLARE(apr_status_t) apr_crypto_block_encrypt_finish(unsigned char *out,
+ apr_size_t *outlen, const apr_crypto_t *f, apr_crypto_block_t *ctx)
+{
+ return f->provider->block_encrypt_finish(out, outlen, ctx);
}
/**
* @brief Initialise a context for decrypting arbitrary data using the given key.
* @note If *ctx is NULL, a apr_crypto_block_t will be created from a pool. If
* *ctx is not NULL, *ctx must point at a previously created structure.
- * @param driver - driver to use
- * @param p The pool to use.
- * @param f The block context to use.
- * @param key The key structure to use.
- * @param iv Optional initialisation vector.
* @param ctx The block context returned, see note.
* @param blockSize The block size of the cipher.
+ * @param iv Optional initialisation vector.
+ * @param key The key structure to use.
+ * @param f The block context to use.
+ * @param p The pool to use.
* @return Returns APR_ENOIV if an initialisation vector is required but not specified.
* Returns APR_EINIT if the backend failed to initialise the context. Returns
* APR_ENOTIMPL if not implemented.
*/
-APR_DECLARE(apr_status_t) apr_crypto_block_decrypt_init(apr_pool_t *p,
- const apr_crypto_t *f, const apr_crypto_key_t *key,
- const unsigned char *iv, apr_crypto_block_t **ctx,
- apr_size_t *blockSize) {
- return f->provider->block_decrypt_init(p, f, key, iv, ctx, blockSize);
+APR_DECLARE(apr_status_t) apr_crypto_block_decrypt_init(
+ apr_crypto_block_t **ctx, apr_size_t *blockSize,
+ const unsigned char *iv, const apr_crypto_key_t *key,
+ const apr_crypto_t *f, apr_pool_t *p)
+{
+ return f->provider->block_decrypt_init(ctx, blockSize, iv, key, f, p);
}
/**
@@ -361,21 +368,21 @@ APR_DECLARE(apr_status_t) apr_crypto_blo
* to NULL, a buffer sufficiently large will be created from
* the pool provided. If *out points to a not-NULL value, this
* value will be used as a buffer instead.
- * @param driver - driver to use
- * @param ctx The block context to use.
* @param out Address of a buffer to which data will be written,
* see note.
* @param outlen Length of the output will be written here.
* @param in Address of the buffer to read.
* @param inlen Length of the buffer to read.
+ * @param f The block context to use.
+ * @param ctx The block context to use.
* @return APR_ECRYPT if an error occurred. Returns APR_ENOTIMPL if
* not implemented.
*/
-APR_DECLARE(apr_status_t) apr_crypto_block_decrypt(
- const apr_crypto_t *f, apr_crypto_block_t *ctx,
- unsigned char **out, apr_size_t *outlen, const unsigned char *in,
- apr_size_t inlen) {
- return f->provider->block_decrypt(ctx, out, outlen, in, inlen);
+APR_DECLARE(apr_status_t) apr_crypto_block_decrypt(unsigned char **out,
+ apr_size_t *outlen, const unsigned char *in, apr_size_t inlen,
+ const apr_crypto_t *f, apr_crypto_block_t *ctx)
+{
+ return f->provider->block_decrypt(out, outlen, in, inlen, ctx);
}
/**
@@ -386,27 +393,27 @@ APR_DECLARE(apr_status_t) apr_crypto_blo
* number of bytes returned as actually written by the
* apr_crypto_block_decrypt() call. After this call, the context
* is cleaned and can be reused by apr_crypto_block_decrypt_init().
- * @param driver - driver to use
- * @param ctx The block context to use.
* @param out Address of a buffer to which data will be written. This
* buffer must already exist, and is usually the same
* buffer used by apr_evp_crypt(). See note.
* @param outlen Length of the output will be written here.
+ * @param f The block context to use.
+ * @param ctx The block context to use.
* @return APR_ECRYPT if an error occurred.
* @return APR_EPADDING if padding was enabled and the block was incorrectly
* formatted.
* @return APR_ENOTIMPL if not implemented.
*/
-APR_DECLARE(apr_status_t) apr_crypto_block_decrypt_finish(
- const apr_crypto_t *f, apr_crypto_block_t *ctx,
- unsigned char *out, apr_size_t *outlen) {
- return f->provider->block_decrypt_finish(ctx, out, outlen);
+APR_DECLARE(apr_status_t) apr_crypto_block_decrypt_finish(unsigned char *out,
+ apr_size_t *outlen, const apr_crypto_t *f, apr_crypto_block_t *ctx)
+{
+ return f->provider->block_decrypt_finish(out, outlen, ctx);
}
/**
* @brief Clean encryption / decryption context.
* @note After cleanup, a context is free to be reused if necessary.
- * @param driver - driver to use
+ * @param f The block context to use.
* @param ctx The block context to use.
* @return Returns APR_ENOTIMPL if not supported.
*/
@@ -418,7 +425,6 @@ APR_DECLARE(apr_status_t) apr_crypto_blo
/**
* @brief Clean encryption / decryption context.
* @note After cleanup, a context is free to be reused if necessary.
- * @param driver - driver to use
* @param f The context to use.
* @return Returns APR_ENOTIMPL if not supported.
*/
Modified: apr/apr/trunk/crypto/apr_crypto_nss.c
URL: http://svn.apache.org/viewvc/apr/apr/trunk/crypto/apr_crypto_nss.c?rev=1103258&r1=1103257&r2=1103258&view=diff
==============================================================================
--- apr/apr/trunk/crypto/apr_crypto_nss.c (original)
+++ apr/apr/trunk/crypto/apr_crypto_nss.c Sun May 15 00:40:42 2011
@@ -74,7 +74,7 @@ struct apr_crypto_block_t {
/**
* Fetch the most recent error from this driver.
*/
-static apr_status_t crypto_error(const apr_crypto_t *f, const apu_err_t **result) {
+static apr_status_t crypto_error(const apu_err_t **result, const apr_crypto_t *f) {
*result = f->result;
return APR_SUCCESS;
}
@@ -166,7 +166,7 @@ static apr_status_t crypto_init(apr_pool
/**
* @brief Clean encryption / decryption context.
* @note After cleanup, a context is free to be reused if necessary.
- * @param block The block context to use.
+ * @param f The context to use.
* @return Returns APR_ENOTIMPL if not supported.
*/
static apr_status_t crypto_block_cleanup(apr_crypto_block_t *block)
@@ -218,16 +218,15 @@ static apr_status_t crypto_cleanup_helpe
* algorithms and other parameters will be set per context. More than
* one context can be created at one time. A cleanup will be automatically
* registered with the given pool to guarantee a graceful shutdown.
- * @param pool - process pool
+ * @param f - context pointer will be written here
* @param provider - provider to use
* @param params - array of key parameters
- * @param ff - context pointer will be written here
+ * @param pool - process pool
* @return APR_ENOENGINE when the engine specified does not exist. APR_EINITENGINE
* if the engine cannot be initialised.
*/
-static apr_status_t crypto_make(apr_pool_t *pool, const apr_crypto_driver_t *provider,
- const apr_array_header_t *params,
- apr_crypto_t **ff)
+static apr_status_t crypto_make(apr_crypto_t **ff, const apr_crypto_driver_t *provider,
+ const apr_array_header_t *params, apr_pool_t *pool)
{
apr_crypto_config_t *config = NULL;
/* struct apr_crypto_param_t *ents = params ? (struct apr_crypto_param_t *)params->elts : NULL; */
@@ -282,8 +281,9 @@ static apr_status_t crypto_make(apr_pool
* operations.
* @note If *key is NULL, a apr_crypto_key_t will be created from a pool. If
* *key is not NULL, *key must point at a previously created structure.
- * @param p The pool to use.
