apr-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From wr...@apache.org
Subject svn commit: r1536770 - in /apr/apr/trunk: README.FREETDS build/xml.m4 crypto/apr_crypto_commoncrypto.c
Date Tue, 29 Oct 2013 15:51:07 GMT
Author: wrowe
Date: Tue Oct 29 15:51:06 2013
New Revision: 1536770

URL: http://svn.apache.org/r1536770
Log:
Fix line endings of trunk-specific text files

Modified:
    apr/apr/trunk/README.FREETDS
    apr/apr/trunk/build/xml.m4
    apr/apr/trunk/crypto/apr_crypto_commoncrypto.c

Modified: apr/apr/trunk/README.FREETDS
URL: http://svn.apache.org/viewvc/apr/apr/trunk/README.FREETDS?rev=1536770&r1=1536769&r2=1536770&view=diff
==============================================================================
--- apr/apr/trunk/README.FREETDS (original)
+++ apr/apr/trunk/README.FREETDS Tue Oct 29 15:51:06 2013
@@ -1,11 +1,11 @@
-The APR DBD Driver for FreeTDS has been removed from the build.
-It is known to have problems, and we are not able to maintain it.
-
-The source code is still available.  If you want it and are able
-to manage maintenance for yourself, you can patch the build and
-work through issues that affect you, but you're on your own.
-
-We expect that for most users, the ODBC driver will serve as
-an alternative.
-
-Sorry.
+The APR DBD Driver for FreeTDS has been removed from the build.
+It is known to have problems, and we are not able to maintain it.
+
+The source code is still available.  If you want it and are able
+to manage maintenance for yourself, you can patch the build and
+work through issues that affect you, but you're on your own.
+
+We expect that for most users, the ODBC driver will serve as
+an alternative.
+
+Sorry.

Modified: apr/apr/trunk/build/xml.m4
URL: http://svn.apache.org/viewvc/apr/apr/trunk/build/xml.m4?rev=1536770&r1=1536769&r2=1536770&view=diff
==============================================================================
--- apr/apr/trunk/build/xml.m4 (original)
+++ apr/apr/trunk/build/xml.m4 Tue Oct 29 15:51:06 2013
@@ -1,211 +1,211 @@
-dnl -------------------------------------------------------- -*- autoconf -*-
-dnl Licensed to the Apache Software Foundation (ASF) under one or more
-dnl contributor license agreements.  See the NOTICE file distributed with
-dnl this work for additional information regarding copyright ownership.
-dnl The ASF licenses this file to You under the Apache License, Version 2.0
-dnl (the "License"); you may not use this file except in compliance with
-dnl the License.  You may obtain a copy of the License at
-dnl
-dnl     http://www.apache.org/licenses/LICENSE-2.0
-dnl
-dnl Unless required by applicable law or agreed to in writing, software
-dnl distributed under the License is distributed on an "AS IS" BASIS,
-dnl WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-dnl See the License for the specific language governing permissions and
-dnl limitations under the License.
-
-
-dnl
-dnl APU_TRY_EXPAT_LINK(
-dnl      test-message, cache-var-name, hdrs, libs,
-dnl      [actions-on-success], [actions-on-failure])
-dnl         
-dnl Tests linking against expat with libraries 'libs' and includes
-dnl 'hdrs', passing message + cache-var-name to AC_CACHE_CHECK.
-dnl On success, sets $expat_libs to libs, sets $apu_has_expat to 1, 
-dnl and runs actions-on-success; on failure runs actions-on-failure.
-dnl
-AC_DEFUN([APU_TRY_EXPAT_LINK], [
-AC_CACHE_CHECK([$1], [$2], [
-  apu_expat_LIBS=$LIBS
-  apu_expat_CPPFLAGS=$CPPFLAGS
-  LIBS="$LIBS $4"
-  CPPFLAGS="$CPPFLAGS $INCLUDES"
-  AC_TRY_LINK([#include <stdlib.h>
-#include <$3>], [XML_ParserCreate(NULL);],
-    [$2=yes], [$2=no])
-  LIBS=$apu_expat_LIBS
-  CPPFLAGS=$apu_expat_CPPFLAGS
-])
-
-if test $[$2] = yes; then
-   AC_DEFINE([HAVE_]translit([$3], [a-z./], [A-Z__]), 1,
-             [Define if $3 is available])
-   apu_expat_libs="$4"
-   apu_has_expat=1
-   $5
-   AC_SUBST(apu_has_expat)
-else
-   apu_has_expat=0
-   $6
-fi
-])
-
-dnl
-dnl APU_SYSTEM_EXPAT: tests for a system expat installation
-dnl If present, sets $apu_has_expat to 1 and adjusts LDFLAGS/CPPFLAGS
-dnl appropriately.  This is mostly for compatibility with existing
-dnl expat releases; all but the first APU_TRY_EXPAT_LINK call could
-dnl be dropped later.
-dnl
-AC_DEFUN([APU_SYSTEM_EXPAT], [
- 
-  APU_TRY_EXPAT_LINK([Expat 1.95.x], apu_cv_expat_system, 
-    [expat.h], [-lexpat])
-
-  if test $apu_has_expat = 0; then
-    APU_TRY_EXPAT_LINK([old Debian-packaged expat], apu_cv_expat_debian,
-       [xmltok/xmlparse.h], [-lxmlparse -lxmltok])
-  fi
-
-  if test $apu_has_expat = 0; then
-    APU_TRY_EXPAT_LINK([old FreeBSD-packaged expat], apu_cv_expat_freebsd,
-       [xml/xmlparse.h], [-lexpat])
-  fi
-
-  if test $apu_has_expat = 0; then
-    APU_TRY_EXPAT_LINK([Expat 1.0/1.1], apu_cv_expat_1011,
-       [xmlparse/xmlparse.h], [-lexpat])
-  fi
-
-  if test $apu_has_expat = 0; then
-    APR_ADDTO(LDFLAGS, [-L/usr/local/lib])
-    APR_ADDTO(INCLUDES, [-I/usr/local/include])
- 
-    APU_TRY_EXPAT_LINK([Expat 1.95.x in /usr/local], 
-       apu_cv_expat_usrlocal, [expat.h], [-lexpat], [], [
-       APR_REMOVEFROM(LDFLAGS, [-L/usr/local/lib])
-       APR_REMOVEFROM(INCLUDES, [-I/usr/local/include])
-      ])
-  fi
-])
-
-
-dnl
-dnl APU_FIND_EXPAT: figure out where EXPAT is located (or use bundled)
-dnl
-AC_DEFUN([APU_FIND_EXPAT], [
-
-save_cppflags="$CPPFLAGS"
-
-apu_has_expat=0
-
-AC_ARG_WITH([expat],
-[  --with-expat=DIR        specify Expat location], [
-  if test "$withval" = "yes"; then
-    AC_MSG_ERROR([a directory must be specified for --with-expat])
-  elif test "$withval" = "no"; then
-    if test "$apu_has_libxml2" != "1"; then
-      AC_MSG_ERROR([An XML parser is required!  If you disable expat, you must select --with-libxml2])
-    fi
-  else
-    # Add given path to standard search paths if appropriate:
-    if test "$apu_has_libxml2" = "1"; then
-      AC_MSG_ERROR(Cannot build with both expat and libxml2 - please select one)
-    fi
-    if test "$withval" != "/usr"; then
-      APR_ADDTO(INCLUDES, [-I$withval/include])
-      APR_ADDTO(LDFLAGS, [-L$withval/lib])
-    fi
-  fi
-])
-
-if test "$apu_has_libxml2" != "1"; then
-  APU_SYSTEM_EXPAT
-
-  APR_ADDTO(APRUTIL_EXPORT_LIBS, [$apu_expat_libs])
-  APR_ADDTO(LIBS, [$apu_expat_libs])
-
-  APR_XML_DIR=$bundled_subdir
-  AC_SUBST(APR_XML_DIR)
-fi
-
-CPPFLAGS=$save_cppflags
-])
-
-
-dnl
-dnl APU_FIND_LIBXML2: figure out where LIBXML2 is located (or use bundled)
-dnl
-AC_DEFUN([APU_FIND_LIBXML2], [
-
-save_cppflags="$CPPFLAGS"
-
-apu_has_libxml2=0
-apu_try_libxml2=0
-
-AC_ARG_WITH([libxml2],
-[  --with-libxml2=DIR      specify libxml2 location], [
-  if test "$withval" = "yes"; then
-    apu_try_libxml2=1
-    APR_ADDTO(INCLUDES, [-I/usr/include/libxml2])
-  elif test "$withval" != "no"; then
-    apu_try_libxml2=1
-    APR_ADDTO(INCLUDES, [-I$withval/include/libxml2])
-    if test "$withval" != "/usr"; then
-      APR_ADDTO(LDFLAGS, [-L$withval/lib])
-    fi
-  fi
-  if test ${apu_try_libxml2} = "1" ; then
-
-    #test for libxml2
-    AC_CACHE_CHECK([libxml2], [apu_cv_libxml2], [
-      apu_libxml2_CPPFLAGS=$CPPFLAGS
-      apu_libxml2_LIBS="$LIBS -lxml2"
-      CPPFLAGS="$CPPFLAGS $INCLUDES"
-      LIBS="$LIBS -lxml2"
-      AC_TRY_LINK(
-        [#include <libxml/parser.h>],
-        [xmlSAXHandler sax; xmlCreatePushParserCtxt(&sax, NULL, NULL, 0, NULL);],
-        [apu_cv_libxml2=yes],
-        [apu_cv_libxml2=no],
-      )
-      CPPFLAGS=$apu_libxml2_CPPFLAGS
-      LIBS=$apu_libxml2_LIBS
-    ])
-    if test $apu_cv_libxml2 = yes ; then
-      AC_DEFINE([HAVE_LIBXML2_H], 1, [libxml2 found])
-      apu_has_libxml2=1
-    else
-      apu_has_libxml2=0
-    fi
-  fi
-])
-AC_SUBST(apu_has_libxml2)
-
-if test ${apu_has_libxml2} = "1" ; then
-  APR_ADDTO(APRUTIL_EXPORT_LIBS, [-lxml2])
-  APR_ADDTO(LIBS, [-lxml2])
-fi
-
-CPPFLAGS=$save_cppflags
-])
-
-dnl
-dnl APU_FIND_XML: Find an XML library
-dnl
-dnl Logic: we need exactly one but not both XML libraries
-dnl        Make expat the default for back-compatibility.
