Apache2
apr_crypto.h
Go to the documentation of this file.
1 /* Licensed to the Apache Software Foundation (ASF) under one or more
2  * contributor license agreements. See the NOTICE file distributed with
3  * this work for additional information regarding copyright ownership.
4  * The ASF licenses this file to You under the Apache License, Version 2.0
5  * (the "License"); you may not use this file except in compliance with
6  * the License. You may obtain a copy of the License at
7  *
8  * http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #ifndef APR_CRYPTO_H
18 #define APR_CRYPTO_H
19 
20 #include "apu.h"
21 #include "apr_pools.h"
22 #include "apr_tables.h"
23 #include "apr_hash.h"
24 #include "apu_errno.h"
25 #include "apr_thread_proc.h"
26 
27 #ifdef __cplusplus
28 extern "C" {
29 #endif
30 
41 #if APU_HAVE_CRYPTO || defined(DOXYGEN)
42 
43 #ifndef APU_CRYPTO_RECOMMENDED_DRIVER
44 #if APU_HAVE_COMMONCRYPTO
46 #define APU_CRYPTO_RECOMMENDED_DRIVER "commoncrypto"
47 #else
48 #if APU_HAVE_OPENSSL
50 #define APU_CRYPTO_RECOMMENDED_DRIVER "openssl"
51 #else
52 #if APU_HAVE_NSS
54 #define APU_CRYPTO_RECOMMENDED_DRIVER "nss"
55 #else
56 #if APU_HAVE_MSCNG
58 #define APU_CRYPTO_RECOMMENDED_DRIVER "mscng"
59 #else
60 #if APU_HAVE_MSCAPI
62 #define APU_CRYPTO_RECOMMENDED_DRIVER "mscapi"
63 #else
64 #endif
65 #endif
66 #endif
67 #endif
68 #endif
69 #endif
70 
115 typedef enum
116 {
123 
127 typedef enum
128 {
134 
138 typedef enum
139 {
148 
160 
164 typedef enum
165 {
170 
177 
183 typedef struct apr_crypto_t apr_crypto_t;
184 
190 
197 typedef struct apr_crypto_key_t apr_crypto_key_t;
198 
207 
214 
222  int keysize;
226  int ivsize;
228 
236 
246 typedef struct apr_crypto_passphrase_t {
248  const char *pass;
252  const unsigned char * salt;
258 
269 typedef struct apr_crypto_secret_t {
273  const unsigned char *secret;
277 
285 typedef struct apr_crypto_key_hash_t {
289 
297 typedef struct apr_crypto_key_hmac_t {
299  const unsigned char *secret;
305 
313 typedef struct apr_crypto_key_cmac_t {
315  const unsigned char *secret;
321 
328 typedef struct apr_crypto_digest_hash_t {
330  unsigned char *s;
336 
343 typedef struct apr_crypto_digest_sign_t {
345  unsigned char *s;
351 
360  unsigned char *s;
364  const unsigned char *v;
370 
375 typedef enum {
407 
412 typedef enum {
434 
442 typedef struct apr_crypto_key_rec_t {
450  int pad;
452  union {
485  } k;
487 
497 typedef struct apr_crypto_digest_rec_t {
501  union {
505  } d;
507 
515 
516 /* TODO: doxygen */
518  const char **version);
520  const char *params,
521  const apu_err_t **result,
522  apr_pool_t *pool);
525 
534  apr_size_t size);
535 
544 
554 APR_DECLARE(int) apr_crypto_equals(const void *buf1, const void *buf2,
555  apr_size_t size);
556 
576  const apr_crypto_driver_t **driver,
577  const char *name, const char *params, const apu_err_t **result,
578  apr_pool_t *pool);
579 
587  const apr_crypto_driver_t *driver);
588 
597  const apr_crypto_t *f);
598 
615  const apr_crypto_driver_t *driver, const char *params,
616  apr_pool_t *pool);
617 
628  const apr_crypto_t *f);