- * @param f The context to use.
+ * @param key The key returned, see note.
+ * @param ivSize The size of the initialisation vector will be returned, based
+ * on whether an IV is relevant for this type of crypto.
* @param pass The passphrase to use.
* @param passLen The passphrase length in bytes
* @param salt The salt to use.
@@ -292,27 +292,19 @@ static apr_status_t crypto_make(apr_pool
* @param mode Electronic Code Book / Cipher Block Chaining.
* @param doPad Pad if necessary.
* @param iterations Iteration count
- * @param key The key returned, see note.
- * @param ivSize The size of the initialisation vector will be returned, based
- * on whether an IV is relevant for this type of crypto.
+ * @param f The context to use.
+ * @param p The pool to use.
* @return Returns APR_ENOKEY if the pass phrase is missing or empty, or if a backend
* error occurred while generating the key. APR_ENOCIPHER if the type or mode
* is not supported by the particular backend. APR_EKEYTYPE if the key type is
* not known. APR_EPADDING if padding was requested but is not supported.
* APR_ENOTIMPL if not implemented.
*/
-static apr_status_t crypto_passphrase(apr_pool_t *p,
- const apr_crypto_t *f,
- const char *pass,
- apr_size_t passLen,
- const unsigned char * salt,
- apr_size_t saltLen,
- const apr_crypto_block_key_type_e type,
- const apr_crypto_block_key_mode_e mode,
- const int doPad,
- const int iterations,
- apr_crypto_key_t **k,
- apr_size_t *ivSize)
+static apr_status_t crypto_passphrase(apr_crypto_key_t **k, apr_size_t *ivSize,
+ const char *pass, apr_size_t passLen, const unsigned char * salt,
+ apr_size_t saltLen, const apr_crypto_block_key_type_e type,
+ const apr_crypto_block_key_mode_e mode, const int doPad,
+ const int iterations, const apr_crypto_t *f, apr_pool_t *p)
{
apr_status_t rv = APR_SUCCESS;
PK11SlotInfo * slot;
@@ -424,25 +416,22 @@ static apr_status_t crypto_passphrase(ap
* @brief Initialise a context for encrypting arbitrary data using the given key.
* @note If *ctx is NULL, a apr_crypto_block_t will be created from a pool. If
* *ctx is not NULL, *ctx must point at a previously created structure.
- * @param p The pool to use.
- * @param f The block context to use.
- * @param key The key structure.
+ * @param ctx The block context returned, see note.
* @param iv Optional initialisation vector. If the buffer pointed to is NULL,
* an IV will be created at random, in space allocated from the pool.
* If the buffer pointed to is not NULL, the IV in the buffer will be
* used.
- * @param ctx The block context returned, see note.
+ * @param key The key structure.
* @param blockSize The block size of the cipher.
+ * @param f The block context to use.
+ * @param p The pool to use.
* @return Returns APR_ENOIV if an initialisation vector is required but not specified.
* Returns APR_EINIT if the backend failed to initialise the context. Returns
* APR_ENOTIMPL if not implemented.
*/
-static apr_status_t crypto_block_encrypt_init(apr_pool_t *p,
- const apr_crypto_t *f,
- const apr_crypto_key_t *key,
- const unsigned char **iv,
- apr_crypto_block_t **ctx,
- apr_size_t *blockSize)
+static apr_status_t crypto_block_encrypt_init(apr_crypto_block_t **ctx,
+ const unsigned char **iv, const apr_crypto_key_t *key,
+ apr_size_t *blockSize, const apr_crypto_t *f, apr_pool_t *p)
{
PRErrorCode perr;
SECItem * secParam;
@@ -515,20 +504,18 @@ static apr_status_t crypto_block_encrypt
* to NULL, a buffer sufficiently large will be created from
* the pool provided. If *out points to a not-NULL value, this
* value will be used as a buffer instead.
- * @param block The block context to use.
* @param out Address of a buffer to which data will be written,
* see note.
* @param outlen Length of the output will be written here.
* @param in Address of the buffer to read.
* @param inlen Length of the buffer to read.
+ * @param ctx The block context to use.
* @return APR_ECRYPT if an error occurred. Returns APR_ENOTIMPL if
* not implemented.
*/
-static apr_status_t crypto_block_encrypt(apr_crypto_block_t *block,
- unsigned char **out,
- apr_size_t *outlen,
- const unsigned char *in,
- apr_size_t inlen)
+static apr_status_t crypto_block_encrypt(unsigned char **out,
+ apr_size_t *outlen, const unsigned char *in, apr_size_t inlen,
+ apr_crypto_block_t *ctx)
{
unsigned char *buffer;
@@ -568,19 +555,18 @@ static apr_status_t crypto_block_encrypt
* number of bytes returned as actually written by the
* apr_crypto_block_encrypt() call. After this call, the context
* is cleaned and can be reused by apr_crypto_block_encrypt_init().
- * @param block The block context to use.
* @param out Address of a buffer to which data will be written. This
* buffer must already exist, and is usually the same
* buffer used by apr_evp_crypt(). See note.
* @param outlen Length of the output will be written here.
+ * @param ctx The block context to use.
* @return APR_ECRYPT if an error occurred.
* @return APR_EPADDING if padding was enabled and the block was incorrectly
* formatted.
* @return APR_ENOTIMPL if not implemented.
*/
-static apr_status_t crypto_block_encrypt_finish(apr_crypto_block_t *block,
- unsigned char *out,
- apr_size_t *outlen)
+static apr_status_t crypto_block_encrypt_finish(unsigned char *out,
+ apr_size_t *outlen, apr_crypto_block_t *ctx)
{
apr_status_t rv = APR_SUCCESS;
@@ -607,25 +593,21 @@ static apr_status_t crypto_block_encrypt
* @brief Initialise a context for decrypting arbitrary data using the given key.
* @note If *ctx is NULL, a apr_crypto_block_t will be created from a pool. If
* *ctx is not NULL, *ctx must point at a previously created structure.
- * @param p The pool to use.
- * @param f The block context to use.
- * @param key The key structure.
- * @param iv Optional initialisation vector. If the buffer pointed to is NULL,
- * an IV will be created at random, in space allocated from the pool.
- * If the buffer pointed to is not NULL, the IV in the buffer will be
- * used.
* @param ctx The block context returned, see note.
* @param blockSize The block size of the cipher.
+ * @param iv Optional initialisation vector. If the buffer pointed to is NULL,
+ * an IV will be created at random, in space allocated from the pool.
+ * If the buffer is not NULL, the IV in the buffer will be used.
+ * @param key The key structure.
+ * @param f The block context to use.
+ * @param p The pool to use.
* @return Returns APR_ENOIV if an initialisation vector is required but not specified.
* Returns APR_EINIT if the backend failed to initialise the context. Returns
* APR_ENOTIMPL if not implemented.
*/
-static apr_status_t crypto_block_decrypt_init(apr_pool_t *p,
- const apr_crypto_t *f,
- const apr_crypto_key_t *key,
- const unsigned char *iv,
- apr_crypto_block_t **ctx,
- apr_size_t *blockSize)
+static apr_status_t crypto_block_decrypt_init(apr_crypto_block_t **ctx,
+ apr_size_t *blockSize, const unsigned char *iv,
+ const apr_crypto_key_t *key, const apr_crypto_t *f, apr_pool_t *p)
{
PRErrorCode perr;
SECItem * secParam;
@@ -679,24 +661,22 @@ static apr_status_t crypto_block_decrypt
* @note The number of bytes written will be written to outlen. If
* out is NULL, outlen will contain the maximum size of the
* buffer needed to hold the data, including any data
- * generated by apr_crypto_block_final below. If *out points
+ * generated by apr_crypto_block_decrypt_finish below. If *out points
* to NULL, a buffer sufficiently large will be created from
* the pool provided. If *out points to a not-NULL value, this
* value will be used as a buffer instead.