-dnl        Use libxml2 if a --with-libxml2 is specified (and works),
-dnl        otherwise expat.
-dnl
-AC_DEFUN([APU_FIND_XML], [
-APU_FIND_LIBXML2
-APU_FIND_EXPAT
-
-if test ${apu_has_expat} = "1" && test ${apu_has_libxml2} = "1" ; then
-  AC_MSG_ERROR(Cannot build with both expat and libxml2 - please select one)
-elif test ${apu_has_expat} != "1" && test ${apu_has_libxml2} != "1" ; then
-  AC_MSG_ERROR(No XML parser found!  Please specify --with-expat or --with-libxml2)
-fi
-])
+dnl -------------------------------------------------------- -*- autoconf -*-
+dnl Licensed to the Apache Software Foundation (ASF) under one or more
+dnl contributor license agreements.  See the NOTICE file distributed with
+dnl this work for additional information regarding copyright ownership.
+dnl The ASF licenses this file to You under the Apache License, Version 2.0
+dnl (the "License"); you may not use this file except in compliance with
+dnl the License.  You may obtain a copy of the License at
+dnl
+dnl     http://www.apache.org/licenses/LICENSE-2.0
+dnl
+dnl Unless required by applicable law or agreed to in writing, software
+dnl distributed under the License is distributed on an "AS IS" BASIS,
+dnl WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+dnl See the License for the specific language governing permissions and
+dnl limitations under the License.
+
+
+dnl
+dnl APU_TRY_EXPAT_LINK(
+dnl      test-message, cache-var-name, hdrs, libs,
+dnl      [actions-on-success], [actions-on-failure])
+dnl         
+dnl Tests linking against expat with libraries 'libs' and includes
+dnl 'hdrs', passing message + cache-var-name to AC_CACHE_CHECK.
+dnl On success, sets $expat_libs to libs, sets $apu_has_expat to 1, 
+dnl and runs actions-on-success; on failure runs actions-on-failure.
+dnl
+AC_DEFUN([APU_TRY_EXPAT_LINK], [
+AC_CACHE_CHECK([$1], [$2], [
+  apu_expat_LIBS=$LIBS
+  apu_expat_CPPFLAGS=$CPPFLAGS
+  LIBS="$LIBS $4"
+  CPPFLAGS="$CPPFLAGS $INCLUDES"
+  AC_TRY_LINK([#include <stdlib.h>
+#include <$3>], [XML_ParserCreate(NULL);],
+    [$2=yes], [$2=no])
+  LIBS=$apu_expat_LIBS
+  CPPFLAGS=$apu_expat_CPPFLAGS
+])
+
+if test $[$2] = yes; then
+   AC_DEFINE([HAVE_]translit([$3], [a-z./], [A-Z__]), 1,
+             [Define if $3 is available])
+   apu_expat_libs="$4"
+   apu_has_expat=1
+   $5
+   AC_SUBST(apu_has_expat)
+else
+   apu_has_expat=0
+   $6
+fi
+])
+
+dnl
+dnl APU_SYSTEM_EXPAT: tests for a system expat installation
+dnl If present, sets $apu_has_expat to 1 and adjusts LDFLAGS/CPPFLAGS
+dnl appropriately.  This is mostly for compatibility with existing
+dnl expat releases; all but the first APU_TRY_EXPAT_LINK call could
+dnl be dropped later.
+dnl
+AC_DEFUN([APU_SYSTEM_EXPAT], [
+ 
+  APU_TRY_EXPAT_LINK([Expat 1.95.x], apu_cv_expat_system, 
+    [expat.h], [-lexpat])
+
+  if test $apu_has_expat = 0; then
+    APU_TRY_EXPAT_LINK([old Debian-packaged expat], apu_cv_expat_debian,
+       [xmltok/xmlparse.h], [-lxmlparse -lxmltok])
+  fi
+
+  if test $apu_has_expat = 0; then
+    APU_TRY_EXPAT_LINK([old FreeBSD-packaged expat], apu_cv_expat_freebsd,
+       [xml/xmlparse.h], [-lexpat])
+  fi
+
+  if test $apu_has_expat = 0; then
+    APU_TRY_EXPAT_LINK([Expat 1.0/1.1], apu_cv_expat_1011,
+       [xmlparse/xmlparse.h], [-lexpat])
+  fi
+
+  if test $apu_has_expat = 0; then
+    APR_ADDTO(LDFLAGS, [-L/usr/local/lib])
+    APR_ADDTO(INCLUDES, [-I/usr/local/include])
+ 
+    APU_TRY_EXPAT_LINK([Expat 1.95.x in /usr/local], 
+       apu_cv_expat_usrlocal, [expat.h], [-lexpat], [], [
+       APR_REMOVEFROM(LDFLAGS, [-L/usr/local/lib])
+       APR_REMOVEFROM(INCLUDES, [-I/usr/local/include])
+      ])
+  fi
+])
+
+
+dnl
+dnl APU_FIND_EXPAT: figure out where EXPAT is located (or use bundled)
+dnl
+AC_DEFUN([APU_FIND_EXPAT], [
+
+save_cppflags="$CPPFLAGS"
+
+apu_has_expat=0
+
+AC_ARG_WITH([expat],
+[  --with-expat=DIR        specify Expat location], [
+  if test "$withval" = "yes"; then
+    AC_MSG_ERROR([a directory must be specified for --with-expat])
+  elif test "$withval" = "no"; then
+    if test "$apu_has_libxml2" != "1"; then
+      AC_MSG_ERROR([An XML parser is required!  If you disable expat, you must select --with-libxml2])
+    fi
+  else
+    # Add given path to standard search paths if appropriate:
+    if test "$apu_has_libxml2" = "1"; then
+      AC_MSG_ERROR(Cannot build with both expat and libxml2 - please select one)
+    fi
+    if test "$withval" != "/usr"; then
+      APR_ADDTO(INCLUDES, [-I$withval/include])
+      APR_ADDTO(LDFLAGS, [-L$withval/lib])
+    fi
+  fi
+])
+
+if test "$apu_has_libxml2" != "1"; then
+  APU_SYSTEM_EXPAT
+
+  APR_ADDTO(APRUTIL_EXPORT_LIBS, [$apu_expat_libs])
+  APR_ADDTO(LIBS, [$apu_expat_libs])
+
+  APR_XML_DIR=$bundled_subdir
+  AC_SUBST(APR_XML_DIR)
+fi
+
+CPPFLAGS=$save_cppflags
+])
+
+
+dnl
+dnl APU_FIND_LIBXML2: figure out where LIBXML2 is located (or use bundled)
+dnl
+AC_DEFUN([APU_FIND_LIBXML2], [
+
+save_cppflags="$CPPFLAGS"
+
+apu_has_libxml2=0
+apu_try_libxml2=0
+
+AC_ARG_WITH([libxml2],
+[  --with-libxml2=DIR      specify libxml2 location], [
+  if test "$withval" = "yes"; then
+    apu_try_libxml2=1
+    APR_ADDTO(INCLUDES, [-I/usr/include/libxml2])
+  elif test "$withval" != "no"; then
+    apu_try_libxml2=1
+    APR_ADDTO(INCLUDES, [-I$withval/include/libxml2])
+    if test "$withval" != "/usr"; then
+      APR_ADDTO(LDFLAGS, [-L$withval/lib])
+    fi
+  fi
+  if test ${apu_try_libxml2} = "1" ; then
+
+    #test for libxml2
+    AC_CACHE_CHECK([libxml2], [apu_cv_libxml2], [
+      apu_libxml2_CPPFLAGS=$CPPFLAGS
+      apu_libxml2_LIBS="$LIBS -lxml2"
+      CPPFLAGS="$CPPFLAGS $INCLUDES"
+      LIBS="$LIBS -lxml2"
+      AC_TRY_LINK(
+        [#include <libxml/parser.h>],
+        [xmlSAXHandler sax; xmlCreatePushParserCtxt(&sax, NULL, NULL, 0, NULL);],
+        [apu_cv_libxml2=yes],
+        [apu_cv_libxml2=no],
+      )
+      CPPFLAGS=$apu_libxml2_CPPFLAGS
+      LIBS=$apu_libxml2_LIBS
+    ])
+    if test $apu_cv_libxml2 = yes ; then
+      AC_DEFINE([HAVE_LIBXML2_H], 1, [libxml2 found])
+      apu_has_libxml2=1
+    else
+      apu_has_libxml2=0
+    fi
+  fi
+])
+AC_SUBST(apu_has_libxml2)
+
+if test ${apu_has_libxml2} = "1" ; then
+  APR_ADDTO(APRUTIL_EXPORT_LIBS, [-lxml2])
+  APR_ADDTO(LIBS, [-lxml2])
+fi
+
+CPPFLAGS=$save_cppflags
+])
+
+dnl
+dnl APU_FIND_XML: Find an XML library
+dnl
+dnl Logic: we need exactly one but not both XML libraries
+dnl        Make expat the default for back-compatibility.