629 
640  const apr_crypto_t *f);
641 
652  const apr_crypto_t *f);
653 
662 
671 
693  const apr_crypto_key_rec_t *rec, const apr_crypto_t *f, apr_pool_t *p);
694 
728  apr_size_t *ivSize, const char *pass, apr_size_t passLen,
729  const unsigned char * salt, apr_size_t saltLen,
730  const apr_crypto_block_key_type_e type,
731  const apr_crypto_block_key_mode_e mode, const int doPad,
732  const int iterations, const apr_crypto_t *f, apr_pool_t *p);
733 
752  apr_crypto_block_t **ctx, const unsigned char **iv,
753  const apr_crypto_key_t *key, apr_size_t *blockSize, apr_pool_t *p);
754 
775  apr_size_t *outlen, const unsigned char *in, apr_size_t inlen,
776  apr_crypto_block_t *ctx);
777 
798  apr_size_t *outlen, apr_crypto_block_t *ctx);
799 
815  apr_crypto_block_t **ctx, apr_size_t *blockSize,
816  const unsigned char *iv, const apr_crypto_key_t *key, apr_pool_t *p);
817 
838  apr_size_t *outlen, const unsigned char *in, apr_size_t inlen,
839  apr_crypto_block_t *ctx);
840 
861  apr_size_t *outlen, apr_crypto_block_t *ctx);
862 
870 
906 
918  const unsigned char *in, apr_size_t inlen);
919 
940 
957  apr_crypto_digest_rec_t *rec, const unsigned char *in, apr_size_t inlen,
958  apr_pool_t *p);
959 
967 
975 
983  const apr_crypto_driver_t *driver);
984 
985 #if APU_HAVE_CRYPTO_PRNG
986 
1007 #define APR_CRYPTO_PRNG_SEED_SIZE 32
1008 
1009 #define APR_CRYPTO_PRNG_LOCKED (0x1)
1010 #define APR_CRYPTO_PRNG_PER_THREAD (0x2)
1011 #define APR_CRYPTO_PRNG_MASK (0x3)
1012 
1014 typedef struct apr_crypto_prng_t apr_crypto_prng_t;
1015 
1031 APR_DECLARE(apr_status_t) apr_crypto_prng_init(apr_pool_t *pool, apr_crypto_t *crypto,
1032  apr_crypto_cipher_e cipher, apr_size_t bufsize, const unsigned char seed[], int flags);
1033 
1039 APR_DECLARE(apr_status_t) apr_crypto_prng_term(void);
1040 
1049 APR_DECLARE(apr_status_t) apr_crypto_random_bytes(void *buf, apr_size_t len);
1050 
1051 #if APR_HAS_THREADS
1062 APR_DECLARE(apr_status_t) apr_crypto_random_thread_bytes(void *buf,
1063  apr_size_t len);
1064 #endif
1065 
1088 APR_DECLARE(apr_status_t) apr_crypto_prng_create(apr_crypto_prng_t **pcprng,
1089  apr_crypto_t *crypto, apr_crypto_cipher_e cipher, apr_size_t bufsize,
1090  int flags, const unsigned char seed[], apr_pool_t *pool);
1091 
1098 APR_DECLARE(apr_status_t) apr_crypto_prng_destroy(apr_crypto_prng_t *cprng);
1099 
1106 APR_DECLARE(apr_status_t) apr_crypto_prng_rekey(apr_crypto_prng_t *cprng);
1107 
1116 APR_DECLARE(apr_status_t) apr_crypto_prng_reseed(apr_crypto_prng_t *cprng,
1117  const unsigned char seed[]);
1118 
1119 #if APR_HAS_FORK
1120 #define APR_CRYPTO_FORK_INPARENT 0
1121 #define APR_CRYPTO_FORK_INCHILD 1
1122 
1133 APR_DECLARE(apr_status_t) apr_crypto_prng_after_fork(apr_crypto_prng_t *cprng,
1134  int flags);
1135 #endif
1136 
1145 APR_DECLARE(apr_status_t) apr_crypto_prng_bytes(apr_crypto_prng_t *cprng,
1146  void *buf, apr_size_t len);
1147 
1148 #endif /* APU_HAVE_CRYPTO_PRNG */
1149 
1150 #endif /* APU_HAVE_CRYPTO */
1151 
1154 #ifdef __cplusplus
1155 }
1156 #endif
1157 
1158 #endif
APR Hash Tables.
