apr-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From minf...@apache.org
Subject svn commit: r1103258 - in /apr/apr/trunk: crypto/apr_crypto.c crypto/apr_crypto_nss.c crypto/apr_crypto_openssl.c include/apr_crypto.h include/private/apr_crypto_internal.h test/testcrypto.c
Date Sun, 15 May 2011 00:40:43 GMT
Author: minfrin
Date: Sun May 15 00:40:42 2011
New Revision: 1103258

URL: http://svn.apache.org/viewvc?rev=1103258&view=rev
Log:
Reorder parameters. No functional change.

Modified:
    apr/apr/trunk/crypto/apr_crypto.c
    apr/apr/trunk/crypto/apr_crypto_nss.c
    apr/apr/trunk/crypto/apr_crypto_openssl.c
    apr/apr/trunk/include/apr_crypto.h
    apr/apr/trunk/include/private/apr_crypto_internal.h
    apr/apr/trunk/test/testcrypto.c

Modified: apr/apr/trunk/crypto/apr_crypto.c
URL: http://svn.apache.org/viewvc/apr/apr/trunk/crypto/apr_crypto.c?rev=1103258&r1=1103257&r2=1103258&view=diff
==============================================================================
--- apr/apr/trunk/crypto/apr_crypto.c (original)
+++ apr/apr/trunk/crypto/apr_crypto.c Sun May 15 00:40:42 2011
@@ -105,9 +105,9 @@ APR_DECLARE(apr_status_t) apr_crypto_ini
     return ret;
 }
 
-APR_DECLARE(apr_status_t) apr_crypto_get_driver(apr_pool_t *pool, const char *name,
-        const apr_crypto_driver_t **driver, const apr_array_header_t *params,
-        const apu_err_t **result) {
+APR_DECLARE(apr_status_t) apr_crypto_get_driver(const apr_crypto_driver_t **driver,
+        const char *name, const apr_array_header_t *params, const apu_err_t **result,
+        apr_pool_t *pool) {
 #if APR_HAVE_MODULAR_DSO
     char modname[32];
     char symname[34];
@@ -185,8 +185,8 @@ APR_DECLARE(apr_status_t) apr_crypto_get
 /**
  * @brief Return the name of the driver.
  *
- * @param pool - pool to register any shutdown cleanups, etc
- * @return APR_SUCCESS for success.
+ * @param driver - The driver in use.
+ * @return The name of the driver.
  */
 APR_DECLARE(const char *)apr_crypto_driver_name (const apr_crypto_driver_t *driver)
 {
@@ -196,25 +196,30 @@ APR_DECLARE(const char *)apr_crypto_driv
 /**
  * @brief Get the result of the last operation on a context. If the result
  *        is NULL, the operation was successful.
- * @param f - context pointer
  * @param result - the result structure
+ * @param f - context pointer
  * @return APR_SUCCESS for success
  */
-APR_DECLARE(apr_status_t) apr_crypto_error(
-        const apr_crypto_t *f, const apu_err_t **result) {
-    return f->provider->error(f, result);
+APR_DECLARE(apr_status_t) apr_crypto_error(const apu_err_t **result,
+        const apr_crypto_t *f) {
+    return f->provider->error(result, f);
 }
 
 /**
- * @brief Create a general encryption context
+ * @brief Create a context for supporting encryption. Keys, certificates,
+ *        algorithms and other parameters will be set per context. More than
+ *        one context can be created at one time. A cleanup will be automatically
+ *        registered with the given pool to guarantee a graceful shutdown.
+ * @param f - context pointer will be written here
  * @param driver - driver to use
- * @param pool - process pool
  * @param params - array of key parameters
- * @param f - context pointer will be written here
+ * @param pool - process pool
+ * @return APR_ENOENGINE when the engine specified does not exist. APR_EINITENGINE
+ * if the engine cannot be initialised.
  */
-APR_DECLARE(apr_status_t) apr_crypto_make(const apr_crypto_driver_t *driver,
-        apr_pool_t *pool, const apr_array_header_t *params, apr_crypto_t **f) {
-    return driver->make(pool, driver, params, f);
+APR_DECLARE(apr_status_t) apr_crypto_make(apr_crypto_t **f, const apr_crypto_driver_t *driver,
+        const apr_array_header_t *params, apr_pool_t *pool) {
+    return driver->make(f, driver, params, pool);
 }
 
 /**
@@ -226,9 +231,9 @@ APR_DECLARE(apr_status_t) apr_crypto_mak
  *        operations.
  * @note If *key is NULL, a apr_crypto_key_t will be created from a pool. If
  *       *key is not NULL, *key must point at a previously created structure.
- * @param driver - driver to use
- * @param p The pool to use.
- * @param f The context to use.
+ * @param key The key returned, see note.
+ * @param ivSize The size of the initialisation vector will be returned, based
+ *               on whether an IV is relevant for this type of crypto.
  * @param pass The passphrase to use.
  * @param passLen The passphrase length in bytes
  * @param salt The salt to use.
@@ -236,47 +241,49 @@ APR_DECLARE(apr_status_t) apr_crypto_mak
  * @param type 3DES_192, AES_128, AES_192, AES_256.
  * @param mode Electronic Code Book / Cipher Block Chaining.
  * @param doPad Pad if necessary.
- * @param key The key returned, see note.
- * @param ivSize The size of the initialisation vector will be returned, based
- *               on whether an IV is relevant for this type of crypto.
+ * @param iterations Number of iterations to use in algorithm
+ * @param f The context to use.
+ * @param p The pool to use.
  * @return Returns APR_ENOKEY if the pass phrase is missing or empty, or if a backend
  *         error occurred while generating the key. APR_ENOCIPHER if the type or mode
  *         is not supported by the particular backend. APR_EKEYTYPE if the key type is
  *         not known. APR_EPADDING if padding was requested but is not supported.
  *         APR_ENOTIMPL if not implemented.
  */
-APR_DECLARE(apr_status_t) apr_crypto_passphrase(apr_pool_t *p, const apr_crypto_t *f,
-        const char *pass, apr_size_t passLen, const unsigned char * salt,
-        apr_size_t saltLen, const apr_crypto_block_key_type_e type,
+APR_DECLARE(apr_status_t) apr_crypto_passphrase(apr_crypto_key_t **key,
+        apr_size_t *ivSize, const char *pass, apr_size_t passLen,
+        const unsigned char * salt, apr_size_t saltLen,
+        const apr_crypto_block_key_type_e type,
         const apr_crypto_block_key_mode_e mode, const int doPad,
-        const int iterations, apr_crypto_key_t **key, apr_size_t *ivSize) {
-    return f->provider->passphrase(p, f, pass, passLen, salt, saltLen, type, mode,
-            doPad, iterations, key, ivSize);
+        const int iterations, const apr_crypto_t *f, apr_pool_t *p)
+{
+    return f->provider->passphrase(key, ivSize, pass, passLen, salt, saltLen,
+            type, mode, doPad, iterations, f, p);
 }
 
 /**
  * @brief Initialise a context for encrypting arbitrary data using the given key.
  * @note If *ctx is NULL, a apr_crypto_block_t will be created from a pool. If
  *       *ctx is not NULL, *ctx must point at a previously created structure.
- * @param driver - driver to use
- * @param p The pool to use.
- * @param f The block context to use.
- * @param key The key structure to use.
+ * @param ctx The block context returned, see note.
  * @param iv Optional initialisation vector. If the buffer pointed to is NULL,
  *           an IV will be created at random, in space allocated from the pool.
  *           If the buffer pointed to is not NULL, the IV in the buffer will be
  *           used.
- * @param ctx The block context returned, see note.
+ * @param key The key structure to use.
  * @param blockSize The block size of the cipher.
+ * @param f The block context to use.
+ * @param p The pool to use.
  * @return Returns APR_ENOIV if an initialisation vector is required but not specified.
  *         Returns APR_EINIT if the backend failed to initialise the context. Returns
  *         APR_ENOTIMPL if not implemented.
  */
-APR_DECLARE(apr_status_t) apr_crypto_block_encrypt_init(apr_pool_t *p,
-        const apr_crypto_t *f, const apr_crypto_key_t *key,
-        const unsigned char **iv, apr_crypto_block_t **ctx,
-        apr_size_t *blockSize) {
-    return f->provider->block_encrypt_init(p, f, key, iv, ctx, blockSize);
+APR_DECLARE(apr_status_t) apr_crypto_block_encrypt_init(
+        apr_crypto_block_t **ctx, const unsigned char **iv,
+        const apr_crypto_key_t *key, apr_size_t *blockSize,
+        const apr_crypto_t *f, apr_pool_t *p)
+{
+    return f->provider->block_encrypt_init(ctx, iv, key, blockSize, f, p);
 }
 
 /**
@@ -288,21 +295,21 @@ APR_DECLARE(apr_status_t) apr_crypto_blo
  *       to NULL, a buffer sufficiently large will be created from
  *       the pool provided. If *out points to a not-NULL value, this
  *       value will be used as a buffer instead.
- * @param driver - driver to use
- * @param ctx The block context to use.
  * @param out Address of a buffer to which data will be written,
  *        see note.
  * @param outlen Length of the output will be written here.
  * @param in Address of the buffer to read.
  * @param inlen Length of the buffer to read.
+ * @param f The block context to use.
+ * @param ctx The block context to use.
  * @return APR_ECRYPT if an error occurred. Returns APR_ENOTIMPL if
  *         not implemented.
  */
-APR_DECLARE(apr_status_t) apr_crypto_block_encrypt(
-        const apr_crypto_t *f, apr_crypto_block_t *ctx,
-        unsigned char **out, apr_size_t *outlen, const unsigned char *in,
-        apr_size_t inlen) {
-    return f->provider->block_encrypt(ctx, out, outlen, in, inlen);
+APR_DECLARE(apr_status_t) apr_crypto_block_encrypt(unsigned char **out,
+        apr_size_t *outlen, const unsigned char *in, apr_size_t inlen,
+        const apr_crypto_t *f, apr_crypto_block_t *ctx)
+{
+    return f->provider->block_encrypt(out, outlen, in, inlen, ctx);
 }
 
