]> git.ipfire.org Git - thirdparty/openssl.git/blob - crypto/store/str_lib.c
projects / thirdparty / openssl.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Remove /* foo.c */ comments
[thirdparty/openssl.git] / crypto / store / str_lib.c
1 /*
2 * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
3 * 2003.
4 */
5 /* ====================================================================
6 * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 *
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
18 * distribution.
19 *
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
24 *
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * openssl-core@openssl.org.
29 *
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
33 *
34 * 6. Redistributions of any form whatsoever must retain the following
35 * acknowledgment:
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
38 *
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
52 *
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
56 *
57 */
58
59 #include <string.h>
60 #include <openssl/bn.h>
61 #include <openssl/err.h>
62 #ifndef OPENSSL_NO_ENGINE
63 # include <openssl/engine.h>
64 #endif
65 #include <openssl/sha.h>
66 #include <openssl/x509.h>
67 #include "str_locl.h"
68
69 const char *const STORE_object_type_string[STORE_OBJECT_TYPE_NUM + 1] = {
70 0,
71 "X.509 Certificate",
72 "X.509 CRL",
73 "Private Key",
74 "Public Key",
75 "Number",
76 "Arbitrary Data"
77 };
78
79 const int STORE_param_sizes[STORE_PARAM_TYPE_NUM + 1] = {
80 0,
81 sizeof(int), /* EVP_TYPE */
82 sizeof(size_t), /* BITS */
83 -1, /* KEY_PARAMETERS */
84 0 /* KEY_NO_PARAMETERS */
85 };
86
87 const int STORE_attr_sizes[STORE_ATTR_TYPE_NUM + 1] = {
88 0,
89 -1, /* FRIENDLYNAME: C string */
90 SHA_DIGEST_LENGTH, /* KEYID: SHA1 digest, 160 bits */
91 SHA_DIGEST_LENGTH, /* ISSUERKEYID: SHA1 digest, 160 bits */
92 SHA_DIGEST_LENGTH, /* SUBJECTKEYID: SHA1 digest, 160 bits */
93 SHA_DIGEST_LENGTH, /* ISSUERSERIALHASH: SHA1 digest, 160 bits */
94 sizeof(X509_NAME *), /* ISSUER: X509_NAME * */
95 sizeof(BIGNUM *), /* SERIAL: BIGNUM * */
96 sizeof(X509_NAME *), /* SUBJECT: X509_NAME * */
97 SHA_DIGEST_LENGTH, /* CERTHASH: SHA1 digest, 160 bits */
98 -1, /* EMAIL: C string */
99 -1, /* FILENAME: C string */
100 };
101
102 STORE *STORE_new_method(const STORE_METHOD *method)
103 {
104 STORE *ret;
105
106 if (method == NULL) {
107 STOREerr(STORE_F_STORE_NEW_METHOD, ERR_R_PASSED_NULL_PARAMETER);
108 return NULL;
109 }
110
111 ret = OPENSSL_malloc(sizeof(*ret));
112 if (ret == NULL) {
113 STOREerr(STORE_F_STORE_NEW_METHOD, ERR_R_MALLOC_FAILURE);
114 return NULL;
115 }
116
117 ret->meth = method;
118
119 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_STORE, ret, &ret->ex_data);
120 if (ret->meth->init && !ret->meth->init(ret)) {
121 STORE_free(ret);
122 ret = NULL;
123 }
124 return ret;
125 }
126
127 STORE *STORE_new_engine(ENGINE *engine)
128 {
129 STORE *ret = NULL;
130 ENGINE *e = engine;
131 const STORE_METHOD *meth = 0;
132
133 #ifdef OPENSSL_NO_ENGINE
134 e = NULL;
135 #else
136 if (engine) {
