Apache Portable Runtime
Data Fields
apr_crypto_driver_t Struct Reference

Data Fields

const char * name
apr_status_t(* init )(apr_pool_t *pool, const char *params, const apu_err_t **result)
 : allow driver to perform once-only initialisation. Called once only.
apr_status_t(* make )(apr_crypto_t **f, const apr_crypto_driver_t *provider, const char *params, apr_pool_t *pool)
 Create a context for supporting encryption. Keys, certificates, algorithms and other parameters will be set per context. More than one context can be created at one time. A cleanup will be automatically registered with the given pool to guarantee a graceful shutdown.
apr_status_t(* get_block_key_types )(apr_hash_t **types, const apr_crypto_t *f)
 Get a hash table of key types, keyed by the name of the type against an integer pointer constant.
apr_status_t(* get_block_key_modes )(apr_hash_t **modes, const apr_crypto_t *f)
 Get a hash table of key modes, keyed by the name of the mode against an integer pointer constant.
apr_status_t(* passphrase )(apr_crypto_key_t **key, apr_size_t *ivSize, const char *pass, apr_size_t passLen, const unsigned char *salt, apr_size_t saltLen, const apr_crypto_block_key_type_e type, const apr_crypto_block_key_mode_e mode, const int doPad, const int iterations, const apr_crypto_t *f, apr_pool_t *p)
 Create a key from the given passphrase. By default, the PBKDF2 algorithm is used to generate the key from the passphrase. It is expected that the same pass phrase will generate the same key, regardless of the backend crypto platform used. The key is cleaned up when the context is cleaned, and may be reused with multiple encryption or decryption operations.
apr_status_t(* block_encrypt_init )(apr_crypto_block_t **ctx, const unsigned char **iv, const apr_crypto_key_t *key, apr_size_t *blockSize, apr_pool_t *p)
 Initialise a context for encrypting arbitrary data using the given key.
apr_status_t(* block_encrypt )(unsigned char **out, apr_size_t *outlen, const unsigned char *in, apr_size_t inlen, apr_crypto_block_t *ctx)
 Encrypt data provided by in, write it to out.
apr_status_t(* block_encrypt_finish )(unsigned char *out, apr_size_t *outlen, apr_crypto_block_t *ctx)
 Encrypt final data block, write it to out.
apr_status_t(* block_decrypt_init )(apr_crypto_block_t **ctx, apr_size_t *blockSize, const unsigned char *iv, const apr_crypto_key_t *key, apr_pool_t *p)
 Initialise a context for decrypting arbitrary data using the given key.
apr_status_t(* block_decrypt )(unsigned char **out, apr_size_t *outlen, const unsigned char *in, apr_size_t inlen, apr_crypto_block_t *ctx)
 Decrypt data provided by in, write it to out.
apr_status_t(* block_decrypt_finish )(unsigned char *out, apr_size_t *outlen, apr_crypto_block_t *ctx)
 Decrypt final data block, write it to out.
apr_status_t(* block_cleanup )(apr_crypto_block_t *ctx)
 Clean encryption / decryption context.
apr_status_t(* cleanup )(apr_crypto_t *f)
 Clean encryption / decryption context.
apr_status_t(* shutdown )(void)
 Clean encryption / decryption context.
apr_status_t(* error )(const apu_err_t **result, const apr_crypto_t *f)
 : fetch the most recent error from this driver.

Field Documentation

apr_status_t(* apr_crypto_driver_t::block_cleanup)(apr_crypto_block_t *ctx)

Clean encryption / decryption context.

Note:
After cleanup, a context is free to be reused if necessary.
Parameters:
ctxThe block context to use.
Returns:
Returns APR_ENOTIMPL if not supported.
apr_status_t(* apr_crypto_driver_t::block_decrypt)(unsigned char **out, apr_size_t *outlen, const unsigned char *in, apr_size_t inlen, apr_crypto_block_t *ctx)

Decrypt data provided by in, write it to out.