 /**
@@ -313,43 +320,43 @@ APR_DECLARE(apr_status_t) apr_crypto_blo
  *       number of bytes returned as actually written by the
  *       apr_crypto_block_encrypt() call. After this call, the context
  *       is cleaned and can be reused by apr_crypto_block_encrypt_init().
- * @param driver - driver to use
- * @param ctx The block context to use.
  * @param out Address of a buffer to which data will be written. This
  *            buffer must already exist, and is usually the same
  *            buffer used by apr_evp_crypt(). See note.
  * @param outlen Length of the output will be written here.
+ * @param f The block context to use.
+ * @param ctx The block context to use.
  * @return APR_ECRYPT if an error occurred.
  * @return APR_EPADDING if padding was enabled and the block was incorrectly
  *         formatted.
  * @return APR_ENOTIMPL if not implemented.
  */
-APR_DECLARE(apr_status_t) apr_crypto_block_encrypt_finish(
-        const apr_crypto_t *f, apr_crypto_block_t *ctx,
-        unsigned char *out, apr_size_t *outlen) {
-    return f->provider->block_encrypt_finish(ctx, out, outlen);
+APR_DECLARE(apr_status_t) apr_crypto_block_encrypt_finish(unsigned char *out,
+        apr_size_t *outlen, const apr_crypto_t *f, apr_crypto_block_t *ctx)
+{
+    return f->provider->block_encrypt_finish(out, outlen, ctx);
 }
 
 /**
  * @brief Initialise a context for decrypting arbitrary data using the given key.
  * @note If *ctx is NULL, a apr_crypto_block_t will be created from a pool. If
  *       *ctx is not NULL, *ctx must point at a previously created structure.
- * @param driver - driver to use
- * @param p The pool to use.
- * @param f The block context to use.
- * @param key The key structure to use.
- * @param iv Optional initialisation vector.
  * @param ctx The block context returned, see note.
  * @param blockSize The block size of the cipher.
+ * @param iv Optional initialisation vector.
+ * @param key The key structure to use.
+ * @param f The block context to use.
+ * @param p The pool to use.
  * @return Returns APR_ENOIV if an initialisation vector is required but not specified.
  *         Returns APR_EINIT if the backend failed to initialise the context. Returns
  *         APR_ENOTIMPL if not implemented.
  */
-APR_DECLARE(apr_status_t) apr_crypto_block_decrypt_init(apr_pool_t *p,
-        const apr_crypto_t *f, const apr_crypto_key_t *key,
-        const unsigned char *iv, apr_crypto_block_t **ctx,
-        apr_size_t *blockSize) {
-    return f->provider->block_decrypt_init(p, f, key, iv, ctx, blockSize);
+APR_DECLARE(apr_status_t) apr_crypto_block_decrypt_init(
+        apr_crypto_block_t **ctx, apr_size_t *blockSize,
+        const unsigned char *iv, const apr_crypto_key_t *key,
+        const apr_crypto_t *f, apr_pool_t *p)
+{
+    return f->provider->block_decrypt_init(ctx, blockSize, iv, key, f, p);
 }
 
 /**
@@ -361,21 +368,21 @@ APR_DECLARE(apr_status_t) apr_crypto_blo
  *       to NULL, a buffer sufficiently large will be created from
  *       the pool provided. If *out points to a not-NULL value, this
  *       value will be used as a buffer instead.
- * @param driver - driver to use
- * @param ctx The block context to use.
  * @param out Address of a buffer to which data will be written,
  *        see note.
  * @param outlen Length of the output will be written here.
  * @param in Address of the buffer to read.
  * @param inlen Length of the buffer to read.
+ * @param f The block context to use.
+ * @param ctx The block context to use.
  * @return APR_ECRYPT if an error occurred. Returns APR_ENOTIMPL if
  *         not implemented.
  */
-APR_DECLARE(apr_status_t) apr_crypto_block_decrypt(
-        const apr_crypto_t *f, apr_crypto_block_t *ctx,
-        unsigned char **out, apr_size_t *outlen, const unsigned char *in,
-        apr_size_t inlen) {
-    return f->provider->block_decrypt(ctx, out, outlen, in, inlen);
+APR_DECLARE(apr_status_t) apr_crypto_block_decrypt(unsigned char **out,
+        apr_size_t *outlen, const unsigned char *in, apr_size_t inlen,
+        const apr_crypto_t *f, apr_crypto_block_t *ctx)
+{
+    return f->provider->block_decrypt(out, outlen, in, inlen, ctx);
 }
 
 /**
@@ -386,27 +393,27 @@ APR_DECLARE(apr_status_t) apr_crypto_blo
  *       number of bytes returned as actually written by the
  *       apr_crypto_block_decrypt() call. After this call, the context
  *       is cleaned and can be reused by apr_crypto_block_decrypt_init().
- * @param driver - driver to use
- * @param ctx The block context to use.
  * @param out Address of a buffer to which data will be written. This
  *            buffer must already exist, and is usually the same
  *            buffer used by apr_evp_crypt(). See note.
  * @param outlen Length of the output will be written here.
+ * @param f The block context to use.
+ * @param ctx The block context to use.
  * @return APR_ECRYPT if an error occurred.
  * @return APR_EPADDING if padding was enabled and the block was incorrectly
  *         formatted.
  * @return APR_ENOTIMPL if not implemented.
  */
-APR_DECLARE(apr_status_t) apr_crypto_block_decrypt_finish(
-        const apr_crypto_t *f, apr_crypto_block_t *ctx,
-        unsigned char *out, apr_size_t *outlen) {
-    return f->provider->block_decrypt_finish(ctx, out, outlen);
+APR_DECLARE(apr_status_t) apr_crypto_block_decrypt_finish(unsigned char *out,
+        apr_size_t *outlen, const apr_crypto_t *f, apr_crypto_block_t *ctx)
+{
+    return f->provider->block_decrypt_finish(out, outlen, ctx);
 }
 
 /**
  * @brief Clean encryption / decryption context.
  * @note After cleanup, a context is free to be reused if necessary.
- * @param driver - driver to use
+ * @param f The block context to use.
  * @param ctx The block context to use.
  * @return Returns APR_ENOTIMPL if not supported.
  */
@@ -418,7 +425,6 @@ APR_DECLARE(apr_status_t) apr_crypto_blo
 /**
  * @brief Clean encryption / decryption context.
  * @note After cleanup, a context is free to be reused if necessary.
- * @param driver - driver to use
  * @param f The context to use.
  * @return Returns APR_ENOTIMPL if not supported.
  */