137 if (!ENGINE_init(engine)) {
138 STOREerr(STORE_F_STORE_NEW_ENGINE, ERR_R_ENGINE_LIB);
139 return NULL;
140 }
141 e = engine;
142 } else {
143 STOREerr(STORE_F_STORE_NEW_ENGINE, ERR_R_PASSED_NULL_PARAMETER);
144 return NULL;
145 }
146 if (e) {
147 meth = ENGINE_get_STORE(e);
148 if (!meth) {
149 STOREerr(STORE_F_STORE_NEW_ENGINE, ERR_R_ENGINE_LIB);
150 ENGINE_finish(e);
151 return NULL;
152 }
153 }
154 #endif
155
156 ret = STORE_new_method(meth);
157 if (ret == NULL) {
158 STOREerr(STORE_F_STORE_NEW_ENGINE, ERR_R_STORE_LIB);
159 return NULL;
160 }
161
162 ret->engine = e;
163
164 return (ret);
165 }
166
167 void STORE_free(STORE *store)
168 {
169 if (store == NULL)
170 return;
171 if (store->meth->clean)
172 store->meth->clean(store);
173 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_STORE, store, &store->ex_data);
174 OPENSSL_free(store);
175 }
176
177 int STORE_ctrl(STORE *store, int cmd, long i, void *p, void (*f) (void))
178 {
179 if (store == NULL) {
180 STOREerr(STORE_F_STORE_CTRL, ERR_R_PASSED_NULL_PARAMETER);
181 return 0;
182 }
183 if (store->meth->ctrl)
184 return store->meth->ctrl(store, cmd, i, p, f);
185 STOREerr(STORE_F_STORE_CTRL, STORE_R_NO_CONTROL_FUNCTION);
186 return 0;
187 }
188
189 int STORE_set_ex_data(STORE *r, int idx, void *arg)
190 {
191 return (CRYPTO_set_ex_data(&r->ex_data, idx, arg));
192 }
193
194 void *STORE_get_ex_data(STORE *r, int idx)
195 {
196 return (CRYPTO_get_ex_data(&r->ex_data, idx));
197 }
198
199 const STORE_METHOD *STORE_get_method(STORE *store)
200 {
201 return store->meth;
202 }
203
204 const STORE_METHOD *STORE_set_method(STORE *store, const STORE_METHOD *meth)
205 {
206 store->meth = meth;
207 return store->meth;
208 }
209
210 /* API helpers */
211
212 #define check_store(s,fncode,fnname,fnerrcode) \
213 do \
214 { \
215 if ((s) == NULL || (s)->meth == NULL) \
216 { \
217 STOREerr((fncode), ERR_R_PASSED_NULL_PARAMETER); \
218 return 0; \
219 } \
220 if ((s)->meth->fnname == NULL) \
221 { \
222 STOREerr((fncode), (fnerrcode)); \
223 return 0; \
224 } \
225 } \
226 while(0)
227
228 /* API functions */
229
230 X509 *STORE_get_certificate(STORE *s, OPENSSL_ITEM attributes[],
231 OPENSSL_ITEM parameters[])
232 {
233 STORE_OBJECT *object;
234 X509 *x;
235
236 check_store(s, STORE_F_STORE_GET_CERTIFICATE,
237 get_object, STORE_R_NO_GET_OBJECT_FUNCTION);
238
239 object = s->meth->get_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
240 attributes, parameters);
241 if (!object || !object->data.x509.certificate) {
242 STOREerr(STORE_F_STORE_GET_CERTIFICATE,
243 STORE_R_FAILED_GETTING_CERTIFICATE);
244 return 0;
245 }
246 X509_up_ref(object->data.x509.certificate);
247 #ifdef REF_PRINT
248 REF_PRINT("X509", data);
249 #endif
250 x = object->data.x509.certificate;
251 STORE_OBJECT_free(object);
252 return x;
253 }
254
255 int STORE_store_certificate(STORE *s, X509 *data, OPENSSL_ITEM attributes[],
256 OPENSSL_ITEM parameters[])
257 {
258 STORE_OBJECT *object;
259 int i;
260
261 check_store(s, STORE_F_STORE_STORE_CERTIFICATE,
262 store_object, STORE_R_NO_STORE_OBJECT_FUNCTION);