APR memory allocation.
APR Table library.
APR Thread and Process Library.
APR-Util Error Codes.
apr_status_t apr_crypto_block_encrypt_finish(unsigned char *out, apr_size_t *outlen, apr_crypto_block_t *ctx)
Encrypt final data block, write it to out.
apr_status_t apr_crypto_get_driver(const apr_crypto_driver_t **driver, const char *name, const char *params, const apu_err_t **result, apr_pool_t *pool)
Get the driver struct for a name.
apr_status_t apr_crypto_block_cleanup(apr_crypto_block_t *ctx)
Clean encryption / decryption context.
apr_status_t apr_crypto_digest_update(apr_crypto_digest_t *digest, const unsigned char *in, apr_size_t inlen)
Update the digest with data provided by in.
apr_status_t apr_crypto_block_encrypt_init(apr_crypto_block_t **ctx, const unsigned char **iv, const apr_crypto_key_t *key, apr_size_t *blockSize, apr_pool_t *p)
Initialise a context for encrypting arbitrary data using the given key.
apr_status_t apr_crypto_make(apr_crypto_t **f, const apr_crypto_driver_t *driver, const char *params, apr_pool_t *pool)
Create a context for supporting encryption. Keys, certificates, algorithms and other parameters will ...
apr_status_t apr_crypto_lib_init(const char *name, const char *params, const apu_err_t **result, apr_pool_t *pool)
struct apr_crypto_key_cmac_t apr_crypto_key_cmac_t
struct apr_crypto_digest_hash_t apr_crypto_digest_hash_t
int apr_crypto_equals(const void *buf1, const void *buf2, apr_size_t size)
Timing attacks safe buffers comparison, where the executing time does not depend on the bytes compare...
struct apr_crypto_key_hmac_t apr_crypto_key_hmac_t
apr_status_t apr_crypto_cleanup(apr_crypto_t *f)
Clean encryption / decryption context.
struct apr_crypto_key_rec_t apr_crypto_key_rec_t
const char * apr_crypto_driver_name(const apr_crypto_driver_t *driver)
Return the name of the driver.
apr_status_t apr_crypto_get_block_key_digests(apr_hash_t **digests, const apr_crypto_t *f)
Get a hash table of key digests, keyed by the name of the digest against a pointer to apr_crypto_bloc...
struct apr_crypto_key_t apr_crypto_key_t
Definition: apr_crypto.h:197
apr_status_t apr_crypto_get_block_key_modes(apr_hash_t **modes, const apr_crypto_t *f)
Get a hash table of key modes, keyed by the name of the mode against a pointer to apr_crypto_block_ke...
struct apr_crypto_digest_verify_t apr_crypto_digest_verify_t
struct apr_crypto_digest_sign_t apr_crypto_digest_sign_t
struct apr_crypto_block_key_digest_t apr_crypto_block_key_digest_t
apr_status_t apr_crypto_shutdown(const apr_crypto_driver_t *driver)
Shutdown the crypto library.
apr_crypto_key_rec_t * apr_crypto_key_rec_make(apr_crypto_key_type ktype, apr_pool_t *p)
Create a key record to be passed to apr_crypto_key().
apr_status_t apr_crypto_get_block_key_types(apr_hash_t **types, const apr_crypto_t *f)
Get a hash table of key types, keyed by the name of the type against a pointer to apr_crypto_block_ke...