Modified: apr/apr/trunk/crypto/apr_crypto_nss.c
URL: http://svn.apache.org/viewvc/apr/apr/trunk/crypto/apr_crypto_nss.c?rev=1103258&r1=1103257&r2=1103258&view=diff
==============================================================================
--- apr/apr/trunk/crypto/apr_crypto_nss.c (original)
+++ apr/apr/trunk/crypto/apr_crypto_nss.c Sun May 15 00:40:42 2011
@@ -74,7 +74,7 @@ struct apr_crypto_block_t {
 /**
  * Fetch the most recent error from this driver.
  */
-static apr_status_t crypto_error(const apr_crypto_t *f, const apu_err_t **result) {
+static apr_status_t crypto_error(const apu_err_t **result, const apr_crypto_t *f) {
     *result = f->result;
     return APR_SUCCESS;
 }
@@ -166,7 +166,7 @@ static apr_status_t crypto_init(apr_pool
 /**
  * @brief Clean encryption / decryption context.
  * @note After cleanup, a context is free to be reused if necessary.
- * @param block The block context to use.
+ * @param f The context to use.
  * @return Returns APR_ENOTIMPL if not supported.
  */
 static apr_status_t crypto_block_cleanup(apr_crypto_block_t *block)
@@ -218,16 +218,15 @@ static apr_status_t crypto_cleanup_helpe
  *        algorithms and other parameters will be set per context. More than
  *        one context can be created at one time. A cleanup will be automatically
  *        registered with the given pool to guarantee a graceful shutdown.
- * @param pool - process pool
+ * @param f - context pointer will be written here
  * @param provider - provider to use
  * @param params - array of key parameters
- * @param ff - context pointer will be written here
+ * @param pool - process pool
  * @return APR_ENOENGINE when the engine specified does not exist. APR_EINITENGINE
  * if the engine cannot be initialised.
  */
-static apr_status_t crypto_make(apr_pool_t *pool, const apr_crypto_driver_t *provider,
-                                const apr_array_header_t *params,
-                                apr_crypto_t **ff)
+static apr_status_t crypto_make(apr_crypto_t **ff, const apr_crypto_driver_t *provider,
+        const apr_array_header_t *params, apr_pool_t *pool)
 {
     apr_crypto_config_t *config = NULL;
     /* struct apr_crypto_param_t *ents = params ? (struct apr_crypto_param_t *)params->elts : NULL; */
@@ -282,8 +281,9 @@ static apr_status_t crypto_make(apr_pool
  *        operations.
  * @note If *key is NULL, a apr_crypto_key_t will be created from a pool. If
  *       *key is not NULL, *key must point at a previously created structure.
- * @param p The pool to use.
- * @param f The context to use.
+ * @param key The key returned, see note.
+ * @param ivSize The size of the initialisation vector will be returned, based
+ *               on whether an IV is relevant for this type of crypto.
  * @param pass The passphrase to use.
  * @param passLen The passphrase length in bytes
  * @param salt The salt to use.
@@ -292,27 +292,19 @@ static apr_status_t crypto_make(apr_pool
  * @param mode Electronic Code Book / Cipher Block Chaining.
  * @param doPad Pad if necessary.
  * @param iterations Iteration count
- * @param key The key returned, see note.
- * @param ivSize The size of the initialisation vector will be returned, based
- *               on whether an IV is relevant for this type of crypto.
+ * @param f The context to use.
+ * @param p The pool to use.
  * @return Returns APR_ENOKEY if the pass phrase is missing or empty, or if a backend
  *         error occurred while generating the key. APR_ENOCIPHER if the type or mode
  *         is not supported by the particular backend. APR_EKEYTYPE if the key type is
  *         not known. APR_EPADDING if padding was requested but is not supported.
  *         APR_ENOTIMPL if not implemented.
  */
-static apr_status_t crypto_passphrase(apr_pool_t *p,
-                                      const apr_crypto_t *f,
-                                      const char *pass,
-                                      apr_size_t passLen,
-                                      const unsigned char * salt,
-                                      apr_size_t saltLen,
-                                      const apr_crypto_block_key_type_e type,
-                                      const apr_crypto_block_key_mode_e mode,
-                                      const int doPad,
-                                      const int iterations,
-                                      apr_crypto_key_t **k,
-                                      apr_size_t *ivSize)
+static apr_status_t crypto_passphrase(apr_crypto_key_t **k, apr_size_t *ivSize,
+        const char *pass, apr_size_t passLen, const unsigned char * salt,
+        apr_size_t saltLen, const apr_crypto_block_key_type_e type,
+        const apr_crypto_block_key_mode_e mode, const int doPad,
+        const int iterations, const apr_crypto_t *f, apr_pool_t *p)
 {
     apr_status_t rv = APR_SUCCESS;
     PK11SlotInfo * slot;
@@ -424,25 +416,22 @@ static apr_status_t crypto_passphrase(ap
  * @brief Initialise a context for encrypting arbitrary data using the given key.
  * @note If *ctx is NULL, a apr_crypto_block_t will be created from a pool. If
  *       *ctx is not NULL, *ctx must point at a previously created structure.
- * @param p The pool to use.
- * @param f The block context to use.
- * @param key The key structure.
+ * @param ctx The block context returned, see note.
  * @param iv Optional initialisation vector. If the buffer pointed to is NULL,
  *           an IV will be created at random, in space allocated from the pool.
  *           If the buffer pointed to is not NULL, the IV in the buffer will be
  *           used.
- * @param ctx The block context returned, see note.
+ * @param key The key structure.
  * @param blockSize The block size of the cipher.
+ * @param f The block context to use.
+ * @param p The pool to use.
  * @return Returns APR_ENOIV if an initialisation vector is required but not specified.
  *         Returns APR_EINIT if the backend failed to initialise the context. Returns
  *         APR_ENOTIMPL if not implemented.
  */
-static apr_status_t crypto_block_encrypt_init(apr_pool_t *p,
-                                              const apr_crypto_t *f,
-                                              const apr_crypto_key_t *key,
-                                              const unsigned char **iv,
-                                              apr_crypto_block_t **ctx,
-                                              apr_size_t *blockSize)
+static apr_status_t crypto_block_encrypt_init(apr_crypto_block_t **ctx,
+        const unsigned char **iv, const apr_crypto_key_t *key,
+        apr_size_t *blockSize, const apr_crypto_t *f, apr_pool_t *p)
 {
     PRErrorCode perr;
     SECItem * secParam;
@@ -515,20 +504,18 @@ static apr_status_t crypto_block_encrypt
  *       to NULL, a buffer sufficiently large will be created from
  *       the pool provided. If *out points to a not-NULL value, this
  *       value will be used as a buffer instead.
- * @param block The block context to use.
  * @param out Address of a buffer to which data will be written,
  *        see note.
  * @param outlen Length of the output will be written here.
  * @param in Address of the buffer to read.
  * @param inlen Length of the buffer to read.
+ * @param ctx The block context to use.
  * @return APR_ECRYPT if an error occurred. Returns APR_ENOTIMPL if
  *         not implemented.
  */
-static apr_status_t crypto_block_encrypt(apr_crypto_block_t *block,
-                                         unsigned char **out,
-                                         apr_size_t *outlen,
-                                         const unsigned char *in,
-                                         apr_size_t inlen)
+static apr_status_t crypto_block_encrypt(unsigned char **out,
+        apr_size_t *outlen, const unsigned char *in, apr_size_t inlen,
+        apr_crypto_block_t *ctx)
 {
 
     unsigned char *buffer;
@@ -568,19 +555,18 @@ static apr_status_t crypto_block_encrypt
  *       number of bytes returned as actually written by the
  *       apr_crypto_block_encrypt() call. After this call, the context
  *       is cleaned and can be reused by apr_crypto_block_encrypt_init().
- * @param block The block context to use.
  * @param out Address of a buffer to which data will be written. This
  *            buffer must already exist, and is usually the same
  *            buffer used by apr_evp_crypt(). See note.
  * @param outlen Length of the output will be written here.
+ * @param ctx The block context to use.
  * @return APR_ECRYPT if an error occurred.
  * @return APR_EPADDING if padding was enabled and the block was incorrectly
  *         formatted.
  * @return APR_ENOTIMPL if not implemented.
  */
-static apr_status_t crypto_block_encrypt_finish(apr_crypto_block_t *block,
-                                                unsigned char *out,
-                                                apr_size_t *outlen)
+static apr_status_t crypto_block_encrypt_finish(unsigned char *out,
+        apr_size_t *outlen, apr_crypto_block_t *ctx)
 {
 
     apr_status_t rv = APR_SUCCESS;
@@ -607,25 +593,21 @@ static apr_status_t crypto_block_encrypt
  * @brief Initialise a context for decrypting arbitrary data using the given key.
  * @note If *ctx is NULL, a apr_crypto_block_t will be created from a pool. If
  *       *ctx is not NULL, *ctx must point at a previously created structure.
- * @param p The pool to use.
- * @param f The block context to use.
- * @param key The key structure.
- * @param iv Optional initialisation vector. If the buffer pointed to is NULL,
- *           an IV will be created at random, in space allocated from the pool.
- *           If the buffer pointed to is not NULL, the IV in the buffer will be
- *           used.
  * @param ctx The block context returned, see note.
  * @param blockSize The block size of the cipher.
+ * @param iv Optional initialisation vector. If the buffer pointed to is NULL,
+ *           an IV will be created at random, in space allocated from the pool.
+ *           If the buffer is not NULL, the IV in the buffer will be used.
+ * @param key The key structure.
+ * @param f The block context to use.
+ * @param p The pool to use.
  * @return Returns APR_ENOIV if an initialisation vector is required but not specified.
  *         Returns APR_EINIT if the backend failed to initialise the context. Returns
  *         APR_ENOTIMPL if not implemented.
  */
-static apr_status_t crypto_block_decrypt_init(apr_pool_t *p,
-                                              const apr_crypto_t *f,
-                                              const apr_crypto_key_t *key,
-                                              const unsigned char *iv,
-                                              apr_crypto_block_t **ctx,
-                                              apr_size_t *blockSize)
+static apr_status_t crypto_block_decrypt_init(apr_crypto_block_t **ctx,
+        apr_size_t *blockSize, const unsigned char *iv,
+        const apr_crypto_key_t *key, const apr_crypto_t *f, apr_pool_t *p)
 {
     PRErrorCode perr;
     SECItem * secParam;
@@ -679,24 +661,22 @@ static apr_status_t crypto_block_decrypt
  * @note The number of bytes written will be written to outlen. If
  *       out is NULL, outlen will contain the maximum size of the
  *       buffer needed to hold the data, including any data
- *       generated by apr_crypto_block_final below. If *out points
+ *       generated by apr_crypto_block_decrypt_finish below. If *out points
  *       to NULL, a buffer sufficiently large will be created from
  *       the pool provided. If *out points to a not-NULL value, this
  *       value will be used as a buffer instead.
- * @param block The block context to use.
  * @param out Address of a buffer to which data will be written,
  *        see note.
  * @param outlen Length of the output will be written here.
  * @param in Address of the buffer to read.
  * @param inlen Length of the buffer to read.
+ * @param ctx The block context to use.
  * @return APR_ECRYPT if an error occurred. Returns APR_ENOTIMPL if
  *         not implemented.
  */
-static apr_status_t crypto_block_decrypt(apr_crypto_block_t *block,
-                                         unsigned char **out,
-                                         apr_size_t *outlen,
-                                         const unsigned char *in,
-                                         apr_size_t inlen)
+static apr_status_t crypto_block_decrypt(unsigned char **out,
+        apr_size_t *outlen, const unsigned char *in, apr_size_t inlen,
+        apr_crypto_block_t *block)
 {
 
     unsigned char *buffer;
@@ -729,26 +709,25 @@ static apr_status_t crypto_block_decrypt
 }
 
