apr_crypto.h 20 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507
  1. /* Licensed to the Apache Software Foundation (ASF) under one or more
  2. * contributor license agreements. See the NOTICE file distributed with
  3. * this work for additional information regarding copyright ownership.
  4. * The ASF licenses this file to You under the Apache License, Version 2.0
  5. * (the "License"); you may not use this file except in compliance with
  6. * the License. You may obtain a copy of the License at
  7. *
  8. * http://www.apache.org/licenses/LICENSE-2.0
  9. *
  10. * Unless required by applicable law or agreed to in writing, software
  11. * distributed under the License is distributed on an "AS IS" BASIS,
  12. * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13. * See the License for the specific language governing permissions and
  14. * limitations under the License.
  15. */
  16. #ifndef APR_CRYPTO_H
  17. #define APR_CRYPTO_H
  18. #include "apu.h"
  19. #include "apr_pools.h"
  20. #include "apr_tables.h"
  21. #include "apr_hash.h"
  22. #include "apu_errno.h"
  23. #ifdef __cplusplus
  24. extern "C" {
  25. #endif
  26. /**
  27. * @file apr_crypto.h
  28. * @brief APR-UTIL Crypto library
  29. */
  30. /**
  31. * @defgroup APR_Util_Crypto Crypto routines
  32. * @ingroup APR_Util
  33. * @{
  34. */
  35. #if APU_HAVE_CRYPTO
  36. #ifndef APU_CRYPTO_RECOMMENDED_DRIVER
  37. #if APU_HAVE_COMMONCRYPTO
  38. #define APU_CRYPTO_RECOMMENDED_DRIVER "commoncrypto"
  39. #else
  40. #if APU_HAVE_OPENSSL
  41. #define APU_CRYPTO_RECOMMENDED_DRIVER "openssl"
  42. #else
  43. #if APU_HAVE_NSS
  44. #define APU_CRYPTO_RECOMMENDED_DRIVER "nss"
  45. #else
  46. #if APU_HAVE_MSCNG
  47. #define APU_CRYPTO_RECOMMENDED_DRIVER "mscng"
  48. #else
  49. #if APU_HAVE_MSCAPI
  50. #define APU_CRYPTO_RECOMMENDED_DRIVER "mscapi"
  51. #else
  52. #endif
  53. #endif
  54. #endif
  55. #endif
  56. #endif
  57. #endif
  58. /**
  59. * Symmetric Key types understood by the library.
  60. *
  61. * NOTE: It is expected that this list will grow over time.
  62. *
  63. * Interoperability Matrix:
  64. *
  65. * The matrix is based on the testcrypto.c unit test, which attempts to
  66. * test whether a simple encrypt/decrypt will succeed, as well as testing
  67. * whether an encrypted string by one library can be decrypted by the
  68. * others.
  69. *
  70. * Some libraries will successfully encrypt and decrypt their own data,
  71. * but won't decrypt data from another library. It is hoped that over
  72. * time these anomalies will be found and fixed, but until then it is
  73. * recommended that ciphers are chosen that interoperate across platform.
  74. *
  75. * An X below means the test passes, it does not necessarily mean that
  76. * encryption performed is correct or secure. Applications should stick
  77. * to ciphers that pass the interoperablity tests on the right hand side
  78. * of the table.
  79. *
  80. * Aligned data is data whose length is a multiple of the block size for
  81. * the chosen cipher. Padded data is data that is not aligned by block
  82. * size and must be padded by the crypto library.
  83. *
  84. * OpenSSL CommonCrypto NSS Interop
  85. * Align Pad Align Pad Align Pad Align Pad
  86. * 3DES_192/CBC X X X X X X X X
  87. * 3DES_192/ECB X X X X
  88. * AES_256/CBC X X X X X X X X
  89. * AES_256/ECB X X X X X X
  90. * AES_192/CBC X X X X X X
  91. * AES_192/ECB X X X X X
  92. * AES_128/CBC X X X X X X
  93. * AES_128/ECB X X X X X
  94. *
  95. * Conclusion: for padded data, use 3DES_192/CBC or AES_256/CBC. For
  96. * aligned data, use 3DES_192/CBC, AES_256/CBC or AES_256/ECB.