struct apr_crypto_secret_t apr_crypto_secret_t
apr_status_t apr_crypto_memzero(void *buffer, apr_size_t size)
Always zero out the buffer provided, without being optimized out by the compiler.
struct apr_crypto_t apr_crypto_t
Definition: apr_crypto.h:183
apr_status_t apr_crypto_lib_term(const char *name)
apr_status_t apr_crypto_clear(apr_pool_t *pool, void *buffer, apr_size_t size)
Zero out the buffer provided when the pool is cleaned up.
apr_status_t apr_crypto_digest_final(apr_crypto_digest_t *digest)
Finalise the digest and write the result.
apr_crypto_digest_rec_t * apr_crypto_digest_rec_make(apr_crypto_digest_type_e dtype, apr_pool_t *p)
Create a digest record to be passed to apr_crypto_digest_init().
apr_status_t apr_crypto_key(apr_crypto_key_t **key, const apr_crypto_key_rec_t *rec, const apr_crypto_t *f, apr_pool_t *p)
Create a key from the provided secret or passphrase. The key is cleaned up when the context is cleane...
struct apr_crypto_driver_t apr_crypto_driver_t
Definition: apr_crypto.h:176
apr_status_t apr_crypto_digest(const apr_crypto_key_t *key, apr_crypto_digest_rec_t *rec, const unsigned char *in, apr_size_t inlen, apr_pool_t *p)
One shot digest on a single memory buffer.
apr_status_t apr_crypto_error(const apu_err_t **result, const apr_crypto_t *f)
Get the result of the last operation on a context. If the result is NULL, the operation was successfu...
apr_status_t apr_crypto_block_encrypt(unsigned char **out, apr_size_t *outlen, const unsigned char *in, apr_size_t inlen, apr_crypto_block_t *ctx)
Encrypt data provided by in, write it to out.
apr_status_t apr_crypto_passphrase(apr_crypto_key_t **key, apr_size_t *ivSize, const char *pass, apr_size_t passLen, const unsigned char *salt, apr_size_t saltLen, const apr_crypto_block_key_type_e type, const apr_crypto_block_key_mode_e mode, const int doPad, const int iterations, const apr_crypto_t *f, apr_pool_t *p)
Create a key from the given passphrase. By default, the PBKDF2 algorithm is used to generate the key ...
apr_crypto_key_type
Definition: apr_crypto.h:375
apr_status_t apr_crypto_lib_version(const char *name, const char **version)
apr_status_t apr_crypto_digest_init(apr_crypto_digest_t **d, const apr_crypto_key_t *key, apr_crypto_digest_rec_t *rec, apr_pool_t *p)
Initialise a context for hashing, signing or verifying arbitrary data.
apr_status_t apr_crypto_digest_cleanup(apr_crypto_digest_t *ctx)
Clean digest context.
apr_crypto_block_key_digest_e
Definition: apr_crypto.h:139
apr_status_t apr_crypto_block_decrypt_init(apr_crypto_block_t **ctx, apr_size_t *blockSize, const unsigned char *iv, const apr_crypto_key_t *key, apr_pool_t *p)
Initialise a context for decrypting arbitrary data using the given key.
apr_crypto_digest_type_e
Definition: apr_crypto.h:412
int apr_crypto_lib_is_active(const char *name)
apr_status_t apr_crypto_block_decrypt_finish(unsigned char *out, apr_size_t *outlen, apr_crypto_block_t *ctx)
Decrypt final data block, write it to out.
apr_crypto_block_key_type_e
Definition: apr_crypto.h:116
apr_status_t apr_crypto_init(apr_pool_t *pool)
Perform once-only initialisation. Call once only.