 /**
- * @brief Encrypt final data block, write it to out.
+ * @brief Decrypt final data block, write it to out.
  * @note If necessary the final block will be written out after being
  *       padded. Typically the final block will be written to the
- *       same buffer used by apr_evp_crypt, offset by the number of
- *       bytes returned as actually written by the apr_evp_crypt()
- *       call. After this call, the context is cleaned and can be
- *       reused by apr_env_encrypt_init() or apr_env_decrypt_init().
- * @param block The block context to use.
+ *       same buffer used by apr_crypto_block_decrypt, offset by the
+ *       number of bytes returned as actually written by the
+ *       apr_crypto_block_decrypt() call. After this call, the context
+ *       is cleaned and can be reused by apr_crypto_block_decrypt_init().
  * @param out Address of a buffer to which data will be written. This
  *            buffer must already exist, and is usually the same
  *            buffer used by apr_evp_crypt(). See note.
  * @param outlen Length of the output will be written here.
+ * @param ctx The block context to use.
  * @return APR_ECRYPT if an error occurred.
  * @return APR_EPADDING if padding was enabled and the block was incorrectly
  *         formatted.
  * @return APR_ENOTIMPL if not implemented.
  */
-static apr_status_t crypto_block_decrypt_finish(apr_crypto_block_t *block,
-                                                unsigned char *out,
-                                                apr_size_t *outlen)
+static apr_status_t crypto_block_decrypt_finish(unsigned char *out,
+        apr_size_t *outlen, apr_crypto_block_t *block)
 {
 
     apr_status_t rv = APR_SUCCESS;

Modified: apr/apr/trunk/crypto/apr_crypto_openssl.c
URL: http://svn.apache.org/viewvc/apr/apr/trunk/crypto/apr_crypto_openssl.c?rev=1103258&r1=1103257&r2=1103258&view=diff
==============================================================================
--- apr/apr/trunk/crypto/apr_crypto_openssl.c (original)
+++ apr/apr/trunk/crypto/apr_crypto_openssl.c Sun May 15 00:40:42 2011
@@ -68,7 +68,7 @@ struct apr_crypto_block_t {
 /**
  * Fetch the most recent error from this driver.
  */
-static apr_status_t crypto_error(const apr_crypto_t *f, const apu_err_t **result) {
+static apr_status_t crypto_error(const apu_err_t **result, const apr_crypto_t *f) {
     *result = f->result;
     return APR_SUCCESS;
 }
@@ -155,15 +155,16 @@ static apr_status_t crypto_cleanup_helpe
  *        algorithms and other parameters will be set per context. More than
  *        one context can be created at one time. A cleanup will be automatically
  *        registered with the given pool to guarantee a graceful shutdown.
- * @param pool - process pool
+ * @param f - context pointer will be written here
  * @param provider - provider to use
  * @param params - array of key parameters
- * @param ff - context pointer will be written here
+ * @param pool - process pool
  * @return APR_ENOENGINE when the engine specified does not exist. APR_EINITENGINE
  * if the engine cannot be initialised.
  */
-static apr_status_t crypto_make(apr_pool_t *pool, const apr_crypto_driver_t *provider,
-        const apr_array_header_t *params, apr_crypto_t **ff) {
+static apr_status_t crypto_make(apr_crypto_t **ff, const apr_crypto_driver_t *provider,
+        const apr_array_header_t *params, apr_pool_t *pool)
+{
     apr_crypto_config_t *config = NULL;
     struct apr_crypto_param_t *ents =
             params ? (struct apr_crypto_param_t *) params->elts : NULL;
@@ -217,8 +218,9 @@ static apr_status_t crypto_make(apr_pool
  *        operations.
  * @note If *key is NULL, a apr_crypto_key_t will be created from a pool. If
  *       *key is not NULL, *key must point at a previously created structure.
- * @param p The pool to use.
- * @param f The context to use.
+ * @param key The key returned, see note.
+ * @param ivSize The size of the initialisation vector will be returned, based
+ *               on whether an IV is relevant for this type of crypto.
  * @param pass The passphrase to use.
  * @param passLen The passphrase length in bytes
  * @param salt The salt to use.
@@ -227,20 +229,20 @@ static apr_status_t crypto_make(apr_pool
  * @param mode Electronic Code Book / Cipher Block Chaining.
  * @param doPad Pad if necessary.
  * @param iterations Iteration count
- * @param key The key returned, see note.
- * @param ivSize The size of the initialisation vector will be returned, based
- *               on whether an IV is relevant for this type of crypto.
+ * @param f The context to use.
+ * @param p The pool to use.
  * @return Returns APR_ENOKEY if the pass phrase is missing or empty, or if a backend
  *         error occurred while generating the key. APR_ENOCIPHER if the type or mode
  *         is not supported by the particular backend. APR_EKEYTYPE if the key type is
  *         not known. APR_EPADDING if padding was requested but is not supported.
  *         APR_ENOTIMPL if not implemented.
  */
-static apr_status_t crypto_passphrase(apr_pool_t *p, const apr_crypto_t *f,
+static apr_status_t crypto_passphrase(apr_crypto_key_t **k, apr_size_t *ivSize,
         const char *pass, apr_size_t passLen, const unsigned char * salt,
         apr_size_t saltLen, const apr_crypto_block_key_type_e type,
         const apr_crypto_block_key_mode_e mode, const int doPad,
-        const int iterations, apr_crypto_key_t **k, apr_size_t *ivSize) {
+        const int iterations, const apr_crypto_t *f, apr_pool_t *p)
+{
     apr_crypto_key_t *key = *k;
 
     if (!key) {
@@ -331,20 +333,23 @@ static apr_status_t crypto_passphrase(ap
  * @brief Initialise a context for encrypting arbitrary data using the given key.
  * @note If *ctx is NULL, a apr_crypto_block_t will be created from a pool. If
  *       *ctx is not NULL, *ctx must point at a previously created structure.
- * @param p The pool to use.
- * @param f The block context to use.
- * @param key The key
- * @param iv Optional initialisation vector.
  * @param ctx The block context returned, see note.
+ * @param iv Optional initialisation vector. If the buffer pointed to is NULL,
+ *           an IV will be created at random, in space allocated from the pool.
+ *           If the buffer pointed to is not NULL, the IV in the buffer will be
+ *           used.
+ * @param key The key structure.
  * @param blockSize The block size of the cipher.
+ * @param f The block context to use.
+ * @param p The pool to use.
  * @return Returns APR_ENOIV if an initialisation vector is required but not specified.
  *         Returns APR_EINIT if the backend failed to initialise the context. Returns
  *         APR_ENOTIMPL if not implemented.
  */
-static apr_status_t crypto_block_encrypt_init(apr_pool_t *p,
-        const apr_crypto_t *f, const apr_crypto_key_t *key,
-        const unsigned char **iv, apr_crypto_block_t **ctx,
-        apr_size_t *blockSize) {
+static apr_status_t crypto_block_encrypt_init(apr_crypto_block_t **ctx,
+        const unsigned char **iv, const apr_crypto_key_t *key,
+        apr_size_t *blockSize, const apr_crypto_t *f, apr_pool_t *p)
+{
     unsigned char *usedIv;
     apr_crypto_config_t *config = f->config;
     apr_crypto_block_t *block = *ctx;
@@ -417,18 +422,19 @@ static apr_status_t crypto_block_encrypt
  *       to NULL, a buffer sufficiently large will be created from
  *       the pool provided. If *out points to a not-NULL value, this
  *       value will be used as a buffer instead.
- * @param ctx The block context to use.
  * @param out Address of a buffer to which data will be written,
  *        see note.
  * @param outlen Length of the output will be written here.
  * @param in Address of the buffer to read.
  * @param inlen Length of the buffer to read.
+ * @param ctx The block context to use.
  * @return APR_ECRYPT if an error occurred. Returns APR_ENOTIMPL if
  *         not implemented.
  */
-static apr_status_t crypto_block_encrypt(apr_crypto_block_t *ctx,
-        unsigned char **out, apr_size_t *outlen, const unsigned char *in,
-        apr_size_t inlen) {
+static apr_status_t crypto_block_encrypt(unsigned char **out,
+        apr_size_t *outlen, const unsigned char *in, apr_size_t inlen,
+        apr_crypto_block_t *ctx)
+{
     int outl = *outlen;
     unsigned char *buffer;
 