- * @param block The block context to use.
* @param out Address of a buffer to which data will be written,
* see note.
* @param outlen Length of the output will be written here.
* @param in Address of the buffer to read.
* @param inlen Length of the buffer to read.
+ * @param ctx The block context to use.
* @return APR_ECRYPT if an error occurred. Returns APR_ENOTIMPL if
* not implemented.
*/
-static apr_status_t crypto_block_decrypt(apr_crypto_block_t *block,
- unsigned char **out,
- apr_size_t *outlen,
- const unsigned char *in,
- apr_size_t inlen)
+static apr_status_t crypto_block_decrypt(unsigned char **out,
+ apr_size_t *outlen, const unsigned char *in, apr_size_t inlen,
+ apr_crypto_block_t *block)
{
unsigned char *buffer;
@@ -729,26 +709,25 @@ static apr_status_t crypto_block_decrypt
}
/**
- * @brief Encrypt final data block, write it to out.
+ * @brief Decrypt final data block, write it to out.
* @note If necessary the final block will be written out after being
* padded. Typically the final block will be written to the
- * same buffer used by apr_evp_crypt, offset by the number of
- * bytes returned as actually written by the apr_evp_crypt()
- * call. After this call, the context is cleaned and can be
- * reused by apr_env_encrypt_init() or apr_env_decrypt_init().
- * @param block The block context to use.
+ * same buffer used by apr_crypto_block_decrypt, offset by the
+ * number of bytes returned as actually written by the
+ * apr_crypto_block_decrypt() call. After this call, the context
+ * is cleaned and can be reused by apr_crypto_block_decrypt_init().
* @param out Address of a buffer to which data will be written. This
* buffer must already exist, and is usually the same
* buffer used by apr_evp_crypt(). See note.
* @param outlen Length of the output will be written here.
+ * @param ctx The block context to use.
* @return APR_ECRYPT if an error occurred.
* @return APR_EPADDING if padding was enabled and the block was incorrectly
* formatted.
* @return APR_ENOTIMPL if not implemented.
*/
-static apr_status_t crypto_block_decrypt_finish(apr_crypto_block_t *block,
- unsigned char *out,
- apr_size_t *outlen)
+static apr_status_t crypto_block_decrypt_finish(unsigned char *out,
+ apr_size_t *outlen, apr_crypto_block_t *block)
{
apr_status_t rv = APR_SUCCESS;
Modified: apr/apr/trunk/crypto/apr_crypto_openssl.c
URL: http://svn.apache.org/viewvc/apr/apr/trunk/crypto/apr_crypto_openssl.c?rev=1103258&r1=1103257&r2=1103258&view=diff
==============================================================================
--- apr/apr/trunk/crypto/apr_crypto_openssl.c (original)
+++ apr/apr/trunk/crypto/apr_crypto_openssl.c Sun May 15 00:40:42 2011
@@ -68,7 +68,7 @@ struct apr_crypto_block_t {
/**
* Fetch the most recent error from this driver.
*/
-static apr_status_t crypto_error(const apr_crypto_t *f, const apu_err_t **result) {
+static apr_status_t crypto_error(const apu_err_t **result, const apr_crypto_t *f) {
*result = f->result;
return APR_SUCCESS;
}
@@ -155,15 +155,16 @@ static apr_status_t crypto_cleanup_helpe
* algorithms and other parameters will be set per context. More than
* one context can be created at one time. A cleanup will be automatically
* registered with the given pool to guarantee a graceful shutdown.
- * @param pool - process pool
+ * @param f - context pointer will be written here
* @param provider - provider to use
* @param params - array of key parameters
- * @param ff - context pointer will be written here
+ * @param pool - process pool
* @return APR_ENOENGINE when the engine specified does not exist. APR_EINITENGINE
* if the engine cannot be initialised.
*/
-static apr_status_t crypto_make(apr_pool_t *pool, const apr_crypto_driver_t *provider,
- const apr_array_header_t *params, apr_crypto_t **ff) {
+static apr_status_t crypto_make(apr_crypto_t **ff, const apr_crypto_driver_t *provider,
+ const apr_array_header_t *params, apr_pool_t *pool)
+{
apr_crypto_config_t *config = NULL;
struct apr_crypto_param_t *ents =
params ? (struct apr_crypto_param_t *) params->elts : NULL;
@@ -217,8 +218,9 @@ static apr_status_t crypto_make(apr_pool
* operations.
* @note If *key is NULL, a apr_crypto_key_t will be created from a pool. If
* *key is not NULL, *key must point at a previously created structure.
- * @param p The pool to use.
- * @param f The context to use.
+ * @param key The key returned, see note.
+ * @param ivSize The size of the initialisation vector will be returned, based
+ * on whether an IV is relevant for this type of crypto.
* @param pass The passphrase to use.
* @param passLen The passphrase length in bytes
* @param salt The salt to use.
@@ -227,20 +229,20 @@ static apr_status_t crypto_make(apr_pool
* @param mode Electronic Code Book / Cipher Block Chaining.
* @param doPad Pad if necessary.
* @param iterations Iteration count
- * @param key The key returned, see note.
- * @param ivSize The size of the initialisation vector will be returned, based
- * on whether an IV is relevant for this type of crypto.
+ * @param f The context to use.
+ * @param p The pool to use.
* @return Returns APR_ENOKEY if the pass phrase is missing or empty, or if a backend
* error occurred while generating the key. APR_ENOCIPHER if the type or mode
* is not supported by the particular backend. APR_EKEYTYPE if the key type is
* not known. APR_EPADDING if padding was requested but is not supported.
* APR_ENOTIMPL if not implemented.
*/
-static apr_status_t crypto_passphrase(apr_pool_t *p, const apr_crypto_t *f,
+static apr_status_t crypto_passphrase(apr_crypto_key_t **k, apr_size_t *ivSize,
const char *pass, apr_size_t passLen, const unsigned char * salt,
apr_size_t saltLen, const apr_crypto_block_key_type_e type,
const apr_crypto_block_key_mode_e mode, const int doPad,
- const int iterations, apr_crypto_key_t **k, apr_size_t *ivSize) {
+ const int iterations, const apr_crypto_t *f, apr_pool_t *p)
+{
apr_crypto_key_t *key = *k;
if (!key) {
@@ -331,20 +333,23 @@ static apr_status_t crypto_passphrase(ap
* @brief Initialise a context for encrypting arbitrary data using the given key.
* @note If *ctx is NULL, a apr_crypto_block_t will be created from a pool. If
* *ctx is not NULL, *ctx must point at a previously created structure.
- * @param p The pool to use.
- * @param f The block context to use.
- * @param key The key
- * @param iv Optional initialisation vector.
* @param ctx The block context returned, see note.
+ * @param iv Optional initialisation vector. If the buffer pointed to is NULL,
+ * an IV will be created at random, in space allocated from the pool.
+ * If the buffer pointed to is not NULL, the IV in the buffer will be
+ * used.
+ * @param key The key structure.
* @param blockSize The block size of the cipher.
+ * @param f The block context to use.
+ * @param p The pool to use.
* @return Returns APR_ENOIV if an initialisation vector is required but not specified.
* Returns APR_EINIT if the backend failed to initialise the context. Returns
* APR_ENOTIMPL if not implemented.