263
264 object = STORE_OBJECT_new();
265 if (object == NULL) {
266 STOREerr(STORE_F_STORE_STORE_CERTIFICATE, ERR_R_MALLOC_FAILURE);
267 return 0;
268 }
269
270 X509_up_ref(data);
271 #ifdef REF_PRINT
272 REF_PRINT("X509", data);
273 #endif
274 object->data.x509.certificate = data;
275
276 i = s->meth->store_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
277 object, attributes, parameters);
278
279 STORE_OBJECT_free(object);
280
281 if (!i) {
282 STOREerr(STORE_F_STORE_STORE_CERTIFICATE,
283 STORE_R_FAILED_STORING_CERTIFICATE);
284 return 0;
285 }
286 return 1;
287 }
288
289 int STORE_modify_certificate(STORE *s, OPENSSL_ITEM search_attributes[],
290 OPENSSL_ITEM add_attributes[],
291 OPENSSL_ITEM modify_attributes[],
292 OPENSSL_ITEM delete_attributes[],
293 OPENSSL_ITEM parameters[])
294 {
295 check_store(s, STORE_F_STORE_MODIFY_CERTIFICATE,
296 modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION);
297
298 if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
299 search_attributes, add_attributes,
300 modify_attributes, delete_attributes,
301 parameters)) {
302 STOREerr(STORE_F_STORE_MODIFY_CERTIFICATE,
303 STORE_R_FAILED_MODIFYING_CERTIFICATE);
304 return 0;
305 }
306 return 1;
307 }
308
309 int STORE_revoke_certificate(STORE *s, OPENSSL_ITEM attributes[],
310 OPENSSL_ITEM parameters[])
311 {
312 check_store(s, STORE_F_STORE_REVOKE_CERTIFICATE,
313 revoke_object, STORE_R_NO_REVOKE_OBJECT_FUNCTION);
314
315 if (!s->meth->revoke_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
316 attributes, parameters)) {
317 STOREerr(STORE_F_STORE_REVOKE_CERTIFICATE,
318 STORE_R_FAILED_REVOKING_CERTIFICATE);
319 return 0;
320 }
321 return 1;
322 }
323
324 int STORE_delete_certificate(STORE *s, OPENSSL_ITEM attributes[],
325 OPENSSL_ITEM parameters[])
326 {
327 check_store(s, STORE_F_STORE_DELETE_CERTIFICATE,
328 delete_object, STORE_R_NO_DELETE_OBJECT_FUNCTION);
329
330 if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
331 attributes, parameters)) {
332 STOREerr(STORE_F_STORE_DELETE_CERTIFICATE,
333 STORE_R_FAILED_DELETING_CERTIFICATE);
334 return 0;
335 }
336 return 1;
337 }
338
339 void *STORE_list_certificate_start(STORE *s, OPENSSL_ITEM attributes[],
340 OPENSSL_ITEM parameters[])
341 {
342 void *handle;
343
344 check_store(s, STORE_F_STORE_LIST_CERTIFICATE_START,
345 list_object_start, STORE_R_NO_LIST_OBJECT_START_FUNCTION);
346
347 handle = s->meth->list_object_start(s,
348 STORE_OBJECT_TYPE_X509_CERTIFICATE,
349 attributes, parameters);
350 if (!handle) {
351 STOREerr(STORE_F_STORE_LIST_CERTIFICATE_START,
352 STORE_R_FAILED_LISTING_CERTIFICATES);
353 return 0;
354 }
355 return handle;
356 }
357
358 X509 *STORE_list_certificate_next(STORE *s, void *handle)
359 {
360 STORE_OBJECT *object;
361 X509 *x;
362
363 check_store(s, STORE_F_STORE_LIST_CERTIFICATE_NEXT,
364 list_object_next, STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
365
366 object = s->meth->list_object_next(s, handle);
367 if (!object || !object->data.x509.certificate) {
368 STOREerr(STORE_F_STORE_LIST_CERTIFICATE_NEXT,