struct apr_crypto_block_t apr_crypto_block_t
Definition: apr_crypto.h:206
struct apr_crypto_digest_t apr_crypto_digest_t
Definition: apr_crypto.h:213
apr_crypto_block_key_mode_e
Definition: apr_crypto.h:128
struct apr_crypto_config_t apr_crypto_config_t
Definition: apr_crypto.h:189
apr_crypto_cipher_e
Definition: apr_crypto.h:165
struct apr_crypto_block_key_mode_t apr_crypto_block_key_mode_t
struct apr_crypto_passphrase_t apr_crypto_passphrase_t
struct apr_crypto_block_key_type_t apr_crypto_block_key_type_t
struct apr_crypto_key_hash_t apr_crypto_key_hash_t
apr_status_t apr_crypto_block_decrypt(unsigned char **out, apr_size_t *outlen, const unsigned char *in, apr_size_t inlen, apr_crypto_block_t *ctx)
Decrypt data provided by in, write it to out.
struct apr_crypto_digest_rec_t apr_crypto_digest_rec_t
@ APR_CRYPTO_KTYPE_HASH
Definition: apr_crypto.h:393
@ APR_CRYPTO_KTYPE_PASSPHRASE
Definition: apr_crypto.h:381
@ APR_CRYPTO_KTYPE_SECRET
Definition: apr_crypto.h:387
@ APR_CRYPTO_KTYPE_HMAC
Definition: apr_crypto.h:399
@ APR_CRYPTO_KTYPE_CMAC
Definition: apr_crypto.h:405
@ APR_CRYPTO_DIGEST_SHA512
Definition: apr_crypto.h:146
@ APR_CRYPTO_DIGEST_NONE
Definition: apr_crypto.h:140
@ APR_CRYPTO_DIGEST_SHA384
Definition: apr_crypto.h:145
@ APR_CRYPTO_DIGEST_SHA224
Definition: apr_crypto.h:143
@ APR_CRYPTO_DIGEST_SHA256
Definition: apr_crypto.h:144
@ APR_CRYPTO_DIGEST_MD5
Definition: apr_crypto.h:141
@ APR_CRYPTO_DIGEST_SHA1
Definition: apr_crypto.h:142
@ APR_CRYPTO_DTYPE_HASH
Definition: apr_crypto.h:418
@ APR_CRYPTO_DTYPE_SIGN
Definition: apr_crypto.h:425
@ APR_CRYPTO_DTYPE_VERIFY
Definition: apr_crypto.h:432
@ APR_KEY_AES_128
Definition: apr_crypto.h:118
@ APR_KEY_NONE
Definition: apr_crypto.h:117
@ APR_KEY_3DES_192
Definition: apr_crypto.h:117
@ APR_KEY_AES_256
Definition: apr_crypto.h:120
@ APR_KEY_AES_192
Definition: apr_crypto.h:119
@ APR_MODE_CBC
Definition: apr_crypto.h:131
@ APR_MODE_NONE
Definition: apr_crypto.h:129
@ APR_MODE_ECB
Definition: apr_crypto.h:130
@ APR_CRYPTO_CIPHER_AUTO
Definition: apr_crypto.h:166
@ APR_CRYPTO_CIPHER_CHACHA20
Definition: apr_crypto.h:168
@ APR_CRYPTO_CIPHER_AES_256_CTR
Definition: apr_crypto.h:167
dav_resource int dav_locktoken dav_response int flags
Definition: mod_dav.h:1458
dav_buffer apr_size_t size
Definition: mod_dav.h:461
apr_bucket_brigade ap_input_mode_t mode
Definition: mod_dav.h:2662
apr_bucket_brigade request_rec apr_pool_t * pool
Definition: mod_dav.h:557
const char * name
Definition: mod_dav.h:805
int apr_status_t
Definition: apr_errno.h:44
struct apr_hash_t apr_hash_t
Definition: apr_hash.h:52
size_t apr_size_t
Definition: apr.h:394
struct apr_pool_t apr_pool_t
Definition: apr_pools.h:60
#define APR_DECLARE(x)
Definition: macros.h:6
Definition: apr_crypto.h:152
int digestsize
Definition: apr_crypto.h:156
apr_crypto_block_key_digest_e type