@@ -469,18 +475,19 @@ static apr_status_t crypto_block_encrypt
  *       number of bytes returned as actually written by the
  *       apr_crypto_block_encrypt() call. After this call, the context
  *       is cleaned and can be reused by apr_crypto_block_encrypt_init().
- * @param ctx The block context to use.
  * @param out Address of a buffer to which data will be written. This
  *            buffer must already exist, and is usually the same
  *            buffer used by apr_evp_crypt(). See note.
  * @param outlen Length of the output will be written here.
+ * @param ctx The block context to use.
  * @return APR_ECRYPT if an error occurred.
  * @return APR_EPADDING if padding was enabled and the block was incorrectly
  *         formatted.
  * @return APR_ENOTIMPL if not implemented.
  */
-static apr_status_t crypto_block_encrypt_finish(apr_crypto_block_t *ctx,
-        unsigned char *out, apr_size_t *outlen) {
+static apr_status_t crypto_block_encrypt_finish(unsigned char *out,
+        apr_size_t *outlen, apr_crypto_block_t *ctx)
+{
     int len = *outlen;
 
     if (EVP_EncryptFinal_ex(&ctx->cipherCtx, out, &len) == 0) {
@@ -496,22 +503,22 @@ static apr_status_t crypto_block_encrypt
  * @brief Initialise a context for decrypting arbitrary data using the given key.
  * @note If *ctx is NULL, a apr_crypto_block_t will be created from a pool. If
  *       *ctx is not NULL, *ctx must point at a previously created structure.
- * @param p The pool to use.
- * @param f The block context to use.
- * @param key The key structure.
+ * @param ctx The block context returned, see note.
+ * @param blockSize The block size of the cipher.
  * @param iv Optional initialisation vector. If the buffer pointed to is NULL,
  *           an IV will be created at random, in space allocated from the pool.
  *           If the buffer is not NULL, the IV in the buffer will be used.
- * @param ctx The block context returned, see note.
- * @param blockSize The block size of the cipher.
+ * @param key The key structure.
+ * @param f The block context to use.
+ * @param p The pool to use.
  * @return Returns APR_ENOIV if an initialisation vector is required but not specified.
  *         Returns APR_EINIT if the backend failed to initialise the context. Returns
  *         APR_ENOTIMPL if not implemented.
  */
-static apr_status_t crypto_block_decrypt_init(apr_pool_t *p,
-        const apr_crypto_t *f, const apr_crypto_key_t *key,
-        const unsigned char *iv, apr_crypto_block_t **ctx,
-        apr_size_t *blockSize) {
+static apr_status_t crypto_block_decrypt_init(apr_crypto_block_t **ctx,
+        apr_size_t *blockSize, const unsigned char *iv,
+        const apr_crypto_key_t *key, const apr_crypto_t *f, apr_pool_t *p)
+{
     apr_crypto_config_t *config = f->config;
     apr_crypto_block_t *block = *ctx;
     if (!block) {
@@ -565,23 +572,23 @@ static apr_status_t crypto_block_decrypt
  * @note The number of bytes written will be written to outlen. If
  *       out is NULL, outlen will contain the maximum size of the
  *       buffer needed to hold the data, including any data
- *       generated by apr_crypto_block_final below. If *out points
+ *       generated by apr_crypto_block_decrypt_finish below. If *out points
  *       to NULL, a buffer sufficiently large will be created from
  *       the pool provided. If *out points to a not-NULL value, this
  *       value will be used as a buffer instead.
- * @param ctx The block context to use.
  * @param out Address of a buffer to which data will be written,
  *        see note.
  * @param outlen Length of the output will be written here.
  * @param in Address of the buffer to read.
  * @param inlen Length of the buffer to read.
+ * @param ctx The block context to use.
  * @return APR_ECRYPT if an error occurred. Returns APR_ENOTIMPL if
  *         not implemented.
  */
-static apr_status_t crypto_block_decrypt(apr_crypto_block_t *ctx,
-        unsigned char **out, apr_size_t *outlen, const unsigned char *in,
-        apr_size_t inlen) {
-
+static apr_status_t crypto_block_decrypt(unsigned char **out,
+        apr_size_t *outlen, const unsigned char *in, apr_size_t inlen,
+        apr_crypto_block_t *ctx)
+{
     int outl = *outlen;
     unsigned char *buffer;
 
@@ -618,22 +625,23 @@ static apr_status_t crypto_block_decrypt
  * @brief Decrypt final data block, write it to out.
  * @note If necessary the final block will be written out after being
  *       padded. Typically the final block will be written to the
- *       same buffer used by apr_evp_crypt, offset by the number of
- *       bytes returned as actually written by the apr_evp_crypt()
- *       call. After this call, the context is cleaned and can be
- *       reused by apr_env_encrypt_init() or apr_env_decrypt_init().
- * @param ctx The block context to use.
+ *       same buffer used by apr_crypto_block_decrypt, offset by the
+ *       number of bytes returned as actually written by the
+ *       apr_crypto_block_decrypt() call. After this call, the context
+ *       is cleaned and can be reused by apr_crypto_block_decrypt_init().
  * @param out Address of a buffer to which data will be written. This
  *            buffer must already exist, and is usually the same
  *            buffer used by apr_evp_crypt(). See note.
  * @param outlen Length of the output will be written here.
+ * @param ctx The block context to use.
  * @return APR_ECRYPT if an error occurred.
  * @return APR_EPADDING if padding was enabled and the block was incorrectly
  *         formatted.
  * @return APR_ENOTIMPL if not implemented.
  */
-static apr_status_t crypto_block_decrypt_finish(apr_crypto_block_t *ctx,
-        unsigned char *out, apr_size_t *outlen) {
+static apr_status_t crypto_block_decrypt_finish(unsigned char *out,
+        apr_size_t *outlen, apr_crypto_block_t *ctx)
+{
 
     int len = *outlen;
 

Modified: apr/apr/trunk/include/apr_crypto.h
URL: http://svn.apache.org/viewvc/apr/apr/trunk/include/apr_crypto.h?rev=1103258&r1=1103257&r2=1103258&view=diff
==============================================================================
--- apr/apr/trunk/include/apr_crypto.h (original)
+++ apr/apr/trunk/include/apr_crypto.h Sun May 15 00:40:42 2011
@@ -185,6 +185,7 @@ typedef struct apr_crypto_block_t apr_cr
  * @brief Perform once-only initialisation. Call once only.
  *
  * @param pool - pool to register any shutdown cleanups, etc
+ * @param params - array of initialisation parameters
  * @return APR_NOTIMPL in case of no crypto support.
  */
 APR_DECLARE(apr_status_t) apr_crypto_init(apr_pool_t *pool,
@@ -193,17 +194,19 @@ APR_DECLARE(apr_status_t) apr_crypto_ini
 /**
  * @brief Get the driver struct for a name
  *
- * @param pool - (process) pool to register cleanup
- * @param name - driver name
  * @param driver - pointer to driver struct.
+ * @param name - driver name
+ * @param params - array of initialisation parameters
+ * @param result - result and error message on failure
+ * @param pool - (process) pool to register cleanup
  * @return APR_SUCCESS for success
  * @return APR_ENOTIMPL for no driver (when DSO not enabled)
  * @return APR_EDSOOPEN if DSO driver file can't be opened
  * @return APR_ESYMNOTFOUND if the driver file doesn't contain a driver
  */
-APR_DECLARE(apr_status_t) apr_crypto_get_driver(apr_pool_t *pool, const char *name,
-        const apr_crypto_driver_t **driver, const apr_array_header_t *params,
-        const apu_err_t **result);
+APR_DECLARE(apr_status_t) apr_crypto_get_driver(const apr_crypto_driver_t **driver,
+        const char *name, const apr_array_header_t *params, const apu_err_t **result,
+        apr_pool_t *pool);
 
 /**
  * @brief Return the name of the driver.
@@ -216,27 +219,27 @@ APR_DECLARE(const char *) apr_crypto_dri
 /**
  * @brief Get the result of the last operation on a context. If the result
  *        is NULL, the operation was successful.
- * @param f - context pointer
  * @param result - the result structure
+ * @param f - context pointer
  * @return APR_SUCCESS for success
  */
-APR_DECLARE(apr_status_t) apr_crypto_error(const apr_crypto_t *f,
-        const apu_err_t **result);
+APR_DECLARE(apr_status_t) apr_crypto_error(const apu_err_t **result,
+        const apr_crypto_t *f);
 
 /**
  * @brief Create a context for supporting encryption. Keys, certificates,
  *        algorithms and other parameters will be set per context. More than
  *        one context can be created at one time. A cleanup will be automatically
  *        registered with the given pool to guarantee a graceful shutdown.
+ * @param f - context pointer will be written here
  * @param driver - driver to use
- * @param pool - process pool
  * @param params - array of key parameters
- * @param f - context pointer will be written here
+ * @param pool - process pool
  * @return APR_ENOENGINE when the engine specified does not exist. APR_EINITENGINE
  * if the engine cannot be initialised.
  */
-APR_DECLARE(apr_status_t) apr_crypto_make(const apr_crypto_driver_t *driver,
-        apr_pool_t *pool, const apr_array_header_t *params, apr_crypto_t **f);
+APR_DECLARE(apr_status_t) apr_crypto_make(apr_crypto_t **f, const apr_crypto_driver_t *driver,
+        const apr_array_header_t *params, apr_pool_t *pool);
 