  97. */
  98. typedef enum
  99. {
  100. APR_KEY_NONE, APR_KEY_3DES_192, /** 192 bit (3-Key) 3DES */
  101. APR_KEY_AES_128, /** 128 bit AES */
  102. APR_KEY_AES_192, /** 192 bit AES */
  103. APR_KEY_AES_256
  104. /** 256 bit AES */
  105. } apr_crypto_block_key_type_e;
  106. typedef enum
  107. {
  108. APR_MODE_NONE, /** An error condition */
  109. APR_MODE_ECB, /** Electronic Code Book */
  110. APR_MODE_CBC
  111. /** Cipher Block Chaining */
  112. } apr_crypto_block_key_mode_e;
  113. /* These are opaque structs. Instantiation is up to each backend */
  114. typedef struct apr_crypto_driver_t apr_crypto_driver_t;
  115. typedef struct apr_crypto_t apr_crypto_t;
  116. typedef struct apr_crypto_config_t apr_crypto_config_t;
  117. typedef struct apr_crypto_key_t apr_crypto_key_t;
  118. typedef struct apr_crypto_block_t apr_crypto_block_t;
  119. typedef struct apr_crypto_block_key_type_t {
  120. apr_crypto_block_key_type_e type;
  121. int keysize;
  122. int blocksize;
  123. int ivsize;
  124. } apr_crypto_block_key_type_t;
  125. typedef struct apr_crypto_block_key_mode_t {
  126. apr_crypto_block_key_mode_e mode;
  127. } apr_crypto_block_key_mode_t;
  128. typedef struct apr_crypto_passphrase_t {
  129. const char *pass;
  130. apr_size_t passLen;
  131. const unsigned char * salt;
  132. apr_size_t saltLen;
  133. int iterations;
  134. } apr_crypto_passphrase_t;
  135. typedef struct apr_crypto_secret_t {
  136. const unsigned char *secret;
  137. apr_size_t secretLen;
  138. } apr_crypto_secret_t;
  139. typedef enum {
  140. /** Key is derived from a passphrase */
  141. APR_CRYPTO_KTYPE_PASSPHRASE = 1,
  142. /** Key is derived from a raw key */
  143. APR_CRYPTO_KTYPE_SECRET = 2,
  144. } apr_crypto_key_type;
  145. typedef struct apr_crypto_key_rec_t {
  146. apr_crypto_key_type ktype;
  147. apr_crypto_block_key_type_e type;
  148. apr_crypto_block_key_mode_e mode;
  149. int pad;
  150. union {
  151. apr_crypto_passphrase_t passphrase;
  152. apr_crypto_secret_t secret;
  153. } k;
  154. } apr_crypto_key_rec_t;
  155. /**
  156. * @brief Perform once-only initialisation. Call once only.
  157. *
  158. * @param pool - pool to register any shutdown cleanups, etc
  159. * @return APR_NOTIMPL in case of no crypto support.
  160. */
  161. APU_DECLARE(apr_status_t) apr_crypto_init(apr_pool_t *pool);
  162. /**
  163. * @brief Zero out the buffer provided when the pool is cleaned up.
  164. *
  165. * @param pool - pool to register the cleanup
  166. * @param buffer - buffer to zero out
  167. * @param size - size of the buffer to zero out
  168. */
  169. APU_DECLARE(apr_status_t) apr_crypto_clear(apr_pool_t *pool, void *buffer,
  170. apr_size_t size);
  171. /**
  172. * @brief Always zero out the buffer provided, without being optimized out by
  173. * the compiler.