*/
-static apr_status_t crypto_block_encrypt_init(apr_pool_t *p,
- const apr_crypto_t *f, const apr_crypto_key_t *key,
- const unsigned char **iv, apr_crypto_block_t **ctx,
- apr_size_t *blockSize) {
+static apr_status_t crypto_block_encrypt_init(apr_crypto_block_t **ctx,
+ const unsigned char **iv, const apr_crypto_key_t *key,
+ apr_size_t *blockSize, const apr_crypto_t *f, apr_pool_t *p)
+{
unsigned char *usedIv;
apr_crypto_config_t *config = f->config;
apr_crypto_block_t *block = *ctx;
@@ -417,18 +422,19 @@ static apr_status_t crypto_block_encrypt
* to NULL, a buffer sufficiently large will be created from
* the pool provided. If *out points to a not-NULL value, this
* value will be used as a buffer instead.
- * @param ctx The block context to use.
* @param out Address of a buffer to which data will be written,
* see note.
* @param outlen Length of the output will be written here.
* @param in Address of the buffer to read.
* @param inlen Length of the buffer to read.
+ * @param ctx The block context to use.
* @return APR_ECRYPT if an error occurred. Returns APR_ENOTIMPL if
* not implemented.
*/
-static apr_status_t crypto_block_encrypt(apr_crypto_block_t *ctx,
- unsigned char **out, apr_size_t *outlen, const unsigned char *in,
- apr_size_t inlen) {
+static apr_status_t crypto_block_encrypt(unsigned char **out,
+ apr_size_t *outlen, const unsigned char *in, apr_size_t inlen,
+ apr_crypto_block_t *ctx)
+{
int outl = *outlen;
unsigned char *buffer;
@@ -469,18 +475,19 @@ static apr_status_t crypto_block_encrypt
* number of bytes returned as actually written by the
* apr_crypto_block_encrypt() call. After this call, the context
* is cleaned and can be reused by apr_crypto_block_encrypt_init().
- * @param ctx The block context to use.
* @param out Address of a buffer to which data will be written. This
* buffer must already exist, and is usually the same
* buffer used by apr_evp_crypt(). See note.
* @param outlen Length of the output will be written here.
+ * @param ctx The block context to use.
* @return APR_ECRYPT if an error occurred.
* @return APR_EPADDING if padding was enabled and the block was incorrectly
* formatted.
* @return APR_ENOTIMPL if not implemented.
*/
-static apr_status_t crypto_block_encrypt_finish(apr_crypto_block_t *ctx,
- unsigned char *out, apr_size_t *outlen) {
+static apr_status_t crypto_block_encrypt_finish(unsigned char *out,
+ apr_size_t *outlen, apr_crypto_block_t *ctx)
+{
int len = *outlen;
if (EVP_EncryptFinal_ex(&ctx->cipherCtx, out, &len) == 0) {
@@ -496,22 +503,22 @@ static apr_status_t crypto_block_encrypt
* @brief Initialise a context for decrypting arbitrary data using the given key.
* @note If *ctx is NULL, a apr_crypto_block_t will be created from a pool. If
* *ctx is not NULL, *ctx must point at a previously created structure.
- * @param p The pool to use.
- * @param f The block context to use.
- * @param key The key structure.
+ * @param ctx The block context returned, see note.
+ * @param blockSize The block size of the cipher.
* @param iv Optional initialisation vector. If the buffer pointed to is NULL,
* an IV will be created at random, in space allocated from the pool.
* If the buffer is not NULL, the IV in the buffer will be used.
- * @param ctx The block context returned, see note.
- * @param blockSize The block size of the cipher.
+ * @param key The key structure.
+ * @param f The block context to use.
+ * @param p The pool to use.
* @return Returns APR_ENOIV if an initialisation vector is required but not specified.
* Returns APR_EINIT if the backend failed to initialise the context. Returns
* APR_ENOTIMPL if not implemented.
*/
-static apr_status_t crypto_block_decrypt_init(apr_pool_t *p,
- const apr_crypto_t *f, const apr_crypto_key_t *key,
- const unsigned char *iv, apr_crypto_block_t **ctx,
- apr_size_t *blockSize) {
+static apr_status_t crypto_block_decrypt_init(apr_crypto_block_t **ctx,
+ apr_size_t *blockSize, const unsigned char *iv,
+ const apr_crypto_key_t *key, const apr_crypto_t *f, apr_pool_t *p)
+{
apr_crypto_config_t *config = f->config;
apr_crypto_block_t *block = *ctx;
if (!block) {
@@ -565,23 +572,23 @@ static apr_status_t crypto_block_decrypt
* @note The number of bytes written will be written to outlen. If
* out is NULL, outlen will contain the maximum size of the
* buffer needed to hold the data, including any data
- * generated by apr_crypto_block_final below. If *out points
+ * generated by apr_crypto_block_decrypt_finish below. If *out points
* to NULL, a buffer sufficiently large will be created from
* the pool provided. If *out points to a not-NULL value, this
* value will be used as a buffer instead.
- * @param ctx The block context to use.
* @param out Address of a buffer to which data will be written,
* see note.
* @param outlen Length of the output will be written here.
* @param in Address of the buffer to read.
* @param inlen Length of the buffer to read.
+ * @param ctx The block context to use.
* @return APR_ECRYPT if an error occurred. Returns APR_ENOTIMPL if
* not implemented.
*/
-static apr_status_t crypto_block_decrypt(apr_crypto_block_t *ctx,
- unsigned char **out, apr_size_t *outlen, const unsigned char *in,
- apr_size_t inlen) {
-
+static apr_status_t crypto_block_decrypt(unsigned char **out,
+ apr_size_t *outlen, const unsigned char *in, apr_size_t inlen,
+ apr_crypto_block_t *ctx)
+{
int outl = *outlen;
unsigned char *buffer;
@@ -618,22 +625,23 @@ static apr_status_t crypto_block_decrypt
* @brief Decrypt final data block, write it to out.
* @note If necessary the final block will be written out after being
* padded. Typically the final block will be written to the
- * same buffer used by apr_evp_crypt, offset by the number of
- * bytes returned as actually written by the apr_evp_crypt()
- * call. After this call, the context is cleaned and can be
- * reused by apr_env_encrypt_init() or apr_env_decrypt_init().
- * @param ctx The block context to use.
+ * same buffer used by apr_crypto_block_decrypt, offset by the
+ * number of bytes returned as actually written by the
+ * apr_crypto_block_decrypt() call. After this call, the context
+ * is cleaned and can be reused by apr_crypto_block_decrypt_init().
* @param out Address of a buffer to which data will be written. This
* buffer must already exist, and is usually the same
* buffer used by apr_evp_crypt(). See note.
* @param outlen Length of the output will be written here.
+ * @param ctx The block context to use.
* @return APR_ECRYPT if an error occurred.
* @return APR_EPADDING if padding was enabled and the block was incorrectly
* formatted.
* @return APR_ENOTIMPL if not implemented.
*/
-static apr_status_t crypto_block_decrypt_finish(apr_crypto_block_t *ctx,
- unsigned char *out, apr_size_t *outlen) {
+static apr_status_t crypto_block_decrypt_finish(unsigned char *out,
+ apr_size_t *outlen, apr_crypto_block_t *ctx)
+{
int len = *outlen;
Modified: apr/apr/trunk/include/apr_crypto.h
URL: http://svn.apache.org/viewvc/apr/apr/trunk/include/apr_crypto.h?rev=1103258&r1=1103257&r2=1103258&view=diff
==============================================================================
--- apr/apr/trunk/include/apr_crypto.h (original)
+++ apr/apr/trunk/include/apr_crypto.h Sun May 15 00:40:42 2011
@@ -185,6 +185,7 @@ typedef struct apr_crypto_block_t apr_cr
* @brief Perform once-only initialisation. Call once only.
*
* @param pool - pool to register any shutdown cleanups, etc
+ * @param params - array of initialisation parameters
* @return APR_NOTIMPL in case of no crypto support.
