Return-Path: X-Original-To: apmail-apr-dev-archive@www.apache.org Delivered-To: apmail-apr-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id BE994108C7 for ; Tue, 9 Dec 2014 16:50:26 +0000 (UTC) Received: (qmail 37974 invoked by uid 500); 9 Dec 2014 16:50:21 -0000 Delivered-To: apmail-apr-dev-archive@apr.apache.org Received: (qmail 37893 invoked by uid 500); 9 Dec 2014 16:50:21 -0000 Mailing-List: contact dev-help@apr.apache.org; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Id: Delivered-To: mailing list dev@apr.apache.org Received: (qmail 37883 invoked by uid 99); 9 Dec 2014 16:50:21 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 09 Dec 2014 16:50:21 +0000 X-ASF-Spam-Status: No, hits=-0.0 required=5.0 tests=SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of minfrin@sharp.fm designates 80.168.143.5 as permitted sender) Received: from [80.168.143.5] (HELO monica.sharp.fm) (80.168.143.5) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 09 Dec 2014 16:49:53 +0000 Received: from [192.168.88.249] (unknown [192.168.88.249]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) (Authenticated sender: minfrin@sharp.fm) by monica.sharp.fm (Postfix) with ESMTPSA id 6F2D681C78 for ; Tue, 9 Dec 2014 16:49:22 +0000 (GMT) From: Graham Leggett Content-Type: multipart/mixed; boundary="Apple-Mail=_E605D0E2-A880-4AFF-916C-0DF9ADF1A2AF" Message-Id: <78FD825C-88F0-4B0D-BE1A-8BAE3CF68C95@sharp.fm> Mime-Version: 1.0 (Mac OS X Mail 8.1 \(1993\)) Subject: Re: [Patch] apr-crypto: support for symmetric keys (for HLS) Date: Tue, 9 Dec 2014 18:49:21 +0200 References: <8495F8D0-1F77-4905-9AD2-4E2E9EEC8B61@sharp.fm> To: dev List In-Reply-To: <8495F8D0-1F77-4905-9AD2-4E2E9EEC8B61@sharp.fm> X-Mailer: Apple Mail (2.1993) X-Virus-Checked: Checked by ClamAV on apache.org --Apple-Mail=_E605D0E2-A880-4AFF-916C-0DF9ADF1A2AF Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 On 01 Dec 2014, at 2:58 AM, Graham Leggett wrote: > The HLS protocol calls for the ability to do aes128 encryption using a = symmetrical key. This updated patch caters for IV sizes that are not equal to the block = size. Regards, Graham =E2=80=94 --Apple-Mail=_E605D0E2-A880-4AFF-916C-0DF9ADF1A2AF Content-Disposition: attachment; filename=apr-crypto-secretkey2.patch Content-Type: application/octet-stream; name="apr-crypto-secretkey2.patch" Content-Transfer-Encoding: quoted-printable Index:=20include/apr_crypto.h=0A= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=0A---=20= include/apr_crypto.h=09(revision=201627411)=0A+++=20include/apr_crypto.h=09= (working=20copy)=0A@@=20-127,6=20+127,48=20@@=0A=20typedef=20struct=20= apr_crypto_key_t=20apr_crypto_key_t;=0A=20typedef=20struct=20= apr_crypto_block_t=20apr_crypto_block_t;=0A=20=0A+typedef=20struct=20= apr_crypto_block_key_type_t=20{=0A+=20=20=20=20= apr_crypto_block_key_type_e=20type;=0A+=20=20=20=20int=20keysize;=0A+=20=20= =20=20int=20blocksize;=0A+=20=20=20=20int=20ivsize;=0A+}=20= apr_crypto_block_key_type_t;=0A+=0A+typedef=20struct=20= apr_crypto_block_key_mode_t=20{=0A+=20=20=20=20= apr_crypto_block_key_mode_e=20mode;=0A+}=20apr_crypto_block_key_mode_t;=0A= +=0A+typedef=20struct=20apr_crypto_passphrase_t=20{=0A+=20=20=20=20const=20= char=20*pass;=0A+=20=20=20=20apr_size_t=20passLen;=0A+=20=20=20=20const=20= unsigned=20char=20*=20salt;=0A+=20=20=20=20apr_size_t=20saltLen;=0A+=20=20= =20=20int=20iterations;=0A+}=20apr_crypto_passphrase_t;=0A+=0A+typedef=20= struct=20apr_crypto_secret_t=20{=0A+=20=20=20=20const=20unsigned=20char=20= *secret;=0A+=20=20=20=20apr_size_t=20secretLen;=0A+}=20= apr_crypto_secret_t;=0A+=0A+typedef=20enum=20{=0A+=20=20=20=20/**=20Key=20= is=20derived=20from=20a=20passphrase=20*/=0A+=20=20=20=20= APR_CRYPTO_KTYPE_PASSPHRASE=20=20=20=20=20=3D=201,=0A+=20=20=20=20/**=20= Key=20is=20derived=20from=20a=20raw=20key=20*/=0A+=20=20=20=20= APR_CRYPTO_KTYPE_SECRET=20=20=20=20=20=3D=202,=0A+}=20= apr_crypto_key_type;=0A+=0A+typedef=20struct=20apr_crypto_key_rec_t=20{=0A= +=20=20=20=20apr_crypto_key_type=20ktype;=0A+=20=20=20=20= apr_crypto_block_key_type_e=20type;=0A+=20=20=20=20= apr_crypto_block_key_mode_e=20mode;=0A+=20=20=20=20int=20pad;=0A+=20=20=20= =20union=20{=0A+=20=20=20=20=20=20=20=20apr_crypto_passphrase_t=20= passphrase;=0A+=20=20=20=20=20=20=20=20apr_crypto_secret_t=20secret;=0A+=20= =20=20=20}=20k;=0A+}=20apr_crypto_key_rec_t;=0A+=0A=20/**=0A=20=20*=20= @brief=20Perform=20once-only=20initialisation.=20Call=20once=20only.=0A=20= =20*=0A@@=20-208,7=20+250,7=20@@=0A=20=0A=20/**=0A=20=20*=20@brief=20Get=20= a=20hash=20table=20of=20key=20types,=20keyed=20by=20the=20name=20of=20= the=20type=20against=0A-=20*=20an=20integer=20pointer=20constant.=0A+=20= *=20a=20pointer=20to=20apr_crypto_block_key_type_t.=0A=20=20*=0A=20=20*=20= @param=20types=20-=20hashtable=20of=20key=20types=20keyed=20to=20= constants.=0A=20=20*=20@param=20f=20-=20encryption=20context=0A@@=20= -219,7=20+261,7=20@@=0A=20=0A=20/**=0A=20=20*=20@brief=20Get=20a=20hash=20= table=20of=20key=20modes,=20keyed=20by=20the=20name=20of=20the=20mode=20= against=0A-=20*=20an=20integer=20pointer=20constant.=0A+=20*=20a=20= pointer=20to=20apr_crypto_block_key_mode_t.=0A=20=20*=0A=20=20*=20@param=20= modes=20-=20hashtable=20of=20key=20modes=20keyed=20to=20constants.=0A=20=20= *=20@param=20f=20-=20encryption=20context=0A@@=20-229,6=20+271,25=20@@=0A= =20=20=20=20=20=20=20=20=20const=20apr_crypto_t=20*f);=0A=20=0A=20/**=0A= +=20*=20@brief=20Create=20a=20key=20from=20the=20provided=20secret=20or=20= passphrase.=20The=20key=20is=20cleaned=0A+=20*=20=20=20=20=20=20=20=20up=20= when=20the=20context=20is=20cleaned,=20and=20may=20be=20reused=20with=20= multiple=20encryption=0A+=20*=20=20=20=20=20=20=20=20or=20decryption=20= operations.=0A+=20*=20@note=20If=20*key=20is=20NULL,=20a=20= apr_crypto_key_t=20will=20be=20created=20from=20a=20pool.=20If=0A+=20*=20= =20=20=20=20=20=20*key=20is=20not=20NULL,=20*key=20must=20point=20at=20a=20= previously=20created=20structure.=0A+=20*=20@param=20key=20The=20key=20= returned,=20see=20note.=0A+=20*=20@param=20rec=20The=20key=20record,=20= from=20which=20the=20key=20will=20be=20derived.=0A+=20*=20@param=20f=20= The=20context=20to=20use.=0A+=20*=20@param=20p=20The=20pool=20to=20use.=0A= +=20*=20@return=20Returns=20APR_ENOKEY=20if=20the=20pass=20phrase=20is=20= missing=20or=20empty,=20or=20if=20a=20backend=0A+=20*=20=20=20=20=20=20=20= =20=20error=20occurred=20while=20generating=20the=20key.=20APR_ENOCIPHER=20= if=20the=20type=20or=20mode=0A+=20*=20=20=20=20=20=20=20=20=20is=20not=20= supported=20by=20the=20particular=20backend.=20APR_EKEYTYPE=20if=20the=20= key=20type=20is=0A+=20*=20=20=20=20=20=20=20=20=20not=20known.=20= APR_EPADDING=20if=20padding=20was=20requested=20but=20is=20not=20= supported.=0A+=20*=20=20=20=20=20=20=20=20=20APR_ENOTIMPL=20if=20not=20= implemented.=0A+=20*/=0A+APR_DECLARE(apr_status_t)=20= apr_crypto_key(apr_crypto_key_t=20**key,=0A+=20=20=20=20=20=20=20=20= const=20apr_crypto_key_rec_t=20*rec,=20const=20apr_crypto_t=20*f,=20= apr_pool_t=20*p);=0A+=0A+/**=0A=20=20*=20@brief=20Create=20a=20key=20= from=20the=20given=20passphrase.=20By=20default,=20the=20PBKDF2=0A=20=20= *=20=20=20=20=20=20=20=20algorithm=20is=20used=20to=20generate=20the=20= key=20from=20the=20passphrase.=20It=20is=20expected=0A=20=20*=20=20=20=20= =20=20=20=20that=20the=20same=20pass=20phrase=20will=20generate=20the=20= same=20key,=20regardless=20of=20the=0A@@=20-255,6=20+316,7=20@@=0A=20=20= *=20=20=20=20=20=20=20=20=20is=20not=20supported=20by=20the=20particular=20= backend.=20APR_EKEYTYPE=20if=20the=20key=20type=20is=0A=20=20*=20=20=20=20= =20=20=20=20=20not=20known.=20APR_EPADDING=20if=20padding=20was=20= requested=20but=20is=20not=20supported.=0A=20=20*=20=20=20=20=20=20=20=20= =20APR_ENOTIMPL=20if=20not=20implemented.=0A+=20*=20@deprecated=20= Replaced=20by=20apr_crypto_key().=0A=20=20*/=0A=20= APR_DECLARE(apr_status_t)=20apr_crypto_passphrase(apr_crypto_key_t=20= **key,=0A=20=20=20=20=20=20=20=20=20apr_size_t=20*ivSize,=20const=20char=20= *pass,=20apr_size_t=20passLen,=0AIndex:=20= include/private/apr_crypto_internal.h=0A= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=0A---=20= include/private/apr_crypto_internal.h=09(revision=201627411)=0A+++=20= include/private/apr_crypto_internal.h=09(working=20copy)=0A@@=20-59,7=20= +59,7=20@@=0A=20=0A=20=20=20=20=20/**=0A=20=20=20=20=20=20*=20@brief=20= Get=20a=20hash=20table=20of=20key=20types,=20keyed=20by=20the=20name=20= of=20the=20type=20against=0A-=20=20=20=20=20*=20an=20integer=20pointer=20= constant.=0A+=20=20=20=20=20*=20a=20pointer=20to=20= apr_crypto_block_key_type_t.=0A=20=20=20=20=20=20*=0A=20=20=20=20=20=20*=20= @param=20types=20-=20hashtable=20of=20key=20types=20keyed=20to=20= constants.=0A=20=20=20=20=20=20*=20@param=20f=20-=20encryption=20context=0A= @@=20-70,7=20+70,7=20@@=0A=20=0A=20=20=20=20=20/**=0A=20=20=20=20=20=20*=20= @brief=20Get=20a=20hash=20table=20of=20key=20modes,=20keyed=20by=20the=20= name=20of=20the=20mode=20against=0A-=20=20=20=20=20*=20an=20integer=20= pointer=20constant.=0A+=20=20=20=20=20*=20a=20pointer=20to=20= apr_crypto_block_key_mode_t.=0A=20=20=20=20=20=20*=0A=20=20=20=20=20=20*=20= @param=20modes=20-=20hashtable=20of=20key=20modes=20keyed=20to=20= constants.=0A=20=20=20=20=20=20*=20@param=20f=20-=20encryption=20context=0A= @@=20-267,6=20+267,25=20@@=0A=20=20=20=20=20=20*/=0A=20=20=20=20=20= apr_status_t=20(*error)(const=20apu_err_t=20**result,=20const=20= apr_crypto_t=20*f);=0A=20=0A+=20=20=20=20/**=0A+=20=20=20=20=20*=20= @brief=20Create=20a=20key=20from=20the=20provided=20secret=20or=20= passphrase.=20The=20key=20is=20cleaned=0A+=20=20=20=20=20*=20=20=20=20=20= =20=20=20up=20when=20the=20context=20is=20cleaned,=20and=20may=20be=20= reused=20with=20multiple=20encryption=0A+=20=20=20=20=20*=20=20=20=20=20=20= =20=20or=20decryption=20operations.=0A+=20=20=20=20=20*=20@note=20If=20= *key=20is=20NULL,=20a=20apr_crypto_key_t=20will=20be=20created=20from=20= a=20pool.=20If=0A+=20=20=20=20=20*=20=20=20=20=20=20=20*key=20is=20not=20= NULL,=20*key=20must=20point=20at=20a=20previously=20created=20structure.=0A= +=20=20=20=20=20*=20@param=20key=20The=20key=20returned,=20see=20note.=0A= +=20=20=20=20=20*=20@param=20rec=20The=20key=20record,=20from=20which=20= the=20key=20will=20be=20derived.=0A+=20=20=20=20=20*=20@param=20f=20The=20= context=20to=20use.=0A+=20=20=20=20=20*=20@param=20p=20The=20pool=20to=20= use.=0A+=20=20=20=20=20*=20@return=20Returns=20APR_ENOKEY=20if=20the=20= pass=20phrase=20is=20missing=20or=20empty,=20or=20if=20a=20backend=0A+=20= =20=20=20=20*=20=20=20=20=20=20=20=20=20error=20occurred=20while=20= generating=20the=20key.=20APR_ENOCIPHER=20if=20the=20type=20or=20mode=0A= +=20=20=20=20=20*=20=20=20=20=20=20=20=20=20is=20not=20supported=20by=20= the=20particular=20backend.=20APR_EKEYTYPE=20if=20the=20key=20type=20is=0A= +=20=20=20=20=20*=20=20=20=20=20=20=20=20=20not=20known.=20APR_EPADDING=20= if=20padding=20was=20requested=20but=20is=20not=20supported.=0A+=20=20=20= =20=20*=20=20=20=20=20=20=20=20=20APR_ENOTIMPL=20if=20not=20implemented.=0A= +=20=20=20=20=20*/=0A+=20=20=20=20apr_status_t=20(*key)(apr_crypto_key_t=20= **key,=20const=20apr_crypto_key_rec_t=20*rec,=0A+=20=20=20=20=20=20=20=20= =20=20=20=20const=20apr_crypto_t=20*f,=20apr_pool_t=20*p);=0A+=0A=20};=0A= =20=0A=20#endif=0AIndex:=20test/testcrypto.c=0A= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=0A---=20= test/testcrypto.c=09(revision=201627411)=0A+++=20test/testcrypto.c=09= (working=20copy)=0A@@=20-102,6=20+102,59=20@@=0A=20=0A=20}=0A=20=0A= +static=20const=20apr_crypto_key_t=20*keysecret(abts_case=20*tc,=20= apr_pool_t=20*pool,=0A+=20=20=20=20=20=20=20=20const=20= apr_crypto_driver_t=20*driver,=20const=20apr_crypto_t=20*f,=0A+=20=20=20=20= =20=20=20=20apr_crypto_block_key_type_e=20type,=20= apr_crypto_block_key_mode_e=20mode,=0A+=20=20=20=20=20=20=20=20int=20= doPad,=20apr_size_t=20secretLen,=20const=20char=20*description)=0A+{=0A+=20= =20=20=20apr_crypto_key_t=20*key=20=3D=20NULL;=0A+=20=20=20=20const=20= apu_err_t=20*result=20=3D=20NULL;=0A+=20=20=20=20apr_crypto_key_rec_t=20= *rec=20=3D=20apr_pcalloc(pool,=20sizeof(apr_crypto_key_rec_t));=0A+=20=20= =20=20apr_status_t=20rv;=0A+=0A+=20=20=20=20if=20(!f)=20{=0A+=20=20=20=20= =20=20=20=20return=20NULL;=0A+=20=20=20=20}=0A+=0A+=20=20=20=20= rec->ktype=20=3D=20APR_CRYPTO_KTYPE_SECRET;=0A+=20=20=20=20rec->type=20=3D= =20type;=0A+=20=20=20=20rec->mode=20=3D=20mode;=0A+=20=20=20=20rec->pad=20= =3D=20doPad;=0A+=20=20=20=20rec->k.secret.secret=20=3D=20= apr_pcalloc(pool,=20secretLen);=0A+=20=20=20=20rec->k.secret.secretLen=20= =3D=20secretLen;=0A+=0A+=20=20=20=20/*=20init=20the=20passphrase=20*/=0A= +=20=20=20=20rv=20=3D=20apr_crypto_key(&key,=20NULL,=20rec,=20f,=20= pool);=0A+=20=20=20=20if=20(APR_ENOCIPHER=20=3D=3D=20rv)=20{=0A+=20=20=20= =20=20=20=20=20apr_crypto_error(&result,=20f);=0A+=20=20=20=20=20=20=20=20= ABTS_NOT_IMPL(tc,=0A+=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20= apr_psprintf(pool,=20"skipped:=20%s=20%s=20key=20return=20APR_ENOCIPHER:=20= error=20%d:=20%s=20(%s)\n",=20description,=20= apr_crypto_driver_name(driver),=20result->rc,=20result->reason=20?=20= result->reason=20:=20"",=20result->msg=20?=20result->msg=20:=20""));=0A+=20= =20=20=20=20=20=20=20return=20NULL;=0A+=20=20=20=20}=0A+=20=20=20=20else=20= {=0A+=20=20=20=20=20=20=20=20if=20(APR_SUCCESS=20!=3D=20rv)=20{=0A+=20=20= =20=20=20=20=20=20=20=20=20=20apr_crypto_error(&result,=20f);=0A+=20=20=20= =20=20=20=20=20=20=20=20=20fprintf(stderr,=20"key:=20%s=20%s=20apr=20= error=20%d=20/=20native=20error=20%d:=20%s=20(%s)\n",=0A+=20=20=20=20=20=20= =20=20=20=20=20=20=20=20=20=20=20=20=20=20description,=20= apr_crypto_driver_name(driver),=20rv,=20result->rc,=0A+=20=20=20=20=20=20= =20=20=20=20=20=20=20=20=20=20=20=20=20=20result->reason=20?=20= result->reason=20:=20"",=0A+=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20= =20=20=20=20=20result->msg=20?=20result->msg=20:=20"");=0A+=20=20=20=20=20= =20=20=20}=0A+=20=20=20=20=20=20=20=20ABTS_ASSERT(tc,=20"apr_crypto_key=20= returned=20APR_EKEYLENGTH",=20rv=20!=3D=20APR_EKEYLENGTH);=0A+=20=20=20=20= =20=20=20=20ABTS_ASSERT(tc,=20"apr_crypto_key=20returned=20APR_ENOKEY",=20= rv=20!=3D=20APR_ENOKEY);=0A+=20=20=20=20=20=20=20=20ABTS_ASSERT(tc,=20= "apr_crypto_key=20returned=20APR_EPADDING",=0A+=20=20=20=20=20=20=20=20=20= =20=20=20=20=20=20=20rv=20!=3D=20APR_EPADDING);=0A+=20=20=20=20=20=20=20=20= ABTS_ASSERT(tc,=20"apr_crypto_key=20returned=20APR_EKEYTYPE",=0A+=20=20=20= =20=20=20=20=20=20=20=20=20=20=20=20=20rv=20!=3D=20APR_EKEYTYPE);=0A+=20=20= =20=20=20=20=20=20ABTS_ASSERT(tc,=20"failed=20to=20apr_crypto_key",=20rv=20= =3D=3D=20APR_SUCCESS);=0A+=20=20=20=20=20=20=20=20ABTS_ASSERT(tc,=20= "apr_crypto_key=20returned=20NULL=20context",=20key=20!=3D=20NULL);=0A+=20= =20=20=20}=0A+=20=20=20=20if=20(rv)=20{=0A+=20=20=20=20=20=20=20=20= return=20NULL;=0A+=20=20=20=20}=0A+=20=20=20=20return=20key;=0A+=0A+}=0A= +=0A=20static=20const=20apr_crypto_key_t=20*passphrase(abts_case=20*tc,=20= apr_pool_t=20*pool,=0A=20=20=20=20=20=20=20=20=20const=20= apr_crypto_driver_t=20*driver,=20const=20apr_crypto_t=20*f,=0A=20=20=20=20= =20=20=20=20=20apr_crypto_block_key_type_e=20type,=20= apr_crypto_block_key_mode_e=20mode,=0A@@=20-133,8=20+186,8=20@@=0A=20=20=20= =20=20else=20{=0A=20=20=20=20=20=20=20=20=20if=20(APR_SUCCESS=20!