 /**
  * @brief Create a key from the given passphrase. By default, the PBKDF2
@@ -247,9 +250,9 @@ APR_DECLARE(apr_status_t) apr_crypto_mak
  *        operations.
  * @note If *key is NULL, a apr_crypto_key_t will be created from a pool. If
  *       *key is not NULL, *key must point at a previously created structure.
- * @param driver - driver to use
- * @param p The pool to use.
- * @param f The context to use.
+ * @param key The key returned, see note.
+ * @param ivSize The size of the initialisation vector will be returned, based
+ *               on whether an IV is relevant for this type of crypto.
  * @param pass The passphrase to use.
  * @param passLen The passphrase length in bytes
  * @param salt The salt to use.
@@ -257,43 +260,43 @@ APR_DECLARE(apr_status_t) apr_crypto_mak
  * @param type 3DES_192, AES_128, AES_192, AES_256.
  * @param mode Electronic Code Book / Cipher Block Chaining.
  * @param doPad Pad if necessary.
- * @param key The key returned, see note.
- * @param ivSize The size of the initialisation vector will be returned, based
- *               on whether an IV is relevant for this type of crypto.
+ * @param iterations Number of iterations to use in algorithm
+ * @param f The context to use.
+ * @param p The pool to use.
  * @return Returns APR_ENOKEY if the pass phrase is missing or empty, or if a backend
  *         error occurred while generating the key. APR_ENOCIPHER if the type or mode
  *         is not supported by the particular backend. APR_EKEYTYPE if the key type is
  *         not known. APR_EPADDING if padding was requested but is not supported.
  *         APR_ENOTIMPL if not implemented.
  */
-APR_DECLARE(apr_status_t) apr_crypto_passphrase(apr_pool_t *p, const apr_crypto_t *f,
-        const char *pass, apr_size_t passLen, const unsigned char * salt,
-        apr_size_t saltLen, const apr_crypto_block_key_type_e type,
+APR_DECLARE(apr_status_t) apr_crypto_passphrase(apr_crypto_key_t **key,
+        apr_size_t *ivSize, const char *pass, apr_size_t passLen,
+        const unsigned char * salt, apr_size_t saltLen,
+        const apr_crypto_block_key_type_e type,
         const apr_crypto_block_key_mode_e mode, const int doPad,
-        const int iterations, apr_crypto_key_t **key, apr_size_t *ivSize);
+        const int iterations, const apr_crypto_t *f, apr_pool_t *p);
 
 /**
  * @brief Initialise a context for encrypting arbitrary data using the given key.
  * @note If *ctx is NULL, a apr_crypto_block_t will be created from a pool. If
  *       *ctx is not NULL, *ctx must point at a previously created structure.
- * @param driver - driver to use
- * @param p The pool to use.
- * @param f The block context to use.
- * @param key The key structure to use.
+ * @param ctx The block context returned, see note.
  * @param iv Optional initialisation vector. If the buffer pointed to is NULL,
  *           an IV will be created at random, in space allocated from the pool.
  *           If the buffer pointed to is not NULL, the IV in the buffer will be
  *           used.
- * @param ctx The block context returned, see note.
+ * @param key The key structure to use.
  * @param blockSize The block size of the cipher.
+ * @param f The block context to use.
+ * @param p The pool to use.
  * @return Returns APR_ENOIV if an initialisation vector is required but not specified.
  *         Returns APR_EINIT if the backend failed to initialise the context. Returns
  *         APR_ENOTIMPL if not implemented.
  */
-APR_DECLARE(apr_status_t) apr_crypto_block_encrypt_init(apr_pool_t *p,
-        const apr_crypto_t *f, const apr_crypto_key_t *key,
-        const unsigned char **iv, apr_crypto_block_t **ctx,
-        apr_size_t *blockSize);
+APR_DECLARE(apr_status_t) apr_crypto_block_encrypt_init(
+        apr_crypto_block_t **ctx, const unsigned char **iv,
+        const apr_crypto_key_t *key, apr_size_t *blockSize,
+        const apr_crypto_t *f, apr_pool_t *p);
 
 /**
  * @brief Encrypt data provided by in, write it to out.
@@ -304,19 +307,19 @@ APR_DECLARE(apr_status_t) apr_crypto_blo
  *       to NULL, a buffer sufficiently large will be created from
  *       the pool provided. If *out points to a not-NULL value, this
  *       value will be used as a buffer instead.
- * @param driver - driver to use
- * @param ctx The block context to use.
  * @param out Address of a buffer to which data will be written,
  *        see note.
  * @param outlen Length of the output will be written here.
  * @param in Address of the buffer to read.
  * @param inlen Length of the buffer to read.
+ * @param f The block context to use.
+ * @param ctx The block context to use.
  * @return APR_ECRYPT if an error occurred. Returns APR_ENOTIMPL if
  *         not implemented.
  */
-APR_DECLARE(apr_status_t) apr_crypto_block_encrypt(const apr_crypto_t *f,
-        apr_crypto_block_t *ctx, unsigned char **out, apr_size_t *outlen,
-        const unsigned char *in, apr_size_t inlen);
+APR_DECLARE(apr_status_t) apr_crypto_block_encrypt(unsigned char **out,
+        apr_size_t *outlen, const unsigned char *in, apr_size_t inlen,
+        const apr_crypto_t *f, apr_crypto_block_t *ctx);
 
 /**
  * @brief Encrypt final data block, write it to out.
@@ -326,39 +329,38 @@ APR_DECLARE(apr_status_t) apr_crypto_blo
  *       number of bytes returned as actually written by the
  *       apr_crypto_block_encrypt() call. After this call, the context
  *       is cleaned and can be reused by apr_crypto_block_encrypt_init().
- * @param driver - driver to use
- * @param ctx The block context to use.
  * @param out Address of a buffer to which data will be written. This
  *            buffer must already exist, and is usually the same
  *            buffer used by apr_evp_crypt(). See note.
  * @param outlen Length of the output will be written here.
+ * @param f The block context to use.
+ * @param ctx The block context to use.
  * @return APR_ECRYPT if an error occurred.
  * @return APR_EPADDING if padding was enabled and the block was incorrectly
  *         formatted.
  * @return APR_ENOTIMPL if not implemented.
  */
-APR_DECLARE(apr_status_t) apr_crypto_block_encrypt_finish(const apr_crypto_t *f,
-        apr_crypto_block_t *ctx, unsigned char *out, apr_size_t *outlen);
+APR_DECLARE(apr_status_t) apr_crypto_block_encrypt_finish(unsigned char *out,
+        apr_size_t *outlen, const apr_crypto_t *f, apr_crypto_block_t *ctx);
 
 /**
  * @brief Initialise a context for decrypting arbitrary data using the given key.
  * @note If *ctx is NULL, a apr_crypto_block_t will be created from a pool. If
  *       *ctx is not NULL, *ctx must point at a previously created structure.
- * @param driver - driver to use
- * @param p The pool to use.
- * @param f The block context to use.
- * @param key The key structure to use.
- * @param iv Optional initialisation vector.
  * @param ctx The block context returned, see note.
  * @param blockSize The block size of the cipher.
+ * @param iv Optional initialisation vector.
+ * @param key The key structure to use.
+ * @param f The block context to use.
+ * @param p The pool to use.
  * @return Returns APR_ENOIV if an initialisation vector is required but not specified.
  *         Returns APR_EINIT if the backend failed to initialise the context. Returns
  *         APR_ENOTIMPL if not implemented.
  */
-APR_DECLARE(apr_status_t) apr_crypto_block_decrypt_init(apr_pool_t *p,
-        const apr_crypto_t *f, const apr_crypto_key_t *key,
-        const unsigned char *iv, apr_crypto_block_t **ctx,
-        apr_size_t *blockSize);
+APR_DECLARE(apr_status_t) apr_crypto_block_decrypt_init(
+        apr_crypto_block_t **ctx, apr_size_t *blockSize,
+        const unsigned char *iv, const apr_crypto_key_t *key,
+        const apr_crypto_t *f, apr_pool_t *p);
 
 /**
  * @brief Decrypt data provided by in, write it to out.
@@ -369,19 +371,19 @@ APR_DECLARE(apr_status_t) apr_crypto_blo
  *       to NULL, a buffer sufficiently large will be created from
  *       the pool provided. If *out points to a not-NULL value, this
  *       value will be used as a buffer instead.
- * @param driver - driver to use
- * @param ctx The block context to use.
  * @param out Address of a buffer to which data will be written,
  *        see note.
  * @param outlen Length of the output will be written here.
  * @param in Address of the buffer to read.
  * @param inlen Length of the buffer to read.
+ * @param f The block context to use.
+ * @param ctx The block context to use.
  * @return APR_ECRYPT if an error occurred. Returns APR_ENOTIMPL if
  *         not implemented.
  */
-APR_DECLARE(apr_status_t) apr_crypto_block_decrypt(const apr_crypto_t *f,
-        apr_crypto_block_t *ctx, unsigned char **out, apr_size_t *outlen,
-        const unsigned char *in, apr_size_t inlen);
+APR_DECLARE(apr_status_t) apr_crypto_block_decrypt(unsigned char **out,
+        apr_size_t *outlen, const unsigned char *in, apr_size_t inlen,
+        const apr_crypto_t *f, apr_crypto_block_t *ctx);
 
 /**
  * @brief Decrypt final data block, write it to out.
@@ -391,25 +393,24 @@ APR_DECLARE(apr_status_t) apr_crypto_blo
  *       number of bytes returned as actually written by the
  *       apr_crypto_block_decrypt() call. After this call, the context
  *       is cleaned and can be reused by apr_crypto_block_decrypt_init().
- * @param driver - driver to use
- * @param ctx The block context to use.
  * @param out Address of a buffer to which data will be written. This
  *            buffer must already exist, and is usually the same
  *            buffer used by apr_evp_crypt(). See note.
  * @param outlen Length of the output will be written here.
+ * @param f The block context to use.
+ * @param ctx The block context to use.
  * @return APR_ECRYPT if an error occurred.
  * @return APR_EPADDING if padding was enabled and the block was incorrectly
  *         formatted.
  * @return APR_ENOTIMPL if not implemented.
  */
-APR_DECLARE(apr_status_t) apr_crypto_block_decrypt_finish(
-        const apr_crypto_t *f, apr_crypto_block_t *ctx,
-        unsigned char *out, apr_size_t *outlen);
+APR_DECLARE(apr_status_t) apr_crypto_block_decrypt_finish(unsigned char *out,
+        apr_size_t *outlen, const apr_crypto_t *f, apr_crypto_block_t *ctx);
 