*/
APR_DECLARE(apr_status_t) apr_crypto_init(apr_pool_t *pool,
@@ -193,17 +194,19 @@ APR_DECLARE(apr_status_t) apr_crypto_ini
/**
* @brief Get the driver struct for a name
*
- * @param pool - (process) pool to register cleanup
- * @param name - driver name
* @param driver - pointer to driver struct.
+ * @param name - driver name
+ * @param params - array of initialisation parameters
+ * @param result - result and error message on failure
+ * @param pool - (process) pool to register cleanup
* @return APR_SUCCESS for success
* @return APR_ENOTIMPL for no driver (when DSO not enabled)
* @return APR_EDSOOPEN if DSO driver file can't be opened
* @return APR_ESYMNOTFOUND if the driver file doesn't contain a driver
*/
-APR_DECLARE(apr_status_t) apr_crypto_get_driver(apr_pool_t *pool, const char *name,
- const apr_crypto_driver_t **driver, const apr_array_header_t *params,
- const apu_err_t **result);
+APR_DECLARE(apr_status_t) apr_crypto_get_driver(const apr_crypto_driver_t **driver,
+ const char *name, const apr_array_header_t *params, const apu_err_t **result,
+ apr_pool_t *pool);
/**
* @brief Return the name of the driver.
@@ -216,27 +219,27 @@ APR_DECLARE(const char *) apr_crypto_dri
/**
* @brief Get the result of the last operation on a context. If the result
* is NULL, the operation was successful.
- * @param f - context pointer
* @param result - the result structure
+ * @param f - context pointer
* @return APR_SUCCESS for success
*/
-APR_DECLARE(apr_status_t) apr_crypto_error(const apr_crypto_t *f,
- const apu_err_t **result);
+APR_DECLARE(apr_status_t) apr_crypto_error(const apu_err_t **result,
+ const apr_crypto_t *f);
/**
* @brief Create a context for supporting encryption. Keys, certificates,
* algorithms and other parameters will be set per context. More than
* one context can be created at one time. A cleanup will be automatically
* registered with the given pool to guarantee a graceful shutdown.
+ * @param f - context pointer will be written here
* @param driver - driver to use
- * @param pool - process pool
* @param params - array of key parameters
- * @param f - context pointer will be written here
+ * @param pool - process pool
* @return APR_ENOENGINE when the engine specified does not exist. APR_EINITENGINE
* if the engine cannot be initialised.
*/
-APR_DECLARE(apr_status_t) apr_crypto_make(const apr_crypto_driver_t *driver,
- apr_pool_t *pool, const apr_array_header_t *params, apr_crypto_t **f);
+APR_DECLARE(apr_status_t) apr_crypto_make(apr_crypto_t **f, const apr_crypto_driver_t *driver,
+ const apr_array_header_t *params, apr_pool_t *pool);
/**
* @brief Create a key from the given passphrase. By default, the PBKDF2
@@ -247,9 +250,9 @@ APR_DECLARE(apr_status_t) apr_crypto_mak
* operations.
* @note If *key is NULL, a apr_crypto_key_t will be created from a pool. If
* *key is not NULL, *key must point at a previously created structure.
- * @param driver - driver to use
- * @param p The pool to use.
- * @param f The context to use.
+ * @param key The key returned, see note.
+ * @param ivSize The size of the initialisation vector will be returned, based
+ * on whether an IV is relevant for this type of crypto.
* @param pass The passphrase to use.
* @param passLen The passphrase length in bytes
* @param salt The salt to use.
@@ -257,43 +260,43 @@ APR_DECLARE(apr_status_t) apr_crypto_mak
* @param type 3DES_192, AES_128, AES_192, AES_256.
* @param mode Electronic Code Book / Cipher Block Chaining.
* @param doPad Pad if necessary.
- * @param key The key returned, see note.
- * @param ivSize The size of the initialisation vector will be returned, based
- * on whether an IV is relevant for this type of crypto.
+ * @param iterations Number of iterations to use in algorithm
+ * @param f The context to use.
+ * @param p The pool to use.
* @return Returns APR_ENOKEY if the pass phrase is missing or empty, or if a backend
* error occurred while generating the key. APR_ENOCIPHER if the type or mode
* is not supported by the particular backend. APR_EKEYTYPE if the key type is
* not known. APR_EPADDING if padding was requested but is not supported.
* APR_ENOTIMPL if not implemented.
*/
-APR_DECLARE(apr_status_t) apr_crypto_passphrase(apr_pool_t *p, const apr_crypto_t *f,
- const char *pass, apr_size_t passLen, const unsigned char * salt,
- apr_size_t saltLen, const apr_crypto_block_key_type_e type,
+APR_DECLARE(apr_status_t) apr_crypto_passphrase(apr_crypto_key_t **key,
+ apr_size_t *ivSize, const char *pass, apr_size_t passLen,
+ const unsigned char * salt, apr_size_t saltLen,
+ const apr_crypto_block_key_type_e type,
const apr_crypto_block_key_mode_e mode, const int doPad,
- const int iterations, apr_crypto_key_t **key, apr_size_t *ivSize);
+ const int iterations, const apr_crypto_t *f, apr_pool_t *p);
/**
* @brief Initialise a context for encrypting arbitrary data using the given key.
* @note If *ctx is NULL, a apr_crypto_block_t will be created from a pool. If
* *ctx is not NULL, *ctx must point at a previously created structure.
- * @param driver - driver to use
- * @param p The pool to use.
- * @param f The block context to use.
- * @param key The key structure to use.
+ * @param ctx The block context returned, see note.
* @param iv Optional initialisation vector. If the buffer pointed to is NULL,
* an IV will be created at random, in space allocated from the pool.
* If the buffer pointed to is not NULL, the IV in the buffer will be
* used.
- * @param ctx The block context returned, see note.
+ * @param key The key structure to use.
* @param blockSize The block size of the cipher.
+ * @param f The block context to use.
+ * @param p The pool to use.
* @return Returns APR_ENOIV if an initialisation vector is required but not specified.
* Returns APR_EINIT if the backend failed to initialise the context. Returns
* APR_ENOTIMPL if not implemented.
*/
-APR_DECLARE(apr_status_t) apr_crypto_block_encrypt_init(apr_pool_t *p,
- const apr_crypto_t *f, const apr_crypto_key_t *key,
- const unsigned char **iv, apr_crypto_block_t **ctx,
- apr_size_t *blockSize);
+APR_DECLARE(apr_status_t) apr_crypto_block_encrypt_init(
+ apr_crypto_block_t **ctx, const unsigned char **iv,
+ const apr_crypto_key_t *key, apr_size_t *blockSize,
+ const apr_crypto_t *f, apr_pool_t *p);
/**
* @brief Encrypt data provided by in, write it to out.
@@ -304,19 +307,19 @@ APR_DECLARE(apr_status_t) apr_crypto_blo
* to NULL, a buffer sufficiently large will be created from
* the pool provided. If *out points to a not-NULL value, this
* value will be used as a buffer instead.
- * @param driver - driver to use
- * @param ctx The block context to use.
* @param out Address of a buffer to which data will be written,
* see note.
* @param outlen Length of the output will be written here.
* @param in Address of the buffer to read.
* @param inlen Length of the buffer to read.
+ * @param f The block context to use.
+ * @param ctx The block context to use.
* @return APR_ECRYPT if an error occurred. Returns APR_ENOTIMPL if
* not implemented.
*/
-APR_DECLARE(apr_status_t) apr_crypto_block_encrypt(const apr_crypto_t *f,
- apr_crypto_block_t *ctx, unsigned char **out, apr_size_t *outlen,
- const unsigned char *in, apr_size_t inlen);
+APR_DECLARE(apr_status_t) apr_crypto_block_encrypt(unsigned char **out,
+ apr_size_t *outlen, const unsigned char *in, apr_size_t inlen,
+ const apr_crypto_t *f, apr_crypto_block_t *ctx);
/**
* @brief Encrypt final data block, write it to out.
