apr_crypto: Add support for digest functions, with hashing, signing

and verifying. git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1836439 13f79535-47bb-0310-9956-ffa450edef68
apache · Jul 22, 2018 · c0e5d95 · c0e5d95
1 parent 3c05269
commit c0e5d95
Show file tree

Hide file tree

Showing 9 changed files with 3,981 additions and 562 deletions.
diff --git a/CHANGES b/CHANGES
@@ -1,6 +1,9 @@
                                                      -*- coding: utf-8 -*-
 Changes for APR 2.0.0
 
+  *) apr_crypto: Add support for digest functions, with hashing, signing
+     and verifying. [Graham Leggett]
+
   *) apr_json: Add support for encoding and decoding RFC8259 JSON.
      [Moriyoshi Koizumi <mozo mozo jp>]
 

diff --git a/crypto/apr_crypto.c b/crypto/apr_crypto.c
@@ -54,6 +54,12 @@ APR_TYPEDEF_STRUCT(apr_crypto_block_t,
     const apr_crypto_t *f;
 )
 
+APR_TYPEDEF_STRUCT(apr_crypto_digest_t,
+    apr_pool_t *pool;
+    apr_crypto_driver_t *provider;
+    const apr_crypto_t *f;
+)
+
 typedef struct apr_crypto_clear_t {
     void *buffer;
     apr_size_t size;
@@ -199,6 +205,24 @@ APR_DECLARE(int) apr_crypto_equals(const void *buf1, const void *buf2,
     return 1 & ((diff - 1) >> 8);
 }
 
+APR_DECLARE(apr_crypto_key_rec_t *) apr_crypto_key_rec_make(
+        apr_crypto_key_type ktype, apr_pool_t *p)
+{
+    apr_crypto_key_rec_t *key = apr_pcalloc(p, sizeof(apr_crypto_key_rec_t));
+    key->ktype = ktype;
+    return key;
+}
+
+APR_DECLARE(apr_crypto_digest_rec_t *) apr_crypto_digest_rec_make(
+         apr_crypto_digest_type_e dtype, apr_pool_t *p)
+{
+    apr_crypto_digest_rec_t *rec = apr_pcalloc(p, sizeof(apr_crypto_digest_rec_t));
+    if (rec) {
+        rec->dtype = dtype;
+    }
+    return rec;
+}
+
 APR_DECLARE(apr_status_t) apr_crypto_get_driver(
         const apr_crypto_driver_t **driver, const char *name,
         const char *params, const apu_err_t **result, apr_pool_t *pool)
@@ -644,6 +668,21 @@ APR_DECLARE(apr_status_t) apr_crypto_make(apr_crypto_t **f,
     return driver->make(f, driver, params, pool);
 }
 
+/**
+ * @brief Get a hash table of digests, keyed by the name of the digest against
+ * a pointer to apr_crypto_digest_t, which in turn begins with an
+ * integer.
+ *
+ * @param digests - hashtable of digests keyed to constants.
+ * @param f - encryption context
+ * @return APR_SUCCESS for success
+ */
+APR_DECLARE(apr_status_t) apr_crypto_get_block_key_digests(apr_hash_t **digests,
+        const apr_crypto_t *f)
+{
+    return f->provider->get_block_key_digests(digests, f);
+}
+
 /**
  * @brief Get a hash table of key types, keyed by the name of the type against
  * a pointer to apr_crypto_block_key_type_t, which in turn begins with an
@@ -876,6 +915,30 @@ APR_DECLARE(apr_status_t) apr_crypto_block_decrypt_finish(unsigned char *out,
     return ctx->provider->block_decrypt_finish(out, outlen, ctx);
 }
 
+APR_DECLARE(apr_status_t) apr_crypto_digest_init(apr_crypto_digest_t **d,
+        const apr_crypto_key_t *key, apr_crypto_digest_rec_t *rec, apr_pool_t *p)
+{
+    return key->provider->digest_init(d, key, rec, p);
+}
+
+APR_DECLARE(apr_status_t) apr_crypto_digest_update(apr_crypto_digest_t *digest,
+        const unsigned char *in, apr_size_t inlen)
+{
+    return digest->provider->digest_update(digest, in, inlen);
+}
+
+APR_DECLARE(apr_status_t) apr_crypto_digest_final(apr_crypto_digest_t *digest)
+{
+    return digest->provider->digest_final(digest);
+}
+
+APR_DECLARE(apr_status_t) apr_crypto_digest(const apr_crypto_key_t *key,
+        apr_crypto_digest_rec_t *rec, const unsigned char *in, apr_size_t inlen,
+        apr_pool_t *p)
+{
+    return key->provider->digest(key, rec, in, inlen, p);
+}
+
 /**
  * @brief Clean encryption / decryption context.
  * @note After cleanup, a context is free to be reused if necessary.
@@ -887,6 +950,17 @@ APR_DECLARE(apr_status_t) apr_crypto_block_cleanup(apr_crypto_block_t *ctx)
     return ctx->provider->block_cleanup(ctx);
 }
 
+/**
+ * @brief Clean sign / verify context.
+ * @note After cleanup, a context is free to be reused if necessary.
+ * @param ctx The digest context to use.
+ * @return Returns APR_ENOTIMPL if not supported.
+ */
+APR_DECLARE(apr_status_t) apr_crypto_digest_cleanup(apr_crypto_digest_t *ctx)
+{
+    return ctx->provider->digest_cleanup(ctx);
+}
+
 /**
  * @brief Clean encryption / decryption context.
  * @note After cleanup, a context is free to be reused if necessary.