=3D=20= rv)=20{=0A=20=20=20=20=20=20=20=20=20=20=20=20=20= apr_crypto_error(&result,=20f);=0A-=20=20=20=20=20=20=20=20=20=20=20=20= fprintf(stderr,=20"passphrase:=20%s=20%s=20native=20error=20%d:=20%s=20= (%s)\n",=0A-=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20= description,=20apr_crypto_driver_name(driver),=20result->rc,=0A+=20=20=20= =20=20=20=20=20=20=20=20=20fprintf(stderr,=20"passphrase:=20%s=20%s=20= apr=20error=20%d=20/=20native=20error=20%d:=20%s=20(%s)\n",=0A+=20=20=20=20= =20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20description,=20= apr_crypto_driver_name(driver),=20rv,=20result->rc,=0A=20=20=20=20=20=20=20= =20=20=20=20=20=20=20=20=20=20=20=20=20=20result->reason=20?=20= result->reason=20:=20"",=0A=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20= =20=20=20=20=20result->msg=20?=20result->msg=20:=20"");=0A=20=20=20=20=20= =20=20=20=20}=0A@@=20-151,6=20+204,64=20@@=0A=20=0A=20}=0A=20=0A+static=20= const=20apr_crypto_key_t=20*keypassphrase(abts_case=20*tc,=20apr_pool_t=20= *pool,=0A+=20=20=20=20=20=20=20=20const=20apr_crypto_driver_t=20*driver,=20= const=20apr_crypto_t=20*f,=0A+=20=20=20=20=20=20=20=20= apr_crypto_block_key_type_e=20type,=20apr_crypto_block_key_mode_e=20= mode,=0A+=20=20=20=20=20=20=20=20int=20doPad,=20const=20char=20= *description)=0A+{=0A+=0A+=20=20=20=20apr_crypto_key_t=20*key=20=3D=20= NULL;=0A+=20=20=20=20const=20apu_err_t=20*result=20=3D=20NULL;=0A+=20=20=20= =20const=20char=20*pass=20=3D=20"secret";=0A+=20=20=20=20const=20char=20= *salt=20=3D=20"salt";=0A+=20=20=20=20apr_crypto_key_rec_t=20*rec=20=3D=20= apr_pcalloc(pool,=20sizeof(apr_crypto_key_rec_t));=0A+=20=20=20=20= apr_status_t=20rv;=0A+=0A+=20=20=20=20if=20(!f)=20{=0A+=20=20=20=20=20=20= =20=20return=20NULL;=0A+=20=20=20=20}=0A+=0A+=20=20=20=20rec->ktype=20=3D=20= APR_CRYPTO_KTYPE_PASSPHRASE;=0A+=20=20=20=20rec->type=20=3D=20type;=0A+=20= =20=20=20rec->mode=20=3D=20mode;=0A+=20=20=20=20rec->pad=20=3D=20doPad;=0A= +=20=20=20=20rec->k.passphrase.pass=20=3D=20pass;=0A+=20=20=20=20= rec->k.passphrase.passLen=20=3D=20strlen(pass);=0A+=20=20=20=20= rec->k.passphrase.salt=20=3D=20(unsigned=20char=20*)salt;=0A+=20=20=20=20= rec->k.passphrase.saltLen=20=3D=20strlen(salt);=0A+=20=20=20=20= rec->k.passphrase.iterations=20=3D=204096;=0A+=0A+=20=20=20=20/*=20init=20= the=20passphrase=20*/=0A+=20=20=20=20rv=20=3D=20apr_crypto_key(&key,=20= NULL,=20rec,=20f,=20pool);=0A+=20=20=20=20if=20(APR_ENOCIPHER=20=3D=3D=20= rv)=20{=0A+=20=20=20=20=20=20=20=20apr_crypto_error(&result,=20f);=0A+=20= =20=20=20=20=20=20=20ABTS_NOT_IMPL(tc,=20apr_psprintf(pool,=0A+=20=20=20=20= =20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20"skipped:=20= %s=20%s=20key=20passphrase=20return=20APR_ENOCIPHER:=20error=20%d:=20%s=20= (%s)\n",=0A+=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20= =20=20=20description,=20apr_crypto_driver_name(driver),=20result->rc,=0A= +=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20= result->reason=20?=20result->reason=20:=20"",=20result->msg=20?=20= result->msg=20:=20""));=0A+=20=20=20=20=20=20=20=20return=20NULL;=0A+=20=20= =20=20}=0A+=20=20=20=20else=20{=0A+=20=20=20=20=20=20=20=20if=20= (APR_SUCCESS=20!=3D=20rv)=20{=0A+=20=20=20=20=20=20=20=20=20=20=20=20= apr_crypto_error(&result,=20f);=0A+=20=20=20=20=20=20=20=20=20=20=20=20= fprintf(stderr,=20"key=20passphrase:=20%s=20%s=20apr=20error=20%d=20/=20= native=20error=20%d:=20%s=20(%s)\n",=0A+=20=20=20=20=20=20=20=20=20=20=20= =20=20=20=20=20=20=20=20=20description,=20= apr_crypto_driver_name(driver),=20rv,=20result->rc,=0A+=20=20=20=20=20=20= =20=20=20=20=20=20=20=20=20=20=20=20=20=20result->reason=20?=20= result->reason=20:=20"",=0A+=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20= =20=20=20=20=20result->msg=20?=20result->msg=20:=20"");=0A+=20=20=20=20=20= =20=20=20}=0A+=20=20=20=20=20=20=20=20ABTS_ASSERT(tc,=20"apr_crypto_key=20= returned=20APR_ENOKEY",=20rv=20!=3D=20APR_ENOKEY);=0A+=20=20=20=20=20=20=20= =20ABTS_ASSERT(tc,=20"apr_crypto_key=20returned=20APR_EPADDING",=20rv=20= !=3D=20APR_EPADDING);=0A+=20=20=20=20=20=20=20=20ABTS_ASSERT(tc,=20= "apr_crypto_key=20returned=20APR_EKEYTYPE",=20rv=20!=3D=20APR_EKEYTYPE);=0A= +=20=20=20=20=20=20=20=20ABTS_ASSERT(tc,=20"failed=20to=20= apr_crypto_key",=20rv=20=3D=3D=20APR_SUCCESS);=0A+=20=20=20=20=20=20=20=20= ABTS_ASSERT(tc,=20"apr_crypto_key=20returned=20NULL=20context",=20key=20= !=3D=20NULL);=0A+=20=20=20=20}=0A+=20=20=20=20if=20(rv)=20{=0A+=20=20=20=20= =20=20=20=20return=20NULL;=0A+=20=20=20=20}=0A+=20=20=20=20return=20key;=0A= +=0A+}=0A+=0A=20static=20unsigned=20char=20*encrypt_block(abts_case=20= *tc,=20apr_pool_t=20*pool,=0A=20=20=20=20=20=20=20=20=20const=20= apr_crypto_driver_t=20*driver,=20const=20apr_crypto_t=20*f,=0A=20=20=20=20= =20=20=20=20=20const=20apr_crypto_key_t=20*key,=20const=20unsigned=20= char=20*in,=0A@@=20-340,7=20+451,8=20@@=0A=20=20=20=20=20=20=20=20=20= const=20apr_crypto_driver_t=20**drivers,=0A=20=20=20=20=20=20=20=20=20= const=20apr_crypto_block_key_type_e=20type,=0A=20=20=20=20=20=20=20=20=20= const=20apr_crypto_block_key_mode_e=20mode,=20int=20doPad,=0A-=20=20=20=20= =20=20=20=20const=20unsigned=20char=20*in,=20apr_size_t=20inlen,=20const=20= char=20*description)=0A+=20=20=20=20=20=20=20=20const=20unsigned=20char=20= *in,=20apr_size_t=20inlen,=20apr_size_t=20secretLen,=0A+=20=20=20=20=20=20= =20=20const=20char=20*description)=0A=20{=0A=20=20=20=20=20const=20= apr_crypto_driver_t=20*driver1=20=3D=20drivers[0];=0A=20=20=20=20=20= const=20apr_crypto_driver_t=20*driver2=20=3D=20drivers[1];=0A@@=20-348,6=20= +460,10=20@@=0A=20=20=20=20=20apr_crypto_t=20*f2=20=3D=20NULL;=0A=20=20=20= =20=20const=20apr_crypto_key_t=20*key1=20=3D=20NULL;=0A=20=20=20=20=20= const=20apr_crypto_key_t=20*key2=20=3D=20NULL;=0A+=20=20=20=20const=20= apr_crypto_key_t=20*key3=20=3D=20NULL;=0A+=20=20=20=20const=20= apr_crypto_key_t=20*key4=20=3D=20NULL;=0A+=20=20=20=20const=20= apr_crypto_key_t=20*key5=20=3D=20NULL;=0A+=20=20=20=20const=20= apr_crypto_key_t=20*key6=20=3D=20NULL;=0A=20=0A=20=20=20=20=20unsigned=20= char=20*cipherText=20=3D=20NULL;=0A=20=20=20=20=20apr_size_t=20= cipherTextLen=20=3D=200;=0A@@=20-369,13=20+485,49=20@@=0A=20=0A=20=20=20=20= =20if=20(cipherText=20&&=20plainText)=20{=0A=20=20=20=20=20=20=20=20=20= if=20(memcmp(in,=20plainText,=20inlen))=20{=0A-=20=20=20=20=20=20=20=20=20= =20=20=20fprintf(stderr,=20"cross=20mismatch:=20%s=20%s/%s\n",=20= description,=0A+=20=20=20=20=20=20=20=20=20=20=20=20fprintf(stderr,=20= "passphrase=20cross=20mismatch:=20%s=20%s/%s\n",=20description,=0A=20=20=20= =20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20= apr_crypto_driver_name(driver1),=20apr_crypto_driver_name(=0A=20=20=20=20= =20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20= driver2));=0A=20=20=20=20=20=20=20=20=20}=0A=20=20=20=20=20=20=20=20=20= ABTS_STR_EQUAL(tc,=20(char=20*)in,=20(char=20*)plainText);=0A=20=20=20=20= =20}=0A=20=0A+=20=20=20=20key3=20=3D=20keysecret(tc,=20pool,=20driver1,=20= f1,=20type,=20mode,=20doPad,=20secretLen,=20description);=0A+=20=20=20=20= key4=20=3D=20keysecret(tc,=20pool,=20driver2,=20f2,=20type,=20mode,=20= doPad,=20secretLen,=20description);=0A+=0A+=20=20=20=20cipherText=20=3D=20= encrypt_block(tc,=20pool,=20driver1,=20f1,=20key3,=20in,=20inlen,=0A+=20=20= =20=20=20=20=20=20=20=20=20=20&cipherText,=20&cipherTextLen,=20&iv,=20= &blockSize,=20description);=0A+=20=20=20=20plainText=20=3D=20= decrypt_block(tc,=20pool,=20driver2,=20f2,=20key4,=20cipherText,=0A+=20=20= =20=20=20=20=20=20=20=20=20=20cipherTextLen,=20&plainText,=20= &plainTextLen,=20iv,=20&blockSize,=0A+=20=20=20=20=20=20=20=20=20=20=20=20= description);=0A+=0A+=20=20=20=20if=20(cipherText=20&&=20plainText)=20{=0A= +=20=20=20=20=20=20=20=20if=20(memcmp(in,=20plainText,=20inlen))=20{=0A+=20= =20=20=20=20=20=20=20=20=20=20=20fprintf(stderr,=20"key=20secret=20cross=20= mismatch:=20%s=20%s/%s\n",=20description,=0A+=20=20=20=20=20=20=20=20=20=20= =20=20=20=20=20=20=20=20=20=20apr_crypto_driver_name(driver1),=20= apr_crypto_driver_name(=0A+=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20= =20=20=20=20=20=20=20=20=20=20=20=20driver2));=0A+=20=20=20=20=20=20=20=20= }=0A+=20=20=20=20=20=20=20=20ABTS_STR_EQUAL(tc,=20(char=20*)in,=20(char=20= *)plainText);=0A+=20=20=20=20}=0A+=0A+=20=20=20=20key5=20=3D=20= keypassphrase(tc,=20pool,=20driver1,=20f1,=20type,=20mode,=20doPad,=20= description);=0A+=20=20=20=20key6=20=3D=20keypassphrase(tc,=20pool,=20= driver2,=20f2,=20type,=20mode,=20doPad,=20description);=0A+=0A+=20=20=20=20= cipherText=20=3D=20encrypt_block(tc,=20pool,=20driver1,=20f1,=20key3,=20= in,=20inlen,=0A+=20=20=20=20=20=20=20=20=20=20=20=20&cipherText,=20= &cipherTextLen,=20&iv,=20&blockSize,=20description);=0A+=20=20=20=20= plainText=20=3D=20decrypt_block(tc,=20pool,=20driver2,=20f2,=20key4,=20= cipherText,=0A+=20=20=20=20=20=20=20=20=20=20=20=20cipherTextLen,=20= &plainText,=20&plainTextLen,=20iv,=20&blockSize,=0A+=20=20=20=20=20=20=20= =20=20=20=20=20description);=0A+=0A+=20=20=20=20if=20(cipherText=20&&=20= plainText)=20{=0A+=20=20=20=20=20=20=20=20if=20(memcmp(in,=20plainText,=20= inlen))=20{=0A+=20=20=20=20=20=20=20=20=20=20=20=20fprintf(stderr,=20= "key=20passphrase=20cross=20mismatch:=20%s=20%s/%s\n",=20description,=0A= +=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20= apr_crypto_driver_name(driver1),=20apr_crypto_driver_name(=0A+=20=20=20=20= =20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20= driver2));=0A+=20=20=20=20=20=20=20=20}=0A+=20=20=20=20=20=20=20=20= ABTS_STR_EQUAL(tc,=20(char=20*)in,=20(char=20*)plainText);=0A+=20=20=20=20= }=0A+=0A=20}=0A=20=0A=20/**=0A@@=20-396,6=20+548,63=20@@=0A=20}=0A=20=0A=20= /**=0A+=20*=20Simple=20test=20of=20OpenSSL=20key.=0A+=20*/=0A+static=20= void=20test_crypto_key_openssl(abts_case=20*tc,=20void=20*data)=0A+{=0A+=20= =20=20=20apr_pool_t=20*pool=20=3D=20NULL;=0A+=20=20=20=20const=20= apr_crypto_driver_t=20*driver;=0A+=20=20=20=20apr_crypto_t=20*f=20=3D=20= NULL;=0A+=0A+=20=20=20=20apr_pool_create(&pool,=20NULL);=0A+=20=20=20=20= driver=20=3D=20get_openssl_driver(tc,=20pool);=0A+=0A+=20=20=20=20f=20=3D=20= make(tc,=20pool,=20driver);=0A+=20=20=20=20keysecret(tc,=20pool,=20= driver,=20f,=20APR_KEY_AES_256,=20APR_MODE_CBC,=201,=2032,=0A+=20=20=20=20= =20=20=20=20=20=20=20=20"KEY_AES_256/MODE_CBC");=0A+=20=20=20=20= apr_pool_destroy(pool);=0A+=0A+}=0A+=0A+/**=0A+=20*=20Simple=20test=20of=20= NSS=20key.=0A+=20*/=0A+static=20void=20test_crypto_key_nss(abts_case=20= *tc,=20void=20*data)=0A+{=0A+=20=20=20=20apr_pool_t=20*pool=20=3D=20= NULL;=0A+=20=20=20=20const=20apr_crypto_driver_t=20*driver;=0A+=20=20=20=20= apr_crypto_t=20*f=20=3D=20NULL;=0A+=0A+=20=20=20=20= apr_pool_create(&pool,=20NULL);=0A+=20=20=20=20driver=20=3D=20= get_nss_driver(tc,=20pool);=0A+=0A+=20=20=20=20f=20=3D=20make(tc,=20= pool,=20driver);=0A+=20=20=20=20keysecret(tc,=20pool,=20driver,=20f,=20= APR_KEY_AES_256,=20APR_MODE_CBC,=201,=2032,=0A+=20=20=20=20=20=20=20=20=20= =20=20=20"KEY_AES_256/MODE_CBC");=0A+=20=20=20=20apr_pool_destroy(pool);=0A= +=0A+}=0A+=0A+/**=0A+=20*=20Simple=20test=20of=20CommonCrypto=20key.=0A+=20= */=0A+static=20void=20test_crypto_key_commoncrypto(abts_case=20*tc,=20= void=20*data)=0A+{=0A+=20=20=20=20apr_pool_t=20*pool=20=3D=20NULL;=0A+=20= =20=20=20const=20apr_crypto_driver_t=20*driver;=0A+=20=20=20=20= apr_crypto_t=20*f=20=3D=20NULL;=0A+=0A+=20=20=20=20= apr_pool_create(&pool,=20NULL);=0A+=20=20=20=20driver=20=3D=20= get_commoncrypto_driver(tc,=20pool);=0A+=0A+=20=20=20=20f=20=3D=20= make(tc,=20pool,=20driver);=0A+=20=20=20=20keysecret(tc,=20pool,=20= driver,=20f,=20APR_KEY_AES_256,=20APR_MODE_CBC,=201,=2032,=0A+=20=20=20=20= =20=20=20=20=20=20=20=20"KEY_AES_256/MODE_CBC");=0A+=20=20=20=20= apr_pool_destroy(pool);=0A+=0A+}=0A+=0A+/**=0A=20=20*=20Simple=20test=20= of=20OpenSSL=20block=20crypt.=0A=20=20*/=0A=20static=20void=20= test_crypto_block_openssl(abts_case=20*tc,=20void=20*data)=0A@@=20= -410,21=20+619,21=20@@=0A=20=20=20=20=20drivers[0]=20=3D=20= get_openssl_driver(tc,=20pool);=0A=20=20=20=20=20drivers[1]=20=3D=20= get_openssl_driver(tc,=20pool);=0A=20=20=20=20=20crypto_block_cross(tc,=20= pool,=20drivers,=20APR_KEY_3DES_192,=20APR_MODE_CBC,=200,=0A-=20=20=20=20= =20=20=20=20=20=20=20=20in,=20inlen,=20"KEY_3DES_192/MODE_CBC");=0A+=20=20= =20=20=20=20=20=20=20=20=20=20in,=20inlen,=2024,=20= "KEY_3DES_192/MODE_CBC");=0A=20=20=20=20=20crypto_block_cross(tc,=20= pool,=20drivers,=20APR_KEY_3DES_192,=20APR_MODE_ECB,=200,=0A-=20=20=20=20= =20=20=20=20=20=20=20=20in,=20inlen,=20"KEY_3DES_192/MODE_ECB");=0A+=20=20= =20=20=20=20=20=20=20=20=20=20in,=20inlen,=2024,=20= "KEY_3DES_192/MODE_ECB");=0A=20=20=20=20=20crypto_block_cross(tc,=20= pool,=20drivers,=20APR_KEY_AES_256,=20APR_MODE_CBC,=200,=20in,=0A-=20=20=20= =20=20=20=20=20=20=20=20=20inlen,=20"KEY_AES_256/MODE_CBC");=0A+=20=20=20= =20=20=20=20=20=20=20=20=20inlen,=2032,=20"KEY_AES_256/MODE_CBC");=0A=20=20= =20=20=20crypto_block_cross(tc,=20pool,=20drivers,=20APR_KEY_AES_256,=20= APR_MODE_ECB,=200,=20in,=0A-=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= "KEY_AES_256/MODE_ECB");=0A+=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= 32,=20"KEY_AES_256/MODE_ECB");=0A=20=20=20=20=20crypto_block_cross(tc,=20= pool,=20drivers,=20APR_KEY_AES_192,=20APR_MODE_CBC,=200,=20in,=0A-=20=20=20= =20=20=20=20=20=20=20=20=20inlen,=20"KEY_AES_192/MODE_CBC");=0A+=20=20=20= =20=20=20=20=20=20=20=20=20inlen,=2024,=20"KEY_AES_192/MODE_CBC");=0A=20=20= =20=20=20crypto_block_cross(tc,=20pool,=20drivers,=20APR_KEY_AES_192,=20= APR_MODE_ECB,=200,=20in,=0A-=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= "KEY_AES_192/MODE_ECB");=0A+=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= 24,=20"KEY_AES_192/MODE_ECB");=0A=20=20=20=20=20crypto_block_cross(tc,=20= pool,=20drivers,=20APR_KEY_AES_128,=20APR_MODE_CBC,=200,=20in,=0A-=20=20=20= =20=20=20=20=20=20=20=20=20inlen,=20"KEY_AES_128/MODE_CBC");=0A+=20=20=20= =20=20=20=20=20=20=20=20=20inlen,=2016,=20"KEY_AES_128/MODE_CBC");=0A=20=20= =20=20=20crypto_block_cross(tc,=20pool,=20drivers,=20APR_KEY_AES_128,=20= APR_MODE_ECB,=200,=20in,=0A-=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= "KEY_AES_128/MODE_ECB");=0A+=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= 16,=20"KEY_AES_128/MODE_ECB");=0A=20=20=20=20=20apr_pool_destroy(pool);=0A= =20=0A=20}=0A@@=20-444,21=20+653,21=20@@=0A=20=20=20=20=20drivers[0]=20=3D= =20get_nss_driver(tc,=20pool);=0A=20=20=20=20=20drivers[1]=20=3D=20= get_nss_driver(tc,=20pool);=0A=20=20=20=20=20crypto_block_cross(tc,=20= pool,=20drivers,=20APR_KEY_3DES_192,=20APR_MODE_CBC,=200,=0A-=20=20=20=20= =20=20=20=20=20=20=20=20in,=20inlen,=20"KEY_3DES_192/MODE_CBC");=0A+=20=20= =20=20=20=20=20=20=20=20=20=20in,=20inlen,=2024,=20= "KEY_3DES_192/MODE_CBC");=0A=20=20=20=20=20/*=20KEY_3DES_192=20/=20= MODE_ECB=20doesn't=20work=20on=20NSS=20*/=0A=20=20=20=20=20/*=20= crypto_block_cross(tc,=20pool,=20drivers,=20KEY_3DES_192,=20MODE_ECB,=20= 0,=20in,=20inlen,=20"KEY_3DES_192/MODE_ECB");=20*/=0A=20=20=20=20=20= crypto_block_cross(tc,=20pool,=20drivers,=20APR_KEY_AES_256,=20= APR_MODE_CBC,=200,=20in,=0A-=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= "KEY_AES_256/MODE_CBC");=0A+=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= 32,=20"KEY_AES_256/MODE_CBC");=0A=20=20=20=20=20crypto_block_cross(tc,=20= pool,=20drivers,=20APR_KEY_AES_256,=20APR_MODE_ECB,=200,=20in,=0A-=20=20=20= =20=20=20=20=20=20=20=20=20inlen,=20"KEY_AES_256/MODE_ECB");=0A+=20=20=20= =20=20=20=20=20=20=20=20=20inlen,=2032,=20"KEY_AES_256/MODE_ECB");=0A=20=20= =20=20=20crypto_block_cross(tc,=20pool,=20drivers,=20APR_KEY_AES_192,=20= APR_MODE_CBC,=200,=20in,=0A-=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= "KEY_AES_192/MODE_CBC");=0A+=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= 