@@ -326,39 +329,38 @@ APR_DECLARE(apr_status_t) apr_crypto_blo
* number of bytes returned as actually written by the
* apr_crypto_block_encrypt() call. After this call, the context
* is cleaned and can be reused by apr_crypto_block_encrypt_init().
- * @param driver - driver to use
- * @param ctx The block context to use.
* @param out Address of a buffer to which data will be written. This
* buffer must already exist, and is usually the same
* buffer used by apr_evp_crypt(). See note.
* @param outlen Length of the output will be written here.
+ * @param f The block context to use.
+ * @param ctx The block context to use.
* @return APR_ECRYPT if an error occurred.
* @return APR_EPADDING if padding was enabled and the block was incorrectly
* formatted.
* @return APR_ENOTIMPL if not implemented.
*/
-APR_DECLARE(apr_status_t) apr_crypto_block_encrypt_finish(const apr_crypto_t *f,
- apr_crypto_block_t *ctx, unsigned char *out, apr_size_t *outlen);
+APR_DECLARE(apr_status_t) apr_crypto_block_encrypt_finish(unsigned char *out,
+ apr_size_t *outlen, const apr_crypto_t *f, apr_crypto_block_t *ctx);
/**
* @brief Initialise a context for decrypting arbitrary data using the given key.
* @note If *ctx is NULL, a apr_crypto_block_t will be created from a pool. If
* *ctx is not NULL, *ctx must point at a previously created structure.
- * @param driver - driver to use
- * @param p The pool to use.
- * @param f The block context to use.
- * @param key The key structure to use.
- * @param iv Optional initialisation vector.
* @param ctx The block context returned, see note.
* @param blockSize The block size of the cipher.
+ * @param iv Optional initialisation vector.
+ * @param key The key structure to use.
+ * @param f The block context to use.
+ * @param p The pool to use.
* @return Returns APR_ENOIV if an initialisation vector is required but not specified.
* Returns APR_EINIT if the backend failed to initialise the context. Returns
* APR_ENOTIMPL if not implemented.
*/
-APR_DECLARE(apr_status_t) apr_crypto_block_decrypt_init(apr_pool_t *p,
- const apr_crypto_t *f, const apr_crypto_key_t *key,
- const unsigned char *iv, apr_crypto_block_t **ctx,
- apr_size_t *blockSize);
+APR_DECLARE(apr_status_t) apr_crypto_block_decrypt_init(
+ apr_crypto_block_t **ctx, apr_size_t *blockSize,
+ const unsigned char *iv, const apr_crypto_key_t *key,
+ const apr_crypto_t *f, apr_pool_t *p);
/**
* @brief Decrypt data provided by in, write it to out.
@@ -369,19 +371,19 @@ APR_DECLARE(apr_status_t) apr_crypto_blo
* to NULL, a buffer sufficiently large will be created from
* the pool provided. If *out points to a not-NULL value, this
* value will be used as a buffer instead.
- * @param driver - driver to use
- * @param ctx The block context to use.
* @param out Address of a buffer to which data will be written,
* see note.
* @param outlen Length of the output will be written here.
* @param in Address of the buffer to read.
* @param inlen Length of the buffer to read.
+ * @param f The block context to use.
+ * @param ctx The block context to use.
* @return APR_ECRYPT if an error occurred. Returns APR_ENOTIMPL if
* not implemented.
*/
-APR_DECLARE(apr_status_t) apr_crypto_block_decrypt(const apr_crypto_t *f,
- apr_crypto_block_t *ctx, unsigned char **out, apr_size_t *outlen,
- const unsigned char *in, apr_size_t inlen);
+APR_DECLARE(apr_status_t) apr_crypto_block_decrypt(unsigned char **out,
+ apr_size_t *outlen, const unsigned char *in, apr_size_t inlen,
+ const apr_crypto_t *f, apr_crypto_block_t *ctx);
/**
* @brief Decrypt final data block, write it to out.
@@ -391,25 +393,24 @@ APR_DECLARE(apr_status_t) apr_crypto_blo
* number of bytes returned as actually written by the
* apr_crypto_block_decrypt() call. After this call, the context
* is cleaned and can be reused by apr_crypto_block_decrypt_init().
- * @param driver - driver to use
- * @param ctx The block context to use.
* @param out Address of a buffer to which data will be written. This
* buffer must already exist, and is usually the same
* buffer used by apr_evp_crypt(). See note.
* @param outlen Length of the output will be written here.
+ * @param f The block context to use.
+ * @param ctx The block context to use.
* @return APR_ECRYPT if an error occurred.
* @return APR_EPADDING if padding was enabled and the block was incorrectly
* formatted.
* @return APR_ENOTIMPL if not implemented.
*/
-APR_DECLARE(apr_status_t) apr_crypto_block_decrypt_finish(
- const apr_crypto_t *f, apr_crypto_block_t *ctx,
- unsigned char *out, apr_size_t *outlen);
+APR_DECLARE(apr_status_t) apr_crypto_block_decrypt_finish(unsigned char *out,
+ apr_size_t *outlen, const apr_crypto_t *f, apr_crypto_block_t *ctx);
/**
* @brief Clean encryption / decryption context.
* @note After cleanup, a context is free to be reused if necessary.
- * @param driver - driver to use
+ * @param f The block context to use.
* @param ctx The block context to use.
* @return Returns APR_ENOTIMPL if not supported.
*/
@@ -419,7 +420,6 @@ APR_DECLARE(apr_status_t) apr_crypto_blo
/**
* @brief Clean encryption / decryption context.
* @note After cleanup, a context is free to be reused if necessary.
- * @param driver - driver to use
* @param f The context to use.
* @return Returns APR_ENOTIMPL if not supported.
*/
Modified: apr/apr/trunk/include/private/apr_crypto_internal.h
URL: http://svn.apache.org/viewvc/apr/apr/trunk/include/private/apr_crypto_internal.h?rev=1103258&r1=1103257&r2=1103258&view=diff
==============================================================================
--- apr/apr/trunk/include/private/apr_crypto_internal.h (original)
+++ apr/apr/trunk/include/private/apr_crypto_internal.h Sun May 15 00:40:42 2011
@@ -46,15 +46,15 @@ struct apr_crypto_driver_t {
* algorithms and other parameters will be set per context. More than
* one context can be created at one time. A cleanup will be automatically
* registered with the given pool to guarantee a graceful shutdown.
+ * @param f - context pointer will be written here
* @param provider - provider to use
- * @param pool - process pool
* @param params - array of key parameters
- * @param f - context pointer will be written here
+ * @param pool - process pool
* @return APR_ENOENGINE when the engine specified does not exist. APR_EINITENGINE
* if the engine cannot be initialised.
*/
- apr_status_t (*make)(apr_pool_t *pool, const apr_crypto_driver_t *provider,
- const apr_array_header_t *params, apr_crypto_t **f);
+ apr_status_t (*make)(apr_crypto_t **f, const apr_crypto_driver_t *provider,
+ const apr_array_header_t *params, apr_pool_t *pool);
/**
* @brief Create a key from the given passphrase. By default, the PBKDF2
@@ -65,8 +65,9 @@ struct apr_crypto_driver_t {
* operations.
* @note If *key is NULL, a apr_crypto_key_t will be created from a pool. If
* *key is not NULL, *key must point at a previously created structure.
- * @param p The pool to use.
- * @param f The context to use.
+ * @param key The key returned, see note.
+ * @param ivSize The size of the initialisation vector will be returned, based
+ * on whether an IV is relevant for this type of crypto.
* @param pass The passphrase to use.
* @param passLen The passphrase length in bytes
* @param salt The salt to use.