  174. *
  175. * @param buffer - buffer to zero out
  176. * @param size - size of the buffer to zero out
  177. */
  178. APU_DECLARE(apr_status_t) apr_crypto_memzero(void *buffer, apr_size_t size);
  179. /**
  180. * @brief Timing attacks safe buffers comparison, where the executing time does
  181. * not depend on the bytes compared but solely on the number of bytes.
  182. *
  183. * @param buf1 - first buffer to compare
  184. * @param buf2 - second buffer to compare
  185. * @param size - size of the buffers to compare
  186. * @return 1 if the buffers are equals, 0 otherwise.
  187. */
  188. APU_DECLARE(int) apr_crypto_equals(const void *buf1, const void *buf2,
  189. apr_size_t size);
  190. /**
  191. * @brief Get the driver struct for a name
  192. *
  193. * @param driver - pointer to driver struct.
  194. * @param name - driver name
  195. * @param params - array of initialisation parameters
  196. * @param result - result and error message on failure
  197. * @param pool - (process) pool to register cleanup
  198. * @return APR_SUCCESS for success
  199. * @return APR_ENOTIMPL for no driver (when DSO not enabled)
  200. * @return APR_EDSOOPEN if DSO driver file can't be opened
  201. * @return APR_ESYMNOTFOUND if the driver file doesn't contain a driver
  202. * @remarks NSS: the params can have "dir", "key3", "cert7" and "secmod"
  203. * keys, each followed by an equal sign and a value. Such key/value pairs can
  204. * be delimited by space or tab. If the value contains a space, surround the
  205. * whole key value pair in quotes: "dir=My Directory".
  206. * @remarks OpenSSL: currently no params are supported.
  207. */
  208. APU_DECLARE(apr_status_t) apr_crypto_get_driver(
  209. const apr_crypto_driver_t **driver,
  210. const char *name, const char *params, const apu_err_t **result,
  211. apr_pool_t *pool);
  212. /**
  213. * @brief Return the name of the driver.
  214. *
  215. * @param driver - The driver in use.
  216. * @return The name of the driver.
  217. */
  218. APU_DECLARE(const char *) apr_crypto_driver_name(
  219. const apr_crypto_driver_t *driver);
  220. /**
  221. * @brief Get the result of the last operation on a context. If the result
  222. * is NULL, the operation was successful.
  223. * @param result - the result structure
  224. * @param f - context pointer
  225. * @return APR_SUCCESS for success
  226. */
  227. APU_DECLARE(apr_status_t) apr_crypto_error(const apu_err_t **result,
  228. const apr_crypto_t *f);
  229. /**
  230. * @brief Create a context for supporting encryption. Keys, certificates,
  231. * algorithms and other parameters will be set per context. More than
  232. * one context can be created at one time. A cleanup will be automatically
  233. * registered with the given pool to guarantee a graceful shutdown.
  234. * @param f - context pointer will be written here
  235. * @param driver - driver to use
  236. * @param params - array of key parameters
  237. * @param pool - process pool
  238. * @return APR_ENOENGINE when the engine specified does not exist. APR_EINITENGINE
  239. * if the engine cannot be initialised.
  240. * @remarks NSS: currently no params are supported.
  241. * @remarks OpenSSL: the params can have "engine" as a key, followed by an equal
  242. * sign and a value.
  243. */
  244. APU_DECLARE(apr_status_t) apr_crypto_make(apr_crypto_t **f,
  245. const apr_crypto_driver_t *driver, const char *params,
  246. apr_pool_t *pool);
  247. /**
  248. * @brief Get a hash table of key types, keyed by the name of the type against
  249. * a pointer to apr_crypto_block_key_type_t, which in turn begins with an
  250. * integer.
  251. *
  252. * @param types - hashtable of key types keyed to constants.