24,=20"KEY_AES_192/MODE_CBC");=0A=20=20=20=20=20crypto_block_cross(tc,=20= pool,=20drivers,=20APR_KEY_AES_192,=20APR_MODE_ECB,=200,=20in,=0A-=20=20=20= =20=20=20=20=20=20=20=20=20inlen,=20"KEY_AES_192/MODE_ECB");=0A+=20=20=20= =20=20=20=20=20=20=20=20=20inlen,=2024,=20"KEY_AES_192/MODE_ECB");=0A=20=20= =20=20=20crypto_block_cross(tc,=20pool,=20drivers,=20APR_KEY_AES_128,=20= APR_MODE_CBC,=200,=20in,=0A-=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= "KEY_AES_128/MODE_CBC");=0A+=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= 16,=20"KEY_AES_128/MODE_CBC");=0A=20=20=20=20=20crypto_block_cross(tc,=20= pool,=20drivers,=20APR_KEY_AES_128,=20APR_MODE_ECB,=200,=20in,=0A-=20=20=20= =20=20=20=20=20=20=20=20=20inlen,=20"KEY_AES_128/MODE_ECB");=0A+=20=20=20= =20=20=20=20=20=20=20=20=20inlen,=2016,=20"KEY_AES_128/MODE_ECB");=0A=20=20= =20=20=20apr_pool_destroy(pool);=0A=20=0A=20}=0A@@=20-478,21=20+687,21=20= @@=0A=20=20=20=20=20drivers[0]=20=3D=20get_commoncrypto_driver(tc,=20= pool);=0A=20=20=20=20=20drivers[1]=20=3D=20get_commoncrypto_driver(tc,=20= pool);=0A=20=20=20=20=20crypto_block_cross(tc,=20pool,=20drivers,=20= APR_KEY_3DES_192,=20APR_MODE_CBC,=200,=0A-=20=20=20=20=20=20=20=20=20=20=20= =20in,=20inlen,=20"KEY_3DES_192/MODE_CBC");=0A+=20=20=20=20=20=20=20=20=20= =20=20=20in,=20inlen,=2024,=20"KEY_3DES_192/MODE_CBC");=0A=20=20=20=20=20= crypto_block_cross(tc,=20pool,=20drivers,=20APR_KEY_3DES_192,=20= APR_MODE_ECB,=200,=0A-=20=20=20=20=20=20=20=20=20=20=20=20in,=20inlen,=20= "KEY_3DES_192/MODE_ECB");=0A+=20=20=20=20=20=20=20=20=20=20=20=20in,=20= inlen,=2024,=20"KEY_3DES_192/MODE_ECB");=0A=20=20=20=20=20= crypto_block_cross(tc,=20pool,=20drivers,=20APR_KEY_AES_256,=20= APR_MODE_CBC,=200,=20in,=0A-=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= "KEY_AES_256/MODE_CBC");=0A+=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= 32,=20"KEY_AES_256/MODE_CBC");=0A=20=20=20=20=20crypto_block_cross(tc,=20= pool,=20drivers,=20APR_KEY_AES_256,=20APR_MODE_ECB,=200,=20in,=0A-=20=20=20= =20=20=20=20=20=20=20=20=20inlen,=20"KEY_AES_256/MODE_ECB");=0A+=20=20=20= =20=20=20=20=20=20=20=20=20inlen,=2032,=20"KEY_AES_256/MODE_ECB");=0A=20=20= =20=20=20crypto_block_cross(tc,=20pool,=20drivers,=20APR_KEY_AES_192,=20= APR_MODE_CBC,=200,=20in,=0A-=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= "KEY_AES_192/MODE_CBC");=0A+=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= 24,=20"KEY_AES_192/MODE_CBC");=0A=20=20=20=20=20crypto_block_cross(tc,=20= pool,=20drivers,=20APR_KEY_AES_192,=20APR_MODE_ECB,=200,=20in,=0A-=20=20=20= =20=20=20=20=20=20=20=20=20inlen,=20"KEY_AES_192/MODE_ECB");=0A+=20=20=20= =20=20=20=20=20=20=20=20=20inlen,=2024,=20"KEY_AES_192/MODE_ECB");=0A=20=20= =20=20=20crypto_block_cross(tc,=20pool,=20drivers,=20APR_KEY_AES_128,=20= APR_MODE_CBC,=200,=20in,=0A-=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= "KEY_AES_128/MODE_CBC");=0A+=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= 16,=20"KEY_AES_128/MODE_CBC");=0A=20=20=20=20=20crypto_block_cross(tc,=20= pool,=20drivers,=20APR_KEY_AES_128,=20APR_MODE_ECB,=200,=20in,=0A-=20=20=20= =20=20=20=20=20=20=20=20=20inlen,=20"KEY_AES_128/MODE_ECB");=0A+=20=20=20= =20=20=20=20=20=20=20=20=20inlen,=2016,=20"KEY_AES_128/MODE_ECB");=0A=20=20= =20=20=20apr_pool_destroy(pool);=0A=20=0A=20}=0A@@=20-513,22=20+722,22=20= @@=0A=20=20=20=20=20drivers[1]=20=3D=20get_openssl_driver(tc,=20pool);=0A= =20=0A=20=20=20=20=20crypto_block_cross(tc,=20pool,=20drivers,=20= APR_KEY_3DES_192,=20APR_MODE_CBC,=200,=0A-=20=20=20=20=20=20=20=20=20=20=20= =20in,=20inlen,=20"KEY_3DES_192/MODE_CBC");=0A+=20=20=20=20=20=20=20=20=20= =20=20=20in,=20inlen,=2024,=20"KEY_3DES_192/MODE_CBC");=0A=20=0A=20=20=20= =20=20/*=20KEY_3DES_192=20/=20MODE_ECB=20doesn't=20work=20on=20NSS=20*/=0A= -=20=20=20=20/*=20crypto_block_cross(tc,=20pool,=20drivers,=20= KEY_3DES_192,=20MODE_ECB,=200,=20in,=20inlen,=20= "KEY_3DES_192/MODE_ECB");=20*/=0A+=20=20=20=20/*=20= crypto_block_cross(tc,=20pool,=20drivers,=20KEY_3DES_192,=20MODE_ECB,=20= 0,=20in,=20inlen,=2024,=20"KEY_3DES_192/MODE_ECB");=20*/=0A=20=20=20=20=20= crypto_block_cross(tc,=20pool,=20drivers,=20APR_KEY_AES_256,=20= APR_MODE_CBC,=200,=20in,=0A-=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= "KEY_AES_256/MODE_CBC");=0A+=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= 32,=20"KEY_AES_256/MODE_CBC");=0A=20=20=20=20=20crypto_block_cross(tc,=20= pool,=20drivers,=20APR_KEY_AES_256,=20APR_MODE_ECB,=200,=20in,=0A-=20=20=20= =20=20=20=20=20=20=20=20=20inlen,=20"KEY_AES_256/MODE_ECB");=0A+=20=20=20= =20=20=20=20=20=20=20=20=20inlen,=2032,=20"KEY_AES_256/MODE_ECB");=0A=20=20= =20=20=20crypto_block_cross(tc,=20pool,=20drivers,=20APR_KEY_AES_192,=20= APR_MODE_CBC,=200,=20in,=0A-=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= "KEY_AES_192/MODE_CBC");=0A+=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= 24,=20"KEY_AES_192/MODE_CBC");=0A=20=20=20=20=20crypto_block_cross(tc,=20= pool,=20drivers,=20APR_KEY_AES_192,=20APR_MODE_ECB,=200,=20in,=0A-=20=20=20= =20=20=20=20=20=20=20=20=20inlen,=20"KEY_AES_192/MODE_ECB");=0A+=20=20=20= =20=20=20=20=20=20=20=20=20inlen,=2024,=20"KEY_AES_192/MODE_ECB");=0A=20=20= =20=20=20crypto_block_cross(tc,=20pool,=20drivers,=20APR_KEY_AES_128,=20= APR_MODE_CBC,=200,=20in,=0A-=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= "KEY_AES_128/MODE_CBC");=0A+=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= 16,=20"KEY_AES_128/MODE_CBC");=0A=20=20=20=20=20crypto_block_cross(tc,=20= pool,=20drivers,=20APR_KEY_AES_128,=20APR_MODE_ECB,=200,=20in,=0A-=20=20=20= =20=20=20=20=20=20=20=20=20inlen,=20"KEY_AES_128/MODE_ECB");=0A+=20=20=20= =20=20=20=20=20=20=20=20=20inlen,=2016,=20"KEY_AES_128/MODE_ECB");=0A=20=20= =20=20=20apr_pool_destroy(pool);=0A=20=0A=20}=0A@@=20-548,23=20+757,23=20= @@=0A=20=20=20=20=20drivers[0]=20=3D=20get_openssl_driver(tc,=20pool);=0A= =20=20=20=20=20drivers[1]=20=3D=20get_nss_driver(tc,=20pool);=0A=20=20=20= =20=20crypto_block_cross(tc,=20pool,=20drivers,=20APR_KEY_3DES_192,=20= APR_MODE_CBC,=200,=0A-=20=20=20=20=20=20=20=20=20=20=20=20in,=20inlen,=20= "KEY_3DES_192/MODE_CBC");=0A+=20=20=20=20=20=20=20=20=20=20=20=20in,=20= inlen,=2024,=20"KEY_3DES_192/MODE_CBC");=0A=20=0A=20=20=20=20=20/*=20= KEY_3DES_192=20/=20MODE_ECB=20doesn't=20work=20on=20NSS=20*/=0A-=20=20=20= =20/*=20crypto_block_cross(tc,=20pool,=20drivers,=20KEY_3DES_192,=20= MODE_ECB,=200,=20in,=20inlen,=20"KEY_3DES_192/MODE_ECB");=20*/=0A+=20=20=20= =20/*=20crypto_block_cross(tc,=20pool,=20drivers,=20KEY_3DES_192,=20= MODE_ECB,=200,=20in,=20inlen,=2024,=20"KEY_3DES_192/MODE_ECB");=20*/=0A=20= =0A=20=20=20=20=20crypto_block_cross(tc,=20pool,=20drivers,=20= APR_KEY_AES_256,=20APR_MODE_CBC,=200,=20in,=0A-=20=20=20=20=20=20=20=20=20= =20=20=20inlen,=20"KEY_AES_256/MODE_CBC");=0A+=20=20=20=20=20=20=20=20=20= =20=20=20inlen,=2032,=20"KEY_AES_256/MODE_CBC");=0A=20=20=20=20=20= crypto_block_cross(tc,=20pool,=20drivers,=20APR_KEY_AES_256,=20= APR_MODE_ECB,=200,=20in,=0A-=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= "KEY_AES_256/MODE_ECB");=0A+=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= 32,=20"KEY_AES_256/MODE_ECB");=0A=20=20=20=20=20crypto_block_cross(tc,=20= pool,=20drivers,=20APR_KEY_AES_192,=20APR_MODE_CBC,=200,=20in,=0A-=20=20=20= =20=20=20=20=20=20=20=20=20inlen,=20"KEY_AES_192/MODE_CBC");=0A+=20=20=20= =20=20=20=20=20=20=20=20=20inlen,=2024,=20"KEY_AES_192/MODE_CBC");=0A=20=20= =20=20=20crypto_block_cross(tc,=20pool,=20drivers,=20APR_KEY_AES_192,=20= APR_MODE_ECB,=200,=20in,=0A-=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= "KEY_AES_192/MODE_ECB");=0A+=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= 24,=20"KEY_AES_192/MODE_ECB");=0A=20=20=20=20=20crypto_block_cross(tc,=20= pool,=20drivers,=20APR_KEY_AES_128,=20APR_MODE_CBC,=200,=20in,=0A-=20=20=20= =20=20=20=20=20=20=20=20=20inlen,=20"KEY_AES_128/MODE_CBC");=0A+=20=20=20= =20=20=20=20=20=20=20=20=20inlen,=2016,=20"KEY_AES_128/MODE_CBC");=0A=20=20= =20=20=20crypto_block_cross(tc,=20pool,=20drivers,=20APR_KEY_AES_128,=20= APR_MODE_ECB,=200,=20in,=0A-=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= "KEY_AES_128/MODE_ECB");=0A+=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= 16,=20"KEY_AES_128/MODE_ECB");=0A=20=20=20=20=20apr_pool_destroy(pool);=0A= =20=0A=20}=0A@@=20-586,21=20+795,21=20@@=0A=20=20=20=20=20drivers[1]=20=3D= =20get_commoncrypto_driver(tc,=20pool);=0A=20=0A=20=20=20=20=20= crypto_block_cross(tc,=20pool,=20drivers,=20APR_KEY_3DES_192,=20= APR_MODE_CBC,=200,=20in,=0A-=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= "KEY_3DES_192/MODE_CBC");=0A+=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= 24,=20"KEY_3DES_192/MODE_CBC");=0A=20=20=20=20=20crypto_block_cross(tc,=20= pool,=20drivers,=20APR_KEY_3DES_192,=20APR_MODE_ECB,=200,=20in,=0A-=20=20= =20=20=20=20=20=20=20=20=20=20inlen,=20"KEY_3DES_192/MODE_ECB");=0A+=20=20= =20=20=20=20=20=20=20=20=20=20inlen,=2024,=20"KEY_3DES_192/MODE_ECB");=0A= =20=20=20=20=20crypto_block_cross(tc,=20pool,=20drivers,=20= APR_KEY_AES_256,=20APR_MODE_CBC,=200,=20in,=0A-=20=20=20=20=20=20=20=20=20= =20=20=20inlen,=20"KEY_AES_256/MODE_CBC");=0A+=20=20=20=20=20=20=20=20=20= =20=20=20inlen,=2032,=20"KEY_AES_256/MODE_CBC");=0A=20=20=20=20=20= crypto_block_cross(tc,=20pool,=20drivers,=20APR_KEY_AES_256,=20= APR_MODE_ECB,=200,=20in,=0A-=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= "KEY_AES_256/MODE_ECB");=0A+=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= 32,=20"KEY_AES_256/MODE_ECB");=0A=20=20=20=20=20crypto_block_cross(tc,=20= pool,=20drivers,=20APR_KEY_AES_192,=20APR_MODE_CBC,=200,=20in,=0A-=20=20=20= =20=20=20=20=20=20=20=20=20inlen,=20"KEY_AES_192/MODE_CBC");=0A+=20=20=20= =20=20=20=20=20=20=20=20=20inlen,=2024,=20"KEY_AES_192/MODE_CBC");=0A=20=20= =20=20=20crypto_block_cross(tc,=20pool,=20drivers,=20APR_KEY_AES_192,=20= APR_MODE_ECB,=200,=20in,=0A-=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= "KEY_AES_192/MODE_ECB");=0A+=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= 24,=20"KEY_AES_192/MODE_ECB");=0A=20=20=20=20=20crypto_block_cross(tc,=20= pool,=20drivers,=20APR_KEY_AES_128,=20APR_MODE_CBC,=200,=20in,=0A-=20=20=20= =20=20=20=20=20=20=20=20=20inlen,=20"KEY_AES_128/MODE_CBC");=0A+=20=20=20= =20=20=20=20=20=20=20=20=20inlen,=2016,=20"KEY_AES_128/MODE_CBC");=0A=20=20= =20=20=20crypto_block_cross(tc,=20pool,=20drivers,=20APR_KEY_AES_128,=20= APR_MODE_ECB,=200,=20in,=0A-=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= "KEY_AES_128/MODE_ECB");=0A+=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= 16,=20"KEY_AES_128/MODE_ECB");=0A=20=20=20=20=20apr_pool_destroy(pool);=0A= =20=0A=20}=0A@@=20-622,21=20+831,21=20@@=0A=20=20=20=20=20drivers[1]=20=3D= =20get_openssl_driver(tc,=20pool);=0A=20=0A=20=20=20=20=20= crypto_block_cross(tc,=20pool,=20drivers,=20APR_KEY_3DES_192,=20= APR_MODE_CBC,=200,=20in,=0A-=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= "KEY_3DES_192/MODE_CBC");=0A+=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= 24,=20"KEY_3DES_192/MODE_CBC");=0A=20=20=20=20=20crypto_block_cross(tc,=20= pool,=20drivers,=20APR_KEY_3DES_192,=20APR_MODE_ECB,=200,=20in,=0A-=20=20= =20=20=20=20=20=20=20=20=20=20inlen,=20"KEY_3DES_192/MODE_ECB");=0A+=20=20= =20=20=20=20=20=20=20=20=20=20inlen,=2024,=20"KEY_3DES_192/MODE_ECB");=0A= =20=20=20=20=20crypto_block_cross(tc,=20pool,=20drivers,=20= APR_KEY_AES_256,=20APR_MODE_CBC,=200,=20in,=0A-=20=20=20=20=20=20=20=20=20= =20=20=20inlen,=20"KEY_AES_256/MODE_CBC");=0A+=20=20=20=20=20=20=20=20=20= =20=20=20inlen,=2032,=20"KEY_AES_256/MODE_CBC");=0A=20=20=20=20=20= crypto_block_cross(tc,=20pool,=20drivers,=20APR_KEY_AES_256,=20= APR_MODE_ECB,=200,=20in,=0A-=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= "KEY_AES_256/MODE_ECB");=0A+=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= 32,=20"KEY_AES_256/MODE_ECB");=0A=20=20=20=20=20crypto_block_cross(tc,=20= pool,=20drivers,=20APR_KEY_AES_192,=20APR_MODE_CBC,=200,=20in,=0A-=20=20=20= =20=20=20=20=20=20=20=20=20inlen,=20"KEY_AES_192/MODE_CBC");=0A+=20=20=20= =20=20=20=20=20=20=20=20=20inlen,=2024,=20"KEY_AES_192/MODE_CBC");=0A=20=20= =20=20=20crypto_block_cross(tc,=20pool,=20drivers,=20APR_KEY_AES_192,=20= APR_MODE_ECB,=200,=20in,=0A-=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= "KEY_AES_192/MODE_ECB");=0A+=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= 24,=20"KEY_AES_192/MODE_ECB");=0A=20=20=20=20=20crypto_block_cross(tc,=20= pool,=20drivers,=20APR_KEY_AES_128,=20APR_MODE_CBC,=200,=20in,=0A-=20=20=20= =20=20=20=20=20=20=20=20=20inlen,=20"KEY_AES_128/MODE_CBC");=0A+=20=20=20= =20=20=20=20=20=20=20=20=20inlen,=2016,=20"KEY_AES_128/MODE_CBC");=0A=20=20= =20=20=20crypto_block_cross(tc,=20pool,=20drivers,=20APR_KEY_AES_128,=20= APR_MODE_ECB,=200,=20in,=0A-=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= "KEY_AES_128/MODE_ECB");=0A+=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= 16,=20"KEY_AES_128/MODE_ECB");=0A=20=20=20=20=20apr_pool_destroy(pool);=0A= =20=0A=20}=0A@@=20-657,21=20+866,21=20@@=0A=20=20=20=20=20drivers[1]=20=3D= =20get_openssl_driver(tc,=20pool);=0A=20=0A=20=20=20=20=20= crypto_block_cross(tc,=20pool,=20drivers,=20APR_KEY_3DES_192,=20= APR_MODE_CBC,=201,=0A-=20=20=20=20=20=20=20=20=20=20=20=20in,=20inlen,=20= "KEY_3DES_192/MODE_CBC");=0A+=20=20=20=20=20=20=20=20=20=20=20=20in,=20= inlen,=2024,=20"KEY_3DES_192/MODE_CBC");=0A=20=20=20=20=20= crypto_block_cross(tc,=20pool,=20drivers,=20APR_KEY_3DES_192,=20= APR_MODE_ECB,=201,=0A-=20=20=20=20=20=20=20=20=20=20=20=20in,=20inlen,=20= "KEY_3DES_192/MODE_ECB");=0A+=20=20=20=20=20=20=20=20=20=20=20=20in,=20= inlen,=2024,=20"KEY_3DES_192/MODE_ECB");=0A=20=20=20=20=20= crypto_block_cross(tc,=20pool,=20drivers,=20APR_KEY_AES_256,=20= APR_MODE_CBC,=201,=20in,=0A-=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= "KEY_AES_256/MODE_CBC");=0A+=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= 32,=20"KEY_AES_256/MODE_CBC");=0A=20=20=20=20=20crypto_block_cross(tc,=20= pool,=20drivers,=20APR_KEY_AES_256,=20APR_MODE_ECB,=201,=20in,=0A-=20=20=20= =20=20=20=20=20=20=20=20=20inlen,=20"KEY_AES_256/MODE_ECB");=0A+=20=20=20= =20=20=20=20=20=20=20=20=20inlen,=2032,=20"KEY_AES_256/MODE_ECB");=0A=20=20= =20=20=20crypto_block_cross(tc,=20pool,=20drivers,=20APR_KEY_AES_192,=20= APR_MODE_CBC,=201,=20in,=0A-=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= "KEY_AES_192/MODE_CBC");=0A+=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= 24,=20"KEY_AES_192/MODE_CBC");=0A=20=20=20=20=20crypto_block_cross(tc,=20= pool,=20drivers,=20APR_KEY_AES_192,=20APR_MODE_ECB,=201,=20in,=0A-=20=20=20= =20=20=20=20=20=20=20=20=20inlen,=20"KEY_AES_192/MODE_ECB");=0A+=20=20=20= =20=20=20=20=20=20=20=20=20inlen,=2024,=20"KEY_AES_192/MODE_ECB");=0A=20=20= =20=20=20crypto_block_cross(tc,=20pool,=20drivers,=20APR_KEY_AES_128,=20= APR_MODE_CBC,=201,=20in,=0A-=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= "KEY_AES_128/MODE_CBC");=0A+=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= 