+dnl        Use libxml2 if a --with-libxml2 is specified (and works),
+dnl        otherwise expat.
+dnl
+AC_DEFUN([APU_FIND_XML], [
+APU_FIND_LIBXML2
+APU_FIND_EXPAT
+
+if test ${apu_has_expat} = "1" && test ${apu_has_libxml2} = "1" ; then
+  AC_MSG_ERROR(Cannot build with both expat and libxml2 - please select one)
+elif test ${apu_has_expat} != "1" && test ${apu_has_libxml2} != "1" ; then
+  AC_MSG_ERROR(No XML parser found!  Please specify --with-expat or --with-libxml2)
+fi
+])

Modified: apr/apr/trunk/crypto/apr_crypto_commoncrypto.c
URL: http://svn.apache.org/viewvc/apr/apr/trunk/crypto/apr_crypto_commoncrypto.c?rev=1536770&r1=1536769&r2=1536770&view=diff
==============================================================================
--- apr/apr/trunk/crypto/apr_crypto_commoncrypto.c (original)
+++ apr/apr/trunk/crypto/apr_crypto_commoncrypto.c Tue Oct 29 15:51:06 2013
@@ -1,814 +1,814 @@
-/* Licensed to the Apache Software Foundation (ASF) under one or more
- * contributor license agreements.  See the NOTICE file distributed with
- * this work for additional information regarding copyright ownership.
- * The ASF licenses this file to You under the Apache License, Version 2.0
- * (the "License"); you may not use this file except in compliance with
- * the License.  You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include "apr_lib.h"
-#include "apu.h"
-#include "apr_private.h"
-#include "apu_errno.h"
-
-#include <ctype.h>
-#include <assert.h>
-#include <stdlib.h>
-
-#include "apr_strings.h"
-#include "apr_time.h"
-#include "apr_buckets.h"
-#include "apr_random.h"
-
-#include "apr_crypto_internal.h"
-
-#if APU_HAVE_CRYPTO
-
-#include <CommonCrypto/CommonCrypto.h>
-
-#define LOG_PREFIX "apr_crypto_commoncrypto: "
-
-struct apr_crypto_t
-{
-    apr_pool_t *pool;
-    const apr_crypto_driver_t *provider;
-    apu_err_t *result;
-    apr_array_header_t *keys;
-    apr_hash_t *types;
-    apr_hash_t *modes;
-    apr_random_t *rng;
-};
-
-struct apr_crypto_key_t
-{
-    apr_pool_t *pool;
-    const apr_crypto_driver_t *provider;
-    const apr_crypto_t *f;
-    CCAlgorithm algorithm;
-    CCOptions options;
-    unsigned char *key;
-    int keyLen;
-    int ivSize;
-    apr_size_t blockSize;
-};
-
-struct apr_crypto_block_t
-{
-    apr_pool_t *pool;
-    const apr_crypto_driver_t *provider;
-    const apr_crypto_t *f;
-    const apr_crypto_key_t *key;
-    CCCryptorRef ref;
-};
-
-static int key_3des_192 = APR_KEY_3DES_192;
-static int key_aes_128 = APR_KEY_AES_128;
-static int key_aes_192 = APR_KEY_AES_192;
-static int key_aes_256 = APR_KEY_AES_256;
-
-static int mode_ecb = APR_MODE_ECB;
-static int mode_cbc = APR_MODE_CBC;
-
-/**
- * Fetch the most recent error from this driver.
- */
-static apr_status_t crypto_error(const apu_err_t **result,
-        const apr_crypto_t *f)
-{
-    *result = f->result;
-    return APR_SUCCESS;
-}
-
-/**
- * Shutdown the crypto library and release resources.
- */
-static apr_status_t crypto_shutdown(void)
-{
-    return APR_SUCCESS;
-}
-
-static apr_status_t crypto_shutdown_helper(void *data)
-{
-    return crypto_shutdown();
-}
-
-/**
- * Initialise the crypto library and perform one time initialisation.
- */
-static apr_status_t crypto_init(apr_pool_t *pool, const char *params,
-        const apu_err_t **result)
-{
-
-    apr_pool_cleanup_register(pool, pool, crypto_shutdown_helper,
-            apr_pool_cleanup_null);
-
-    return APR_SUCCESS;
-}
-
-/**
- * @brief Clean encryption / decryption context.
- * @note After cleanup, a context is free to be reused if necessary.
- * @param ctx The block context to use.
- * @return Returns APR_ENOTIMPL if not supported.
- */
-static apr_status_t crypto_block_cleanup(apr_crypto_block_t *ctx)
-{
-
-    if (ctx->ref) {
-        CCCryptorRelease(ctx->ref);
-        ctx->ref = NULL;
-    }
-
-    return APR_SUCCESS;
-
-}
-
-static apr_status_t crypto_block_cleanup_helper(void *data)
-{
-    apr_crypto_block_t *block = (apr_crypto_block_t *) data;
-    return crypto_block_cleanup(block);
-}
-
-/**
- * @brief Clean encryption / decryption context.
- * @note After cleanup, a context is free to be reused if necessary.
- * @param f The context to use.
- * @return Returns APR_ENOTIMPL if not supported.
- */
-static apr_status_t crypto_cleanup(apr_crypto_t *f)
-{
-
-    return APR_SUCCESS;
-
-}
-
-static apr_status_t crypto_cleanup_helper(void *data)
-{
-    apr_crypto_t *f = (apr_crypto_t *) data;
-    return crypto_cleanup(f);
-}
-
-/**
- * @brief Create a context for supporting encryption. Keys, certificates,
- *        algorithms and other parameters will be set per context. More than
- *        one context can be created at one time. A cleanup will be automatically
- *        registered with the given pool to guarantee a graceful shutdown.
- * @param f - context pointer will be written here
- * @param provider - provider to use
- * @param params - array of key parameters
- * @param pool - process pool
- * @return APR_ENOENGINE when the engine specified does not exist. APR_EINITENGINE
- * if the engine cannot be initialised.
- */
-static apr_status_t crypto_make(apr_crypto_t **ff,
-        const apr_crypto_driver_t *provider, const char *params,
-        apr_pool_t *pool)
-{
-    apr_crypto_t *f = apr_pcalloc(pool, sizeof(apr_crypto_t));
-    apr_status_t rv;
-
-    if (!f) {
-        return APR_ENOMEM;
-    }
-    *ff = f;
-    f->pool = pool;
-    f->provider = provider;
-
-    /* seed the secure random number generator */
-    f->rng = apr_random_standard_new(pool);
-    if (!f->rng) {
-        return APR_ENOMEM;
-    }
-    do {
-        unsigned char seed[8];
-        rv = apr_generate_random_bytes(seed, sizeof(seed));
-        if (rv != APR_SUCCESS) {
-            return rv;
-        }
-        apr_random_add_entropy(f->rng, seed, sizeof(seed));
-        rv = apr_random_secure_ready(f->rng);
-    } while (rv == APR_ENOTENOUGHENTROPY);
-
-    f->result = apr_pcalloc(pool, sizeof(apu_err_t));
-    if (!f->result) {
-        return APR_ENOMEM;
-    }
-
-    f->keys = apr_array_make(pool, 10, sizeof(apr_crypto_key_t));
-    if (!f->keys) {
-        return APR_ENOMEM;
-    }
-
-    f->types = apr_hash_make(pool);
-    if (!f->types) {
-        return APR_ENOMEM;
-    }
-    apr_hash_set(f->types, "3des192", APR_HASH_KEY_STRING, &(key_3des_192));
-    apr_hash_set(f->types, "aes128", APR_HASH_KEY_STRING, &(key_aes_128));
-    apr_hash_set(f->types, "aes192", APR_HASH_KEY_STRING, &(key_aes_192));
-    apr_hash_set(f->types, "aes256", APR_HASH_KEY_STRING, &(key_aes_256));
-
-    f->modes = apr_hash_make(pool);
-    if (!f->modes) {
-        return APR_ENOMEM;
-    }
-    apr_hash_set(f->modes, "ecb", APR_HASH_KEY_STRING, &(mode_ecb));
-    apr_hash_set(f->modes, "cbc", APR_HASH_KEY_STRING, &(mode_cbc));
-
-    apr_pool_cleanup_register(pool, f, crypto_cleanup_helper,
-            apr_pool_cleanup_null);
-
-    return APR_SUCCESS;
-
-}
-
-/**
- * @brief Get a hash table of key types, keyed by the name of the type against
- * an integer pointer constant.
- *
- * @param types - hashtable of key types keyed to constants.
- * @param f - encryption context
- * @return APR_SUCCESS for success
- */
-static apr_status_t crypto_get_block_key_types(apr_hash_t **types,
-        const apr_crypto_t *f)
-{
-    *types = f->types;
-    return APR_SUCCESS;
-}
-
-/**
- * @brief Get a hash table of key modes, keyed by the name of the mode against
- * an integer pointer constant.
- *
- * @param modes - hashtable of key modes keyed to constants.