Note:
The number of bytes written will be written to outlen. If out is NULL, outlen will contain the maximum size of the buffer needed to hold the data, including any data generated by apr_crypto_block_decrypt_finish below. If *out points to NULL, a buffer sufficiently large will be created from the pool provided. If *out points to a not-NULL value, this value will be used as a buffer instead.
Parameters:
outAddress of a buffer to which data will be written, see note.
outlenLength of the output will be written here.
inAddress of the buffer to read.
inlenLength of the buffer to read.
ctxThe block context to use.
Returns:
APR_ECRYPT if an error occurred. Returns APR_ENOTIMPL if not implemented.
apr_status_t(* apr_crypto_driver_t::block_decrypt_finish)(unsigned char *out, apr_size_t *outlen, apr_crypto_block_t *ctx)

Decrypt final data block, write it to out.

Note:
If necessary the final block will be written out after being padded. Typically the final block will be written to the same buffer used by apr_crypto_block_decrypt, offset by the number of bytes returned as actually written by the apr_crypto_block_decrypt() call. After this call, the context is cleaned and can be reused by apr_crypto_block_decrypt_init().
Parameters:
outAddress of a buffer to which data will be written. This buffer must already exist, and is usually the same buffer used by apr_evp_crypt(). See note.
outlenLength of the output will be written here.
ctxThe block context to use.
Returns:
APR_ECRYPT if an error occurred.
APR_EPADDING if padding was enabled and the block was incorrectly formatted.
APR_ENOTIMPL if not implemented.
apr_status_t(* apr_crypto_driver_t::block_decrypt_init)(apr_crypto_block_t **ctx, apr_size_t *blockSize, const unsigned char *iv, const apr_crypto_key_t *key, apr_pool_t *p)

Initialise a context for decrypting arbitrary data using the given key.

Note:
If *ctx is NULL, a apr_crypto_block_t will be created from a pool. If *ctx is not NULL, *ctx must point at a previously created structure.
Parameters:
ctxThe block context returned, see note.
blockSizeThe block size of the cipher.
ivOptional initialisation vector. If the buffer pointed to is NULL, an IV will be created at random, in space allocated from the pool. If the buffer is not NULL, the IV in the buffer will be used.
keyThe key structure.
pThe pool to use.
Returns:
Returns APR_ENOIV if an initialisation vector is required but not specified. Returns APR_EINIT if the backend failed to initialise the context. Returns APR_ENOTIMPL if not implemented.
apr_status_t(* apr_crypto_driver_t::block_encrypt)(unsigned char **out, apr_size_t *outlen, const unsigned char *in, apr_size_t inlen, apr_crypto_block_t *ctx)

Encrypt data provided by in, write it to out.

Note:
The number of bytes written will be written to outlen. If out is NULL, outlen will contain the maximum size of the buffer needed to hold the data, including any data generated by apr_crypto_block_encrypt_finish below. If *out points to NULL, a buffer sufficiently large will be created from the pool provided. If *out points to a not-NULL value, this value will be used as a buffer instead.
Parameters:
outAddress of a buffer to which data will be written, see note.
outlenLength of the output will be written here.
inAddress of the buffer to read.
inlenLength of the buffer to read.
ctxThe block context to use.
Returns:
APR_ECRYPT if an error occurred. Returns APR_ENOTIMPL if not implemented.
apr_status_t(* apr_crypto_driver_t::block_encrypt_finish)(unsigned char *out, apr_size_t *outlen, apr_crypto_block_t *ctx)

Encrypt final data block, write it to out.

Note:
If necessary the final block will be written out after being padded. Typically the final block will be written to the same buffer used by apr_crypto_block_encrypt, offset by the number of bytes returned as actually written by the apr_crypto_block_encrypt() call. After this call, the context is cleaned and can be reused by apr_crypto_block_encrypt_init().
Parameters:
outAddress of a buffer to which data will be written. This buffer must already exist, and is usually the same buffer used by apr_evp_crypt(). See note.
outlenLength of the output will be written here.
ctxThe block context to use.
Returns:
APR_ECRYPT if an error occurred.
APR_EPADDING if padding was enabled and the block was incorrectly formatted.
APR_ENOTIMPL if not implemented.
apr_status_t(* apr_crypto_driver_t::block_encrypt_init)(apr_crypto_block_t **ctx, const unsigned char **iv, const apr_crypto_key_t *key, apr_size_t *blockSize, apr_pool_t *p)

Initialise a context for encrypting arbitrary data using the given key.