  253. * @param f - encryption context
  254. * @return APR_SUCCESS for success
  255. */
  256. APU_DECLARE(apr_status_t) apr_crypto_get_block_key_types(apr_hash_t **types,
  257. const apr_crypto_t *f);
  258. /**
  259. * @brief Get a hash table of key modes, keyed by the name of the mode against
  260. * a pointer to apr_crypto_block_key_mode_t, which in turn begins with an
  261. * integer.
  262. *
  263. * @param modes - hashtable of key modes keyed to constants.
  264. * @param f - encryption context
  265. * @return APR_SUCCESS for success
  266. */
  267. APU_DECLARE(apr_status_t) apr_crypto_get_block_key_modes(apr_hash_t **modes,
  268. const apr_crypto_t *f);
  269. /**
  270. * @brief Create a key from the provided secret or passphrase. The key is cleaned
  271. * up when the context is cleaned, and may be reused with multiple encryption
  272. * or decryption operations.
  273. * @note If *key is NULL, a apr_crypto_key_t will be created from a pool. If
  274. * *key is not NULL, *key must point at a previously created structure.
  275. * @param key The key returned, see note.
  276. * @param rec The key record, from which the key will be derived.
  277. * @param f The context to use.
  278. * @param p The pool to use.
  279. * @return Returns APR_ENOKEY if the pass phrase is missing or empty, or if a backend
  280. * error occurred while generating the key. APR_ENOCIPHER if the type or mode
  281. * is not supported by the particular backend. APR_EKEYTYPE if the key type is
  282. * not known. APR_EPADDING if padding was requested but is not supported.
  283. * APR_ENOTIMPL if not implemented.
  284. */
  285. APU_DECLARE(apr_status_t) apr_crypto_key(apr_crypto_key_t **key,
  286. const apr_crypto_key_rec_t *rec, const apr_crypto_t *f, apr_pool_t *p);
  287. /**
  288. * @brief Create a key from the given passphrase. By default, the PBKDF2
  289. * algorithm is used to generate the key from the passphrase. It is expected
  290. * that the same pass phrase will generate the same key, regardless of the
  291. * backend crypto platform used. The key is cleaned up when the context
  292. * is cleaned, and may be reused with multiple encryption or decryption
  293. * operations.
  294. * @note If *key is NULL, a apr_crypto_key_t will be created from a pool. If
  295. * *key is not NULL, *key must point at a previously created structure.
  296. * @param key The key returned, see note.
  297. * @param ivSize The size of the initialisation vector will be returned, based
  298. * on whether an IV is relevant for this type of crypto.
  299. * @param pass The passphrase to use.
  300. * @param passLen The passphrase length in bytes
  301. * @param salt The salt to use.
  302. * @param saltLen The salt length in bytes
  303. * @param type 3DES_192, AES_128, AES_192, AES_256.
  304. * @param mode Electronic Code Book / Cipher Block Chaining.
  305. * @param doPad Pad if necessary.
  306. * @param iterations Number of iterations to use in algorithm
  307. * @param f The context to use.
  308. * @param p The pool to use.
  309. * @return Returns APR_ENOKEY if the pass phrase is missing or empty, or if a backend
  310. * error occurred while generating the key. APR_ENOCIPHER if the type or mode
  311. * is not supported by the particular backend. APR_EKEYTYPE if the key type is
  312. * not known. APR_EPADDING if padding was requested but is not supported.
  313. * APR_ENOTIMPL if not implemented.
  314. * @deprecated Replaced by apr_crypto_key().
  315. */
  316. APU_DECLARE(apr_status_t) apr_crypto_passphrase(apr_crypto_key_t **key,
  317. apr_size_t *ivSize, const char *pass, apr_size_t passLen,
  318. const unsigned char * salt, apr_size_t saltLen,
  319. const apr_crypto_block_key_type_e type,
  320. const apr_crypto_block_key_mode_e mode, const int doPad,
  321. const int iterations, const apr_crypto_t *f, apr_pool_t *p);
  322. /**
  323. * @brief Initialise a context for encrypting arbitrary data using the given key.