- * @param f - encryption context
- * @return APR_SUCCESS for success
- */
-static apr_status_t crypto_get_block_key_modes(apr_hash_t **modes,
-        const apr_crypto_t *f)
-{
-    *modes = f->modes;
-    return APR_SUCCESS;
-}
-
-/**
- * @brief Create a key from the given passphrase. By default, the PBKDF2
- *        algorithm is used to generate the key from the passphrase. It is expected
- *        that the same pass phrase will generate the same key, regardless of the
- *        backend crypto platform used. The key is cleaned up when the context
- *        is cleaned, and may be reused with multiple encryption or decryption
- *        operations.
- * @note If *key is NULL, a apr_crypto_key_t will be created from a pool. If
- *       *key is not NULL, *key must point at a previously created structure.
- * @param key The key returned, see note.
- * @param ivSize The size of the initialisation vector will be returned, based
- *               on whether an IV is relevant for this type of crypto.
- * @param pass The passphrase to use.
- * @param passLen The passphrase length in bytes
- * @param salt The salt to use.
- * @param saltLen The salt length in bytes
- * @param type 3DES_192, AES_128, AES_192, AES_256.
- * @param mode Electronic Code Book / Cipher Block Chaining.
- * @param doPad Pad if necessary.
- * @param iterations Iteration count
- * @param f The context to use.
- * @param p The pool to use.
- * @return Returns APR_ENOKEY if the pass phrase is missing or empty, or if a backend
- *         error occurred while generating the key. APR_ENOCIPHER if the type or mode
- *         is not supported by the particular backend. APR_EKEYTYPE if the key type is
- *         not known. APR_EPADDING if padding was requested but is not supported.
- *         APR_ENOTIMPL if not implemented.
- */
-static apr_status_t crypto_passphrase(apr_crypto_key_t **k, apr_size_t *ivSize,
-        const char *pass, apr_size_t passLen, const unsigned char * salt,
-        apr_size_t saltLen, const apr_crypto_block_key_type_e type,
-        const apr_crypto_block_key_mode_e mode, const int doPad,
-        const int iterations, const apr_crypto_t *f, apr_pool_t *p)
-{
-    apr_crypto_key_t *key = *k;
-
-    if (!key) {
-        *k = key = apr_array_push(f->keys);
-    }
-    if (!key) {
-        return APR_ENOMEM;
-    }
-
-    key->f = f;
-    key->provider = f->provider;
-
-    /* handle padding */
-    key->options = doPad ? kCCOptionPKCS7Padding : 0;
-
-    /* determine the algorithm to be used */
-    switch (type) {
-
-    case (APR_KEY_3DES_192):
-
-        /* A 3DES key */
-        if (mode == APR_MODE_CBC) {
-            key->algorithm = kCCAlgorithm3DES;
-            key->keyLen = kCCKeySize3DES;
-            key->ivSize = kCCBlockSize3DES;
-            key->blockSize = kCCBlockSize3DES;
-        }
-        else {
-            key->algorithm = kCCAlgorithm3DES;
-            key->options += kCCOptionECBMode;
-            key->keyLen = kCCKeySize3DES;
-            key->ivSize = 0;
-            key->blockSize = kCCBlockSize3DES;
-        }
-        break;
-
-    case (APR_KEY_AES_128):
-
-        if (mode == APR_MODE_CBC) {
-            key->algorithm = kCCAlgorithmAES128;
-            key->keyLen = kCCKeySizeAES128;
-            key->ivSize = kCCBlockSizeAES128;
-            key->blockSize = kCCBlockSizeAES128;
-        }
-        else {
-            key->algorithm = kCCAlgorithmAES128;
-            key->options += kCCOptionECBMode;
-            key->keyLen = kCCKeySizeAES128;
-            key->ivSize = 0;
-            key->blockSize = kCCBlockSizeAES128;
-        }
-        break;
-
-    case (APR_KEY_AES_192):
-
-        if (mode == APR_MODE_CBC) {
-            key->algorithm = kCCAlgorithmAES128;
-            key->keyLen = kCCKeySizeAES192;
-            key->ivSize = kCCBlockSizeAES128;
-            key->blockSize = kCCBlockSizeAES128;
-        }
-        else {
-            key->algorithm = kCCAlgorithmAES128;
-            key->options += kCCOptionECBMode;
-            key->keyLen = kCCKeySizeAES192;
-            key->ivSize = 0;
-            key->blockSize = kCCBlockSizeAES128;
-        }
-        break;
-
-    case (APR_KEY_AES_256):
-
-        if (mode == APR_MODE_CBC) {
-            key->algorithm = kCCAlgorithmAES128;
-            key->keyLen = kCCKeySizeAES256;
-            key->ivSize = kCCBlockSizeAES128;
-            key->blockSize = kCCBlockSizeAES128;
-        }
-        else {
-            key->algorithm = kCCAlgorithmAES128;
-            key->options += kCCOptionECBMode;
-            key->keyLen = kCCKeySizeAES256;
-            key->ivSize = 0;
-            key->blockSize = kCCBlockSizeAES128;
-        }
-        break;
-
-    default:
-
-        /* TODO: Support CAST, Blowfish */
-
-        /* unknown key type, give up */
-        return APR_EKEYTYPE;
-
-    }
-
-    /* make space for the key */
-    key->key = apr_pcalloc(p, key->keyLen);
-    if (!key->key) {
-        return APR_ENOMEM;
-    }
-    apr_crypto_clear(p, key->key, key->keyLen);
-
-    /* generate the key */
-    if ((f->result->rc = CCKeyDerivationPBKDF(kCCPBKDF2, pass, passLen, salt,
-            saltLen, kCCPRFHmacAlgSHA1, iterations, key->key, key->keyLen))
-            == kCCParamError) {
-        return APR_ENOKEY;
-    }
-
-    if (ivSize) {
-        *ivSize = key->ivSize;
-    }
-
-    return APR_SUCCESS;
-}
-
-/**
- * @brief Initialise a context for encrypting arbitrary data using the given key.
- * @note If *ctx is NULL, a apr_crypto_block_t will be created from a pool. If
- *       *ctx is not NULL, *ctx must point at a previously created structure.
- * @param ctx The block context returned, see note.
- * @param iv Optional initialisation vector. If the buffer pointed to is NULL,
- *           an IV will be created at random, in space allocated from the pool.
- *           If the buffer pointed to is not NULL, the IV in the buffer will be
- *           used.
- * @param key The key structure.
- * @param blockSize The block size of the cipher.
- * @param p The pool to use.
- * @return Returns APR_ENOIV if an initialisation vector is required but not specified.
- *         Returns APR_EINIT if the backend failed to initialise the context. Returns
- *         APR_ENOTIMPL if not implemented.
- */
-static apr_status_t crypto_block_encrypt_init(apr_crypto_block_t **ctx,
-        const unsigned char **iv, const apr_crypto_key_t *key,
-        apr_size_t *blockSize, apr_pool_t *p)
-{
-    unsigned char *usedIv;
-    apr_crypto_block_t *block = *ctx;
-    if (!block) {
-        *ctx = block = apr_pcalloc(p, sizeof(apr_crypto_block_t));
-    }
-    if (!block) {
-        return APR_ENOMEM;
-    }
-    block->f = key->f;
-    block->pool = p;
-    block->provider = key->provider;
-    block->key = key;
-
-    apr_pool_cleanup_register(p, block, crypto_block_cleanup_helper,
-            apr_pool_cleanup_null);
-
-    /* generate an IV, if necessary */
-    usedIv = NULL;
-    if (key->ivSize) {
-        if (iv == NULL) {
-            return APR_ENOIV;
-        }
-        if (*iv == NULL) {
-            apr_status_t status;
-            usedIv = apr_pcalloc(p, key->ivSize);
-            if (!usedIv) {
-                return APR_ENOMEM;
-            }
-            apr_crypto_clear(p, usedIv, key->ivSize);
-            status = apr_random_secure_bytes(block->f->rng, usedIv,
-                    key->ivSize);
-            if (APR_SUCCESS != status) {
-                return status;
-            }
-            *iv = usedIv;
-        }
-        else {
-            usedIv = (unsigned char *) *iv;
-        }
-    }
-
-    /* create a new context for encryption */
-    switch ((block->f->result->rc = CCCryptorCreate(kCCEncrypt, key->algorithm,
-            key->options, key->key, key->keyLen, usedIv, &block->ref))) {
-    case kCCSuccess: {
-        break;
-    }
-    case kCCParamError: {
-        return APR_EINIT;
-    }
-    case kCCMemoryFailure: {
-        return APR_ENOMEM;
-    }
-    case kCCAlignmentError: {
-        return APR_EPADDING;
-    }
-    case kCCUnimplemented: {
-        return APR_ENOTIMPL;
-    }
-    default: {
-        return APR_EINIT;
-    }
-    }
-
-    if (blockSize) {
-        *blockSize = key->blockSize;
-    }
-
-    return APR_SUCCESS;
-
-}
-
-/**
- * @brief Encrypt data provided by in, write it to out.
- * @note The number of bytes written will be written to outlen. If
- *       out is NULL, outlen will contain the maximum size of the
- *       buffer needed to hold the data, including any data
- *       generated by apr_crypto_block_encrypt_finish below. If *out points
- *       to NULL, a buffer sufficiently large will be created from
- *       the pool provided. If *out points to a not-NULL value, this
- *       value will be used as a buffer instead.
- * @param out Address of a buffer to which data will be written,
- *        see note.
- * @param outlen Length of the output will be written here.
- * @param in Address of the buffer to read.
- * @param inlen Length of the buffer to read.