@@ -75,41 +76,40 @@ struct apr_crypto_driver_t {
* @param mode Electronic Code Book / Cipher Block Chaining.
* @param doPad Pad if necessary.
* @param iterations Iteration count
- * @param key The key returned, see note.
- * @param ivSize The size of the initialisation vector will be returned, based
- * on whether an IV is relevant for this type of crypto.
+ * @param f The context to use.
+ * @param p The pool to use.
* @return Returns APR_ENOKEY if the pass phrase is missing or empty, or if a backend
* error occurred while generating the key. APR_ENOCIPHER if the type or mode
* is not supported by the particular backend. APR_EKEYTYPE if the key type is
* not known. APR_EPADDING if padding was requested but is not supported.
* APR_ENOTIMPL if not implemented.
*/
- apr_status_t (*passphrase)(apr_pool_t *p, const apr_crypto_t *f,
+ apr_status_t (*passphrase)(apr_crypto_key_t **key, apr_size_t *ivSize,
const char *pass, apr_size_t passLen, const unsigned char * salt,
apr_size_t saltLen, const apr_crypto_block_key_type_e type,
const apr_crypto_block_key_mode_e mode, const int doPad,
- const int iterations, apr_crypto_key_t **key, apr_size_t *ivSize);
+ const int iterations, const apr_crypto_t *f, apr_pool_t *p);
/**
* @brief Initialise a context for encrypting arbitrary data using the given key.
* @note If *ctx is NULL, a apr_crypto_block_t will be created from a pool. If
* *ctx is not NULL, *ctx must point at a previously created structure.
- * @param p The pool to use.
- * @param f The block context to use.
- * @param key The key structure.
+ * @param ctx The block context returned, see note.
* @param iv Optional initialisation vector. If the buffer pointed to is NULL,
* an IV will be created at random, in space allocated from the pool.
* If the buffer pointed to is not NULL, the IV in the buffer will be
* used.
- * @param ctx The block context returned, see note.
+ * @param key The key structure.
* @param blockSize The block size of the cipher.
+ * @param f The block context to use.
+ * @param p The pool to use.
* @return Returns APR_ENOIV if an initialisation vector is required but not specified.
* Returns APR_EINIT if the backend failed to initialise the context. Returns
* APR_ENOTIMPL if not implemented.
*/
- apr_status_t (*block_encrypt_init)(apr_pool_t *p, const apr_crypto_t *f,
- const apr_crypto_key_t *key, const unsigned char **iv,
- apr_crypto_block_t **ctx, apr_size_t *blockSize);
+ apr_status_t (*block_encrypt_init)(apr_crypto_block_t **ctx,
+ const unsigned char **iv, const apr_crypto_key_t *key,
+ apr_size_t *blockSize, const apr_crypto_t *f, apr_pool_t *p);
/**
* @brief Encrypt data provided by in, write it to out.
@@ -120,17 +120,17 @@ struct apr_crypto_driver_t {
* to NULL, a buffer sufficiently large will be created from
* the pool provided. If *out points to a not-NULL value, this
* value will be used as a buffer instead.
- * @param ctx The block context to use.
* @param out Address of a buffer to which data will be written,
* see note.
* @param outlen Length of the output will be written here.
* @param in Address of the buffer to read.
* @param inlen Length of the buffer to read.
+ * @param ctx The block context to use.
* @return APR_ECRYPT if an error occurred. Returns APR_ENOTIMPL if
* not implemented.
*/
- apr_status_t (*block_encrypt)(apr_crypto_block_t *ctx, unsigned char **out,
- apr_size_t *outlen, const unsigned char *in, apr_size_t inlen);
+ apr_status_t (*block_encrypt)(unsigned char **out, apr_size_t *outlen,
+ const unsigned char *in, apr_size_t inlen, apr_crypto_block_t *ctx);
/**
* @brief Encrypt final data block, write it to out.
@@ -140,38 +140,38 @@ struct apr_crypto_driver_t {
* number of bytes returned as actually written by the
* apr_crypto_block_encrypt() call. After this call, the context
* is cleaned and can be reused by apr_crypto_block_encrypt_init().
- * @param ctx The block context to use.
* @param out Address of a buffer to which data will be written. This
* buffer must already exist, and is usually the same
* buffer used by apr_evp_crypt(). See note.
* @param outlen Length of the output will be written here.
+ * @param ctx The block context to use.
* @return APR_ECRYPT if an error occurred.
* @return APR_EPADDING if padding was enabled and the block was incorrectly
* formatted.
* @return APR_ENOTIMPL if not implemented.
*/
- apr_status_t (*block_encrypt_finish)(apr_crypto_block_t *ctx,
- unsigned char *out, apr_size_t *outlen);
+ apr_status_t (*block_encrypt_finish)(unsigned char *out, apr_size_t *outlen,
+ apr_crypto_block_t *ctx);
/**
* @brief Initialise a context for decrypting arbitrary data using the given key.
* @note If *ctx is NULL, a apr_crypto_block_t will be created from a pool. If
* *ctx is not NULL, *ctx must point at a previously created structure.
- * @param p The pool to use.
- * @param f The block context to use.
- * @param key The key structure.
+ * @param ctx The block context returned, see note.
+ * @param blockSize The block size of the cipher.
* @param iv Optional initialisation vector. If the buffer pointed to is NULL,
* an IV will be created at random, in space allocated from the pool.
* If the buffer is not NULL, the IV in the buffer will be used.
- * @param ctx The block context returned, see note.
- * @param blockSize The block size of the cipher.
+ * @param key The key structure.
+ * @param f The block context to use.
+ * @param p The pool to use.
* @return Returns APR_ENOIV if an initialisation vector is required but not specified.
* Returns APR_EINIT if the backend failed to initialise the context. Returns
* APR_ENOTIMPL if not implemented.
*/
- apr_status_t (*block_decrypt_init)(apr_pool_t *p, const apr_crypto_t *f,
- const apr_crypto_key_t *key, const unsigned char *iv,
- apr_crypto_block_t **ctx, apr_size_t *blockSize);
+ apr_status_t (*block_decrypt_init)(apr_crypto_block_t **ctx,
+ apr_size_t *blockSize, const unsigned char *iv,
+ const apr_crypto_key_t *key, const apr_crypto_t *f, apr_pool_t *p);
/**
* @brief Decrypt data provided by in, write it to out.
@@ -182,17 +182,17 @@ struct apr_crypto_driver_t {
* to NULL, a buffer sufficiently large will be created from
* the pool provided. If *out points to a not-NULL value, this
* value will be used as a buffer instead.
- * @param ctx The block context to use.
* @param out Address of a buffer to which data will be written,
* see note.
* @param outlen Length of the output will be written here.
* @param in Address of the buffer to read.
* @param inlen Length of the buffer to read.
+ * @param ctx The block context to use.
* @return APR_ECRYPT if an error occurred. Returns APR_ENOTIMPL if
* not implemented.
*/
- apr_status_t (*block_decrypt)(apr_crypto_block_t *ctx, unsigned char **out,
- apr_size_t *outlen, const unsigned char *in, apr_size_t inlen);
+ apr_status_t (*block_decrypt)(unsigned char **out, apr_size_t *outlen,
+ const unsigned char *in, apr_size_t inlen, apr_crypto_block_t *ctx);
/**
* @brief Decrypt final data block, write it to out.
@@ -202,18 +202,18 @@ struct apr_crypto_driver_t {
* number of bytes returned as actually written by the
* apr_crypto_block_decrypt() call. After this call, the context
* is cleaned and can be reused by apr_crypto_block_decrypt_init().
- * @param ctx The block context to use.
* @param out Address of a buffer to which data will be written. This
* buffer must already exist, and is usually the same
* buffer used by apr_evp_crypt(). See note.