Note:
If *ctx is NULL, a apr_crypto_block_t will be created from a pool. If *ctx is not NULL, *ctx must point at a previously created structure.
Parameters:
ctxThe block context returned, see note.
ivOptional initialisation vector. If the buffer pointed to is NULL, an IV will be created at random, in space allocated from the pool. If the buffer pointed to is not NULL, the IV in the buffer will be used.
keyThe key structure.
blockSizeThe block size of the cipher.
pThe pool to use.
Returns:
Returns APR_ENOIV if an initialisation vector is required but not specified. Returns APR_EINIT if the backend failed to initialise the context. Returns APR_ENOTIMPL if not implemented.

Clean encryption / decryption context.

Note:
After cleanup, a context is free to be reused if necessary.
Parameters:
fThe context to use.
Returns:
Returns APR_ENOTIMPL if not supported.
apr_status_t(* apr_crypto_driver_t::error)(const apu_err_t **result, const apr_crypto_t *f)

: fetch the most recent error from this driver.

Parameters:
result- the result structure
f- context pointer
Returns:
APR_SUCCESS for success.

Get a hash table of key modes, keyed by the name of the mode against an integer pointer constant.

Parameters:
modes- hashtable of key modes keyed to constants.
f- encryption context
Returns:
APR_SUCCESS for success

Get a hash table of key types, keyed by the name of the type against an integer pointer constant.

Parameters:
types- hashtable of key types keyed to constants.
f- encryption context
Returns:
APR_SUCCESS for success
apr_status_t(* apr_crypto_driver_t::init)(apr_pool_t *pool, const char *params, const apu_err_t **result)

: allow driver to perform once-only initialisation. Called once only.

Parameters:
poolThe pool to register the cleanup in.
paramsOptional init parameter string.
rcDriver-specific additional error code
apr_status_t(* apr_crypto_driver_t::make)(apr_crypto_t **f, const apr_crypto_driver_t *provider, const char *params, apr_pool_t *pool)

Create a context for supporting encryption. Keys, certificates, algorithms and other parameters will be set per context. More than one context can be created at one time. A cleanup will be automatically registered with the given pool to guarantee a graceful shutdown.

Parameters:
f- context pointer will be written here
provider- provider to use
params- array of key parameters
pool- process pool
Returns:
APR_ENOENGINE when the engine specified does not exist. APR_EINITENGINE if the engine cannot be initialised.

name

apr_status_t(* apr_crypto_driver_t::passphrase)(apr_crypto_key_t **key, apr_size_t *ivSize, const char *pass, apr_size_t passLen, const unsigned char *salt, apr_size_t saltLen, const apr_crypto_block_key_type_e type, const apr_crypto_block_key_mode_e mode, const int doPad, const int iterations, const apr_crypto_t *f, apr_pool_t *p)

Create a key from the given passphrase. By default, the PBKDF2 algorithm is used to generate the key from the passphrase. It is expected that the same pass phrase will generate the same key, regardless of the backend crypto platform used. The key is cleaned up when the context is cleaned, and may be reused with multiple encryption or decryption operations.

Note:
If *key is NULL, a apr_crypto_key_t will be created from a pool. If *key is not NULL, *key must point at a previously created structure.
Parameters:
keyThe key returned, see note.
ivSizeThe size of the initialisation vector will be returned, based on whether an IV is relevant for this type of crypto.
passThe passphrase to use.
passLenThe passphrase length in bytes
saltThe salt to use.
saltLenThe salt length in bytes
type3DES_192, AES_128, AES_192, AES_256.
modeElectronic Code Book / Cipher Block Chaining.
doPadPad if necessary.
iterationsIteration count
fThe context to use.
pThe pool to use.
Returns:
Returns APR_ENOKEY if the pass phrase is missing or empty, or if a backend error occurred while generating the key. APR_ENOCIPHER if the type or mode is not supported by the particular backend. APR_EKEYTYPE if the key type is not known. APR_EPADDING if padding was requested but is not supported. APR_ENOTIMPL if not implemented.

Clean encryption / decryption context.

Note:
After cleanup, a context is free to be reused if necessary.
Returns:
Returns APR_ENOTIMPL if not supported.

The documentation for this struct was generated from the following file:
 All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Defines