- * @param ctx The block context to use.
- * @return APR_ECRYPT if an error occurred. Returns APR_ENOTIMPL if
- *         not implemented.
- */
-static apr_status_t crypto_block_encrypt(unsigned char **out,
-        apr_size_t *outlen, const unsigned char *in, apr_size_t inlen,
-        apr_crypto_block_t *ctx)
-{
-    apr_size_t outl = *outlen;
-    unsigned char *buffer;
-
-    /* are we after the maximum size of the out buffer? */
-    if (!out) {
-        *outlen = CCCryptorGetOutputLength(ctx->ref, inlen, 1);
-        return APR_SUCCESS;
-    }
-
-    /* must we allocate the output buffer from a pool? */
-    if (!*out) {
-        outl = CCCryptorGetOutputLength(ctx->ref, inlen, 1);
-        buffer = apr_palloc(ctx->pool, outl);
-        if (!buffer) {
-            return APR_ENOMEM;
-        }
-        apr_crypto_clear(ctx->pool, buffer, outl);
-        *out = buffer;
-    }
-
-    switch ((ctx->f->result->rc = CCCryptorUpdate(ctx->ref, in, inlen, (*out),
-            outl, &outl))) {
-    case kCCSuccess: {
-        break;
-    }
-    case kCCBufferTooSmall: {
-        return APR_ENOSPACE;
-    }
-    default: {
-        return APR_ECRYPT;
-    }
-    }
-    *outlen = outl;
-
-    return APR_SUCCESS;
-
-}
-
-/**
- * @brief Encrypt final data block, write it to out.
- * @note If necessary the final block will be written out after being
- *       padded. Typically the final block will be written to the
- *       same buffer used by apr_crypto_block_encrypt, offset by the
- *       number of bytes returned as actually written by the
- *       apr_crypto_block_encrypt() call. After this call, the context
- *       is cleaned and can be reused by apr_crypto_block_encrypt_init().
- * @param out Address of a buffer to which data will be written. This
- *            buffer must already exist, and is usually the same
- *            buffer used by apr_evp_crypt(). See note.
- * @param outlen Length of the output will be written here.
- * @param ctx The block context to use.
- * @return APR_ECRYPT if an error occurred.
- * @return APR_EPADDING if padding was enabled and the block was incorrectly
- *         formatted.
- * @return APR_ENOTIMPL if not implemented.
- */
-static apr_status_t crypto_block_encrypt_finish(unsigned char *out,
-        apr_size_t *outlen, apr_crypto_block_t *ctx)
-{
-    apr_size_t len = *outlen;
-
-    ctx->f->result->rc = CCCryptorFinal(ctx->ref, out,
-            CCCryptorGetOutputLength(ctx->ref, 0, 1), &len);
-
-    /* always clean up */
-    crypto_block_cleanup(ctx);
-
-    switch (ctx->f->result->rc) {
-    case kCCSuccess: {
-        break;
-    }
-    case kCCBufferTooSmall: {
-        return APR_ENOSPACE;
-    }
-    case kCCAlignmentError: {
-        return APR_EPADDING;
-    }
-    case kCCDecodeError: {
-        return APR_ECRYPT;
-    }
-    default: {
-        return APR_ECRYPT;
-    }
-    }
-    *outlen = len;
-
-    return APR_SUCCESS;
-
-}
-
-/**
- * @brief Initialise a context for decrypting arbitrary data using the given key.
- * @note If *ctx is NULL, a apr_crypto_block_t will be created from a pool. If
- *       *ctx is not NULL, *ctx must point at a previously created structure.
- * @param ctx The block context returned, see note.
- * @param blockSize The block size of the cipher.
- * @param iv Optional initialisation vector. If the buffer pointed to is NULL,
- *           an IV will be created at random, in space allocated from the pool.
- *           If the buffer is not NULL, the IV in the buffer will be used.
- * @param key The key structure.
- * @param p The pool to use.
- * @return Returns APR_ENOIV if an initialisation vector is required but not specified.
- *         Returns APR_EINIT if the backend failed to initialise the context. Returns
- *         APR_ENOTIMPL if not implemented.
- */
-static apr_status_t crypto_block_decrypt_init(apr_crypto_block_t **ctx,
-        apr_size_t *blockSize, const unsigned char *iv,
-        const apr_crypto_key_t *key, apr_pool_t *p)
-{
-    apr_crypto_block_t *block = *ctx;
-    if (!block) {
-        *ctx = block = apr_pcalloc(p, sizeof(apr_crypto_block_t));
-    }
-    if (!block) {
-        return APR_ENOMEM;
-    }
-    block->f = key->f;
-    block->pool = p;
-    block->provider = key->provider;
-
-    apr_pool_cleanup_register(p, block, crypto_block_cleanup_helper,
-            apr_pool_cleanup_null);
-
-    /* generate an IV, if necessary */
-    if (key->ivSize) {
-        if (iv == NULL) {
-            return APR_ENOIV;
-        }
-    }
-
-    /* create a new context for decryption */
-    switch ((block->f->result->rc = CCCryptorCreate(kCCDecrypt, key->algorithm,
-            key->options, key->key, key->keyLen, iv, &block->ref))) {
-    case kCCSuccess: {
-        break;
-    }
-    case kCCParamError: {
-        return APR_EINIT;
-    }
-    case kCCMemoryFailure: {
-        return APR_ENOMEM;
-    }
-    case kCCAlignmentError: {
-        return APR_EPADDING;
-    }
-    case kCCUnimplemented: {
-        return APR_ENOTIMPL;
-    }
-    default: {
-        return APR_EINIT;
-    }
-    }
-
-    if (blockSize) {
-        *blockSize = key->blockSize;
-    }
-
-    return APR_SUCCESS;
-
-}
-
-/**
- * @brief Decrypt data provided by in, write it to out.
- * @note The number of bytes written will be written to outlen. If
- *       out is NULL, outlen will contain the maximum size of the
- *       buffer needed to hold the data, including any data
- *       generated by apr_crypto_block_decrypt_finish below. If *out points
- *       to NULL, a buffer sufficiently large will be created from
- *       the pool provided. If *out points to a not-NULL value, this
- *       value will be used as a buffer instead.
- * @param out Address of a buffer to which data will be written,
- *        see note.
- * @param outlen Length of the output will be written here.
- * @param in Address of the buffer to read.
- * @param inlen Length of the buffer to read.
- * @param ctx The block context to use.
- * @return APR_ECRYPT if an error occurred. Returns APR_ENOTIMPL if
- *         not implemented.
- */
-static apr_status_t crypto_block_decrypt(unsigned char **out,
-        apr_size_t *outlen, const unsigned char *in, apr_size_t inlen,
-        apr_crypto_block_t *ctx)
-{
-    apr_size_t outl = *outlen;
-    unsigned char *buffer;
-
-    /* are we after the maximum size of the out buffer? */
-    if (!out) {
-        *outlen = CCCryptorGetOutputLength(ctx->ref, inlen, 1);
-        return APR_SUCCESS;
-    }
-
-    /* must we allocate the output buffer from a pool? */
-    if (!*out) {
-        outl = CCCryptorGetOutputLength(ctx->ref, inlen, 1);
-        buffer = apr_palloc(ctx->pool, outl);
-        if (!buffer) {
-            return APR_ENOMEM;
-        }
-        apr_crypto_clear(ctx->pool, buffer, outl);
-        *out = buffer;
-    }
-
-    switch ((ctx->f->result->rc = CCCryptorUpdate(ctx->ref, in, inlen, (*out),
-            outl, &outl))) {
-    case kCCSuccess: {
-        break;
-    }
-    case kCCBufferTooSmall: {
-        return APR_ENOSPACE;
-    }
-    default: {
-        return APR_ECRYPT;
-    }
-    }
-    *outlen = outl;
-
-    return APR_SUCCESS;
-
-}
-
-/**
- * @brief Decrypt final data block, write it to out.
- * @note If necessary the final block will be written out after being
- *       padded. Typically the final block will be written to the
- *       same buffer used by apr_crypto_block_decrypt, offset by the
- *       number of bytes returned as actually written by the
- *       apr_crypto_block_decrypt() call. After this call, the context
- *       is cleaned and can be reused by apr_crypto_block_decrypt_init().
- * @param out Address of a buffer to which data will be written. This
- *            buffer must already exist, and is usually the same
- *            buffer used by apr_evp_crypt(). See note.
- * @param outlen Length of the output will be written here.
- * @param ctx The block context to use.
- * @return APR_ECRYPT if an error occurred.
- * @return APR_EPADDING if padding was enabled and the block was incorrectly
- *         formatted.
- * @return APR_ENOTIMPL if not implemented.
- */
-static apr_status_t crypto_block_decrypt_finish(unsigned char *out,
-        apr_size_t *outlen, apr_crypto_block_t *ctx)
-{
-    apr_size_t len = *outlen;
-
-    ctx->f->result->rc = CCCryptorFinal(ctx->ref, out,
-            CCCryptorGetOutputLength(ctx->ref, 0, 1), &len);
-
-    /* always clean up */
-    crypto_block_cleanup(ctx);
-
-    switch (ctx->f->result->rc) {
-    case kCCSuccess: {
-        break;
-    }
-    case kCCBufferTooSmall: {
-        return APR_ENOSPACE;
-    }
-    case kCCAlignmentError: {
-        return APR_EPADDING;
-    }
-    case kCCDecodeError: {
-        return APR_ECRYPT;
-    }
-    default: {
-        return APR_ECRYPT;
-    }
-    }
-    *outlen = len;
-
-    return APR_SUCCESS;
-
-}
-
-/**
- * OSX Common Crypto module.