* @param outlen Length of the output will be written here.
+ * @param ctx The block context to use.
* @return APR_ECRYPT if an error occurred.
* @return APR_EPADDING if padding was enabled and the block was incorrectly
* formatted.
* @return APR_ENOTIMPL if not implemented.
*/
- apr_status_t (*block_decrypt_finish)(apr_crypto_block_t *ctx,
- unsigned char *out, apr_size_t *outlen);
+ apr_status_t (*block_decrypt_finish)(unsigned char *out,
+ apr_size_t *outlen, apr_crypto_block_t *ctx);
/**
* @brief Clean encryption / decryption context.
@@ -241,11 +241,11 @@ struct apr_crypto_driver_t {
/**
* @brief: fetch the most recent error from this driver.
- * @param f - context pointer
* @param result - the result structure
+ * @param f - context pointer
* @return APR_SUCCESS for success.
*/
- apr_status_t (*error)(const apr_crypto_t *f, const apu_err_t **result);
+ apr_status_t (*error)(const apu_err_t **result, const apr_crypto_t *f);
};
Modified: apr/apr/trunk/test/testcrypto.c
URL: http://svn.apache.org/viewvc/apr/apr/trunk/test/testcrypto.c?rev=1103258&r1=1103257&r2=1103258&view=diff
==============================================================================
--- apr/apr/trunk/test/testcrypto.c (original)
+++ apr/apr/trunk/test/testcrypto.c Sun May 15 00:40:42 2011
@@ -38,7 +38,7 @@ static const apr_crypto_driver_t *get_dr
rv = apr_crypto_init(pool, params);
ABTS_ASSERT(tc, "failed to init apr_crypto", rv == APR_SUCCESS);
- rv = apr_crypto_get_driver(pool, name, &driver, params, &err);
+ rv = apr_crypto_get_driver(&driver, name, params, &err, pool);
if (APR_SUCCESS != rv && err) {
ABTS_NOT_IMPL(tc, err->msg);
return NULL;
@@ -89,7 +89,7 @@ static apr_crypto_t *make(abts_case *tc,
}
/* get the context */
- apr_crypto_make(driver, pool, NULL, &f);
+ apr_crypto_make(&f, driver, NULL, pool);
ABTS_ASSERT(tc, "apr_crypto_make returned NULL", f != NULL);
return f;
@@ -112,11 +112,11 @@ static const apr_crypto_key_t *passphras
}
/* init the passphrase */
- rv = apr_crypto_passphrase(pool, f, pass, strlen(pass),
- (unsigned char *) salt, strlen(salt), type, mode, doPad, 4096,
- &key, NULL);
+ rv = apr_crypto_passphrase(&key, NULL, pass, strlen(pass),
+ (unsigned char *) salt, strlen(salt), type, mode, doPad, 4096, f,
+ pool);
if (APR_ENOCIPHER == rv) {
- apr_crypto_error(f, &result);
+ apr_crypto_error(&result, f);
ABTS_NOT_IMPL(tc, apr_psprintf(pool,
"skipped: %s %s passphrase return APR_ENOCIPHER: error %d: %s (%s)\n",
description, apr_crypto_driver_name(driver), result->rc,
@@ -124,7 +124,7 @@ static const apr_crypto_key_t *passphras
return NULL;
} else {
if (APR_SUCCESS != rv) {
- apr_crypto_error(f, &result);
+ apr_crypto_error(&result, f);
fprintf(stderr, "passphrase: %s %s native error %d: %s (%s)\n",
description, apr_crypto_driver_name(driver), result->rc,
result->reason ? result->reason : "",
@@ -160,13 +160,12 @@ static unsigned char *encrypt_block(abts
}
/* init the encryption */
- rv = apr_crypto_block_encrypt_init(pool, f, key, iv, &block,
- blockSize);
+ rv = apr_crypto_block_encrypt_init(&block, iv, key, blockSize, f, pool);
if (APR_ENOTIMPL == rv) {
ABTS_NOT_IMPL(tc, "apr_crypto_block_encrypt_init returned APR_ENOTIMPL");
} else {
if (APR_SUCCESS != rv) {
- apr_crypto_error(f, &result);
+ apr_crypto_error(&result, f);
fprintf(stderr, "encrypt_init: %s %s native error %d: %s (%s)\n",
description, apr_crypto_driver_name(driver), result->rc,
result->reason ? result->reason : "",
@@ -184,10 +183,10 @@ static unsigned char *encrypt_block(abts
}
/* encrypt the block */
- rv = apr_crypto_block_encrypt(f, block, cipherText,
- cipherTextLen, in, inlen);
+ rv = apr_crypto_block_encrypt(cipherText, cipherTextLen, in, inlen, f,
+ block);
if (APR_SUCCESS != rv) {
- apr_crypto_error(f, &result);
+ apr_crypto_error(&result, f);
fprintf(stderr, "encrypt: %s %s native error %d: %s (%s)\n",
description, apr_crypto_driver_name(driver), result->rc,
result->reason ? result->reason : "",
@@ -201,10 +200,10 @@ static unsigned char *encrypt_block(abts
}
/* finalise the encryption */
- rv = apr_crypto_block_encrypt_finish(f, block, *cipherText
- + *cipherTextLen, &len);
+ rv = apr_crypto_block_encrypt_finish(*cipherText + *cipherTextLen, &len, f,
+ block);
if (APR_SUCCESS != rv) {
- apr_crypto_error(f, &result);
+ apr_crypto_error(&result, f);
fprintf(stderr, "encrypt_finish: %s %s native error %d: %s (%s)\n",
description, apr_crypto_driver_name(driver), result->rc,
result->reason ? result->reason : "",
@@ -240,13 +239,12 @@ static unsigned char *decrypt_block(abts
}
/* init the decryption */
- rv = apr_crypto_block_decrypt_init(pool, f, key, iv, &block,
- blockSize);
+ rv = apr_crypto_block_decrypt_init(&block, blockSize, iv, key, f, pool);
if (APR_ENOTIMPL == rv) {
ABTS_NOT_IMPL(tc, "apr_crypto_block_decrypt_init returned APR_ENOTIMPL");
} else {
if (APR_SUCCESS != rv) {
- apr_crypto_error(f, &result);
+ apr_crypto_error(&result, f);
fprintf(stderr, "decrypt_init: %s %s native error %d: %s (%s)\n",
description, apr_crypto_driver_name(driver), result->rc,
result->reason ? result->reason : "",
@@ -264,10 +262,10 @@ static unsigned char *decrypt_block(abts
}
/* decrypt the block */
- rv = apr_crypto_block_decrypt(f, block, plainText, plainTextLen,
- cipherText, cipherTextLen);
+ rv = apr_crypto_block_decrypt(plainText, plainTextLen,
+ cipherText, cipherTextLen, f, block);
if (APR_SUCCESS != rv) {
- apr_crypto_error(f, &result);
+ apr_crypto_error(&result, f);
fprintf(stderr, "decrypt: %s %s native error %d: %s (%s)\n",
description, apr_crypto_driver_name(driver), result->rc,
result->reason ? result->reason : "",
@@ -281,10 +279,10 @@ static unsigned char *decrypt_block(abts
}
/* finalise the decryption */
- rv = apr_crypto_block_decrypt_finish(f, block, *plainText
- + *plainTextLen, &len);
+ rv = apr_crypto_block_decrypt_finish(*plainText + *plainTextLen, &len, f,
+ block);
if (APR_SUCCESS != rv) {
- apr_crypto_error(f, &result);
+ apr_crypto_error(&result, f);
fprintf(stderr, "decrypt_finish: %s %s native error %d: %s (%s)\n",
description, apr_crypto_driver_name(driver), result->rc,
result->reason ? result->reason : "",