16,=20"KEY_AES_128/MODE_CBC");=0A=20=20=20=20=20crypto_block_cross(tc,=20= pool,=20drivers,=20APR_KEY_AES_128,=20APR_MODE_ECB,=201,=20in,=0A-=20=20=20= =20=20=20=20=20=20=20=20=20inlen,=20"KEY_AES_128/MODE_ECB");=0A+=20=20=20= =20=20=20=20=20=20=20=20=20inlen,=2016,=20"KEY_AES_128/MODE_ECB");=0A=20=0A= =20=20=20=20=20apr_pool_destroy(pool);=0A=20=0A@@=20-694,27=20+903,27=20= @@=0A=20=20=20=20=20drivers[1]=20=3D=20get_nss_driver(tc,=20pool);=0A=20=0A= =20=20=20=20=20crypto_block_cross(tc,=20pool,=20drivers,=20= APR_KEY_3DES_192,=20APR_MODE_CBC,=201,=0A-=20=20=20=20=20=20=20=20=20=20=20= =20in,=20inlen,=20"KEY_3DES_192/MODE_CBC");=0A+=20=20=20=20=20=20=20=20=20= =20=20=20in,=20inlen,=2024,=20"KEY_3DES_192/MODE_CBC");=0A=20=20=20=20=20= /*=20KEY_3DES_192=20/=20MODE_ECB=20doesn't=20work=20on=20NSS=20*/=0A-=20=20= =20=20/*=20crypto_block_cross(tc,=20pool,=20drivers,=20KEY_3DES_192,=20= MODE_ECB,=201,=20in,=20inlen,=20"KEY_3DES_192/MODE_ECB");=20*/=0A+=20=20=20= =20/*=20crypto_block_cross(tc,=20pool,=20drivers,=20KEY_3DES_192,=20= MODE_ECB,=201,=20in,=20inlen,=2024,=20"KEY_3DES_192/MODE_ECB");=20*/=0A=20= =0A=20=20=20=20=20crypto_block_cross(tc,=20pool,=20drivers,=20= APR_KEY_AES_256,=20APR_MODE_CBC,=201,=20in,=0A-=20=20=20=20=20=20=20=20=20= =20=20=20inlen,=20"KEY_AES_256/MODE_CBC");=0A+=20=20=20=20=20=20=20=20=20= =20=20=20inlen,=2032,=20"KEY_AES_256/MODE_CBC");=0A=20=0A=20=20=20=20=20= /*=20KEY_AES_256=20/=20MODE_ECB=20doesn't=20support=20padding=20on=20NSS=20= */=0A-=20=20=20=20/*crypto_block_cross(tc,=20pool,=20drivers,=20= KEY_AES_256,=20MODE_ECB,=201,=20in,=20inlen,=20= "KEY_AES_256/MODE_ECB");*/=0A+=20=20=20=20/*crypto_block_cross(tc,=20= pool,=20drivers,=20KEY_AES_256,=20MODE_ECB,=201,=20in,=20inlen,=2032,=20= "KEY_AES_256/MODE_ECB");*/=0A=20=0A=20=20=20=20=20crypto_block_cross(tc,=20= pool,=20drivers,=20APR_KEY_AES_192,=20APR_MODE_CBC,=201,=20in,=0A-=20=20=20= =20=20=20=20=20=20=20=20=20inlen,=20"KEY_AES_192/MODE_CBC");=0A+=20=20=20= =20=20=20=20=20=20=20=20=20inlen,=2024,=20"KEY_AES_192/MODE_CBC");=0A=20=0A= =20=20=20=20=20/*=20KEY_AES_256=20/=20MODE_ECB=20doesn't=20support=20= padding=20on=20NSS=20*/=0A-=20=20=20=20/*crypto_block_cross(tc,=20pool,=20= drivers,=20KEY_AES_192,=20MODE_ECB,=201,=20in,=20inlen,=20= "KEY_AES_192/MODE_ECB");*/=0A+=20=20=20=20/*crypto_block_cross(tc,=20= pool,=20drivers,=20KEY_AES_192,=20MODE_ECB,=201,=20in,=20inlen,=2024,=20= "KEY_AES_192/MODE_ECB");*/=0A=20=0A=20=20=20=20=20crypto_block_cross(tc,=20= pool,=20drivers,=20APR_KEY_AES_128,=20APR_MODE_CBC,=201,=20in,=0A-=20=20=20= =20=20=20=20=20=20=20=20=20inlen,=20"KEY_AES_128/MODE_CBC");=0A+=20=20=20= =20=20=20=20=20=20=20=20=20inlen,=2016,=20"KEY_AES_128/MODE_CBC");=0A=20=0A= =20=20=20=20=20/*=20KEY_AES_256=20/=20MODE_ECB=20doesn't=20support=20= padding=20on=20NSS=20*/=0A-=20=20=20=20/*crypto_block_cross(tc,=20pool,=20= drivers,=20KEY_AES_128,=20MODE_ECB,=201,=20in,=20inlen,=20= "KEY_AES_128/MODE_ECB");*/=0A+=20=20=20=20/*crypto_block_cross(tc,=20= pool,=20drivers,=20KEY_AES_128,=20MODE_ECB,=201,=20in,=20inlen,=2016,=20= "KEY_AES_128/MODE_ECB");*/=0A=20=0A=20=20=20=20=20= apr_pool_destroy(pool);=0A=20=0A@@=20-736,21=20+945,21=20@@=0A=20=20=20=20= =20drivers[1]=20=3D=20get_commoncrypto_driver(tc,=20pool);=0A=20=0A=20=20= =20=20=20crypto_block_cross(tc,=20pool,=20drivers,=20APR_KEY_3DES_192,=20= APR_MODE_CBC,=201,=0A-=20=20=20=20=20=20=20=20=20=20=20=20in,=20inlen,=20= "KEY_3DES_192/MODE_CBC");=0A+=20=20=20=20=20=20=20=20=20=20=20=20in,=20= inlen,=2024,=20"KEY_3DES_192/MODE_CBC");=0A=20=20=20=20=20= crypto_block_cross(tc,=20pool,=20drivers,=20APR_KEY_3DES_192,=20= APR_MODE_ECB,=201,=0A-=20=20=20=20=20=20=20=20=20=20=20=20in,=20inlen,=20= "KEY_3DES_192/MODE_ECB");=0A+=20=20=20=20=20=20=20=20=20=20=20=20in,=20= inlen,=2024,=20"KEY_3DES_192/MODE_ECB");=0A=20=20=20=20=20= crypto_block_cross(tc,=20pool,=20drivers,=20APR_KEY_AES_256,=20= APR_MODE_CBC,=201,=20in,=0A-=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= "KEY_AES_256/MODE_CBC");=0A+=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= 32,=20"KEY_AES_256/MODE_CBC");=0A=20=20=20=20=20crypto_block_cross(tc,=20= pool,=20drivers,=20APR_KEY_AES_256,=20APR_MODE_ECB,=201,=20in,=0A-=20=20=20= =20=20=20=20=20=20=20=20=20inlen,=20"KEY_AES_256/MODE_ECB");=0A+=20=20=20= =20=20=20=20=20=20=20=20=20inlen,=2032,=20"KEY_AES_256/MODE_ECB");=0A=20=20= =20=20=20crypto_block_cross(tc,=20pool,=20drivers,=20APR_KEY_AES_192,=20= APR_MODE_CBC,=201,=20in,=0A-=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= "KEY_AES_192/MODE_CBC");=0A+=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= 24,=20"KEY_AES_192/MODE_CBC");=0A=20=20=20=20=20crypto_block_cross(tc,=20= pool,=20drivers,=20APR_KEY_AES_192,=20APR_MODE_ECB,=201,=20in,=0A-=20=20=20= =20=20=20=20=20=20=20=20=20inlen,=20"KEY_AES_192/MODE_ECB");=0A+=20=20=20= =20=20=20=20=20=20=20=20=20inlen,=2024,=20"KEY_AES_192/MODE_ECB");=0A=20=20= =20=20=20crypto_block_cross(tc,=20pool,=20drivers,=20APR_KEY_AES_128,=20= APR_MODE_CBC,=201,=20in,=0A-=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= "KEY_AES_128/MODE_CBC");=0A+=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= 16,=20"KEY_AES_128/MODE_CBC");=0A=20=20=20=20=20crypto_block_cross(tc,=20= pool,=20drivers,=20APR_KEY_AES_128,=20APR_MODE_ECB,=201,=20in,=0A-=20=20=20= =20=20=20=20=20=20=20=20=20inlen,=20"KEY_AES_128/MODE_ECB");=0A+=20=20=20= =20=20=20=20=20=20=20=20=20inlen,=2016,=20"KEY_AES_128/MODE_ECB");=0A=20=0A= =20=20=20=20=20apr_pool_destroy(pool);=0A=20=0A@@=20-772,30=20+981,30=20= @@=0A=20=20=20=20=20drivers[1]=20=3D=20get_openssl_driver(tc,=20pool);=0A= =20=0A=20=20=20=20=20crypto_block_cross(tc,=20pool,=20drivers,=20= APR_KEY_3DES_192,=20APR_MODE_CBC,=201,=0A-=20=20=20=20=20=20=20=20=20=20=20= =20in,=20inlen,=20"KEY_3DES_192/MODE_CBC");=0A+=20=20=20=20=20=20=20=20=20= =20=20=20in,=20inlen,=2024,=20"KEY_3DES_192/MODE_CBC");=0A=20=0A=20=20=20= =20=20/*=20KEY_3DES_192=20/=20MODE_ECB=20doesn't=20work=20on=20NSS=20*/=0A= -=20=20=20=20/*=20crypto_block_cross(tc,=20pool,=20drivers,=20= KEY_3DES_192,=20MODE_ECB,=201,=20in,=20inlen,=20= "KEY_3DES_192/MODE_ECB");=20*/=0A+=20=20=20=20/*=20= crypto_block_cross(tc,=20pool,=20drivers,=20KEY_3DES_192,=20MODE_ECB,=20= 1,=20in,=20inlen,=2024,=20"KEY_3DES_192/MODE_ECB");=20*/=0A=20=0A=20=20=20= =20=20crypto_block_cross(tc,=20pool,=20drivers,=20APR_KEY_AES_256,=20= APR_MODE_CBC,=201,=20in,=0A-=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= "KEY_AES_256/MODE_CBC");=0A+=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= 32,=20"KEY_AES_256/MODE_CBC");=0A=20=0A=20=20=20=20=20/*=20KEY_AES_256=20= /=20MODE_ECB=20doesn't=20support=20padding=20on=20NSS=20*/=0A-=20=20=20=20= /*crypto_block_cross(tc,=20pool,=20drivers,=20KEY_AES_256,=20MODE_ECB,=20= 1,=20in,=20inlen,=20"KEY_AES_256/MODE_ECB");*/=0A+=20=20=20=20= /*crypto_block_cross(tc,=20pool,=20drivers,=20KEY_AES_256,=20MODE_ECB,=20= 1,=20in,=20inlen,=2032,=20"KEY_AES_256/MODE_ECB");*/=0A=20=0A=20=20=20=20= =20crypto_block_cross(tc,=20pool,=20drivers,=20APR_KEY_AES_192,=20= APR_MODE_CBC,=201,=20in,=0A-=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= "KEY_AES_192/MODE_CBC");=0A+=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= 24,=20"KEY_AES_192/MODE_CBC");=0A=20=0A=20=20=20=20=20/*=20KEY_AES_192=20= /=20MODE_ECB=20doesn't=20support=20padding=20on=20NSS=20*/=0A=20=20=20=20= =20/*crypto_block_cross(tc,=20pool,=20drivers,=20APR_KEY_AES_192,=20= APR_MODE_ECB,=201,=20in,=0A-=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= "KEY_AES_192/MODE_ECB");*/=0A+=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= 24,=20"KEY_AES_192/MODE_ECB");*/=0A=20=0A=20=20=20=20=20= crypto_block_cross(tc,=20pool,=20drivers,=20APR_KEY_AES_128,=20= APR_MODE_CBC,=201,=20in,=0A-=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= "KEY_AES_128/MODE_CBC");=0A+=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= 16,=20"KEY_AES_128/MODE_CBC");=0A=20=0A=20=20=20=20=20/*=20KEY_AES_192=20= /=20MODE_ECB=20doesn't=20support=20padding=20on=20NSS=20*/=0A=20=20=20=20= =20/*crypto_block_cross(tc,=20pool,=20drivers,=20APR_KEY_AES_128,=20= APR_MODE_ECB,=201,=20in,=0A-=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= "KEY_AES_128/MODE_ECB");*/=0A+=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= 16,=20"KEY_AES_128/MODE_ECB");*/=0A=20=0A=20=20=20=20=20= apr_pool_destroy(pool);=0A=20=0A@@=20-816,30=20+1025,30=20@@=0A=20=20=20=20= =20drivers[0]=20=3D=20get_openssl_driver(tc,=20pool);=0A=20=20=20=20=20= drivers[1]=20=3D=20get_nss_driver(tc,=20pool);=0A=20=20=20=20=20= crypto_block_cross(tc,=20pool,=20drivers,=20APR_KEY_3DES_192,=20= APR_MODE_CBC,=201,=0A-=20=20=20=20=20=20=20=20=20=20=20=20in,=20inlen,=20= "KEY_3DES_192/MODE_CBC");=0A+=20=20=20=20=20=20=20=20=20=20=20=20in,=20= inlen,=2024,=20"KEY_3DES_192/MODE_CBC");=0A=20=0A=20=20=20=20=20/*=20= KEY_3DES_192=20/=20MODE_ECB=20doesn't=20work=20on=20NSS=20*/=0A-=20=20=20= =20/*=20crypto_block_cross(tc,=20pool,=20drivers,=20KEY_3DES_192,=20= MODE_ECB,=201,=20in,=20inlen,=20"KEY_3DES_192/MODE_ECB");=20*/=0A+=20=20=20= =20/*=20crypto_block_cross(tc,=20pool,=20drivers,=20KEY_3DES_192,=20= MODE_ECB,=201,=20in,=20inlen,=2024,=20"KEY_3DES_192/MODE_ECB");=20*/=0A=20= =0A=20=20=20=20=20crypto_block_cross(tc,=20pool,=20drivers,=20= APR_KEY_AES_256,=20APR_MODE_CBC,=201,=20in,=0A-=20=20=20=20=20=20=20=20=20= =20=20=20inlen,=20"KEY_AES_256/MODE_CBC");=0A+=20=20=20=20=20=20=20=20=20= =20=20=20inlen,=2032,=20"KEY_AES_256/MODE_CBC");=0A=20=0A=20=20=20=20=20= /*=20KEY_AES_256=20/=20MODE_ECB=20doesn't=20support=20padding=20on=20NSS=20= */=0A-=20=20=20=20/*crypto_block_cross(tc,=20pool,=20drivers,=20= KEY_AES_256,=20MODE_ECB,=201,=20in,=20inlen,=20= "KEY_AES_256/MODE_ECB");*/=0A+=20=20=20=20/*crypto_block_cross(tc,=20= pool,=20drivers,=20KEY_AES_256,=20MODE_ECB,=201,=20in,=20inlen,=2032,=20= "KEY_AES_256/MODE_ECB");*/=0A=20=0A=20=20=20=20=20crypto_block_cross(tc,=20= pool,=20drivers,=20APR_KEY_AES_192,=20APR_MODE_CBC,=201,=20in,=20inlen,=0A= -=20=20=20=20=20=20=20=20=20=20=20=20"KEY_AES_192/MODE_CBC");=0A+=20=20=20= =20=20=20=20=20=20=20=20=2024,=20"KEY_AES_192/MODE_CBC");=0A=20=0A=20=20=20= =20=20/*=20KEY_AES_192=20/=20MODE_ECB=20doesn't=20support=20padding=20on=20= NSS=20*/=0A=20=20=20=20=20/*crypto_block_cross(tc,=20pool,=20drivers,=20= APR_KEY_AES_192,=20APR_MODE_ECB,=201,=20in,=20inlen,=0A-=20=20=20=20=20=20= =20=20=20=20=20=20"KEY_AES_192/MODE_ECB");*/=0A+=20=20=20=20=20=20=20=20=20= =20=20=2024,=20"KEY_AES_192/MODE_ECB");*/=0A=20=0A=20=20=20=20=20= crypto_block_cross(tc,=20pool,=20drivers,=20APR_KEY_AES_128,=20= APR_MODE_CBC,=201,=20in,=20inlen,=0A-=20=20=20=20=20=20=20=20=20=20=20=20= "KEY_AES_128/MODE_CBC");=0A+=20=20=20=20=20=20=20=20=20=20=20=2016,=20= "KEY_AES_128/MODE_CBC");=0A=20=0A=20=20=20=20=20/*=20KEY_AES_128=20/=20= MODE_ECB=20doesn't=20support=20padding=20on=20NSS=20*/=0A=20=20=20=20=20= /*crypto_block_cross(tc,=20pool,=20drivers,=20APR_KEY_AES_128,=20= APR_MODE_ECB,=201,=20in,=20inlen,=0A-=20=20=20=20=20=20=20=20=20=20=20=20= "KEY_AES_128/MODE_ECB");*/=0A+=20=20=20=20=20=20=20=20=20=20=20=2016,=20= "KEY_AES_128/MODE_ECB");*/=0A=20=0A=20=20=20=20=20= apr_pool_destroy(pool);=0A=20=0A@@=20-863,21=20+1072,21=20@@=0A=20=20=20=20= =20drivers[1]=20=3D=20get_openssl_driver(tc,=20pool);=0A=20=0A=20=20=20=20= =20crypto_block_cross(tc,=20pool,=20drivers,=20APR_KEY_3DES_192,=20= APR_MODE_CBC,=201,=20in,=0A-=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= "KEY_3DES_192/MODE_CBC");=0A+=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= 24,=20"KEY_3DES_192/MODE_CBC");=0A=20=20=20=20=20crypto_block_cross(tc,=20= pool,=20drivers,=20APR_KEY_3DES_192,=20APR_MODE_ECB,=201,=20in,=0A-=20=20= =20=20=20=20=20=20=20=20=20=20inlen,=20"KEY_3DES_192/MODE_ECB");=0A+=20=20= =20=20=20=20=20=20=20=20=20=20inlen,=2024,=20"KEY_3DES_192/MODE_ECB");=0A= =20=20=20=20=20crypto_block_cross(tc,=20pool,=20drivers,=20= APR_KEY_AES_256,=20APR_MODE_CBC,=201,=20in,=0A-=20=20=20=20=20=20=20=20=20= =20=20=20inlen,=20"KEY_AES_256/MODE_CBC");=0A+=20=20=20=20=20=20=20=20=20= =20=20=20inlen,=2032,=20"KEY_AES_256/MODE_CBC");=0A=20=20=20=20=20= crypto_block_cross(tc,=20pool,=20drivers,=20APR_KEY_AES_256,=20= APR_MODE_ECB,=201,=20in,=0A-=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= "KEY_AES_256/MODE_ECB");=0A+=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= 32,=20"KEY_AES_256/MODE_ECB");=0A=20=20=20=20=20crypto_block_cross(tc,=20= pool,=20drivers,=20APR_KEY_AES_192,=20APR_MODE_CBC,=201,=20in,=0A-=20=20=20= =20=20=20=20=20=20=20=20=20inlen,=20"KEY_AES_192/MODE_CBC");=0A+=20=20=20= =20=20=20=20=20=20=20=20=20inlen,=2024,=20"KEY_AES_192/MODE_CBC");=0A=20=20= =20=20=20crypto_block_cross(tc,=20pool,=20drivers,=20APR_KEY_AES_192,=20= APR_MODE_ECB,=201,=20in,=0A-=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= "KEY_AES_192/MODE_ECB");=0A+=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= 24,=20"KEY_AES_192/MODE_ECB");=0A=20=20=20=20=20crypto_block_cross(tc,=20= pool,=20drivers,=20APR_KEY_AES_128,=20APR_MODE_CBC,=201,=20in,=0A-=20=20=20= =20=20=20=20=20=20=20=20=20inlen,=20"KEY_AES_128/MODE_CBC");=0A+=20=20=20= =20=20=20=20=20=20=20=20=20inlen,=2016,=20"KEY_AES_128/MODE_CBC");=0A=20=20= =20=20=20crypto_block_cross(tc,=20pool,=20drivers,=20APR_KEY_AES_128,=20= APR_MODE_ECB,=201,=20in,=0A-=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= "KEY_AES_128/MODE_ECB");=0A+=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= 16,=20"KEY_AES_128/MODE_ECB");=0A=20=0A=20=20=20=20=20= apr_pool_destroy(pool);=0A=20=0A@@=20-901,21=20+1110,21=20@@=0A=20=20=20=20= =20drivers[1]=20=3D=20get_commoncrypto_driver(tc,=20pool);=0A=20=0A=20=20= =20=20=20crypto_block_cross(tc,=20pool,=20drivers,=20APR_KEY_3DES_192,=20= APR_MODE_CBC,=201,=20in,=0A-=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= "KEY_3DES_192/MODE_CBC");=0A+=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= 24,=20"KEY_3DES_192/MODE_CBC");=0A=20=20=20=20=20crypto_block_cross(tc,=20= pool,=20drivers,=20APR_KEY_3DES_192,=20APR_MODE_ECB,=201,=20in,=0A-=20=20= =20=20=20=20=20=20=20=20=20=20inlen,=20"KEY_3DES_192/MODE_ECB");=0A+=20=20= =20=20=20=20=20=20=20=20=20=20inlen,=2024,=20"KEY_3DES_192/MODE_ECB");=0A= =20=20=20=20=20crypto_block_cross(tc,=20pool,=20drivers,=20= APR_KEY_AES_256,=20APR_MODE_CBC,=201,=20in,=0A-=20=20=20=20=20=20=20=20=20= =20=20=20inlen,=20"KEY_AES_256/MODE_CBC");=0A+=20=20=20=20=20=20=20=20=20= =20=20=20inlen,=2032,=20"KEY_AES_256/MODE_CBC");=0A=20=20=20=20=20= crypto_block_cross(tc,=20pool,=20drivers,=20APR_KEY_AES_256,=20= APR_MODE_ECB,=201,=20in,=0A-=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= "KEY_AES_256/MODE_ECB");=0A+=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= 32,=20"KEY_AES_256/MODE_ECB");=0A=20=20=20=20=20crypto_block_cross(tc,=20= pool,=20drivers,=20APR_KEY_AES_192,=20APR_MODE_CBC,=201,=20in,=0A-=20=20=20= =20=20=20=20=20=20=20=20=20inlen,=20"KEY_AES_192/MODE_CBC");=0A+=20=20=20= =20=20=20=20=20=20=20=20=20inlen,=2024,=20"KEY_AES_192/MODE_CBC");=0A=20=20= =20=20=20crypto_block_cross(tc,=20pool,=20drivers,=20APR_KEY_AES_192,=20= APR_MODE_ECB,=201,=20in,=0A-=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= "KEY_AES_192/MODE_ECB");=0A+=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= 24,=20"KEY_AES_192/MODE_ECB");=0A=20=20=20=20=20crypto_block_cross(tc,=20= pool,=20drivers,=20APR_KEY_AES_128,=20APR_MODE_CBC,=201,=20in,=0A-=20=20=20= =20=20=20=20=20=20=20=20=20inlen,=20"KEY_AES_128/MODE_CBC");=0A+=20=20=20= =20=20=20=20=20=20=20=20=20inlen,=2016,=20"KEY_AES_128/MODE_CBC");=0A=20=20= =20=20=20crypto_block_cross(tc,=20pool,=20drivers,=20APR_KEY_AES_128,=20= APR_MODE_ECB,=201,=20in,=0A-=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= "KEY_AES_128/MODE_ECB");=0A+=20=20=20=20=20=20=20=20=20=20=20=20inlen,=20= 16,=20"KEY_AES_128/MODE_ECB");=0A=20=0A=20=20=20=20=20= apr_pool_destroy(pool);=0A=20=0A@@=20-1156,6=20+1365,15=20@@=0A=20=20=20=20= =20/*=20test=20simple=20init=20and=20shutdown=20*/=0A=20=20=20=20=20= abts_run_test(suite,=20test_crypto_init,=20NULL);=0A=20=0A+=20=20=20=20= /*=20test=20key=20parsing=20-=20openssl=20*/=0A+=20=20=20=20= abts_run_test(suite,=20test_crypto_key_openssl,=20NULL);=0A+=0A+=20=20=20= =20/*=20test=20key=20parsing=20-=20nss=20*/=0A+=20=20=20=20= abts_run_test(suite,=20test_crypto_key_nss,=20NULL);=0A+=0A+=20=20=20=20= /*=20test=20key=20parsing=20-=20commoncrypto=20*/=0A+=20=20=20=20= abts_run_test(suite,=20test_crypto_key_commoncrypto,=20NULL);=0A+=0A=20=20= =20=20=20/*=20test=20a=20simple=20encrypt=20/=20decrypt=20operation=20-=20= openssl=20*/=0A=20=20=20=20=20abts_run_test(suite,=20= test_crypto_block_openssl,=20NULL);=0A=20=0AIndex:=20crypto/apr_crypto.c=0A= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=0A---=20= crypto/apr_crypto.c=09(revision=201627411)=0A+++=20crypto/apr_crypto.c=09= (working=20copy)=0A@@=20-286,7=20+286,7=20@@=0A=20=0A=20/**=0A=20=20*=20= @brief=20Get=20a=20hash=20table=20of=20key=20types,=20keyed=20by=20the=20= name=20of=20the=20type=20against=0A-=20*=20an=20integer=20pointer=20= constant.