- */
-APR_MODULE_DECLARE_DATA const apr_crypto_driver_t apr_crypto_commoncrypto_driver =
-{
-        "commoncrypto", crypto_init, crypto_make, crypto_get_block_key_types,
-        crypto_get_block_key_modes, crypto_passphrase,
-        crypto_block_encrypt_init, crypto_block_encrypt,
-        crypto_block_encrypt_finish, crypto_block_decrypt_init,
-        crypto_block_decrypt, crypto_block_decrypt_finish, crypto_block_cleanup,
-        crypto_cleanup, crypto_shutdown, crypto_error
-};
-
-#endif
+/* Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "apr_lib.h"
+#include "apu.h"
+#include "apr_private.h"
+#include "apu_errno.h"
+
+#include <ctype.h>
+#include <assert.h>
+#include <stdlib.h>
+
+#include "apr_strings.h"
+#include "apr_time.h"
+#include "apr_buckets.h"
+#include "apr_random.h"
+
+#include "apr_crypto_internal.h"
+
+#if APU_HAVE_CRYPTO
+
+#include <CommonCrypto/CommonCrypto.h>
+
+#define LOG_PREFIX "apr_crypto_commoncrypto: "
+
+struct apr_crypto_t
+{
+    apr_pool_t *pool;
+    const apr_crypto_driver_t *provider;
+    apu_err_t *result;
+    apr_array_header_t *keys;
+    apr_hash_t *types;
+    apr_hash_t *modes;
+    apr_random_t *rng;
+};
+
+struct apr_crypto_key_t
+{
+    apr_pool_t *pool;
+    const apr_crypto_driver_t *provider;
+    const apr_crypto_t *f;
+    CCAlgorithm algorithm;
+    CCOptions options;
+    unsigned char *key;
+    int keyLen;
+    int ivSize;
+    apr_size_t blockSize;
+};
+
+struct apr_crypto_block_t
+{
+    apr_pool_t *pool;
+    const apr_crypto_driver_t *provider;
+    const apr_crypto_t *f;
+    const apr_crypto_key_t *key;
+    CCCryptorRef ref;
+};
+
+static int key_3des_192 = APR_KEY_3DES_192;
+static int key_aes_128 = APR_KEY_AES_128;
+static int key_aes_192 = APR_KEY_AES_192;
+static int key_aes_256 = APR_KEY_AES_256;
+
+static int mode_ecb = APR_MODE_ECB;
+static int mode_cbc = APR_MODE_CBC;
+
+/**
+ * Fetch the most recent error from this driver.
+ */
+static apr_status_t crypto_error(const apu_err_t **result,
+        const apr_crypto_t *f)
+{
+    *result = f->result;
+    return APR_SUCCESS;
+}
+
+/**
+ * Shutdown the crypto library and release resources.
+ */
+static apr_status_t crypto_shutdown(void)
+{
+    return APR_SUCCESS;
+}
+
+static apr_status_t crypto_shutdown_helper(void *data)
+{
+    return crypto_shutdown();
+}
+
+/**
+ * Initialise the crypto library and perform one time initialisation.
+ */
+static apr_status_t crypto_init(apr_pool_t *pool, const char *params,
+        const apu_err_t **result)
+{
+
+    apr_pool_cleanup_register(pool, pool, crypto_shutdown_helper,
+            apr_pool_cleanup_null);
+
+    return APR_SUCCESS;
+}
+
+/**
+ * @brief Clean encryption / decryption context.
+ * @note After cleanup, a context is free to be reused if necessary.
+ * @param ctx The block context to use.
+ * @return Returns APR_ENOTIMPL if not supported.
+ */
+static apr_status_t crypto_block_cleanup(apr_crypto_block_t *ctx)
+{
+
+    if (ctx->ref) {
+        CCCryptorRelease(ctx->ref);
+        ctx->ref = NULL;
+    }
+
+    return APR_SUCCESS;
+
+}
+
+static apr_status_t crypto_block_cleanup_helper(void *data)
+{
+    apr_crypto_block_t *block = (apr_crypto_block_t *) data;
+    return crypto_block_cleanup(block);
+}
+
+/**
+ * @brief Clean encryption / decryption context.
+ * @note After cleanup, a context is free to be reused if necessary.
+ * @param f The context to use.
+ * @return Returns APR_ENOTIMPL if not supported.
+ */
+static apr_status_t crypto_cleanup(apr_crypto_t *f)
+{
+
+    return APR_SUCCESS;
+
+}
+
+static apr_status_t crypto_cleanup_helper(void *data)
+{
+    apr_crypto_t *f = (apr_crypto_t *) data;
+    return crypto_cleanup(f);
+}
+
+/**
+ * @brief Create a context for supporting encryption. Keys, certificates,
+ *        algorithms and other parameters will be set per context. More than
+ *        one context can be created at one time. A cleanup will be automatically
+ *        registered with the given pool to guarantee a graceful shutdown.
+ * @param f - context pointer will be written here
+ * @param provider - provider to use
+ * @param params - array of key parameters
+ * @param pool - process pool
+ * @return APR_ENOENGINE when the engine specified does not exist. APR_EINITENGINE
+ * if the engine cannot be initialised.
+ */
+static apr_status_t crypto_make(apr_crypto_t **ff,
+        const apr_crypto_driver_t *provider, const char *params,
+        apr_pool_t *pool)
+{
+    apr_crypto_t *f = apr_pcalloc(pool, sizeof(apr_crypto_t));
+    apr_status_t rv;
+
+    if (!f) {
+        return APR_ENOMEM;
+    }
+    *ff = f;
+    f->pool = pool;
+    f->provider = provider;
+
+    /* seed the secure random number generator */
+    f->rng = apr_random_standard_new(pool);
+    if (!f->rng) {
+        return APR_ENOMEM;
+    }
+    do {
+        unsigned char seed[8];
+        rv = apr_generate_random_bytes(seed, sizeof(seed));
+        if (rv != APR_SUCCESS) {
+            return rv;
+        }
+        apr_random_add_entropy(f->rng, seed, sizeof(seed));
+        rv = apr_random_secure_ready(f->rng);
+    } while (rv == APR_ENOTENOUGHENTROPY);
+
+    f->result = apr_pcalloc(pool, sizeof(apu_err_t));
+    if (!f->result) {
+        return APR_ENOMEM;
+    }
+
+    f->keys = apr_array_make(pool, 10, sizeof(apr_crypto_key_t));
+    if (!f->keys) {
+        return APR_ENOMEM;
+    }
+
+    f->types = apr_hash_make(pool);
+    if (!f->types) {
+        return APR_ENOMEM;
+    }
+    apr_hash_set(f->types, "3des192", APR_HASH_KEY_STRING, &(key_3des_192));
+    apr_hash_set(f->types, "aes128", APR_HASH_KEY_STRING, &(key_aes_128));
+    apr_hash_set(f->types, "aes192", APR_HASH_KEY_STRING, &(key_aes_192));
+    apr_hash_set(f->types, "aes256", APR_HASH_KEY_STRING, &(key_aes_256));
+
+    f->modes = apr_hash_make(pool);
+    if (!f->modes) {
+        return APR_ENOMEM;
+    }
+    apr_hash_set(f->modes, "ecb", APR_HASH_KEY_STRING, &(mode_ecb));
+    apr_hash_set(f->modes, "cbc", APR_HASH_KEY_STRING, &(mode_cbc));
+
+    apr_pool_cleanup_register(pool, f, crypto_cleanup_helper,
+            apr_pool_cleanup_null);
+
+    return APR_SUCCESS;
+
+}
+
+/**
+ * @brief Get a hash table of key types, keyed by the name of the type against
+ * an integer pointer constant.
+ *
+ * @param types - hashtable of key types keyed to constants.
+ * @param f - encryption context
+ * @return APR_SUCCESS for success
+ */
+static apr_status_t crypto_get_block_key_types(apr_hash_t **types,
+        const apr_crypto_t *f)
+{
+    *types = f->types;
+    return APR_SUCCESS;
+}
+
+/**
+ * @brief Get a hash table of key modes, keyed by the name of the mode against
+ * an integer pointer constant.
+ *
+ * @param modes - hashtable of key modes keyed to constants.
+ * @param f - encryption context
+ * @return APR_SUCCESS for success
+ */
+static apr_status_t crypto_get_block_key_modes(apr_hash_t **modes,
+        const apr_crypto_t *f)
+{
+    *modes = f->modes;
+    return APR_SUCCESS;
+}
+
+/**
+ * @brief Create a key from the given passphrase. By default, the PBKDF2
+ *        algorithm is used to generate the key from the passphrase. It is expected
+ *        that the same pass phrase will generate the same key, regardless of the
+ *        backend crypto platform used. The key is cleaned up when the context
+ *        is cleaned, and may be reused with multiple encryption or decryption
+ *        operations.
+ * @note If *key is NULL, a apr_crypto_key_t will be created from a pool. If
+ *       *key is not NULL, *key must point at a previously created structure.
+ * @param key The key returned, see note.
+ * @param ivSize The size of the initialisation vector will be returned, based
+ *               on whether an IV is relevant for this type of crypto.
+ * @param pass The passphrase to use.
+ * @param passLen The passphrase length in bytes
+ * @param salt The salt to use.
+ * @param saltLen The salt length in bytes
+ * @param type 3DES_192, AES_128, AES_192, AES_256.