369 STORE_R_FAILED_LISTING_CERTIFICATES);
370 return 0;
371 }
372 X509_up_ref(object->data.x509.certificate);
373 #ifdef REF_PRINT
374 REF_PRINT("X509", data);
375 #endif
376 x = object->data.x509.certificate;
377 STORE_OBJECT_free(object);
378 return x;
379 }
380
381 int STORE_list_certificate_end(STORE *s, void *handle)
382 {
383 check_store(s, STORE_F_STORE_LIST_CERTIFICATE_END,
384 list_object_end, STORE_R_NO_LIST_OBJECT_END_FUNCTION);
385
386 if (!s->meth->list_object_end(s, handle)) {
387 STOREerr(STORE_F_STORE_LIST_CERTIFICATE_END,
388 STORE_R_FAILED_LISTING_CERTIFICATES);
389 return 0;
390 }
391 return 1;
392 }
393
394 int STORE_list_certificate_endp(STORE *s, void *handle)
395 {
396 check_store(s, STORE_F_STORE_LIST_CERTIFICATE_ENDP,
397 list_object_endp, STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
398
399 if (!s->meth->list_object_endp(s, handle)) {
400 STOREerr(STORE_F_STORE_LIST_CERTIFICATE_ENDP,
401 STORE_R_FAILED_LISTING_CERTIFICATES);
402 return 0;
403 }
404 return 1;
405 }
406
407 EVP_PKEY *STORE_generate_key(STORE *s, OPENSSL_ITEM attributes[],
408 OPENSSL_ITEM parameters[])
409 {
410 STORE_OBJECT *object;
411 EVP_PKEY *pkey;
412
413 check_store(s, STORE_F_STORE_GENERATE_KEY,
414 generate_object, STORE_R_NO_GENERATE_OBJECT_FUNCTION);
415
416 object = s->meth->generate_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
417 attributes, parameters);
418 if (!object || !object->data.key) {
419 STOREerr(STORE_F_STORE_GENERATE_KEY, STORE_R_FAILED_GENERATING_KEY);
420 return 0;
421 }
422 EVP_PKEY_up_ref(object->data.key);
423 #ifdef REF_PRINT
424 REF_PRINT("EVP_PKEY", data);
425 #endif
426 pkey = object->data.key;
427 STORE_OBJECT_free(object);
428 return pkey;
429 }
430
431 EVP_PKEY *STORE_get_private_key(STORE *s, OPENSSL_ITEM attributes[],
432 OPENSSL_ITEM parameters[])
433 {
434 STORE_OBJECT *object;
435 EVP_PKEY *pkey;
436
437 check_store(s, STORE_F_STORE_GET_PRIVATE_KEY,
438 get_object, STORE_R_NO_GET_OBJECT_FUNCTION);
439
440 object = s->meth->get_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
441 attributes, parameters);
442 if (!object || !object->data.key || !object->data.key) {
443 STOREerr(STORE_F_STORE_GET_PRIVATE_KEY, STORE_R_FAILED_GETTING_KEY);
444 return 0;
445 }
446 EVP_PKEY_up_ref(object->data.key);
447 #ifdef REF_PRINT
448 REF_PRINT("EVP_PKEY", data);
449 #endif
450 pkey = object->data.key;
451 STORE_OBJECT_free(object);
452 return pkey;
453 }
454
455 int STORE_store_private_key(STORE *s, EVP_PKEY *data,
456 OPENSSL_ITEM attributes[],
457 OPENSSL_ITEM parameters[])
458 {
459 STORE_OBJECT *object;
460 int i;
461
462 check_store(s, STORE_F_STORE_STORE_PRIVATE_KEY,
463 store_object, STORE_R_NO_STORE_OBJECT_FUNCTION);
464
465 object = STORE_OBJECT_new();
466 if (object == NULL) {
467 STOREerr(STORE_F_STORE_STORE_PRIVATE_KEY, ERR_R_MALLOC_FAILURE);
468 return 0;
469 }
470 object->data.key = EVP_PKEY_new();
471 if (object->data.key == NULL) {
472 STOREerr(STORE_F_STORE_STORE_PRIVATE_KEY, ERR_R_MALLOC_FAILURE);
473 return 0;
474 }
475