=0A+=20*=20a=20pointer=20to=20apr_crypto_block_key_type_t.=0A=20= =20*=0A=20=20*=20@param=20types=20-=20hashtable=20of=20key=20types=20= keyed=20to=20constants.=0A=20=20*=20@param=20f=20-=20encryption=20= context=0A@@=20-300,7=20+300,7=20@@=0A=20=0A=20/**=0A=20=20*=20@brief=20= Get=20a=20hash=20table=20of=20key=20modes,=20keyed=20by=20the=20name=20= of=20the=20mode=20against=0A-=20*=20an=20integer=20pointer=20constant.=0A= +=20*=20a=20pointer=20to=20apr_crypto_block_key_mode_t.=0A=20=20*=0A=20=20= *=20@param=20modes=20-=20hashtable=20of=20key=20modes=20keyed=20to=20= constants.=0A=20=20*=20@param=20f=20-=20encryption=20context=0A@@=20= -313,6=20+313,28=20@@=0A=20}=0A=20=0A=20/**=0A+=20*=20@brief=20Create=20= a=20key=20from=20the=20provided=20secret=20or=20passphrase.=20The=20key=20= is=20cleaned=0A+=20*=20=20=20=20=20=20=20=20up=20when=20the=20context=20= is=20cleaned,=20and=20may=20be=20reused=20with=20multiple=20encryption=0A= +=20*=20=20=20=20=20=20=20=20or=20decryption=20operations.=0A+=20*=20= @note=20If=20*key=20is=20NULL,=20a=20apr_crypto_key_t=20will=20be=20= created=20from=20a=20pool.=20If=0A+=20*=20=20=20=20=20=20=20*key=20is=20= not=20NULL,=20*key=20must=20point=20at=20a=20previously=20created=20= structure.=0A+=20*=20@param=20key=20The=20key=20returned,=20see=20note.=0A= +=20*=20@param=20rec=20The=20key=20record,=20from=20which=20the=20key=20= will=20be=20derived.=0A+=20*=20@param=20f=20The=20context=20to=20use.=0A= +=20*=20@param=20p=20The=20pool=20to=20use.=0A+=20*=20@return=20Returns=20= APR_ENOKEY=20if=20the=20pass=20phrase=20is=20missing=20or=20empty,=20or=20= if=20a=20backend=0A+=20*=20=20=20=20=20=20=20=20=20error=20occurred=20= while=20generating=20the=20key.=20APR_ENOCIPHER=20if=20the=20type=20or=20= mode=0A+=20*=20=20=20=20=20=20=20=20=20is=20not=20supported=20by=20the=20= particular=20backend.=20APR_EKEYTYPE=20if=20the=20key=20type=20is=0A+=20= *=20=20=20=20=20=20=20=20=20not=20known.=20APR_EPADDING=20if=20padding=20= was=20requested=20but=20is=20not=20supported.=0A+=20*=20=20=20=20=20=20=20= =20=20APR_ENOTIMPL=20if=20not=20implemented.=0A+=20*/=0A= +APR_DECLARE(apr_status_t)=20apr_crypto_key(apr_crypto_key_t=20**key,=0A= +=20=20=20=20=20=20=20=20const=20apr_crypto_key_rec_t=20*rec,=20const=20= apr_crypto_t=20*f,=20apr_pool_t=20*p)=0A+{=0A+=20=20=20=20return=20= f->provider->key(key,=20rec,=20f,=20p);=0A+}=0A+=0A+/**=0A=20=20*=20= @brief=20Create=20a=20key=20from=20the=20given=20passphrase.=20By=20= default,=20the=20PBKDF2=0A=20=20*=20=20=20=20=20=20=20=20algorithm=20is=20= used=20to=20generate=20the=20key=20from=20the=20passphrase.=20It=20is=20= expected=0A=20=20*=20=20=20=20=20=20=20=20that=20the=20same=20pass=20= phrase=20will=20generate=20the=20same=20key,=20regardless=20of=20the=0A= Index:=20crypto/apr_crypto_commoncrypto.c=0A= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=0A---=20= crypto/apr_crypto_commoncrypto.c=09(revision=201627411)=0A+++=20= crypto/apr_crypto_commoncrypto.c=09(working=20copy)=0A@@=20-69,13=20= +69,17=20@@=0A=20=20=20=20=20CCCryptorRef=20ref;=0D=0A=20};=0D=0A=20=0D=0A= -static=20int=20key_3des_192=20=3D=20APR_KEY_3DES_192;=0D=0A-static=20= int=20key_aes_128=20=3D=20APR_KEY_AES_128;=0D=0A-static=20int=20= key_aes_192=20=3D=20APR_KEY_AES_192;=0D=0A-static=20int=20key_aes_256=20= =3D=20APR_KEY_AES_256;=0D=0A+static=20struct=20= apr_crypto_block_key_type_t=20key_types[]=20=3D=0D=0A+{=0D=0A+{=20= APR_KEY_3DES_192,=2024,=208,=208=20},=0D=0A+{=20APR_KEY_AES_128,=2016,=20= 16,=2016=20},=0D=0A+{=20APR_KEY_AES_192,=2024,=2016,=2016=20},=0D=0A+{=20= APR_KEY_AES_256,=2032,=2016,=2016=20}=20};=0D=0A=20=0D=0A-static=20int=20= mode_ecb=20=3D=20APR_MODE_ECB;=0D=0A-static=20int=20mode_cbc=20=3D=20= APR_MODE_CBC;=0D=0A+static=20struct=20apr_crypto_block_key_mode_t=20= key_modes[]=20=3D=0D=0A+{=0D=0A+{=20APR_MODE_ECB=20},=0D=0A+{=20= APR_MODE_CBC=20}=20};=0D=0A=20=0D=0A=20/**=0D=0A=20=20*=20Fetch=20the=20= most=20recent=20error=20from=20this=20driver.=0D=0A@@=20-211,17=20= +215,17=20@@=0A=20=20=20=20=20if=20(!f->types)=20{=0D=0A=20=20=20=20=20=20= =20=20=20return=20APR_ENOMEM;=0D=0A=20=20=20=20=20}=0D=0A-=20=20=20=20= apr_hash_set(f->types,=20"3des192",=20APR_HASH_KEY_STRING,=20= &(key_3des_192));=0D=0A-=20=20=20=20apr_hash_set(f->types,=20"aes128",=20= APR_HASH_KEY_STRING,=20&(key_aes_128));=0D=0A-=20=20=20=20= apr_hash_set(f->types,=20"aes192",=20APR_HASH_KEY_STRING,=20= &(key_aes_192));=0D=0A-=20=20=20=20apr_hash_set(f->types,=20"aes256",=20= APR_HASH_KEY_STRING,=20&(key_aes_256));=0D=0A+=20=20=20=20= apr_hash_set(f->types,=20"3des192",=20APR_HASH_KEY_STRING,=20= &(key_types[0]));=0D=0A+=20=20=20=20apr_hash_set(f->types,=20"aes128",=20= APR_HASH_KEY_STRING,=20&(key_types[1]));=0D=0A+=20=20=20=20= apr_hash_set(f->types,=20"aes192",=20APR_HASH_KEY_STRING,=20= &(key_types[2]));=0D=0A+=20=20=20=20apr_hash_set(f->types,=20"aes256",=20= APR_HASH_KEY_STRING,=20&(key_types[3]));=0D=0A=20=0D=0A=20=20=20=20=20= f->modes=20=3D=20apr_hash_make(pool);=0D=0A=20=20=20=20=20if=20= (!f->modes)=20{=0D=0A=20=20=20=20=20=20=20=20=20return=20APR_ENOMEM;=0D=0A= =20=20=20=20=20}=0D=0A-=20=20=20=20apr_hash_set(f->modes,=20"ecb",=20= APR_HASH_KEY_STRING,=20&(mode_ecb));=0D=0A-=20=20=20=20= apr_hash_set(f->modes,=20"cbc",=20APR_HASH_KEY_STRING,=20&(mode_cbc));=0D= =0A+=20=20=20=20apr_hash_set(f->modes,=20"ecb",=20APR_HASH_KEY_STRING,=20= &(key_modes[0]));=0D=0A+=20=20=20=20apr_hash_set(f->modes,=20"cbc",=20= APR_HASH_KEY_STRING,=20&(key_modes[1]));=0D=0A=20=0D=0A=20=20=20=20=20= apr_pool_cleanup_register(pool,=20f,=20crypto_cleanup_helper,=0D=0A=20=20= =20=20=20=20=20=20=20=20=20=20=20apr_pool_cleanup_null);=0D=0A@@=20= -232,7=20+236,7=20@@=0A=20=0D=0A=20/**=0D=0A=20=20*=20@brief=20Get=20a=20= hash=20table=20of=20key=20types,=20keyed=20by=20the=20name=20of=20the=20= type=20against=0D=0A-=20*=20an=20integer=20pointer=20constant.=0D=0A+=20= *=20a=20pointer=20to=20apr_crypto_block_key_type_t.=0D=0A=20=20*=0D=0A=20= =20*=20@param=20types=20-=20hashtable=20of=20key=20types=20keyed=20to=20= constants.=0D=0A=20=20*=20@param=20f=20-=20encryption=20context=0D=0A@@=20= -247,7=20+251,7=20@@=0A=20=0D=0A=20/**=0D=0A=20=20*=20@brief=20Get=20a=20= hash=20table=20of=20key=20modes,=20keyed=20by=20the=20name=20of=20the=20= mode=20against=0D=0A-=20*=20an=20integer=20pointer=20constant.=0D=0A+=20= *=20a=20pointer=20to=20apr_crypto_block_key_mode_t.=0D=0A=20=20*=0D=0A=20= =20*=20@param=20modes=20-=20hashtable=20of=20key=20modes=20keyed=20to=20= constants.=0D=0A=20=20*=20@param=20f=20-=20encryption=20context=0D=0A@@=20= -260,52=20+264,13=20@@=0A=20=20=20=20=20return=20APR_SUCCESS;=0D=0A=20}=0D= =0A=20=0D=0A-/**=0D=0A-=20*=20@brief=20Create=20a=20key=20from=20the=20= given=20passphrase.=20By=20default,=20the=20PBKDF2=0D=0A-=20*=20=20=20=20= =20=20=20=20algorithm=20is=20used=20to=20generate=20the=20key=20from=20= the=20passphrase.=20It=20is=20expected=0D=0A-=20*=20=20=20=20=20=20=20=20= that=20the=20same=20pass=20phrase=20will=20generate=20the=20same=20key,=20= regardless=20of=20the=0D=0A-=20*=20=20=20=20=20=20=20=20backend=20crypto=20= platform=20used.=20The=20key=20is=20cleaned=20up=20when=20the=20context=0D= =0A-=20*=20=20=20=20=20=20=20=20is=20cleaned,=20and=20may=20be=20reused=20= with=20multiple=20encryption=20or=20decryption=0D=0A-=20*=20=20=20=20=20=20= =20=20operations.=0D=0A-=20*=20@note=20If=20*key=20is=20NULL,=20a=20= apr_crypto_key_t=20will=20be=20created=20from=20a=20pool.=20If=0D=0A-=20= *=20=20=20=20=20=20=20*key=20is=20not=20NULL,=20*key=20must=20point=20at=20= a=20previously=20created=20structure.=0D=0A-=20*=20@param=20key=20The=20= key=20returned,=20see=20note.=0D=0A-=20*=20@param=20ivSize=20The=20size=20= of=20the=20initialisation=20vector=20will=20be=20returned,=20based=0D=0A= -=20*=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20on=20whether=20an=20IV=20= is=20relevant=20for=20this=20type=20of=20crypto.=0D=0A-=20*=20@param=20= pass=20The=20passphrase=20to=20use.=0D=0A-=20*=20@param=20passLen=20The=20= passphrase=20length=20in=20bytes=0D=0A-=20*=20@param=20salt=20The=20salt=20= to=20use.=0D=0A-=20*=20@param=20saltLen=20The=20salt=20length=20in=20= bytes=0D=0A-=20*=20@param=20type=203DES_192,=20AES_128,=20AES_192,=20= AES_256.=0D=0A-=20*=20@param=20mode=20Electronic=20Code=20Book=20/=20= Cipher=20Block=20Chaining.=0D=0A-=20*=20@param=20doPad=20Pad=20if=20= necessary.=0D=0A-=20*=20@param=20iterations=20Iteration=20count=0D=0A-=20= *=20@param=20f=20The=20context=20to=20use.=0D=0A-=20*=20@param=20p=20The=20= pool=20to=20use.=0D=0A-=20*=20@return=20Returns=20APR_ENOKEY=20if=20the=20= pass=20phrase=20is=20missing=20or=20empty,=20or=20if=20a=20backend=0D=0A= -=20*=20=20=20=20=20=20=20=20=20error=20occurred=20while=20generating=20= the=20key.=20APR_ENOCIPHER=20if=20the=20type=20or=20mode=0D=0A-=20*=20=20= =20=20=20=20=20=20=20is=20not=20supported=20by=20the=20particular=20= backend.=20APR_EKEYTYPE=20if=20the=20key=20type=20is=0D=0A-=20*=20=20=20=20= =20=20=20=20=20not=20known.=20APR_EPADDING=20if=20padding=20was=20= requested=20but=20is=20not=20supported.=0D=0A-=20*=20=20=20=20=20=20=20=20= =20APR_ENOTIMPL=20if=20not=20implemented.=0D=0A+/*=0D=0A+=20*=20Work=20= out=20which=20mechanism=20to=20use.=0D=0A=20=20*/=0D=0A-static=20= apr_status_t=20crypto_passphrase(apr_crypto_key_t=20**k,=20apr_size_t=20= *ivSize,=0D=0A-=20=20=20=20=20=20=20=20const=20char=20*pass,=20= apr_size_t=20passLen,=20const=20unsigned=20char=20*=20salt,=0D=0A-=20=20=20= =20=20=20=20=20apr_size_t=20saltLen,=20const=20= apr_crypto_block_key_type_e=20type,=0D=0A-=20=20=20=20=20=20=20=20const=20= apr_crypto_block_key_mode_e=20mode,=20const=20int=20doPad,=0D=0A-=20=20=20= =20=20=20=20=20const=20int=20iterations,=20const=20apr_crypto_t=20*f,=20= apr_pool_t=20*p)=0D=0A+static=20apr_status_t=20= crypto_cipher_mechanism(apr_crypto_key_t=20*key,=0D=0A+=20=20=20=20=20=20= =20=20const=20apr_crypto_block_key_type_e=20type,=0D=0A+=20=20=20=20=20=20= =20=20const=20apr_crypto_block_key_mode_e=20mode,=20const=20int=20doPad,=20= apr_pool_t=20*p)=0D=0A=20{=0D=0A-=20=20=20=20apr_crypto_key_t=20*key=20=3D= =20*k;=0D=0A-=0D=0A-=20=20=20=20if=20(!key)=20{=0D=0A-=20=20=20=20=20=20=20= =20*k=20=3D=20key=20=3D=20apr_array_push(f->keys);=0D=0A-=20=20=20=20}=0D= =0A-=20=20=20=20if=20(!key)=20{=0D=0A-=20=20=20=20=20=20=20=20return=20= APR_ENOMEM;=0D=0A-=20=20=20=20}=0D=0A-=0D=0A-=20=20=20=20key->f=20=3D=20= f;=0D=0A-=20=20=20=20key->provider=20=3D=20f->provider;=0D=0A-=0D=0A=20=20= =20=20=20/*=20handle=20padding=20*/=0D=0A=20=20=20=20=20key->options=20=3D= =20doPad=20?=20kCCOptionPKCS7Padding=20:=200;=0D=0A=20=0D=0A@@=20-391,12=20= +356,145=20@@=0A=20=20=20=20=20}=0D=0A=20=0D=0A=20=20=20=20=20/*=20make=20= space=20for=20the=20key=20*/=0D=0A-=20=20=20=20key->key=20=3D=20= apr_pcalloc(p,=20key->keyLen);=0D=0A+=20=20=20=20key->key=20=3D=20= apr_palloc(p,=20key->keyLen);=0D=0A=20=20=20=20=20if=20(!key->key)=20{=0D= =0A=20=20=20=20=20=20=20=20=20return=20APR_ENOMEM;=0D=0A=20=20=20=20=20}=0D= =0A=20=20=20=20=20apr_crypto_clear(p,=20key->key,=20key->keyLen);=0D=0A=20= =0D=0A+=20=20=20=20return=20APR_SUCCESS;=0D=0A+}=0D=0A+=0D=0A+/**=0D=0A+=20= *=20@brief=20Create=20a=20key=20from=20the=20provided=20secret=20or=20= passphrase.=20The=20key=20is=20cleaned=0D=0A+=20*=20=20=20=20=20=20=20=20= up=20when=20the=20context=20is=20cleaned,=20and=20may=20be=20reused=20= with=20multiple=20encryption=0D=0A+=20*=20=20=20=20=20=20=20=20or=20= decryption=20operations.=0D=0A+=20*=20@note=20If=20*key=20is=20NULL,=20a=20= apr_crypto_key_t=20will=20be=20created=20from=20a=20pool.=20If=0D=0A+=20= *=20=20=20=20=20=20=20*key=20is=20not=20NULL,=20*key=20must=20point=20at=20= a=20previously=20created=20structure.=0D=0A+=20*=20@param=20key=20The=20= key=20returned,=20see=20note.=0D=0A+=20*=20@param=20rec=20The=20key=20= record,=20from=20which=20the=20key=20will=20be=20derived.=0D=0A+=20*=20= @param=20f=20The=20context=20to=20use.=0D=0A+=20*=20@param=20p=20The=20= pool=20to=20use.=0D=0A+=20*=20@return=20Returns=20APR_ENOKEY=20if=20the=20= pass=20phrase=20is=20missing=20or=20empty,=20or=20if=20a=20backend=0D=0A= +=20*=20=20=20=20=20=20=20=20=20error=20occurred=20while=20generating=20= the=20key.=20APR_ENOCIPHER=20if=20the=20type=20or=20mode=0D=0A+=20*=20=20= =20=20=20=20=20=20=20is=20not=20supported=20by=20the=20particular=20= backend.=20APR_EKEYTYPE=20if=20the=20key=20type=20is=0D=0A+=20*=20=20=20=20= =20=20=20=20=20not=20known.=20APR_EPADDING=20if=20padding=20was=20= requested=20but=20is=20not=20supported.=0D=0A+=20*=20=20=20=20=20=20=20=20= =20APR_ENOTIMPL=20if=20not=20implemented.=0D=0A+=20*/=0D=0A+static=20= apr_status_t=20crypto_key(apr_crypto_key_t=20**k,=0D=0A+=20=20=20=20=20=20= =20=20const=20apr_crypto_key_rec_t=20*rec,=20const=20apr_crypto_t=20*f,=20= apr_pool_t=20*p)=0D=0A+{=0D=0A+=20=20=20=20apr_status_t=20rv;=0D=0A+=20=20= =20=20apr_crypto_key_t=20*key=20=3D=20*k;=0D=0A+=0D=0A+=20=20=20=20if=20= (!key)=20{=0D=0A+=20=20=20=20=20=20=20=20*k=20=3D=20key=20=3D=20= apr_array_push(f->keys);=0D=0A+=20=20=20=20}=0D=0A+=20=20=20=20if=20= (!key)=20{=0D=0A+=20=20=20=20=20=20=20=20return=20APR_ENOMEM;=0D=0A+=20=20= =20=20}=0D=0A+=0D=0A+=20=20=20=20key->f=20=3D=20f;=0D=0A+=20=20=20=20= key->provider=20=3D=20f->provider;=0D=0A+=0D=0A+=20=20=20=20/*=20decide=20= on=20what=20cipher=20mechanism=20we=20will=20be=20using=20*/=0D=0A+=20=20= =20=20rv=20=3D=20crypto_cipher_mechanism(key,=20rec->type,=20rec->mode,=20= rec->pad,=20p);=0D=0A+=20=20=20=20if=20(APR_SUCCESS=20!=3D=20rv)=20{=0D=0A= +=20=20=20=20=20=20=20=20return=20rv;=0D=0A+=20=20=20=20}=0D=0A+=0D=0A+=20= =20=20=20switch=20(rec->ktype)=20{=0D=0A+=0D=0A+=20=20=20=20case=20= APR_CRYPTO_KTYPE_PASSPHRASE:=20{=0D=0A+=0D=0A+=20=20=20=20=20=20=20=20/*=20= generate=20the=20key=20*/=0D=0A+=20=20=20=20=20=20=20=20if=20= ((f->result->rc=20=3D=20CCKeyDerivationPBKDF(kCCPBKDF2,=0D=0A+=20=20=20=20= =20=20=20=20=20=20=20=20=20=20=20=20rec->k.passphrase.pass,=20= rec->k.passphrase.passLen,=0D=0A+=20=20=20=20=20=20=20=20=20=20=20=20=20=20= =20=20rec->k.passphrase.salt,=20rec->k.passphrase.saltLen,=0D=0A+=20=20=20= =20=20=20=20=20=20=20=20=20=20=20=20=20kCCPRFHmacAlgSHA1,=20= rec->k.passphrase.iterations,=20key->key,=0D=0A+=20=20=20=20=20=20=20=20=20= =20=20=20=20=20=20=20key->keyLen))=20=3D=3D=20kCCParamError)=20{=0D=0A+=20= =20=20=20=20=20=20=20=20=20=20=20return=20APR_ENOKEY;=0D=0A+=20=20=20=20=20= =20=20=20}=0D=0A+=0D=0A+=20=20=20=20=20=20=20=20break;=0D=0A+=20=20=20=20= }=0D=0A+=0D=0A+=20=20=20=20case=20APR_CRYPTO_KTYPE_SECRET:=20{=0D=0A+=0D=0A= +=20=20=20=20=20=20=20=20/*=20sanity=20check=20-=20key=20correct=20size?