Definition: apr_crypto.h:154
int blocksize
Definition: apr_crypto.h:158
Definition: apr_crypto.h:232
apr_crypto_block_key_mode_e mode
Definition: apr_crypto.h:234
Definition: apr_crypto.h:218
apr_crypto_block_key_type_e type
Definition: apr_crypto.h:220
int keysize
Definition: apr_crypto.h:222
int ivsize
Definition: apr_crypto.h:226
int blocksize
Definition: apr_crypto.h:224
Definition: apr_crypto.h:328
unsigned char * s
Definition: apr_crypto.h:330
apr_crypto_block_key_digest_e digest
Definition: apr_crypto.h:334
apr_size_t slen
Definition: apr_crypto.h:332
Definition: apr_crypto.h:497
apr_crypto_digest_hash_t hash
Definition: apr_crypto.h:502
apr_crypto_digest_type_e dtype
Definition: apr_crypto.h:499
apr_crypto_digest_sign_t sign
Definition: apr_crypto.h:503
apr_crypto_digest_verify_t verify
Definition: apr_crypto.h:504
union apr_crypto_digest_rec_t::@15 d
Definition: apr_crypto.h:343
unsigned char * s
Definition: apr_crypto.h:345
apr_size_t slen
Definition: apr_crypto.h:347
apr_crypto_block_key_digest_e digest
Definition: apr_crypto.h:349
Definition: apr_crypto.h:358
const unsigned char * v
Definition: apr_crypto.h:364
apr_size_t slen
Definition: apr_crypto.h:362
unsigned char * s
Definition: apr_crypto.h:360
apr_size_t vlen
Definition: apr_crypto.h:366
apr_crypto_block_key_digest_e digest
Definition: apr_crypto.h:368
Definition: apr_crypto.h:313
const unsigned char * secret
Definition: apr_crypto.h:315
apr_size_t secretLen
Definition: apr_crypto.h:317
apr_crypto_block_key_digest_e digest
Definition: apr_crypto.h:319
Definition: apr_crypto.h:285
apr_crypto_block_key_digest_e digest
Definition: apr_crypto.h:287
Definition: apr_crypto.h:297
apr_crypto_block_key_digest_e digest
Definition: apr_crypto.h:303
const unsigned char * secret
Definition: apr_crypto.h:299
apr_size_t secretLen
Definition: apr_crypto.h:301
Definition: apr_crypto.h:442
int pad
Definition: apr_crypto.h:450
apr_crypto_key_hash_t hash
Definition: apr_crypto.h:472
apr_crypto_key_type ktype
Definition: apr_crypto.h:444
apr_crypto_secret_t secret
Definition: apr_crypto.h:466
apr_crypto_key_hmac_t hmac
Definition: apr_crypto.h:478
apr_crypto_block_key_mode_e mode
Definition: apr_crypto.h:448
apr_crypto_block_key_type_e type
Definition: apr_crypto.h:446
apr_crypto_key_cmac_t cmac
Definition: apr_crypto.h:484
apr_crypto_passphrase_t passphrase
Definition: apr_crypto.h:459
union apr_crypto_key_rec_t::@14 k
Definition: apr_crypto.h:246
apr_size_t saltLen
Definition: apr_crypto.h:254
int iterations
Definition: apr_crypto.h:256
const unsigned char * salt
Definition: apr_crypto.h:252
const char * pass
Definition: apr_crypto.h:248
apr_size_t passLen
Definition: apr_crypto.h:250
Definition: apr_crypto.h:269
apr_size_t secretLen
Definition: apr_crypto.h:275
const unsigned char * secret
Definition: apr_crypto.h:273
Definition: apu_errno.h:169
apr_pool_t * p