476 EVP_PKEY_up_ref(data);
477 #ifdef REF_PRINT
478 REF_PRINT("EVP_PKEY", data);
479 #endif
480 object->data.key = data;
481
482 i = s->meth->store_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY, object,
483 attributes, parameters);
484
485 STORE_OBJECT_free(object);
486
487 if (!i) {
488 STOREerr(STORE_F_STORE_STORE_PRIVATE_KEY, STORE_R_FAILED_STORING_KEY);
489 return 0;
490 }
491 return i;
492 }
493
494 int STORE_modify_private_key(STORE *s, OPENSSL_ITEM search_attributes[],
495 OPENSSL_ITEM add_attributes[],
496 OPENSSL_ITEM modify_attributes[],
497 OPENSSL_ITEM delete_attributes[],
498 OPENSSL_ITEM parameters[])
499 {
500 check_store(s, STORE_F_STORE_MODIFY_PRIVATE_KEY,
501 modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION);
502
503 if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
504 search_attributes, add_attributes,
505 modify_attributes, delete_attributes,
506 parameters)) {
507 STOREerr(STORE_F_STORE_MODIFY_PRIVATE_KEY,
508 STORE_R_FAILED_MODIFYING_PRIVATE_KEY);
509 return 0;
510 }
511 return 1;
512 }
513
514 int STORE_revoke_private_key(STORE *s, OPENSSL_ITEM attributes[],
515 OPENSSL_ITEM parameters[])
516 {
517 int i;
518
519 check_store(s, STORE_F_STORE_REVOKE_PRIVATE_KEY,
520 revoke_object, STORE_R_NO_REVOKE_OBJECT_FUNCTION);
521
522 i = s->meth->revoke_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
523 attributes, parameters);
524
525 if (!i) {
526 STOREerr(STORE_F_STORE_REVOKE_PRIVATE_KEY,
527 STORE_R_FAILED_REVOKING_KEY);
528 return 0;
529 }
530 return i;
531 }
532
533 int STORE_delete_private_key(STORE *s, OPENSSL_ITEM attributes[],
534 OPENSSL_ITEM parameters[])
535 {
536 check_store(s, STORE_F_STORE_DELETE_PRIVATE_KEY,
537 delete_object, STORE_R_NO_DELETE_OBJECT_FUNCTION);
538
539 if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
540 attributes, parameters)) {
541 STOREerr(STORE_F_STORE_DELETE_PRIVATE_KEY,
542 STORE_R_FAILED_DELETING_KEY);
543 return 0;
544 }
545 return 1;
546 }
547
548 void *STORE_list_private_key_start(STORE *s, OPENSSL_ITEM attributes[],
549 OPENSSL_ITEM parameters[])
550 {
551 void *handle;
552
553 check_store(s, STORE_F_STORE_LIST_PRIVATE_KEY_START,
554 list_object_start, STORE_R_NO_LIST_OBJECT_START_FUNCTION);
555
556 handle = s->meth->list_object_start(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
557 attributes, parameters);
558 if (!handle) {
559 STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_START,
560 STORE_R_FAILED_LISTING_KEYS);
561 return 0;
562 }
563 return handle;
564 }
565
566 EVP_PKEY *STORE_list_private_key_next(STORE *s, void *handle)
567 {
568 STORE_OBJECT *object;
569 EVP_PKEY *pkey;
570
571 check_store(s, STORE_F_STORE_LIST_PRIVATE_KEY_NEXT,
572 list_object_next, STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
573
574 object = s->meth->list_object_next(s, handle);
575 if (!object || !object->data.key || !object->data.key) {
576 STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_NEXT,
577 STORE_R_FAILED_LISTING_KEYS);
578 return 0;
579 }
580 EVP_PKEY_up_ref(object->data.key);
581 #ifdef REF_PRINT