+ * @param mode Electronic Code Book / Cipher Block Chaining.
+ * @param doPad Pad if necessary.
+ * @param iterations Iteration count
+ * @param f The context to use.
+ * @param p The pool to use.
+ * @return Returns APR_ENOKEY if the pass phrase is missing or empty, or if a backend
+ *         error occurred while generating the key. APR_ENOCIPHER if the type or mode
+ *         is not supported by the particular backend. APR_EKEYTYPE if the key type is
+ *         not known. APR_EPADDING if padding was requested but is not supported.
+ *         APR_ENOTIMPL if not implemented.
+ */
+static apr_status_t crypto_passphrase(apr_crypto_key_t **k, apr_size_t *ivSize,
+        const char *pass, apr_size_t passLen, const unsigned char * salt,
+        apr_size_t saltLen, const apr_crypto_block_key_type_e type,
+        const apr_crypto_block_key_mode_e mode, const int doPad,
+        const int iterations, const apr_crypto_t *f, apr_pool_t *p)
+{
+    apr_crypto_key_t *key = *k;
+
+    if (!key) {
+        *k = key = apr_array_push(f->keys);
+    }
+    if (!key) {
+        return APR_ENOMEM;
+    }
+
+    key->f = f;
+    key->provider = f->provider;
+
+    /* handle padding */
+    key->options = doPad ? kCCOptionPKCS7Padding : 0;
+
+    /* determine the algorithm to be used */
+    switch (type) {
+
+    case (APR_KEY_3DES_192):
+
+        /* A 3DES key */
+        if (mode == APR_MODE_CBC) {
+            key->algorithm = kCCAlgorithm3DES;
+            key->keyLen = kCCKeySize3DES;
+            key->ivSize = kCCBlockSize3DES;
+            key->blockSize = kCCBlockSize3DES;
+        }
+        else {
+            key->algorithm = kCCAlgorithm3DES;
+            key->options += kCCOptionECBMode;
+            key->keyLen = kCCKeySize3DES;
+            key->ivSize = 0;
+            key->blockSize = kCCBlockSize3DES;
+        }
+        break;
+
+    case (APR_KEY_AES_128):
+
+        if (mode == APR_MODE_CBC) {
+            key->algorithm = kCCAlgorithmAES128;
+            key->keyLen = kCCKeySizeAES128;
+            key->ivSize = kCCBlockSizeAES128;
+            key->blockSize = kCCBlockSizeAES128;
+        }
+        else {
+            key->algorithm = kCCAlgorithmAES128;
+            key->options += kCCOptionECBMode;
+            key->keyLen = kCCKeySizeAES128;
+            key->ivSize = 0;
+            key->blockSize = kCCBlockSizeAES128;
+        }
+        break;
+
+    case (APR_KEY_AES_192):
+
+        if (mode == APR_MODE_CBC) {
+            key->algorithm = kCCAlgorithmAES128;
+            key->keyLen = kCCKeySizeAES192;
+            key->ivSize = kCCBlockSizeAES128;
+            key->blockSize = kCCBlockSizeAES128;
+        }
+        else {
+            key->algorithm = kCCAlgorithmAES128;
+            key->options += kCCOptionECBMode;
+            key->keyLen = kCCKeySizeAES192;
+            key->ivSize = 0;
+            key->blockSize = kCCBlockSizeAES128;
+        }
+        break;
+
+    case (APR_KEY_AES_256):
+
+        if (mode == APR_MODE_CBC) {
+            key->algorithm = kCCAlgorithmAES128;
+            key->keyLen = kCCKeySizeAES256;
+            key->ivSize = kCCBlockSizeAES128;
+            key->blockSize = kCCBlockSizeAES128;
+        }
+        else {
+            key->algorithm = kCCAlgorithmAES128;
+            key->options += kCCOptionECBMode;
+            key->keyLen = kCCKeySizeAES256;
+            key->ivSize = 0;
+            key->blockSize = kCCBlockSizeAES128;
+        }
+        break;
+
+    default:
+
+        /* TODO: Support CAST, Blowfish */
+
+        /* unknown key type, give up */
+        return APR_EKEYTYPE;
+
+    }
+
+    /* make space for the key */
+    key->key = apr_pcalloc(p, key->keyLen);
+    if (!key->key) {
+        return APR_ENOMEM;
+    }
+    apr_crypto_clear(p, key->key, key->keyLen);
+
+    /* generate the key */
+    if ((f->result->rc = CCKeyDerivationPBKDF(kCCPBKDF2, pass, passLen, salt,
+            saltLen, kCCPRFHmacAlgSHA1, iterations, key->key, key->keyLen))
+            == kCCParamError) {
+        return APR_ENOKEY;
+    }
+
+    if (ivSize) {
+        *ivSize = key->ivSize;
+    }
+
+    return APR_SUCCESS;
+}
+
+/**
+ * @brief Initialise a context for encrypting arbitrary data using the given key.
+ * @note If *ctx is NULL, a apr_crypto_block_t will be created from a pool. If
+ *       *ctx is not NULL, *ctx must point at a previously created structure.
+ * @param ctx The block context returned, see note.
+ * @param iv Optional initialisation vector. If the buffer pointed to is NULL,
+ *           an IV will be created at random, in space allocated from the pool.
+ *           If the buffer pointed to is not NULL, the IV in the buffer will be
+ *           used.
+ * @param key The key structure.
+ * @param blockSize The block size of the cipher.
+ * @param p The pool to use.
+ * @return Returns APR_ENOIV if an initialisation vector is required but not specified.
+ *         Returns APR_EINIT if the backend failed to initialise the context. Returns
+ *         APR_ENOTIMPL if not implemented.
+ */
+static apr_status_t crypto_block_encrypt_init(apr_crypto_block_t **ctx,
+        const unsigned char **iv, const apr_crypto_key_t *key,
+        apr_size_t *blockSize, apr_pool_t *p)
+{
+    unsigned char *usedIv;
+    apr_crypto_block_t *block = *ctx;
+    if (!block) {
+        *ctx = block = apr_pcalloc(p, sizeof(apr_crypto_block_t));
+    }
+    if (!block) {
+        return APR_ENOMEM;
+    }
+    block->f = key->f;
+    block->pool = p;
+    block->provider = key->provider;
+    block->key = key;
+
+    apr_pool_cleanup_register(p, block, crypto_block_cleanup_helper,
+            apr_pool_cleanup_null);
+
+    /* generate an IV, if necessary */
+    usedIv = NULL;
+    if (key->ivSize) {
+        if (iv == NULL) {
+            return APR_ENOIV;
+        }
+        if (*iv == NULL) {
+            apr_status_t status;
+            usedIv = apr_pcalloc(p, key->ivSize);
+            if (!usedIv) {
+                return APR_ENOMEM;
+            }
+            apr_crypto_clear(p, usedIv, key->ivSize);
+            status = apr_random_secure_bytes(block->f->rng, usedIv,
+                    key->ivSize);
+            if (APR_SUCCESS != status) {
+                return status;
+            }
+            *iv = usedIv;
+        }
+        else {
+            usedIv = (unsigned char *) *iv;
+        }
+    }
+
+    /* create a new context for encryption */
+    switch ((block->f->result->rc = CCCryptorCreate(kCCEncrypt, key->algorithm,
+            key->options, key->key, key->keyLen, usedIv, &block->ref))) {
+    case kCCSuccess: {
+        break;
+    }
+    case kCCParamError: {
+        return APR_EINIT;
+    }
+    case kCCMemoryFailure: {
+        return APR_ENOMEM;
+    }
+    case kCCAlignmentError: {
+        return APR_EPADDING;
+    }
+    case kCCUnimplemented: {
+        return APR_ENOTIMPL;
+    }
+    default: {
+        return APR_EINIT;
+    }
+    }
+
+    if (blockSize) {
+        *blockSize = key->blockSize;
+    }
+
+    return APR_SUCCESS;
+
+}
+
+/**
+ * @brief Encrypt data provided by in, write it to out.
+ * @note The number of bytes written will be written to outlen. If
+ *       out is NULL, outlen will contain the maximum size of the
+ *       buffer needed to hold the data, including any data
+ *       generated by apr_crypto_block_encrypt_finish below. If *out points
+ *       to NULL, a buffer sufficiently large will be created from
+ *       the pool provided. If *out points to a not-NULL value, this
+ *       value will be used as a buffer instead.
+ * @param out Address of a buffer to which data will be written,
+ *        see note.
+ * @param outlen Length of the output will be written here.
+ * @param in Address of the buffer to read.
+ * @param inlen Length of the buffer to read.
+ * @param ctx The block context to use.
+ * @return APR_ECRYPT if an error occurred. Returns APR_ENOTIMPL if
+ *         not implemented.
+ */
+static apr_status_t crypto_block_encrypt(unsigned char **out,
+        apr_size_t *outlen, const unsigned char *in, apr_size_t inlen,
+        apr_crypto_block_t *ctx)
+{
+    apr_size_t outl = *outlen;
+    unsigned char *buffer;
+
+    /* are we after the maximum size of the out buffer? */
+    if (!out) {
+        *outlen = CCCryptorGetOutputLength(ctx->ref, inlen, 1);
+        return APR_SUCCESS;
+    }
+
+    /* must we allocate the output buffer from a pool? */
+    if (!*out) {
+        outl = CCCryptorGetOutputLength(ctx->ref, inlen, 1);
+        buffer = apr_palloc(ctx->pool, outl);
+        if (!buffer) {
+            return APR_ENOMEM;
+        }
+        apr_crypto_clear(ctx->pool, buffer, outl);
+        *out = buffer;
+    }
+
+    switch ((ctx->f->result->rc = CCCryptorUpdate(ctx->ref, in, inlen, (*out),
+            outl, &outl))) {
+    case kCCSuccess: {
+        break;
+    }
+    case kCCBufferTooSmall: {
+        return APR_ENOSPACE;
+    }
+    default: {
+        return APR_ECRYPT;
+    }
+    }
+    *outlen = outl;
+
+    return APR_SUCCESS;
+
+}
+
+/**
+ * @brief Encrypt final data block, write it to out.