 /**
  * @brief Clean encryption / decryption context.
  * @note After cleanup, a context is free to be reused if necessary.
- * @param driver - driver to use
+ * @param f The block context to use.
  * @param ctx The block context to use.
  * @return Returns APR_ENOTIMPL if not supported.
  */
@@ -419,7 +420,6 @@ APR_DECLARE(apr_status_t) apr_crypto_blo
 /**
  * @brief Clean encryption / decryption context.
  * @note After cleanup, a context is free to be reused if necessary.
- * @param driver - driver to use
  * @param f The context to use.
  * @return Returns APR_ENOTIMPL if not supported.
  */

Modified: apr/apr/trunk/include/private/apr_crypto_internal.h
URL: http://svn.apache.org/viewvc/apr/apr/trunk/include/private/apr_crypto_internal.h?rev=1103258&r1=1103257&r2=1103258&view=diff
==============================================================================
--- apr/apr/trunk/include/private/apr_crypto_internal.h (original)
+++ apr/apr/trunk/include/private/apr_crypto_internal.h Sun May 15 00:40:42 2011
@@ -46,15 +46,15 @@ struct apr_crypto_driver_t {
      *        algorithms and other parameters will be set per context. More than
      *        one context can be created at one time. A cleanup will be automatically
      *        registered with the given pool to guarantee a graceful shutdown.
+     * @param f - context pointer will be written here
      * @param provider - provider to use
-     * @param pool - process pool
      * @param params - array of key parameters
-     * @param f - context pointer will be written here
+     * @param pool - process pool
      * @return APR_ENOENGINE when the engine specified does not exist. APR_EINITENGINE
      * if the engine cannot be initialised.
      */
-    apr_status_t (*make)(apr_pool_t *pool, const apr_crypto_driver_t *provider,
-            const apr_array_header_t *params, apr_crypto_t **f);
+    apr_status_t (*make)(apr_crypto_t **f, const apr_crypto_driver_t *provider,
+            const apr_array_header_t *params, apr_pool_t *pool);
 
     /**
      * @brief Create a key from the given passphrase. By default, the PBKDF2
@@ -65,8 +65,9 @@ struct apr_crypto_driver_t {
      *        operations.
      * @note If *key is NULL, a apr_crypto_key_t will be created from a pool. If
      *       *key is not NULL, *key must point at a previously created structure.
-     * @param p The pool to use.
-     * @param f The context to use.
+     * @param key The key returned, see note.
+     * @param ivSize The size of the initialisation vector will be returned, based
+     *               on whether an IV is relevant for this type of crypto.
      * @param pass The passphrase to use.
      * @param passLen The passphrase length in bytes
      * @param salt The salt to use.
@@ -75,41 +76,40 @@ struct apr_crypto_driver_t {
      * @param mode Electronic Code Book / Cipher Block Chaining.
      * @param doPad Pad if necessary.
      * @param iterations Iteration count
-     * @param key The key returned, see note.
-     * @param ivSize The size of the initialisation vector will be returned, based
-     *               on whether an IV is relevant for this type of crypto.
+     * @param f The context to use.
+     * @param p The pool to use.
      * @return Returns APR_ENOKEY if the pass phrase is missing or empty, or if a backend
      *         error occurred while generating the key. APR_ENOCIPHER if the type or mode
      *         is not supported by the particular backend. APR_EKEYTYPE if the key type is
      *         not known. APR_EPADDING if padding was requested but is not supported.
      *         APR_ENOTIMPL if not implemented.
      */
-    apr_status_t (*passphrase)(apr_pool_t *p, const apr_crypto_t *f,
+    apr_status_t (*passphrase)(apr_crypto_key_t **key, apr_size_t *ivSize,
             const char *pass, apr_size_t passLen, const unsigned char * salt,
             apr_size_t saltLen, const apr_crypto_block_key_type_e type,
             const apr_crypto_block_key_mode_e mode, const int doPad,
-            const int iterations, apr_crypto_key_t **key, apr_size_t *ivSize);
+            const int iterations, const apr_crypto_t *f, apr_pool_t *p);
 
     /**
      * @brief Initialise a context for encrypting arbitrary data using the given key.
      * @note If *ctx is NULL, a apr_crypto_block_t will be created from a pool. If
      *       *ctx is not NULL, *ctx must point at a previously created structure.
-     * @param p The pool to use.
-     * @param f The block context to use.
-     * @param key The key structure.
+     * @param ctx The block context returned, see note.
      * @param iv Optional initialisation vector. If the buffer pointed to is NULL,
      *           an IV will be created at random, in space allocated from the pool.
      *           If the buffer pointed to is not NULL, the IV in the buffer will be
      *           used.
-     * @param ctx The block context returned, see note.
+     * @param key The key structure.
      * @param blockSize The block size of the cipher.
+     * @param f The block context to use.
+     * @param p The pool to use.
      * @return Returns APR_ENOIV if an initialisation vector is required but not specified.
      *         Returns APR_EINIT if the backend failed to initialise the context. Returns
      *         APR_ENOTIMPL if not implemented.
      */
-    apr_status_t (*block_encrypt_init)(apr_pool_t *p, const apr_crypto_t *f,
-            const apr_crypto_key_t *key, const unsigned char **iv,
-            apr_crypto_block_t **ctx, apr_size_t *blockSize);
+    apr_status_t (*block_encrypt_init)(apr_crypto_block_t **ctx,
+            const unsigned char **iv, const apr_crypto_key_t *key,
+            apr_size_t *blockSize, const apr_crypto_t *f, apr_pool_t *p);
 
     /**
      * @brief Encrypt data provided by in, write it to out.
@@ -120,17 +120,17 @@ struct apr_crypto_driver_t {
      *       to NULL, a buffer sufficiently large will be created from
      *       the pool provided. If *out points to a not-NULL value, this
      *       value will be used as a buffer instead.
-     * @param ctx The block context to use.
      * @param out Address of a buffer to which data will be written,
      *        see note.
      * @param outlen Length of the output will be written here.
      * @param in Address of the buffer to read.
      * @param inlen Length of the buffer to read.
+     * @param ctx The block context to use.
      * @return APR_ECRYPT if an error occurred. Returns APR_ENOTIMPL if
      *         not implemented.
      */
-    apr_status_t (*block_encrypt)(apr_crypto_block_t *ctx, unsigned char **out,
-            apr_size_t *outlen, const unsigned char *in, apr_size_t inlen);
+    apr_status_t (*block_encrypt)(unsigned char **out, apr_size_t *outlen,
+            const unsigned char *in, apr_size_t inlen, apr_crypto_block_t *ctx);
 
     /**
      * @brief Encrypt final data block, write it to out.
@@ -140,38 +140,38 @@ struct apr_crypto_driver_t {
      *       number of bytes returned as actually written by the
      *       apr_crypto_block_encrypt() call. After this call, the context
      *       is cleaned and can be reused by apr_crypto_block_encrypt_init().
-     * @param ctx The block context to use.
      * @param out Address of a buffer to which data will be written. This
      *            buffer must already exist, and is usually the same
      *            buffer used by apr_evp_crypt(). See note.
      * @param outlen Length of the output will be written here.
+     * @param ctx The block context to use.
      * @return APR_ECRYPT if an error occurred.
      * @return APR_EPADDING if padding was enabled and the block was incorrectly
      *         formatted.
      * @return APR_ENOTIMPL if not implemented.
      */
-    apr_status_t (*block_encrypt_finish)(apr_crypto_block_t *ctx,
-            unsigned char *out, apr_size_t *outlen);
+    apr_status_t (*block_encrypt_finish)(unsigned char *out, apr_size_t *outlen,
+            apr_crypto_block_t *ctx);
 
     /**
      * @brief Initialise a context for decrypting arbitrary data using the given key.
      * @note If *ctx is NULL, a apr_crypto_block_t will be created from a pool. If
      *       *ctx is not NULL, *ctx must point at a previously created structure.
-     * @param p The pool to use.
-     * @param f The block context to use.
-     * @param key The key structure.
+     * @param ctx The block context returned, see note.
+     * @param blockSize The block size of the cipher.
      * @param iv Optional initialisation vector. If the buffer pointed to is NULL,
      *           an IV will be created at random, in space allocated from the pool.
      *           If the buffer is not NULL, the IV in the buffer will be used.
-     * @param ctx The block context returned, see note.
-     * @param blockSize The block size of the cipher.
+     * @param key The key structure.
+     * @param f The block context to use.
+     * @param p The pool to use.
      * @return Returns APR_ENOIV if an initialisation vector is required but not specified.
      *         Returns APR_EINIT if the backend failed to initialise the context. Returns
      *         APR_ENOTIMPL if not implemented.
      */
-    apr_status_t (*block_decrypt_init)(apr_pool_t *p, const apr_crypto_t *f,
-            const apr_crypto_key_t *key, const unsigned char *iv,
-            apr_crypto_block_t **ctx, apr_size_t *blockSize);
+    apr_status_t (*block_decrypt_init)(apr_crypto_block_t **ctx,
+            apr_size_t *blockSize, const unsigned char *iv,
+            const apr_crypto_key_t *key, const apr_crypto_t *f, apr_pool_t *p);
 