582 REF_PRINT("EVP_PKEY", data);
583 #endif
584 pkey = object->data.key;
585 STORE_OBJECT_free(object);
586 return pkey;
587 }
588
589 int STORE_list_private_key_end(STORE *s, void *handle)
590 {
591 check_store(s, STORE_F_STORE_LIST_PRIVATE_KEY_END,
592 list_object_end, STORE_R_NO_LIST_OBJECT_END_FUNCTION);
593
594 if (!s->meth->list_object_end(s, handle)) {
595 STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_END,
596 STORE_R_FAILED_LISTING_KEYS);
597 return 0;
598 }
599 return 1;
600 }
601
602 int STORE_list_private_key_endp(STORE *s, void *handle)
603 {
604 check_store(s, STORE_F_STORE_LIST_PRIVATE_KEY_ENDP,
605 list_object_endp, STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
606
607 if (!s->meth->list_object_endp(s, handle)) {
608 STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_ENDP,
609 STORE_R_FAILED_LISTING_KEYS);
610 return 0;
611 }
612 return 1;
613 }
614
615 EVP_PKEY *STORE_get_public_key(STORE *s, OPENSSL_ITEM attributes[],
616 OPENSSL_ITEM parameters[])
617 {
618 STORE_OBJECT *object;
619 EVP_PKEY *pkey;
620
621 check_store(s, STORE_F_STORE_GET_PUBLIC_KEY,
622 get_object, STORE_R_NO_GET_OBJECT_FUNCTION);
623
624 object = s->meth->get_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
625 attributes, parameters);
626 if (!object || !object->data.key || !object->data.key) {
627 STOREerr(STORE_F_STORE_GET_PUBLIC_KEY, STORE_R_FAILED_GETTING_KEY);
628 return 0;
629 }
630 EVP_PKEY_up_ref(object->data.key);
631 #ifdef REF_PRINT
632 REF_PRINT("EVP_PKEY", data);
633 #endif
634 pkey = object->data.key;
635 STORE_OBJECT_free(object);
636 return pkey;
637 }
638
639 int STORE_store_public_key(STORE *s, EVP_PKEY *data,
640 OPENSSL_ITEM attributes[],
641 OPENSSL_ITEM parameters[])
642 {
643 STORE_OBJECT *object;
644 int i;
645
646 check_store(s, STORE_F_STORE_STORE_PUBLIC_KEY,
647 store_object, STORE_R_NO_STORE_OBJECT_FUNCTION);
648
649 object = STORE_OBJECT_new();
650 if (object == NULL) {
651 STOREerr(STORE_F_STORE_STORE_PUBLIC_KEY, ERR_R_MALLOC_FAILURE);
652 return 0;
653 }
654 object->data.key = EVP_PKEY_new();
655 if (object->data.key == NULL) {
656 STOREerr(STORE_F_STORE_STORE_PUBLIC_KEY, ERR_R_MALLOC_FAILURE);
657 return 0;
658 }
659
660 EVP_PKEY_up_ref(data);
661 #ifdef REF_PRINT
662 REF_PRINT("EVP_PKEY", data);
663 #endif
664 object->data.key = data;
665
666 i = s->meth->store_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY, object,
667 attributes, parameters);
668
669 STORE_OBJECT_free(object);
670
671 if (!i) {
672 STOREerr(STORE_F_STORE_STORE_PUBLIC_KEY, STORE_R_FAILED_STORING_KEY);
673 return 0;
674 }
675 return i;
676 }
677
678 int STORE_modify_public_key(STORE *s, OPENSSL_ITEM search_attributes[],
679 OPENSSL_ITEM add_attributes[],
680 OPENSSL_ITEM modify_attributes[],
681 OPENSSL_ITEM delete_attributes[],
682 OPENSSL_ITEM parameters[])
683 {
684 check_store(s, STORE_F_STORE_MODIFY_PUBLIC_KEY,
685 modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION);
686
687 if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
688 search_attributes, add_attributes,