  324. * @note If *ctx is NULL, a apr_crypto_block_t will be created from a pool. If
  325. * *ctx is not NULL, *ctx must point at a previously created structure.
  326. * @param ctx The block context returned, see note.
  327. * @param iv Optional initialisation vector. If the buffer pointed to is NULL,
  328. * an IV will be created at random, in space allocated from the pool.
  329. * If the buffer pointed to is not NULL, the IV in the buffer will be
  330. * used.
  331. * @param key The key structure to use.
  332. * @param blockSize The block size of the cipher.
  333. * @param p The pool to use.
  334. * @return Returns APR_ENOIV if an initialisation vector is required but not specified.
  335. * Returns APR_EINIT if the backend failed to initialise the context. Returns
  336. * APR_ENOTIMPL if not implemented.
  337. */
  338. APU_DECLARE(apr_status_t) apr_crypto_block_encrypt_init(
  339. apr_crypto_block_t **ctx, const unsigned char **iv,
  340. const apr_crypto_key_t *key, apr_size_t *blockSize, apr_pool_t *p);
  341. /**
  342. * @brief Encrypt data provided by in, write it to out.
  343. * @note The number of bytes written will be written to outlen. If
  344. * out is NULL, outlen will contain the maximum size of the
  345. * buffer needed to hold the data, including any data
  346. * generated by apr_crypto_block_encrypt_finish below. If *out points
  347. * to NULL, a buffer sufficiently large will be created from
  348. * the pool provided. If *out points to a not-NULL value, this
  349. * value will be used as a buffer instead.
  350. * @param out Address of a buffer to which data will be written,
  351. * see note.
  352. * @param outlen Length of the output will be written here.
  353. * @param in Address of the buffer to read.
  354. * @param inlen Length of the buffer to read.
  355. * @param ctx The block context to use.
  356. * @return APR_ECRYPT if an error occurred. Returns APR_ENOTIMPL if
  357. * not implemented.
  358. */
  359. APU_DECLARE(apr_status_t) apr_crypto_block_encrypt(unsigned char **out,
  360. apr_size_t *outlen, const unsigned char *in, apr_size_t inlen,
  361. apr_crypto_block_t *ctx);
  362. /**
  363. * @brief Encrypt final data block, write it to out.
  364. * @note If necessary the final block will be written out after being
  365. * padded. Typically the final block will be written to the
  366. * same buffer used by apr_crypto_block_encrypt, offset by the
  367. * number of bytes returned as actually written by the
  368. * apr_crypto_block_encrypt() call. After this call, the context
  369. * is cleaned and can be reused by apr_crypto_block_encrypt_init().
  370. * @param out Address of a buffer to which data will be written. This
  371. * buffer must already exist, and is usually the same
  372. * buffer used by apr_evp_crypt(). See note.
  373. * @param outlen Length of the output will be written here.
  374. * @param ctx The block context to use.
  375. * @return APR_ECRYPT if an error occurred.
  376. * @return APR_EPADDING if padding was enabled and the block was incorrectly
  377. * formatted.
  378. * @return APR_ENOTIMPL if not implemented.
  379. */
  380. APU_DECLARE(apr_status_t) apr_crypto_block_encrypt_finish(unsigned char *out,
  381. apr_size_t *outlen, apr_crypto_block_t *ctx);
  382. /**
  383. * @brief Initialise a context for decrypting arbitrary data using the given key.
  384. * @note If *ctx is NULL, a apr_crypto_block_t will be created from a pool. If
  385. * *ctx is not NULL, *ctx must point at a previously created structure.
  386. * @param ctx The block context returned, see note.
  387. * @param blockSize The block size of the cipher.
  388. * @param iv Optional initialisation vector.
  389. * @param key The key structure to use.
  390. * @param p The pool to use.
  391. * @return Returns APR_ENOIV if an initialisation vector is required but not specified.