=20= */=0D=0A+=20=20=20=20=20=20=20=20if=20(rec->k.secret.secretLen=20!=3D=20= key->keyLen)=20{=0D=0A+=20=20=20=20=20=20=20=20=20=20=20=20return=20= APR_EKEYLENGTH;=0D=0A+=20=20=20=20=20=20=20=20}=0D=0A+=0D=0A+=20=20=20=20= =20=20=20=20/*=20copy=20the=20key=20*/=0D=0A+=20=20=20=20=20=20=20=20= memcpy(key->key,=20rec->k.secret.secret,=20rec->k.secret.secretLen);=0D=0A= +=0D=0A+=20=20=20=20=20=20=20=20break;=0D=0A+=20=20=20=20}=0D=0A+=0D=0A+=20= =20=20=20default:=20{=0D=0A+=0D=0A+=20=20=20=20=20=20=20=20return=20= APR_ENOKEY;=0D=0A+=0D=0A+=20=20=20=20}=0D=0A+=20=20=20=20}=0D=0A+=0D=0A+=20= =20=20=20return=20APR_SUCCESS;=0D=0A+}=0D=0A+=0D=0A+/**=0D=0A+=20*=20= @brief=20Create=20a=20key=20from=20the=20given=20passphrase.=20By=20= default,=20the=20PBKDF2=0D=0A+=20*=20=20=20=20=20=20=20=20algorithm=20is=20= used=20to=20generate=20the=20key=20from=20the=20passphrase.=20It=20is=20= expected=0D=0A+=20*=20=20=20=20=20=20=20=20that=20the=20same=20pass=20= phrase=20will=20generate=20the=20same=20key,=20regardless=20of=20the=0D=0A= +=20*=20=20=20=20=20=20=20=20backend=20crypto=20platform=20used.=20The=20= key=20is=20cleaned=20up=20when=20the=20context=0D=0A+=20*=20=20=20=20=20=20= =20=20is=20cleaned,=20and=20may=20be=20reused=20with=20multiple=20= encryption=20or=20decryption=0D=0A+=20*=20=20=20=20=20=20=20=20= operations.=0D=0A+=20*=20@note=20If=20*key=20is=20NULL,=20a=20= apr_crypto_key_t=20will=20be=20created=20from=20a=20pool.=20If=0D=0A+=20= *=20=20=20=20=20=20=20*key=20is=20not=20NULL,=20*key=20must=20point=20at=20= a=20previously=20created=20structure.=0D=0A+=20*=20@param=20key=20The=20= key=20returned,=20see=20note.=0D=0A+=20*=20@param=20ivSize=20The=20size=20= of=20the=20initialisation=20vector=20will=20be=20returned,=20based=0D=0A= +=20*=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20on=20whether=20an=20IV=20= is=20relevant=20for=20this=20type=20of=20crypto.=0D=0A+=20*=20@param=20= pass=20The=20passphrase=20to=20use.=0D=0A+=20*=20@param=20passLen=20The=20= passphrase=20length=20in=20bytes=0D=0A+=20*=20@param=20salt=20The=20salt=20= to=20use.=0D=0A+=20*=20@param=20saltLen=20The=20salt=20length=20in=20= bytes=0D=0A+=20*=20@param=20type=203DES_192,=20AES_128,=20AES_192,=20= AES_256.=0D=0A+=20*=20@param=20mode=20Electronic=20Code=20Book=20/=20= Cipher=20Block=20Chaining.=0D=0A+=20*=20@param=20doPad=20Pad=20if=20= necessary.=0D=0A+=20*=20@param=20iterations=20Iteration=20count=0D=0A+=20= *=20@param=20f=20The=20context=20to=20use.=0D=0A+=20*=20@param=20p=20The=20= pool=20to=20use.=0D=0A+=20*=20@return=20Returns=20APR_ENOKEY=20if=20the=20= pass=20phrase=20is=20missing=20or=20empty,=20or=20if=20a=20backend=0D=0A= +=20*=20=20=20=20=20=20=20=20=20error=20occurred=20while=20generating=20= the=20key.=20APR_ENOCIPHER=20if=20the=20type=20or=20mode=0D=0A+=20*=20=20= =20=20=20=20=20=20=20is=20not=20supported=20by=20the=20particular=20= backend.=20APR_EKEYTYPE=20if=20the=20key=20type=20is=0D=0A+=20*=20=20=20=20= =20=20=20=20=20not=20known.=20APR_EPADDING=20if=20padding=20was=20= requested=20but=20is=20not=20supported.=0D=0A+=20*=20=20=20=20=20=20=20=20= =20APR_ENOTIMPL=20if=20not=20implemented.=0D=0A+=20*/=0D=0A+static=20= apr_status_t=20crypto_passphrase(apr_crypto_key_t=20**k,=20apr_size_t=20= *ivSize,=0D=0A+=20=20=20=20=20=20=20=20const=20char=20*pass,=20= apr_size_t=20passLen,=20const=20unsigned=20char=20*=20salt,=0D=0A+=20=20=20= =20=20=20=20=20apr_size_t=20saltLen,=20const=20= apr_crypto_block_key_type_e=20type,=0D=0A+=20=20=20=20=20=20=20=20const=20= apr_crypto_block_key_mode_e=20mode,=20const=20int=20doPad,=0D=0A+=20=20=20= =20=20=20=20=20const=20int=20iterations,=20const=20apr_crypto_t=20*f,=20= apr_pool_t=20*p)=0D=0A+{=0D=0A+=20=20=20=20apr_status_t=20rv;=0D=0A+=20=20= =20=20apr_crypto_key_t=20*key=20=3D=20*k;=0D=0A+=0D=0A+=20=20=20=20if=20= (!key)=20{=0D=0A+=20=20=20=20=20=20=20=20*k=20=3D=20key=20=3D=20= apr_array_push(f->keys);=0D=0A+=20=20=20=20}=0D=0A+=20=20=20=20if=20= (!key)=20{=0D=0A+=20=20=20=20=20=20=20=20return=20APR_ENOMEM;=0D=0A+=20=20= =20=20}=0D=0A+=0D=0A+=20=20=20=20key->f=20=3D=20f;=0D=0A+=20=20=20=20= key->provider=20=3D=20f->provider;=0D=0A+=0D=0A+=20=20=20=20/*=20decide=20= on=20what=20cipher=20mechanism=20we=20will=20be=20using=20*/=0D=0A+=20=20= =20=20rv=20=3D=20crypto_cipher_mechanism(key,=20type,=20mode,=20doPad,=20= p);=0D=0A+=20=20=20=20if=20(APR_SUCCESS=20!=3D=20rv)=20{=0D=0A+=20=20=20=20= =20=20=20=20return=20rv;=0D=0A+=20=20=20=20}=0D=0A+=0D=0A=20=20=20=20=20= /*=20generate=20the=20key=20*/=0D=0A=20=20=20=20=20if=20((f->result->rc=20= =3D=20CCKeyDerivationPBKDF(kCCPBKDF2,=20pass,=20passLen,=20salt,=0D=0A=20= =20=20=20=20=20=20=20=20=20=20=20=20saltLen,=20kCCPRFHmacAlgSHA1,=20= iterations,=20key->key,=20key->keyLen))=0D=0A@@=20-808,7=20+906,7=20@@=0A= =20=20=20=20=20=20=20=20=20crypto_block_encrypt_init,=20= crypto_block_encrypt,=0D=0A=20=20=20=20=20=20=20=20=20= crypto_block_encrypt_finish,=20crypto_block_decrypt_init,=0D=0A=20=20=20=20= =20=20=20=20=20crypto_block_decrypt,=20crypto_block_decrypt_finish,=20= crypto_block_cleanup,=0D=0A-=20=20=20=20=20=20=20=20crypto_cleanup,=20= crypto_shutdown,=20crypto_error=0D=0A+=20=20=20=20=20=20=20=20= crypto_cleanup,=20crypto_shutdown,=20crypto_error,=20crypto_key=0D=0A=20= };=0D=0A=20=0D=0A=20#endif=0D=0AIndex:=20crypto/apr_crypto_nss.c=0A= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=0A---=20= crypto/apr_crypto_nss.c=09(revision=201627411)=0A+++=20= crypto/apr_crypto_nss.c=09(working=20copy)=0A@@=20-80,14=20+80,21=20@@=0A= =20=20=20=20=20int=20blockSize;=0A=20};=0A=20=0A-static=20int=20= key_3des_192=20=3D=20APR_KEY_3DES_192;=0A-static=20int=20key_aes_128=20=3D= =20APR_KEY_AES_128;=0A-static=20int=20key_aes_192=20=3D=20= APR_KEY_AES_192;=0A-static=20int=20key_aes_256=20=3D=20APR_KEY_AES_256;=0A= +static=20struct=20apr_crypto_block_key_type_t=20key_types[]=20=3D=0A+{=0A= +{=20APR_KEY_3DES_192,=2024,=208,=208=20},=0A+{=20APR_KEY_AES_128,=2016,=20= 16,=2016=20},=0A+{=20APR_KEY_AES_192,=2024,=2016,=2016=20},=0A+{=20= APR_KEY_AES_256,=2032,=2016,=2016=20}=20};=0A=20=0A-static=20int=20= mode_ecb=20=3D=20APR_MODE_ECB;=0A-static=20int=20mode_cbc=20=3D=20= APR_MODE_CBC;=0A+static=20struct=20apr_crypto_block_key_mode_t=20= key_modes[]=20=3D=0A+{=0A+{=20APR_MODE_ECB=20},=0A+{=20APR_MODE_CBC=20}=20= };=0A=20=0A+/*=20sufficient=20space=20to=20wrap=20a=20key=20*/=0A= +#define=20BUFFER_SIZE=20128=0A+=0A=20/**=0A=20=20*=20Fetch=20the=20most=20= recent=20error=20from=20this=20driver.=0A=20=20*/=0A@@=20-315,17=20= +322,17=20@@=0A=20=20=20=20=20if=20(!f->types)=20{=0A=20=20=20=20=20=20=20= =20=20return=20APR_ENOMEM;=0A=20=20=20=20=20}=0A-=20=20=20=20= apr_hash_set(f->types,=20"3des192",=20APR_HASH_KEY_STRING,=20= &(key_3des_192));=0A-=20=20=20=20apr_hash_set(f->types,=20"aes128",=20= APR_HASH_KEY_STRING,=20&(key_aes_128));=0A-=20=20=20=20= apr_hash_set(f->types,=20"aes192",=20APR_HASH_KEY_STRING,=20= &(key_aes_192));=0A-=20=20=20=20apr_hash_set(f->types,=20"aes256",=20= APR_HASH_KEY_STRING,=20&(key_aes_256));=0A+=20=20=20=20= apr_hash_set(f->types,=20"3des192",=20APR_HASH_KEY_STRING,=20= &(key_types[0]));=0A+=20=20=20=20apr_hash_set(f->types,=20"aes128",=20= APR_HASH_KEY_STRING,=20&(key_types[1]));=0A+=20=20=20=20= apr_hash_set(f->types,=20"aes192",=20APR_HASH_KEY_STRING,=20= &(key_types[2]));=0A+=20=20=20=20apr_hash_set(f->types,=20"aes256",=20= APR_HASH_KEY_STRING,=20&(key_types[3]));=0A=20=0A=20=20=20=20=20f->modes=20= =3D=20apr_hash_make(pool);=0A=20=20=20=20=20if=20(!f->modes)=20{=0A=20=20= =20=20=20=20=20=20=20return=20APR_ENOMEM;=0A=20=20=20=20=20}=0A-=20=20=20= =20apr_hash_set(f->modes,=20"ecb",=20APR_HASH_KEY_STRING,=20= &(mode_ecb));=0A-=20=20=20=20apr_hash_set(f->modes,=20"cbc",=20= APR_HASH_KEY_STRING,=20&(mode_cbc));=0A+=20=20=20=20= apr_hash_set(f->modes,=20"ecb",=20APR_HASH_KEY_STRING,=20= &(key_modes[0]));=0A+=20=20=20=20apr_hash_set(f->modes,=20"cbc",=20= APR_HASH_KEY_STRING,=20&(key_modes[1]));=0A=20=0A=20=20=20=20=20= apr_pool_cleanup_register(pool,=20f,=20crypto_cleanup_helper,=0A=20=20=20= =20=20=20=20=20=20=20=20=20=20apr_pool_cleanup_null);=0A@@=20-336,7=20= +343,7=20@@=0A=20=0A=20/**=0A=20=20*=20@brief=20Get=20a=20hash=20table=20= of=20key=20types,=20keyed=20by=20the=20name=20of=20the=20type=20against=0A= -=20*=20an=20integer=20pointer=20constant.=0A+=20*=20a=20pointer=20to=20= apr_crypto_block_key_type_t.=0A=20=20*=0A=20=20*=20@param=20types=20-=20= hashtable=20of=20key=20types=20keyed=20to=20constants.=0A=20=20*=20= @param=20f=20-=20encryption=20context=0A@@=20-351,7=20+358,7=20@@=0A=20=0A= =20/**=0A=20=20*=20@brief=20Get=20a=20hash=20table=20of=20key=20modes,=20= keyed=20by=20the=20name=20of=20the=20mode=20against=0A-=20*=20an=20= integer=20pointer=20constant.=0A+=20*=20a=20pointer=20to=20= apr_crypto_block_key_mode_t.=0A=20=20*=0A=20=20*=20@param=20modes=20-=20= hashtable=20of=20key=20modes=20keyed=20to=20constants.=0A=20=20*=20= @param=20f=20-=20encryption=20context=0A@@=20-364,58=20+371,14=20@@=0A=20= =20=20=20=20return=20APR_SUCCESS;=0A=20}=0A=20=0A-/**=0A-=20*=20@brief=20= Create=20a=20key=20from=20the=20given=20passphrase.=20By=20default,=20= the=20PBKDF2=0A-=20*=20=20=20=20=20=20=20=20algorithm=20is=20used=20to=20= generate=20the=20key=20from=20the=20passphrase.=20It=20is=20expected=0A-=20= *=20=20=20=20=20=20=20=20that=20the=20same=20pass=20phrase=20will=20= generate=20the=20same=20key,=20regardless=20of=20the=0A-=20*=20=20=20=20=20= =20=20=20backend=20crypto=20platform=20used.=20The=20key=20is=20cleaned=20= up=20when=20the=20context=0A-=20*=20=20=20=20=20=20=20=20is=20cleaned,=20= and=20may=20be=20reused=20with=20multiple=20encryption=20or=20decryption=0A= -=20*=20=20=20=20=20=20=20=20operations.=0A-=20*=20@note=20If=20*key=20= is=20NULL,=20a=20apr_crypto_key_t=20will=20be=20created=20from=20a=20= pool.=20If=0A-=20*=20=20=20=20=20=20=20*key=20is=20not=20NULL,=20*key=20= must=20point=20at=20a=20previously=20created=20structure.=0A-=20*=20= @param=20key=20The=20key=20returned,=20see=20note.=0A-=20*=20@param=20= ivSize=20The=20size=20of=20the=20initialisation=20vector=20will=20be=20= returned,=20based=0A-=20*=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20on=20= whether=20an=20IV=20is=20relevant=20for=20this=20type=20of=20crypto.=0A-=20= *=20@param=20pass=20The=20passphrase=20to=20use.=0A-=20*=20@param=20= passLen=20The=20passphrase=20length=20in=20bytes=0A-=20*=20@param=20salt=20= The=20salt=20to=20use.=0A-=20*=20@param=20saltLen=20The=20salt=20length=20= in=20bytes=0A-=20*=20@param=20type=203DES_192,=20AES_128,=20AES_192,=20= AES_256.=0A-=20*=20@param=20mode=20Electronic=20Code=20Book=20/=20Cipher=20= Block=20Chaining.=0A-=20*=20@param=20doPad=20Pad=20if=20necessary.=0A-=20= *=20@param=20iterations=20Iteration=20count=0A-=20*=20@param=20f=20The=20= context=20to=20use.=0A-=20*=20@param=20p=20The=20pool=20to=20use.=0A-=20= *=20@return=20Returns=20APR_ENOKEY=20if=20the=20pass=20phrase=20is=20= missing=20or=20empty,=20or=20if=20a=20backend=0A-=20*=20=20=20=20=20=20=20= =20=20error=20occurred=20while=20generating=20the=20key.=20APR_ENOCIPHER=20= if=20the=20type=20or=20mode=0A-=20*=20=20=20=20=20=20=20=20=20is=20not=20= supported=20by=20the=20particular=20backend.=20APR_EKEYTYPE=20if=20the=20= key=20type=20is=0A-=20*=20=20=20=20=20=20=20=20=20not=20known.=20= APR_EPADDING=20if=20padding=20was=20requested=20but=20is=20not=20= supported.=0A-=20*=20=20=20=20=20=20=20=20=20APR_ENOTIMPL=20if=20not=20= implemented.=0A+/*=0A+=20*=20Work=20out=20which=20mechanism=20to=20use.=0A= =20=20*/=0A-static=20apr_status_t=20crypto_passphrase(apr_crypto_key_t=20= **k,=20apr_size_t=20*ivSize,=0A-=20=20=20=20=20=20=20=20const=20char=20= *pass,=20apr_size_t=20passLen,=20const=20unsigned=20char=20*=20salt,=0A-=20= =20=20=20=20=20=20=20apr_size_t=20saltLen,=20const=20= apr_crypto_block_key_type_e=20type,=0A-=20=20=20=20=20=20=20=20const=20= apr_crypto_block_key_mode_e=20mode,=20const=20int=20doPad,=0A-=20=20=20=20= =20=20=20=20const=20int=20iterations,=20const=20apr_crypto_t=20*f,=20= apr_pool_t=20*p)=0A+static=20apr_status_t=20= crypto_cipher_mechanism(apr_crypto_key_t=20*key,=0A+=20=20=20=20=20=20=20= =20const=20apr_crypto_block_key_type_e=20type,=0A+=20=20=20=20=20=20=20=20= const=20apr_crypto_block_key_mode_e=20mode,=20const=20int=20doPad)=0A=20= {=0A-=20=20=20=20apr_status_t=20rv=20=3D=20APR_SUCCESS;=0A-=20=20=20=20= PK11SlotInfo=20*=20slot;=0A-=20=20=20=20SECItem=20passItem;=0A-=20=20=20=20= SECItem=20saltItem;=0A-=20=20=20=20SECAlgorithmID=20*algid;=0A-=20=20=20=20= void=20*wincx=20=3D=20NULL;=20/*=20what=20is=20wincx?=20*/=0A-=20=20=20=20= apr_crypto_key_t=20*key=20=3D=20*k;=0A=20=0A-=20=20=20=20if=20(!key)=20{=0A= -=20=20=20=20=20=20=20=20*k=20=3D=20key=20=3D=20apr_array_push(f->keys);=0A= -=20=20=20=20}=0A-=20=20=20=20if=20(!key)=20{=0A-=20=20=20=20=20=20=20=20= return=20APR_ENOMEM;=0A-=20=20=20=20}=0A-=0A-=20=20=20=20key->f=20=3D=20= f;=0A-=20=20=20=20key->provider=20=3D=20f->provider;=0A-=0A=20=20=20=20=20= /*=20decide=20on=20what=20cipher=20mechanism=20we=20will=20be=20using=20= */=0A=20=20=20=20=20switch=20(type)=20{=0A=20=0A@@=20-469,13=20+432,259=20= @@=0A=20=20=20=20=20if=20(doPad)=20{=0A=20=20=20=20=20=20=20=20=20= CK_MECHANISM_TYPE=20paddedMech;=0A=20=20=20=20=20=20=20=20=20paddedMech=20= =3D=20PK11_GetPadMechanism(key->cipherMech);=0A-=20=20=20=20=20=20=20=20= if=20(CKM_INVALID_MECHANISM=20=3D=3D=20paddedMech=20||=20key->cipherMech=0A= -=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=3D=3D=20paddedMech)=20= {=0A+=20=20=20=20=20=20=20=20if=20(CKM_INVALID_MECHANISM=20=3D=3D=20= paddedMech=0A+=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20||=20= key->cipherMech=20=3D=3D=20paddedMech)=20{=0A=20=20=20=20=20=20=20=20=20=20= =20=20=20return=20APR_EPADDING;=0A=20=20=20=20=20=20=20=20=20}=0A=20=20=20= =20=20=20=20=20=20key->cipherMech=20=3D=20paddedMech;=0A=20=20=20=20=20}=0A= =20=0A+=20=20=20=20return=20APR_SUCCESS;=0A+}=0A+=0A+/**=0A+=20*=20= @brief=20Create=20a=20key=20from=20the=20provided=20secret=20or=20= passphrase.=20The=20key=20is=20cleaned=0A+=20*=20=20=20=20=20=20=20=20up=20= when=20the=20context=20is=20cleaned,=20and=20may=20be=20reused=20with=20= multiple=20encryption=0A+=20*=20=20=20=20=20=20=20=20or=20decryption=20= operations.=0A+=20*=20@note=20If=20*key=20is=20NULL,=20a=20= apr_crypto_key_t=20will=20be=20created=20from=20a=20pool.=20If=0A+=20*=20= =20=20=20=20=20=20*key=20is=20not=20NULL,=20*key=20must=20point=20at=20a=20= previously=20created=20structure.=0A+=20*=20@param=20key=20The=20key=20= returned,=20see=20note.=0A+=20*=20@param=20rec=20The=20key=20record,=20= from=20which=20the=20key=20will=20be=20derived.=0A+=20*=20@param=20f=20= The=20context=20to=20use.=0A+=20*=20@param=20p=20The=20pool=20to=20use.=0A= +=20*=20@return=20Returns=20APR_ENOKEY=20if=20the=20pass=20phrase=20is=20= missing=20or=20empty,=20or=20if=20a=20backend=0A+=20*=20=20=20=20=20=20=20= =20=20error=20occurred=20while=20generating=20the=20key.=20APR_ENOCIPHER=20= if=20the=20type=20or=20mode=0A+=20*=20=20=20=20=20=20=20=20=20is=20not=20= supported=20by=20the=20particular=20backend.=20APR_EKEYTYPE=20if=20the=20= key=20type=20is=0A+=20*=20=20=20=20=20=20=20=20=20not=20known.=20= APR_EPADDING=20if=20padding=20was=20requested=20but=20is=20not=20= supported.=0A+=20*=20=20=20=20=20=20=20=20=20APR_ENOTIMPL=20if=20not=20= implemented.