+ * @note If necessary the final block will be written out after being
+ *       padded. Typically the final block will be written to the
+ *       same buffer used by apr_crypto_block_encrypt, offset by the
+ *       number of bytes returned as actually written by the
+ *       apr_crypto_block_encrypt() call. After this call, the context
+ *       is cleaned and can be reused by apr_crypto_block_encrypt_init().
+ * @param out Address of a buffer to which data will be written. This
+ *            buffer must already exist, and is usually the same
+ *            buffer used by apr_evp_crypt(). See note.
+ * @param outlen Length of the output will be written here.
+ * @param ctx The block context to use.
+ * @return APR_ECRYPT if an error occurred.
+ * @return APR_EPADDING if padding was enabled and the block was incorrectly
+ *         formatted.
+ * @return APR_ENOTIMPL if not implemented.
+ */
+static apr_status_t crypto_block_encrypt_finish(unsigned char *out,
+        apr_size_t *outlen, apr_crypto_block_t *ctx)
+{
+    apr_size_t len = *outlen;
+
+    ctx->f->result->rc = CCCryptorFinal(ctx->ref, out,
+            CCCryptorGetOutputLength(ctx->ref, 0, 1), &len);
+
+    /* always clean up */
+    crypto_block_cleanup(ctx);
+
+    switch (ctx->f->result->rc) {
+    case kCCSuccess: {
+        break;
+    }
+    case kCCBufferTooSmall: {
+        return APR_ENOSPACE;
+    }
+    case kCCAlignmentError: {
+        return APR_EPADDING;
+    }
+    case kCCDecodeError: {
+        return APR_ECRYPT;
+    }
+    default: {
+        return APR_ECRYPT;
+    }
+    }
+    *outlen = len;
+
+    return APR_SUCCESS;
+
+}
+
+/**
+ * @brief Initialise a context for decrypting arbitrary data using the given key.
+ * @note If *ctx is NULL, a apr_crypto_block_t will be created from a pool. If
+ *       *ctx is not NULL, *ctx must point at a previously created structure.
+ * @param ctx The block context returned, see note.
+ * @param blockSize The block size of the cipher.
+ * @param iv Optional initialisation vector. If the buffer pointed to is NULL,
+ *           an IV will be created at random, in space allocated from the pool.
+ *           If the buffer is not NULL, the IV in the buffer will be used.
+ * @param key The key structure.
+ * @param p The pool to use.
+ * @return Returns APR_ENOIV if an initialisation vector is required but not specified.
+ *         Returns APR_EINIT if the backend failed to initialise the context. Returns
+ *         APR_ENOTIMPL if not implemented.
+ */
+static apr_status_t crypto_block_decrypt_init(apr_crypto_block_t **ctx,
+        apr_size_t *blockSize, const unsigned char *iv,
+        const apr_crypto_key_t *key, apr_pool_t *p)
+{
+    apr_crypto_block_t *block = *ctx;
+    if (!block) {
+        *ctx = block = apr_pcalloc(p, sizeof(apr_crypto_block_t));
+    }
+    if (!block) {
+        return APR_ENOMEM;
+    }
+    block->f = key->f;
+    block->pool = p;
+    block->provider = key->provider;
+
+    apr_pool_cleanup_register(p, block, crypto_block_cleanup_helper,
+            apr_pool_cleanup_null);
+
+    /* generate an IV, if necessary */
+    if (key->ivSize) {
+        if (iv == NULL) {
+            return APR_ENOIV;
+        }
+    }
+
+    /* create a new context for decryption */
+    switch ((block->f->result->rc = CCCryptorCreate(kCCDecrypt, key->algorithm,
+            key->options, key->key, key->keyLen, iv, &block->ref))) {
+    case kCCSuccess: {
+        break;
+    }
+    case kCCParamError: {
+        return APR_EINIT;
+    }
+    case kCCMemoryFailure: {
+        return APR_ENOMEM;
+    }
+    case kCCAlignmentError: {
+        return APR_EPADDING;
+    }
+    case kCCUnimplemented: {
+        return APR_ENOTIMPL;
+    }
+    default: {
+        return APR_EINIT;
+    }
+    }
+
+    if (blockSize) {
+        *blockSize = key->blockSize;
+    }
+
+    return APR_SUCCESS;
+
+}
+
+/**
+ * @brief Decrypt data provided by in, write it to out.
+ * @note The number of bytes written will be written to outlen. If
+ *       out is NULL, outlen will contain the maximum size of the
+ *       buffer needed to hold the data, including any data
+ *       generated by apr_crypto_block_decrypt_finish below. If *out points
+ *       to NULL, a buffer sufficiently large will be created from
+ *       the pool provided. If *out points to a not-NULL value, this
+ *       value will be used as a buffer instead.
+ * @param out Address of a buffer to which data will be written,
+ *        see note.
+ * @param outlen Length of the output will be written here.
+ * @param in Address of the buffer to read.
+ * @param inlen Length of the buffer to read.
+ * @param ctx The block context to use.
+ * @return APR_ECRYPT if an error occurred. Returns APR_ENOTIMPL if
+ *         not implemented.
+ */
+static apr_status_t crypto_block_decrypt(unsigned char **out,
+        apr_size_t *outlen, const unsigned char *in, apr_size_t inlen,
+        apr_crypto_block_t *ctx)
+{
+    apr_size_t outl = *outlen;
+    unsigned char *buffer;
+
+    /* are we after the maximum size of the out buffer? */
+    if (!out) {
+        *outlen = CCCryptorGetOutputLength(ctx->ref, inlen, 1);
+        return APR_SUCCESS;
+    }
+
+    /* must we allocate the output buffer from a pool? */
+    if (!*out) {
+        outl = CCCryptorGetOutputLength(ctx->ref, inlen, 1);
+        buffer = apr_palloc(ctx->pool, outl);
+        if (!buffer) {
+            return APR_ENOMEM;
+        }
+        apr_crypto_clear(ctx->pool, buffer, outl);
+        *out = buffer;
+    }
+
+    switch ((ctx->f->result->rc = CCCryptorUpdate(ctx->ref, in, inlen, (*out),
+            outl, &outl))) {
+    case kCCSuccess: {
+        break;
+    }
+    case kCCBufferTooSmall: {
+        return APR_ENOSPACE;
+    }
+    default: {
+        return APR_ECRYPT;
+    }
+    }
+    *outlen = outl;
+
+    return APR_SUCCESS;
+
+}
+
+/**
+ * @brief Decrypt final data block, write it to out.
+ * @note If necessary the final block will be written out after being
+ *       padded. Typically the final block will be written to the
+ *       same buffer used by apr_crypto_block_decrypt, offset by the
+ *       number of bytes returned as actually written by the
+ *       apr_crypto_block_decrypt() call. After this call, the context
+ *       is cleaned and can be reused by apr_crypto_block_decrypt_init().
+ * @param out Address of a buffer to which data will be written. This
+ *            buffer must already exist, and is usually the same
+ *            buffer used by apr_evp_crypt(). See note.
+ * @param outlen Length of the output will be written here.
+ * @param ctx The block context to use.
+ * @return APR_ECRYPT if an error occurred.
+ * @return APR_EPADDING if padding was enabled and the block was incorrectly
+ *         formatted.
+ * @return APR_ENOTIMPL if not implemented.
+ */
+static apr_status_t crypto_block_decrypt_finish(unsigned char *out,
+        apr_size_t *outlen, apr_crypto_block_t *ctx)
+{
+    apr_size_t len = *outlen;
+
+    ctx->f->result->rc = CCCryptorFinal(ctx->ref, out,
+            CCCryptorGetOutputLength(ctx->ref, 0, 1), &len);
+
+    /* always clean up */
+    crypto_block_cleanup(ctx);
+
+    switch (ctx->f->result->rc) {
+    case kCCSuccess: {
+        break;
+    }
+    case kCCBufferTooSmall: {
+        return APR_ENOSPACE;
+    }
+    case kCCAlignmentError: {
+        return APR_EPADDING;
+    }
+    case kCCDecodeError: {
+        return APR_ECRYPT;
+    }
+    default: {
+        return APR_ECRYPT;
+    }
+    }
+    *outlen = len;
+
+    return APR_SUCCESS;
+
+}
+
+/**
+ * OSX Common Crypto module.
+ */
+APR_MODULE_DECLARE_DATA const apr_crypto_driver_t apr_crypto_commoncrypto_driver =
+{
+        "commoncrypto", crypto_init, crypto_make, crypto_get_block_key_types,
+        crypto_get_block_key_modes, crypto_passphrase,
+        crypto_block_encrypt_init, crypto_block_encrypt,
+        crypto_block_encrypt_finish, crypto_block_decrypt_init,
+        crypto_block_decrypt, crypto_block_decrypt_finish, crypto_block_cleanup,
+        crypto_cleanup, crypto_shutdown, crypto_error
+};
+
+#endif



Mime
View raw message