  392. * Returns APR_EINIT if the backend failed to initialise the context. Returns
  393. * APR_ENOTIMPL if not implemented.
  394. */
  395. APU_DECLARE(apr_status_t) apr_crypto_block_decrypt_init(
  396. apr_crypto_block_t **ctx, apr_size_t *blockSize,
  397. const unsigned char *iv, const apr_crypto_key_t *key, apr_pool_t *p);
  398. /**
  399. * @brief Decrypt data provided by in, write it to out.
  400. * @note The number of bytes written will be written to outlen. If
  401. * out is NULL, outlen will contain the maximum size of the
  402. * buffer needed to hold the data, including any data
  403. * generated by apr_crypto_block_decrypt_finish below. If *out points
  404. * to NULL, a buffer sufficiently large will be created from
  405. * the pool provided. If *out points to a not-NULL value, this
  406. * value will be used as a buffer instead.
  407. * @param out Address of a buffer to which data will be written,
  408. * see note.
  409. * @param outlen Length of the output will be written here.
  410. * @param in Address of the buffer to read.
  411. * @param inlen Length of the buffer to read.
  412. * @param ctx The block context to use.
  413. * @return APR_ECRYPT if an error occurred. Returns APR_ENOTIMPL if
  414. * not implemented.
  415. */
  416. APU_DECLARE(apr_status_t) apr_crypto_block_decrypt(unsigned char **out,
  417. apr_size_t *outlen, const unsigned char *in, apr_size_t inlen,
  418. apr_crypto_block_t *ctx);
  419. /**
  420. * @brief Decrypt final data block, write it to out.
  421. * @note If necessary the final block will be written out after being
  422. * padded. Typically the final block will be written to the
  423. * same buffer used by apr_crypto_block_decrypt, offset by the
  424. * number of bytes returned as actually written by the
  425. * apr_crypto_block_decrypt() call. After this call, the context
  426. * is cleaned and can be reused by apr_crypto_block_decrypt_init().
  427. * @param out Address of a buffer to which data will be written. This
  428. * buffer must already exist, and is usually the same
  429. * buffer used by apr_evp_crypt(). See note.
  430. * @param outlen Length of the output will be written here.
  431. * @param ctx The block context to use.
  432. * @return APR_ECRYPT if an error occurred.
  433. * @return APR_EPADDING if padding was enabled and the block was incorrectly
  434. * formatted.
  435. * @return APR_ENOTIMPL if not implemented.
  436. */
  437. APU_DECLARE(apr_status_t) apr_crypto_block_decrypt_finish(unsigned char *out,
  438. apr_size_t *outlen, apr_crypto_block_t *ctx);
  439. /**
  440. * @brief Clean encryption / decryption context.
  441. * @note After cleanup, a context is free to be reused if necessary.
  442. * @param ctx The block context to use.
  443. * @return Returns APR_ENOTIMPL if not supported.
  444. */
  445. APU_DECLARE(apr_status_t) apr_crypto_block_cleanup(apr_crypto_block_t *ctx);
  446. /**
  447. * @brief Clean encryption / decryption context.
  448. * @note After cleanup, a context is free to be reused if necessary.
  449. * @param f The context to use.
  450. * @return Returns APR_ENOTIMPL if not supported.
  451. */
  452. APU_DECLARE(apr_status_t) apr_crypto_cleanup(apr_crypto_t *f);
  453. /**
  454. * @brief Shutdown the crypto library.
  455. * @note After shutdown, it is expected that the init function can be called again.
  456. * @param driver - driver to use
  457. * @return Returns APR_ENOTIMPL if not supported.
  458. */
  459. APU_DECLARE(apr_status_t) apr_crypto_shutdown(
  460. const apr_crypto_driver_t *driver);
  461. #endif /* APU_HAVE_CRYPTO */
  462. /** @} */
  463. #ifdef __cplusplus
  464. }
  465. #endif
  466. #endif