=0A+=20*/=0A+static=20apr_status_t=20= crypto_key(apr_crypto_key_t=20**k,=0A+=20=20=20=20=20=20=20=20const=20= apr_crypto_key_rec_t=20*rec,=20const=20apr_crypto_t=20*f,=20apr_pool_t=20= *p)=0A+{=0A+=20=20=20=20apr_status_t=20rv=20=3D=20APR_SUCCESS;=0A+=20=20=20= =20PK11SlotInfo=20*slot,=20*tslot;=0A+=20=20=20=20PK11SymKey=20*tkey;=0A= +=20=20=20=20SECItem=20secretItem;=0A+=20=20=20=20SECItem=20wrappedItem;=0A= +=20=20=20=20SECItem=20*secParam;=0A+=20=20=20=20PK11Context=20*ctx;=0A+=20= =20=20=20SECStatus=20s;=0A+=20=20=20=20SECItem=20passItem;=0A+=20=20=20=20= SECItem=20saltItem;=0A+=20=20=20=20SECAlgorithmID=20*algid;=0A+=20=20=20=20= void=20*wincx=20=3D=20NULL;=20/*=20what=20is=20wincx?=20*/=0A+=20=20=20=20= apr_crypto_key_t=20*key;=0A+=20=20=20=20int=20blockSize;=0A+=20=20=20=20= int=20remainder;=0A+=0A+=20=20=20=20key=20=3D=20*k;=0A+=20=20=20=20if=20= (!key)=20{=0A+=20=20=20=20=20=20=20=20*k=20=3D=20key=20=3D=20= apr_array_push(f->keys);=0A+=20=20=20=20}=0A+=20=20=20=20if=20(!key)=20{=0A= +=20=20=20=20=20=20=20=20return=20APR_ENOMEM;=0A+=20=20=20=20}=0A+=0A+=20= =20=20=20key->f=20=3D=20f;=0A+=20=20=20=20key->provider=20=3D=20= f->provider;=0A+=0A+=20=20=20=20/*=20decide=20on=20what=20cipher=20= mechanism=20we=20will=20be=20using=20*/=0A+=20=20=20=20rv=20=3D=20= crypto_cipher_mechanism(key,=20rec->type,=20rec->mode,=20rec->pad);=0A+=20= =20=20=20if=20(APR_SUCCESS=20!=3D=20rv)=20{=0A+=20=20=20=20=20=20=20=20= return=20rv;=0A+=20=20=20=20}=0A+=0A+=20=20=20=20switch=20(rec->ktype)=20= {=0A+=0A+=20=20=20=20case=20APR_CRYPTO_KTYPE_PASSPHRASE:=20{=0A+=0A+=20=20= =20=20=20=20=20=20/*=20Turn=20the=20raw=20passphrase=20and=20salt=20into=20= SECItems=20*/=0A+=20=20=20=20=20=20=20=20passItem.data=20=3D=20(unsigned=20= char*)=20rec->k.passphrase.pass;=0A+=20=20=20=20=20=20=20=20passItem.len=20= =3D=20rec->k.passphrase.passLen;=0A+=20=20=20=20=20=20=20=20= saltItem.data=20=3D=20(unsigned=20char*)=20rec->k.passphrase.salt;=0A+=20= =20=20=20=20=20=20=20saltItem.len=20=3D=20rec->k.passphrase.saltLen;=0A+=0A= +=20=20=20=20=20=20=20=20/*=20generate=20the=20key=20*/=0A+=20=20=20=20=20= =20=20=20/*=20pbeAlg=20and=20cipherAlg=20are=20the=20same.=20*/=0A+=20=20= =20=20=20=20=20=20algid=20=3D=20= PK11_CreatePBEV2AlgorithmID(key->cipherOid,=20key->cipherOid,=0A+=20=20=20= =20=20=20=20=20=20=20=20=20=20=20=20=20SEC_OID_HMAC_SHA1,=20= key->keyLength,=0A+=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20= rec->k.passphrase.iterations,=20&saltItem);=0A+=20=20=20=20=20=20=20=20= if=20(algid)=20{=0A+=20=20=20=20=20=20=20=20=20=20=20=20slot=20=3D=20= PK11_GetBestSlot(key->cipherMech,=20wincx);=0A+=20=20=20=20=20=20=20=20=20= =20=20=20if=20(slot)=20{=0A+=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20= =20key->symKey=20=3D=20PK11_PBEKeyGen(slot,=20algid,=20&passItem,=20= PR_FALSE,=0A+=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20= =20=20=20=20wincx);=0A+=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20= PK11_FreeSlot(slot);=0A+=20=20=20=20=20=20=20=20=20=20=20=20}=0A+=20=20=20= =20=20=20=20=20=20=20=20=20SECOID_DestroyAlgorithmID(algid,=20PR_TRUE);=0A= +=20=20=20=20=20=20=20=20}=0A+=0A+=20=20=20=20=20=20=20=20break;=0A+=20=20= =20=20}=0A+=0A+=20=20=20=20case=20APR_CRYPTO_KTYPE_SECRET:=20{=0A+=0A+=20= =20=20=20=20=20=20=20/*=0A+=20=20=20=20=20=20=20=20=20*=20NSS=20is=20by=20= default=20in=20FIPS=20mode,=20which=20disallows=20the=20use=20of=20= unencrypted=0A+=20=20=20=20=20=20=20=20=20*=20symmetrical=20keys.=20As=20= per=20http://permalink.gmane.org/gmane.comp.mozilla.crypto/7947=0A+=20=20= =20=20=20=20=20=20=20*=20we=20do=20the=20following:=0A+=20=20=20=20=20=20= =20=20=20*=0A+=20=20=20=20=20=20=20=20=20*=201.=20Generate=20a=20= (temporary)=20symmetric=20key=20in=20NSS.=0A+=20=20=20=20=20=20=20=20=20= *=202.=20Use=20that=20symmetric=20key=20to=20encrypt=20your=20symmetric=20= key=20as=20data.=0A+=20=20=20=20=20=20=20=20=20*=203.=20Unwrap=20your=20= wrapped=20symmetric=20key,=20using=20the=20symmetric=20key=0A+=20=20=20=20= =20=20=20=20=20*=20you=20generated=20in=20Step=201=20as=20the=20= unwrapping=20key.=0A+=20=20=20=20=20=20=20=20=20*=0A+=20=20=20=20=20=20=20= =20=20*=20http://permalink.gmane.org/gmane.comp.mozilla.crypto/7947=0A+=20= =20=20=20=20=20=20=20=20*/=0A+=0A+=20=20=20=20=20=20=20=20/*=20generate=20= the=20key=20*/=0A+=20=20=20=20=20=20=20=20slot=20=3D=20= PK11_GetBestSlot(key->cipherMech,=20NULL);=0A+=20=20=20=20=20=20=20=20if=20= (slot)=20{=0A+=20=20=20=20=20=20=20=20=20=20=20=20unsigned=20char=20= data[BUFFER_SIZE];=0A+=0A+=20=20=20=20=20=20=20=20=20=20=20=20/*=20= sanity=20check=20-=20key=20correct=20size?=20*/=0A+=20=20=20=20=20=20=20=20= =20=20=20=20if=20(rec->k.secret.secretLen=20!=3D=20key->keyLength)=20{=0A= +=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20PK11_FreeSlot(slot);=0A= +=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20return=20= APR_EKEYLENGTH;=0A+=20=20=20=20=20=20=20=20=20=20=20=20}=0A+=0A+=20=20=20= =20=20=20=20=20=20=20=20=20tslot=20=3D=20PK11_GetBestSlot(CKM_AES_ECB,=20= NULL);=0A+=20=20=20=20=20=20=20=20=20=20=20=20if=20(tslot)=20{=0A+=0A+=20= =20=20=20=20=20=20=20=20=20=20=20=20=20=20=20/*=20generate=20a=20= temporary=20wrapping=20key=20*/=0A+=20=20=20=20=20=20=20=20=20=20=20=20=20= =20=20=20tkey=20=3D=20PK11_KeyGen(tslot,=20CKM_AES_ECB,=200,=20= key->keyLength,=200);=0A+=0A+=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20= =20/*=20prepare=20the=20key=20to=20wrap=20*/=0A+=20=20=20=20=20=20=20=20=20= =20=20=20=20=20=20=20secretItem.data=20=3D=20(unsigned=20char=20*)=20= rec->k.secret.secret;=0A+=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20= secretItem.len=20=3D=20rec->k.secret.secretLen;=0A+=0A+=20=20=20=20=20=20= =20=20=20=20=20=20=20=20=20=20/*=20ensure=20our=20key=20matches=20the=20= blocksize=20*/=0A+=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20= secParam=20=3D=20PK11_GenerateNewParam(CKM_AES_ECB,=20tkey);=0A+=20=20=20= =20=20=20=20=20=20=20=20=20=20=20=20=20blockSize=20=3D=20= PK11_GetBlockSize(CKM_AES_ECB,=20secParam);=0A+=20=20=20=20=20=20=20=20=20= =20=20=20=20=20=20=20remainder=20=3D=20rec->k.secret.secretLen=20%=20= blockSize;=0A+=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20if=20= (remainder)=20{=0A+=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20= =20=20secretItem.data=20=3D=0A+=20=20=20=20=20=20=20=20=20=20=20=20=20=20= =20=20=20=20=20=20=20=20=20=20=20=20=20=20apr_pcalloc(p,=20= rec->k.secret.secretLen=20+=20remainder);=0A+=20=20=20=20=20=20=20=20=20=20= =20=20=20=20=20=20=20=20=20=20apr_crypto_clear(p,=20secretItem.data,=0A+=20= =20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20= =20=20rec->k.secret.secretLen);=0A+=20=20=20=20=20=20=20=20=20=20=20=20=20= =20=20=20=20=20=20=20memcpy(secretItem.data,=20rec->k.secret.secret,=0A+=20= =20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20= =20=20rec->k.secret.secretLen);=0A+=20=20=20=20=20=20=20=20=20=20=20=20=20= =20=20=20=20=20=20=20secretItem.len=20+=3D=20remainder;=0A+=20=20=20=20=20= =20=20=20=20=20=20=20=20=20=20=20}=0A+=0A+=20=20=20=20=20=20=20=20=20=20=20= =20=20=20=20=20/*=20prepare=20a=20space=20for=20the=20wrapped=20key=20*/=0A= +=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20wrappedItem.data=20=3D=20= data;=0A+=0A+=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20/*=20wrap=20= the=20key=20*/=0A+=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20ctx=20= =3D=20PK11_CreateContextBySymKey(CKM_AES_ECB,=20CKA_ENCRYPT,=20tkey,=0A+=20= =20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20= secParam);=0A+=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20if=20(ctx)=20= {=0A+=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20s=20=3D=20= PK11_CipherOp(ctx,=20wrappedItem.data,=0A+=20=20=20=20=20=20=20=20=20=20=20= =20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20(int=20*)=20= (&wrappedItem.len),=20BUFFER_SIZE,=0A+=20=20=20=20=20=20=20=20=20=20=20=20= =20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20secretItem.data,=20= secretItem.len);=0A+=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20= =20=20if=20(s=20=3D=3D=20SECSuccess)=20{=0A+=0A+=20=20=20=20=20=20=20=20=20= =20=20=20=20=20=20=20=20=20=20=20=20=20=20=20/*=20unwrap=20the=20key=20= again=20*/=0A+=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20= =20=20=20=20key->symKey=20=3D=20PK11_UnwrapSymKeyWithFlags(tkey,=0A+=20=20= =20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20= =20=20=20=20=20CKM_AES_ECB,=20NULL,=20&wrappedItem,=0A+=20=20=20=20=20=20= =20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20= =20key->cipherMech,=20CKA_ENCRYPT,=0A+=20=20=20=20=20=20=20=20=20=20=20=20= =20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20= rec->k.secret.secretLen,=200);=0A+=0A+=20=20=20=20=20=20=20=20=20=20=20=20= =20=20=20=20=20=20=20=20}=0A+=0A+=20=20=20=20=20=20=20=20=20=20=20=20=20=20= =20=20=20=20=20=20PK11_DestroyContext(ctx,=20PR_TRUE);=0A+=20=20=20=20=20= =20=20=20=20=20=20=20=20=20=20=20}=0A+=0A+=20=20=20=20=20=20=20=20=20=20=20= =20=20=20=20=20/*=20clean=20up=20*/=0A+=20=20=20=20=20=20=20=20=20=20=20=20= =20=20=20=20PK11_FreeSymKey(tkey);=0A+=20=20=20=20=20=20=20=20=20=20=20=20= =20=20=20=20PK11_FreeSlot(tslot);=0A+=0A+=20=20=20=20=20=20=20=20=20=20=20= =20}=0A+=0A+=20=20=20=20=20=20=20=20=20=20=20=20PK11_FreeSlot(slot);=0A+=20= =20=20=20=20=20=20=20}=0A+=0A+=20=20=20=20=20=20=20=20break;=0A+=20=20=20= =20}=0A+=0A+=20=20=20=20default:=20{=0A+=0A+=20=20=20=20=20=20=20=20= return=20APR_ENOKEY;=0A+=0A+=20=20=20=20}=0A+=20=20=20=20}=0A+=0A+=20=20=20= =20/*=20sanity=20check?=20*/=0A+=20=20=20=20if=20(!key->symKey)=20{=0A+=20= =20=20=20=20=20=20=20PRErrorCode=20perr=20=3D=20PORT_GetError();=0A+=20=20= =20=20=20=20=20=20if=20(perr)=20{=0A+=20=20=20=20=20=20=20=20=20=20=20=20= f->result->rc=20=3D=20perr;=0A+=20=20=20=20=20=20=20=20=20=20=20=20= f->result->msg=20=3D=20PR_ErrorToName(perr);=0A+=20=20=20=20=20=20=20=20=20= =20=20=20rv=20=3D=20APR_ENOKEY;=0A+=20=20=20=20=20=20=20=20}=0A+=20=20=20= =20}=0A+=0A+=20=20=20=20return=20rv;=0A+}=0A+=0A+/**=0A+=20*=20@brief=20= Create=20a=20key=20from=20the=20given=20passphrase.=20By=20default,=20= the=20PBKDF2=0A+=20*=20=20=20=20=20=20=20=20algorithm=20is=20used=20to=20= generate=20the=20key=20from=20the=20passphrase.=20It=20is=20expected=0A+=20= *=20=20=20=20=20=20=20=20that=20the=20same=20pass=20phrase=20will=20= generate=20the=20same=20key,=20regardless=20of=20the=0A+=20*=20=20=20=20=20= =20=20=20backend=20crypto=20platform=20used.=20The=20key=20is=20cleaned=20= up=20when=20the=20context=0A+=20*=20=20=20=20=20=20=20=20is=20cleaned,=20= and=20may=20be=20reused=20with=20multiple=20encryption=20or=20decryption=0A= +=20*=20=20=20=20=20=20=20=20operations.=0A+=20*=20@note=20If=20*key=20= is=20NULL,=20a=20apr_crypto_key_t=20will=20be=20created=20from=20a=20= pool.=20If=0A+=20*=20=20=20=20=20=20=20*key=20is=20not=20NULL,=20*key=20= must=20point=20at=20a=20previously=20created=20structure.=0A+=20*=20= @param=20key=20The=20key=20returned,=20see=20note.=0A+=20*=20@param=20= ivSize=20The=20size=20of=20the=20initialisation=20vector=20will=20be=20= returned,=20based=0A+=20*=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20on=20= whether=20an=20IV=20is=20relevant=20for=20this=20type=20of=20crypto.=0A+=20= *=20@param=20pass=20The=20passphrase=20to=20use.=0A+=20*=20@param=20= passLen=20The=20passphrase=20length=20in=20bytes=0A+=20*=20@param=20salt=20= The=20salt=20to=20use.=0A+=20*=20@param=20saltLen=20The=20salt=20length=20= in=20bytes=0A+=20*=20@param=20type=203DES_192,=20AES_128,=20AES_192,=20= AES_256.=0A+=20*=20@param=20mode=20Electronic=20Code=20Book=20/=20Cipher=20= Block=20Chaining.=0A+=20*=20@param=20doPad=20Pad=20if=20necessary.=0A+=20= *=20@param=20iterations=20Iteration=20count=0A+=20*=20@param=20f=20The=20= context=20to=20use.=0A+=20*=20@param=20p=20The=20pool=20to=20use.=0A+=20= *=20@return=20Returns=20APR_ENOKEY=20if=20the=20pass=20phrase=20is=20= missing=20or=20empty,=20or=20if=20a=20backend=0A+=20*=20=20=20=20=20=20=20= =20=20error=20occurred=20while=20generating=20the=20key.=20APR_ENOCIPHER=20= if=20the=20type=20or=20mode=0A+=20*=20=20=20=20=20=20=20=20=20is=20not=20= supported=20by=20the=20particular=20backend.=20APR_EKEYTYPE=20if=20the=20= key=20type=20is=0A+=20*=20=20=20=20=20=20=20=20=20not=20known.=20= APR_EPADDING=20if=20padding=20was=20requested=20but=20is=20not=20= supported.=0A+=20*=20=20=20=20=20=20=20=20=20APR_ENOTIMPL=20if=20not=20= implemented.=0A+=20*/=0A+static=20apr_status_t=20= crypto_passphrase(apr_crypto_key_t=20**k,=20apr_size_t=20*ivSize,=0A+=20=20= =20=20=20=20=20=20const=20char=20*pass,=20apr_size_t=20passLen,=20const=20= unsigned=20char=20*=20salt,=0A+=20=20=20=20=20=20=20=20apr_size_t=20= saltLen,=20const=20apr_crypto_block_key_type_e=20type,=0A+=20=20=20=20=20= =20=20=20const=20apr_crypto_block_key_mode_e=20mode,=20const=20int=20= doPad,=0A+=20=20=20=20=20=20=20=20const=20int=20iterations,=20const=20= apr_crypto_t=20*f,=20apr_pool_t=20*p)=0A+{=0A+=20=20=20=20apr_status_t=20= rv=20=3D=20APR_SUCCESS;=0A+=20=20=20=20PK11SlotInfo=20*=20slot;=0A+=20=20= =20=20SECItem=20passItem;=0A+=20=20=20=20SECItem=20saltItem;=0A+=20=20=20= =20SECAlgorithmID=20*algid;=0A+=20=20=20=20void=20*wincx=20=3D=20NULL;=20= /*=20what=20is=20wincx?=20*/=0A+=20=20=20=20apr_crypto_key_t=20*key=20=3D=20= *k;=0A+=0A+=20=20=20=20if=20(!key)=20{=0A+=20=20=20=20=20=20=20=20*k=20=3D= =20key=20=3D=20apr_array_push(f->keys);=0A+=20=20=20=20}=0A+=20=20=20=20= if=20(!key)=20{=0A+=20=20=20=20=20=20=20=20return=20APR_ENOMEM;=0A+=20=20= =20=20}=0A+=0A+=20=20=20=20key->f=20=3D=20f;=0A+=20=20=20=20= key->provider=20=3D=20f->provider;=0A+=0A+=20=20=20=20/*=20decide=20on=20= what=20cipher=20mechanism=20we=20will=20be=20using=20*/=0A+=20=20=20=20= rv=20=3D=20crypto_cipher_mechanism(key,=20type,=20mode,=20doPad);=0A+=20=20= =20=20if=20(APR_SUCCESS=20!=3D=20rv)=20{=0A+=20=20=20=20=20=20=20=20= return=20rv;=0A+=20=20=20=20}=0A+=0A=20=20=20=20=20/*=20Turn=20the=20raw=20= passphrase=20and=20salt=20into=20SECItems=20*/=0A=20=20=20=20=20= passItem.data=20=3D=20(unsigned=20char*)=20pass;=0A=20=20=20=20=20= passItem.len=20=3D=20passLen;=0A@@=20-869,7=20+1078,8=20@@=0A=20=20=20=20= =20crypto_block_encrypt_init,=20crypto_block_encrypt,=0A=20=20=20=20=20= crypto_block_encrypt_finish,=20crypto_block_decrypt_init,=0A=20=20=20=20=20= crypto_block_decrypt,=20crypto_block_decrypt_finish,=0A-=20=20=20=20= crypto_block_cleanup,=20crypto_cleanup,=20crypto_shutdown,=20= crypto_error=0A+=20=20=20=20crypto_block_cleanup,=20crypto_cleanup,=20= crypto_shutdown,=20crypto_error,=0A+=20=20=20=20crypto_key=0A=20};=0A=20=0A= =20#endif=0AIndex:=20crypto/apr_crypto_openssl.c=0A= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=0A---=20= crypto/apr_crypto_openssl.c=09(revision=201627411)=0A+++=20= crypto/apr_crypto_openssl.c=09(working=20copy)=0A@@=20-72,14=20+72,21=20= @@=0A=20=20=20=20=20int=20doPad;=0A=20};=0A=20=0A-static=20int=20= key_3des_192=20=3D=20APR_KEY_3DES_192;=0A-static=20int=20key_aes_128=20=3D= =20APR_KEY_AES_128;=0A-static=20int=20key_aes_192=20=3D=20= APR_KEY_AES_192;=0A-static=20int=20key_aes_256=20=3D=20APR_KEY_AES_256;=0A= +static=20struct=20apr_crypto_block_key_type_t=20key_types[]=20=3D=0A+{=0A= +{=20APR_KEY_3DES_192,=2024,=208,=208=20},=0A+{=20APR_KEY_AES_128,=2016,=20= 16,=2016=20},=0A+{=20APR_KEY_AES_192,=2024,=2016,=2016=20},=0A+{=20= APR_KEY_AES_256,=2032,=2016,=2016=20}=20};=0A=20=0A-static=20int=20= mode_ecb=20=3D=20APR_MODE_ECB;=0A-static=20int=20mode_cbc=20=3D=20= APR_MODE_CBC;=0A+static=20struct=20apr_crypto_block_key_mode_t=20= key_modes[]=20=3D=0A+{=0A+{=20APR_MODE_ECB=20},=0A+{=20APR_MODE_CBC=20}=20= };=0A=20=0A+/*=20sufficient=20space=20to=20wrap=20a=20key=20*/=0A= +#define=20BUFFER_SIZE=20128=0A+=0A=20/**=0A=20=20*=20Fetch=20the=20most=20= recent=20error=20from=20this=20driver.