     /**
      * @brief Decrypt data provided by in, write it to out.
@@ -182,17 +182,17 @@ struct apr_crypto_driver_t {
      *       to NULL, a buffer sufficiently large will be created from
      *       the pool provided. If *out points to a not-NULL value, this
      *       value will be used as a buffer instead.
-     * @param ctx The block context to use.
      * @param out Address of a buffer to which data will be written,
      *        see note.
      * @param outlen Length of the output will be written here.
      * @param in Address of the buffer to read.
      * @param inlen Length of the buffer to read.
+     * @param ctx The block context to use.
      * @return APR_ECRYPT if an error occurred. Returns APR_ENOTIMPL if
      *         not implemented.
      */
-    apr_status_t (*block_decrypt)(apr_crypto_block_t *ctx, unsigned char **out,
-            apr_size_t *outlen, const unsigned char *in, apr_size_t inlen);
+    apr_status_t (*block_decrypt)(unsigned char **out, apr_size_t *outlen,
+            const unsigned char *in, apr_size_t inlen, apr_crypto_block_t *ctx);
 
     /**
      * @brief Decrypt final data block, write it to out.
@@ -202,18 +202,18 @@ struct apr_crypto_driver_t {
      *       number of bytes returned as actually written by the
      *       apr_crypto_block_decrypt() call. After this call, the context
      *       is cleaned and can be reused by apr_crypto_block_decrypt_init().
-     * @param ctx The block context to use.
      * @param out Address of a buffer to which data will be written. This
      *            buffer must already exist, and is usually the same
      *            buffer used by apr_evp_crypt(). See note.
      * @param outlen Length of the output will be written here.
+     * @param ctx The block context to use.
      * @return APR_ECRYPT if an error occurred.
      * @return APR_EPADDING if padding was enabled and the block was incorrectly
      *         formatted.
      * @return APR_ENOTIMPL if not implemented.
      */
-    apr_status_t (*block_decrypt_finish)(apr_crypto_block_t *ctx,
-            unsigned char *out, apr_size_t *outlen);
+    apr_status_t (*block_decrypt_finish)(unsigned char *out,
+            apr_size_t *outlen, apr_crypto_block_t *ctx);
 
     /**
      * @brief Clean encryption / decryption context.
@@ -241,11 +241,11 @@ struct apr_crypto_driver_t {
 
     /**
      * @brief: fetch the most recent error from this driver.
-     * @param f - context pointer
      * @param result - the result structure
+     * @param f - context pointer
      * @return APR_SUCCESS for success.
      */
-    apr_status_t (*error)(const apr_crypto_t *f, const apu_err_t **result);
+    apr_status_t (*error)(const apu_err_t **result, const apr_crypto_t *f);
 
 };
 

Modified: apr/apr/trunk/test/testcrypto.c
URL: http://svn.apache.org/viewvc/apr/apr/trunk/test/testcrypto.c?rev=1103258&r1=1103257&r2=1103258&view=diff
==============================================================================
--- apr/apr/trunk/test/testcrypto.c (original)
+++ apr/apr/trunk/test/testcrypto.c Sun May 15 00:40:42 2011
@@ -38,7 +38,7 @@ static const apr_crypto_driver_t *get_dr
     rv = apr_crypto_init(pool, params);
     ABTS_ASSERT(tc, "failed to init apr_crypto", rv == APR_SUCCESS);
 
-    rv = apr_crypto_get_driver(pool, name, &driver, params, &err);
+    rv = apr_crypto_get_driver(&driver, name, params, &err, pool);
     if (APR_SUCCESS != rv && err) {
         ABTS_NOT_IMPL(tc, err->msg);
         return NULL;
@@ -89,7 +89,7 @@ static apr_crypto_t *make(abts_case *tc,
     }
 
     /* get the context */
-    apr_crypto_make(driver, pool, NULL, &f);
+    apr_crypto_make(&f, driver, NULL, pool);
     ABTS_ASSERT(tc, "apr_crypto_make returned NULL", f != NULL);
 
     return f;
@@ -112,11 +112,11 @@ static const apr_crypto_key_t *passphras
     }
 
     /* init the passphrase */
-    rv = apr_crypto_passphrase(pool, f, pass, strlen(pass),
-            (unsigned char *) salt, strlen(salt), type, mode, doPad, 4096,
-            &key, NULL);
+    rv = apr_crypto_passphrase(&key, NULL, pass, strlen(pass),
+            (unsigned char *) salt, strlen(salt), type, mode, doPad, 4096, f,
+            pool);
     if (APR_ENOCIPHER == rv) {
-        apr_crypto_error(f, &result);
+        apr_crypto_error(&result, f);
         ABTS_NOT_IMPL(tc, apr_psprintf(pool,
                 "skipped: %s %s passphrase return APR_ENOCIPHER: error %d: %s (%s)\n",
                 description, apr_crypto_driver_name(driver), result->rc,
@@ -124,7 +124,7 @@ static const apr_crypto_key_t *passphras
         return NULL;
     } else {
         if (APR_SUCCESS != rv) {
-            apr_crypto_error(f, &result);
+            apr_crypto_error(&result, f);
             fprintf(stderr, "passphrase: %s %s native error %d: %s (%s)\n",
                     description, apr_crypto_driver_name(driver), result->rc,
                     result->reason ? result->reason : "",
@@ -160,13 +160,12 @@ static unsigned char *encrypt_block(abts
     }
 
     /* init the encryption */
-    rv = apr_crypto_block_encrypt_init(pool, f, key, iv, &block,
-            blockSize);
+    rv = apr_crypto_block_encrypt_init(&block, iv, key, blockSize, f, pool);
     if (APR_ENOTIMPL == rv) {
         ABTS_NOT_IMPL(tc, "apr_crypto_block_encrypt_init returned APR_ENOTIMPL");
     } else {
         if (APR_SUCCESS != rv) {
-            apr_crypto_error(f, &result);
+            apr_crypto_error(&result, f);
             fprintf(stderr, "encrypt_init: %s %s native error %d: %s (%s)\n",
                     description, apr_crypto_driver_name(driver), result->rc,
                     result->reason ? result->reason : "",
@@ -184,10 +183,10 @@ static unsigned char *encrypt_block(abts
     }
 
     /* encrypt the block */
-    rv = apr_crypto_block_encrypt(f, block, cipherText,
-            cipherTextLen, in, inlen);
+    rv = apr_crypto_block_encrypt(cipherText, cipherTextLen, in, inlen, f,
+            block);
     if (APR_SUCCESS != rv) {
-        apr_crypto_error(f, &result);
+        apr_crypto_error(&result, f);
         fprintf(stderr, "encrypt: %s %s native error %d: %s (%s)\n",
                 description, apr_crypto_driver_name(driver), result->rc,
                 result->reason ? result->reason : "",
@@ -201,10 +200,10 @@ static unsigned char *encrypt_block(abts
     }
 
     /* finalise the encryption */
-    rv = apr_crypto_block_encrypt_finish(f, block, *cipherText
-            + *cipherTextLen, &len);
+    rv = apr_crypto_block_encrypt_finish(*cipherText + *cipherTextLen, &len, f,
+            block);
     if (APR_SUCCESS != rv) {
-        apr_crypto_error(f, &result);
+        apr_crypto_error(&result, f);
         fprintf(stderr, "encrypt_finish: %s %s native error %d: %s (%s)\n",
                 description, apr_crypto_driver_name(driver), result->rc,
                 result->reason ? result->reason : "",
@@ -240,13 +239,12 @@ static unsigned char *decrypt_block(abts
     }
 
     /* init the decryption */
-    rv = apr_crypto_block_decrypt_init(pool, f, key, iv, &block,
-            blockSize);
+    rv = apr_crypto_block_decrypt_init(&block, blockSize, iv, key, f, pool);
     if (APR_ENOTIMPL == rv) {
         ABTS_NOT_IMPL(tc, "apr_crypto_block_decrypt_init returned APR_ENOTIMPL");
     } else {
         if (APR_SUCCESS != rv) {
-            apr_crypto_error(f, &result);
+            apr_crypto_error(&result, f);
             fprintf(stderr, "decrypt_init: %s %s native error %d: %s (%s)\n",
                     description, apr_crypto_driver_name(driver), result->rc,
                     result->reason ? result->reason : "",
@@ -264,10 +262,10 @@ static unsigned char *decrypt_block(abts
     }
 
     /* decrypt the block */
-    rv = apr_crypto_block_decrypt(f, block, plainText, plainTextLen,
-            cipherText, cipherTextLen);
+    rv = apr_crypto_block_decrypt(plainText, plainTextLen,
+            cipherText, cipherTextLen, f, block);
     if (APR_SUCCESS != rv) {
-        apr_crypto_error(f, &result);
+        apr_crypto_error(&result, f);
         fprintf(stderr, "decrypt: %s %s native error %d: %s (%s)\n",
                 description, apr_crypto_driver_name(driver), result->rc,
                 result->reason ? result->reason : "",
@@ -281,10 +279,10 @@ static unsigned char *decrypt_block(abts
     }
 
     /* finalise the decryption */
-    rv = apr_crypto_block_decrypt_finish(f, block, *plainText
-            + *plainTextLen, &len);
+    rv = apr_crypto_block_decrypt_finish(*plainText + *plainTextLen, &len, f,
+            block);
     if (APR_SUCCESS != rv) {
-        apr_crypto_error(f, &result);
+        apr_crypto_error(&result, f);
         fprintf(stderr, "decrypt_finish: %s %s native error %d: %s (%s)\n",
                 description, apr_crypto_driver_name(driver), result->rc,
                 result->reason ? result->reason : "",



Mime
View raw message