=0A=20=20*/=0A@@=20-266,17=20= +273,17=20@@=0A=20=20=20=20=20if=20(!f->types)=20{=0A=20=20=20=20=20=20=20= =20=20return=20APR_ENOMEM;=0A=20=20=20=20=20}=0A-=20=20=20=20= apr_hash_set(f->types,=20"3des192",=20APR_HASH_KEY_STRING,=20= &(key_3des_192));=0A-=20=20=20=20apr_hash_set(f->types,=20"aes128",=20= APR_HASH_KEY_STRING,=20&(key_aes_128));=0A-=20=20=20=20= apr_hash_set(f->types,=20"aes192",=20APR_HASH_KEY_STRING,=20= &(key_aes_192));=0A-=20=20=20=20apr_hash_set(f->types,=20"aes256",=20= APR_HASH_KEY_STRING,=20&(key_aes_256));=0A+=20=20=20=20= apr_hash_set(f->types,=20"3des192",=20APR_HASH_KEY_STRING,=20= &(key_types[0]));=0A+=20=20=20=20apr_hash_set(f->types,=20"aes128",=20= APR_HASH_KEY_STRING,=20&(key_types[1]));=0A+=20=20=20=20= apr_hash_set(f->types,=20"aes192",=20APR_HASH_KEY_STRING,=20= &(key_types[2]));=0A+=20=20=20=20apr_hash_set(f->types,=20"aes256",=20= APR_HASH_KEY_STRING,=20&(key_types[3]));=0A=20=0A=20=20=20=20=20f->modes=20= =3D=20apr_hash_make(pool);=0A=20=20=20=20=20if=20(!f->modes)=20{=0A=20=20= =20=20=20=20=20=20=20return=20APR_ENOMEM;=0A=20=20=20=20=20}=0A-=20=20=20= =20apr_hash_set(f->modes,=20"ecb",=20APR_HASH_KEY_STRING,=20= &(mode_ecb));=0A-=20=20=20=20apr_hash_set(f->modes,=20"cbc",=20= APR_HASH_KEY_STRING,=20&(mode_cbc));=0A+=20=20=20=20= apr_hash_set(f->modes,=20"ecb",=20APR_HASH_KEY_STRING,=20= &(key_modes[0]));=0A+=20=20=20=20apr_hash_set(f->modes,=20"cbc",=20= APR_HASH_KEY_STRING,=20&(key_modes[1]));=0A=20=0A=20=20=20=20=20= apr_pool_cleanup_register(pool,=20f,=20crypto_cleanup_helper,=0A=20=20=20= =20=20=20=20=20=20=20=20=20=20apr_pool_cleanup_null);=0A@@=20-299,7=20= +306,7=20@@=0A=20=0A=20/**=0A=20=20*=20@brief=20Get=20a=20hash=20table=20= of=20key=20types,=20keyed=20by=20the=20name=20of=20the=20type=20against=0A= -=20*=20an=20integer=20pointer=20constant.=0A+=20*=20a=20pointer=20to=20= apr_crypto_block_key_type_t.=0A=20=20*=0A=20=20*=20@param=20types=20-=20= hashtable=20of=20key=20types=20keyed=20to=20constants.=0A=20=20*=20= @param=20f=20-=20encryption=20context=0A@@=20-314,7=20+321,7=20@@=0A=20=0A= =20/**=0A=20=20*=20@brief=20Get=20a=20hash=20table=20of=20key=20modes,=20= keyed=20by=20the=20name=20of=20the=20mode=20against=0A-=20*=20an=20= integer=20pointer=20constant.=0A+=20*=20a=20pointer=20to=20= apr_crypto_block_key_mode_t.=0A=20=20*=0A=20=20*=20@param=20modes=20-=20= hashtable=20of=20key=20modes=20keyed=20to=20constants.=0A=20=20*=20= @param=20f=20-=20encryption=20context=0A@@=20-327,52=20+334,13=20@@=0A=20= =20=20=20=20return=20APR_SUCCESS;=0A=20}=0A=20=0A-/**=0A-=20*=20@brief=20= Create=20a=20key=20from=20the=20given=20passphrase.=20By=20default,=20= the=20PBKDF2=0A-=20*=20=20=20=20=20=20=20=20algorithm=20is=20used=20to=20= generate=20the=20key=20from=20the=20passphrase.=20It=20is=20expected=0A-=20= *=20=20=20=20=20=20=20=20that=20the=20same=20pass=20phrase=20will=20= generate=20the=20same=20key,=20regardless=20of=20the=0A-=20*=20=20=20=20=20= =20=20=20backend=20crypto=20platform=20used.=20The=20key=20is=20cleaned=20= up=20when=20the=20context=0A-=20*=20=20=20=20=20=20=20=20is=20cleaned,=20= and=20may=20be=20reused=20with=20multiple=20encryption=20or=20decryption=0A= -=20*=20=20=20=20=20=20=20=20operations.=0A-=20*=20@note=20If=20*key=20= is=20NULL,=20a=20apr_crypto_key_t=20will=20be=20created=20from=20a=20= pool.=20If=0A-=20*=20=20=20=20=20=20=20*key=20is=20not=20NULL,=20*key=20= must=20point=20at=20a=20previously=20created=20structure.=0A-=20*=20= @param=20key=20The=20key=20returned,=20see=20note.=0A-=20*=20@param=20= ivSize=20The=20size=20of=20the=20initialisation=20vector=20will=20be=20= returned,=20based=0A-=20*=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20on=20= whether=20an=20IV=20is=20relevant=20for=20this=20type=20of=20crypto.=0A-=20= *=20@param=20pass=20The=20passphrase=20to=20use.=0A-=20*=20@param=20= passLen=20The=20passphrase=20length=20in=20bytes=0A-=20*=20@param=20salt=20= The=20salt=20to=20use.=0A-=20*=20@param=20saltLen=20The=20salt=20length=20= in=20bytes=0A-=20*=20@param=20type=203DES_192,=20AES_128,=20AES_192,=20= AES_256.=0A-=20*=20@param=20mode=20Electronic=20Code=20Book=20/=20Cipher=20= Block=20Chaining.=0A-=20*=20@param=20doPad=20Pad=20if=20necessary.=0A-=20= *=20@param=20iterations=20Iteration=20count=0A-=20*=20@param=20f=20The=20= context=20to=20use.=0A-=20*=20@param=20p=20The=20pool=20to=20use.=0A-=20= *=20@return=20Returns=20APR_ENOKEY=20if=20the=20pass=20phrase=20is=20= missing=20or=20empty,=20or=20if=20a=20backend=0A-=20*=20=20=20=20=20=20=20= =20=20error=20occurred=20while=20generating=20the=20key.=20APR_ENOCIPHER=20= if=20the=20type=20or=20mode=0A-=20*=20=20=20=20=20=20=20=20=20is=20not=20= supported=20by=20the=20particular=20backend.=20APR_EKEYTYPE=20if=20the=20= key=20type=20is=0A-=20*=20=20=20=20=20=20=20=20=20not=20known.=20= APR_EPADDING=20if=20padding=20was=20requested=20but=20is=20not=20= supported.=0A-=20*=20=20=20=20=20=20=20=20=20APR_ENOTIMPL=20if=20not=20= implemented.=0A+/*=0A+=20*=20Work=20out=20which=20mechanism=20to=20use.=0A= =20=20*/=0A-static=20apr_status_t=20crypto_passphrase(apr_crypto_key_t=20= **k,=20apr_size_t=20*ivSize,=0A-=20=20=20=20=20=20=20=20const=20char=20= *pass,=20apr_size_t=20passLen,=20const=20unsigned=20char=20*=20salt,=0A-=20= =20=20=20=20=20=20=20apr_size_t=20saltLen,=20const=20= apr_crypto_block_key_type_e=20type,=0A-=20=20=20=20=20=20=20=20const=20= apr_crypto_block_key_mode_e=20mode,=20const=20int=20doPad,=0A-=20=20=20=20= =20=20=20=20const=20int=20iterations,=20const=20apr_crypto_t=20*f,=20= apr_pool_t=20*p)=0A+static=20apr_status_t=20= crypto_cipher_mechanism(apr_crypto_key_t=20*key,=0A+=20=20=20=20=20=20=20= =20const=20apr_crypto_block_key_type_e=20type,=0A+=20=20=20=20=20=20=20=20= const=20apr_crypto_block_key_mode_e=20mode,=20const=20int=20doPad,=20= apr_pool_t=20*p)=0A=20{=0A-=20=20=20=20apr_crypto_key_t=20*key=20=3D=20= *k;=0A-=0A-=20=20=20=20if=20(!key)=20{=0A-=20=20=20=20=20=20=20=20*k=20=3D= =20key=20=3D=20apr_array_push(f->keys);=0A-=20=20=20=20}=0A-=20=20=20=20= if=20(!key)=20{=0A-=20=20=20=20=20=20=20=20return=20APR_ENOMEM;=0A-=20=20= =20=20}=0A-=0A-=20=20=20=20key->f=20=3D=20f;=0A-=20=20=20=20= key->provider=20=3D=20f->provider;=0A-=0A=20=20=20=20=20/*=20determine=20= the=20cipher=20to=20be=20used=20*/=0A=20=20=20=20=20switch=20(type)=20{=0A= =20=0A@@=20-434,6=20+402,148=20@@=0A=20=20=20=20=20}=0A=20=20=20=20=20= apr_crypto_clear(p,=20key->key,=20key->keyLen);=0A=20=0A+=20=20=20=20= return=20APR_SUCCESS;=0A+}=0A+=0A+/**=0A+=20*=20@brief=20Create=20a=20= key=20from=20the=20provided=20secret=20or=20passphrase.=20The=20key=20is=20= cleaned=0A+=20*=20=20=20=20=20=20=20=20up=20when=20the=20context=20is=20= cleaned,=20and=20may=20be=20reused=20with=20multiple=20encryption=0A+=20= *=20=20=20=20=20=20=20=20or=20decryption=20operations.=0A+=20*=20@note=20= If=20*key=20is=20NULL,=20a=20apr_crypto_key_t=20will=20be=20created=20= from=20a=20pool.=20If=0A+=20*=20=20=20=20=20=20=20*key=20is=20not=20= NULL,=20*key=20must=20point=20at=20a=20previously=20created=20structure.=0A= +=20*=20@param=20key=20The=20key=20returned,=20see=20note.=0A+=20*=20= @param=20rec=20The=20key=20record,=20from=20which=20the=20key=20will=20= be=20derived.=0A+=20*=20@param=20f=20The=20context=20to=20use.=0A+=20*=20= @param=20p=20The=20pool=20to=20use.=0A+=20*=20@return=20Returns=20= APR_ENOKEY=20if=20the=20pass=20phrase=20is=20missing=20or=20empty,=20or=20= if=20a=20backend=0A+=20*=20=20=20=20=20=20=20=20=20error=20occurred=20= while=20generating=20the=20key.=20APR_ENOCIPHER=20if=20the=20type=20or=20= mode=0A+=20*=20=20=20=20=20=20=20=20=20is=20not=20supported=20by=20the=20= particular=20backend.=20APR_EKEYTYPE=20if=20the=20key=20type=20is=0A+=20= *=20=20=20=20=20=20=20=20=20not=20known.=20APR_EPADDING=20if=20padding=20= was=20requested=20but=20is=20not=20supported.=0A+=20*=20=20=20=20=20=20=20= =20=20APR_ENOTIMPL=20if=20not=20implemented.=0A+=20*/=0A+static=20= apr_status_t=20crypto_key(apr_crypto_key_t=20**k,=0A+=20=20=20=20=20=20=20= =20const=20apr_crypto_key_rec_t=20*rec,=20const=20apr_crypto_t=20*f,=20= apr_pool_t=20*p)=0A+{=0A+=20=20=20=20apr_crypto_key_t=20*key=20=3D=20*k;=0A= +=20=20=20=20apr_status_t=20rv;=0A+=0A+=20=20=20=20if=20(!key)=20{=0A+=20= =20=20=20=20=20=20=20*k=20=3D=20key=20=3D=20apr_array_push(f->keys);=0A+=20= =20=20=20}=0A+=20=20=20=20if=20(!key)=20{=0A+=20=20=20=20=20=20=20=20= return=20APR_ENOMEM;=0A+=20=20=20=20}=0A+=0A+=20=20=20=20key->f=20=3D=20= f;=0A+=20=20=20=20key->provider=20=3D=20f->provider;=0A+=0A+=20=20=20=20= /*=20decide=20on=20what=20cipher=20mechanism=20we=20will=20be=20using=20= */=0A+=20=20=20=20rv=20=3D=20crypto_cipher_mechanism(key,=20rec->type,=20= rec->mode,=20rec->pad,=20p);=0A+=20=20=20=20if=20(APR_SUCCESS=20!=3D=20= rv)=20{=0A+=20=20=20=20=20=20=20=20return=20rv;=0A+=20=20=20=20}=0A+=0A+=20= =20=20=20switch=20(rec->ktype)=20{=0A+=0A+=20=20=20=20case=20= APR_CRYPTO_KTYPE_PASSPHRASE:=20{=0A+=0A+=20=20=20=20=20=20=20=20/*=20= generate=20the=20key=20*/=0A+=20=20=20=20=20=20=20=20if=20= (PKCS5_PBKDF2_HMAC_SHA1(rec->k.passphrase.pass,=0A+=20=20=20=20=20=20=20=20= =20=20=20=20=20=20=20=20rec->k.passphrase.passLen,=0A+=20=20=20=20=20=20=20= =20=20=20=20=20=20=20=20=20(unsigned=20char=20*)=20= rec->k.passphrase.salt,=0A+=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20= rec->k.passphrase.saltLen,=20rec->k.passphrase.iterations,=0A+=20=20=20=20= =20=20=20=20=20=20=20=20=20=20=20=20key->keyLen,=20key->key)=20=3D=3D=20= 0)=20{=0A+=20=20=20=20=20=20=20=20=20=20=20=20return=20APR_ENOKEY;=0A+=20= =20=20=20=20=20=20=20}=0A+=0A+=20=20=20=20=20=20=20=20break;=0A+=20=20=20= =20}=0A+=0A+=20=20=20=20case=20APR_CRYPTO_KTYPE_SECRET:=20{=0A+=0A+=20=20= =20=20=20=20=20=20/*=20sanity=20check=20-=20key=20correct=20size?=20*/=0A= +=20=20=20=20=20=20=20=20if=20(rec->k.secret.secretLen=20!=3D=20= key->keyLen)=20{=0A+=20=20=20=20=20=20=20=20=20=20=20=20return=20= APR_EKEYLENGTH;=0A+=20=20=20=20=20=20=20=20}=0A+=0A+=20=20=20=20=20=20=20= =20/*=20copy=20the=20key=20*/=0A+=20=20=20=20=20=20=20=20= memcpy(key->key,=20rec->k.secret.secret,=20rec->k.secret.secretLen);=0A+=0A= +=20=20=20=20=20=20=20=20break;=0A+=20=20=20=20}=0A+=0A+=20=20=20=20= default:=20{=0A+=0A+=20=20=20=20=20=20=20=20return=20APR_ENOKEY;=0A+=0A+=20= =20=20=20}=0A+=20=20=20=20}=0A+=0A+=20=20=20=20key->doPad=20=3D=20= rec->pad;=0A+=0A+=20=20=20=20/*=20note:=20openssl=20incorrectly=20= returns=20non=20zero=20IV=20size=20values=20for=20ECB=0A+=20=20=20=20=20= *=20algorithms,=20so=20work=20around=20this=20by=20ignoring=20the=20IV=20= size.=0A+=20=20=20=20=20*/=0A+=20=20=20=20if=20(APR_MODE_ECB=20!=3D=20= rec->mode)=20{=0A+=20=20=20=20=20=20=20=20key->ivSize=20=3D=20= EVP_CIPHER_iv_length(key->cipher);=0A+=20=20=20=20}=0A+=0A+=20=20=20=20= return=20APR_SUCCESS;=0A+}=0A+=0A+/**=0A+=20*=20@brief=20Create=20a=20= key=20from=20the=20given=20passphrase.=20By=20default,=20the=20PBKDF2=0A= +=20*=20=20=20=20=20=20=20=20algorithm=20is=20used=20to=20generate=20the=20= key=20from=20the=20passphrase.=20It=20is=20expected=0A+=20*=20=20=20=20=20= =20=20=20that=20the=20same=20pass=20phrase=20will=20generate=20the=20= same=20key,=20regardless=20of=20the=0A+=20*=20=20=20=20=20=20=20=20= backend=20crypto=20platform=20used.=20The=20key=20is=20cleaned=20up=20= when=20the=20context=0A+=20*=20=20=20=20=20=20=20=20is=20cleaned,=20and=20= may=20be=20reused=20with=20multiple=20encryption=20or=20decryption=0A+=20= *=20=20=20=20=20=20=20=20operations.=0A+=20*=20@note=20If=20*key=20is=20= NULL,=20a=20apr_crypto_key_t=20will=20be=20created=20from=20a=20pool.=20= If=0A+=20*=20=20=20=20=20=20=20*key=20is=20not=20NULL,=20*key=20must=20= point=20at=20a=20previously=20created=20structure.=0A+=20*=20@param=20= key=20The=20key=20returned,=20see=20note.=0A+=20*=20@param=20ivSize=20= The=20size=20of=20the=20initialisation=20vector=20will=20be=20returned,=20= based=0A+=20*=20=20=20=20=20=20=20=20=20=20=20=20=20=20=20on=20whether=20= an=20IV=20is=20relevant=20for=20this=20type=20of=20crypto.=0A+=20*=20= @param=20pass=20The=20passphrase=20to=20use.=0A+=20*=20@param=20passLen=20= The=20passphrase=20length=20in=20bytes=0A+=20*=20@param=20salt=20The=20= salt=20to=20use.=0A+=20*=20@param=20saltLen=20The=20salt=20length=20in=20= bytes=0A+=20*=20@param=20type=203DES_192,=20AES_128,=20AES_192,=20= AES_256.=0A+=20*=20@param=20mode=20Electronic=20Code=20Book=20/=20Cipher=20= Block=20Chaining.=0A+=20*=20@param=20doPad=20Pad=20if=20necessary.=0A+=20= *=20@param=20iterations=20Iteration=20count=0A+=20*=20@param=20f=20The=20= context=20to=20use.=0A+=20*=20@param=20p=20The=20pool=20to=20use.=0A+=20= *=20@return=20Returns=20APR_ENOKEY=20if=20the=20pass=20phrase=20is=20= missing=20or=20empty,=20or=20if=20a=20backend=0A+=20*=20=20=20=20=20=20=20= =20=20error=20occurred=20while=20generating=20the=20key.=20APR_ENOCIPHER=20= if=20the=20type=20or=20mode=0A+=20*=20=20=20=20=20=20=20=20=20is=20not=20= supported=20by=20the=20particular=20backend.=20APR_EKEYTYPE=20if=20the=20= key=20type=20is=0A+=20*=20=20=20=20=20=20=20=20=20not=20known.=20= APR_EPADDING=20if=20padding=20was=20requested=20but=20is=20not=20= supported.=0A+=20*=20=20=20=20=20=20=20=20=20APR_ENOTIMPL=20if=20not=20= implemented.=0A+=20*/=0A+static=20apr_status_t=20= crypto_passphrase(apr_crypto_key_t=20**k,=20apr_size_t=20*ivSize,=0A+=20=20= =20=20=20=20=20=20const=20char=20*pass,=20apr_size_t=20passLen,=20const=20= unsigned=20char=20*=20salt,=0A+=20=20=20=20=20=20=20=20apr_size_t=20= saltLen,=20const=20apr_crypto_block_key_type_e=20type,=0A+=20=20=20=20=20= =20=20=20const=20apr_crypto_block_key_mode_e=20mode,=20const=20int=20= doPad,=0A+=20=20=20=20=20=20=20=20const=20int=20iterations,=20const=20= apr_crypto_t=20*f,=20apr_pool_t=20*p)=0A+{=0A+=20=20=20=20= apr_crypto_key_t=20*key=20=3D=20*k;=0A+=20=20=20=20apr_status_t=20rv;=0A= +=0A+=20=20=20=20if=20(!key)=20{=0A+=20=20=20=20=20=20=20=20*k=20=3D=20= key=20=3D=20apr_array_push(f->keys);=0A+=20=20=20=20}=0A+=20=20=20=20if=20= (!key)=20{=0A+=20=20=20=20=20=20=20=20return=20APR_ENOMEM;=0A+=20=20=20=20= }=0A+=0A+=20=20=20=20key->f=20=3D=20f;=0A+=20=20=20=20key->provider=20=3D=20= f->provider;=0A+=0A+=20=20=20=20/*=20decide=20on=20what=20cipher=20= mechanism=20we=20will=20be=20using=20*/=0A+=20=20=20=20rv=20=3D=20= crypto_cipher_mechanism(key,=20type,=20mode,=20doPad,=20p);=0A+=20=20=20=20= if=20(APR_SUCCESS=20!=3D=20rv)=20{=0A+=20=20=20=20=20=20=20=20return=20= rv;=0A+=20=20=20=20}=0A+=0A=20=20=20=20=20/*=20generate=20the=20key=20*/=0A= =20=20=20=20=20if=20(PKCS5_PBKDF2_HMAC_SHA1(pass,=20passLen,=20(unsigned=20= char=20*)=20salt,=20saltLen,=0A=20=20=20=20=20=20=20=20=20=20=20=20=20= iterations,=20key->keyLen,=20key->key)=20=3D=3D=200)=20{=0A@@=20-793,7=20= +903,8=20@@=0A=20=20=20=20=20crypto_block_encrypt_init,=20= crypto_block_encrypt,=0A=20=20=20=20=20crypto_block_encrypt_finish,=20= crypto_block_decrypt_init,=0A=20=20=20=20=20crypto_block_decrypt,=20= crypto_block_decrypt_finish,=0A-=20=20=20=20crypto_block_cleanup,=20= crypto_cleanup,=20crypto_shutdown,=20crypto_error=0A+=20=20=20=20= crypto_block_cleanup,=20crypto_cleanup,=20crypto_shutdown,=20= crypto_error,=0A+=20=20=20=20crypto_key=0A=20};=0A=20=0A=20#endif=0A= --Apple-Mail=_E605D0E2-A880-4AFF-916C-0DF9ADF1A2AF--