689 modify_attributes, delete_attributes,
690 parameters)) {
691 STOREerr(STORE_F_STORE_MODIFY_PUBLIC_KEY,
692 STORE_R_FAILED_MODIFYING_PUBLIC_KEY);
693 return 0;
694 }
695 return 1;
696 }
697
698 int STORE_revoke_public_key(STORE *s, OPENSSL_ITEM attributes[],
699 OPENSSL_ITEM parameters[])
700 {
701 int i;
702
703 check_store(s, STORE_F_STORE_REVOKE_PUBLIC_KEY,
704 revoke_object, STORE_R_NO_REVOKE_OBJECT_FUNCTION);
705
706 i = s->meth->revoke_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
707 attributes, parameters);
708
709 if (!i) {
710 STOREerr(STORE_F_STORE_REVOKE_PUBLIC_KEY,
711 STORE_R_FAILED_REVOKING_KEY);
712 return 0;
713 }
714 return i;
715 }
716
717 int STORE_delete_public_key(STORE *s, OPENSSL_ITEM attributes[],
718 OPENSSL_ITEM parameters[])
719 {
720 check_store(s, STORE_F_STORE_DELETE_PUBLIC_KEY,
721 delete_object, STORE_R_NO_DELETE_OBJECT_FUNCTION);
722
723 if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
724 attributes, parameters)) {
725 STOREerr(STORE_F_STORE_DELETE_PUBLIC_KEY,
726 STORE_R_FAILED_DELETING_KEY);
727 return 0;
728 }
729 return 1;
730 }
731
732 void *STORE_list_public_key_start(STORE *s, OPENSSL_ITEM attributes[],
733 OPENSSL_ITEM parameters[])
734 {
735 void *handle;
736
737 check_store(s, STORE_F_STORE_LIST_PUBLIC_KEY_START,
738 list_object_start, STORE_R_NO_LIST_OBJECT_START_FUNCTION);
739
740 handle = s->meth->list_object_start(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
741 attributes, parameters);
742 if (!handle) {
743 STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_START,
744 STORE_R_FAILED_LISTING_KEYS);
745 return 0;
746 }
747 return handle;
748 }
749
750 EVP_PKEY *STORE_list_public_key_next(STORE *s, void *handle)
751 {
752 STORE_OBJECT *object;
753 EVP_PKEY *pkey;
754
755 check_store(s, STORE_F_STORE_LIST_PUBLIC_KEY_NEXT,
756 list_object_next, STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
757
758 object = s->meth->list_object_next(s, handle);
759 if (!object || !object->data.key || !object->data.key) {
760 STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_NEXT,
761 STORE_R_FAILED_LISTING_KEYS);
762 return 0;
763 }
764 EVP_PKEY_up_ref(object->data.key);
765 #ifdef REF_PRINT
766 REF_PRINT("EVP_PKEY", data);
767 #endif
768 pkey = object->data.key;
769 STORE_OBJECT_free(object);
770 return pkey;
771 }
772
773 int STORE_list_public_key_end(STORE *s, void *handle)
774 {
775 check_store(s, STORE_F_STORE_LIST_PUBLIC_KEY_END,
776 list_object_end, STORE_R_NO_LIST_OBJECT_END_FUNCTION);
777
778 if (!s->meth->list_object_end(s, handle)) {
779 STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_END,
780 STORE_R_FAILED_LISTING_KEYS);
781 return 0;
782 }
783 return 1;
784 }
785
786 int STORE_list_public_key_endp(STORE *s, void *handle)
787 {
788 check_store(s, STORE_F_STORE_LIST_PUBLIC_KEY_ENDP,
789 list_object_endp, STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
790
791 if (!s->meth->list_object_endp(s, handle)) {
792 STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_ENDP,
793 STORE_R_FAILED_LISTING_KEYS);
794 return 0;
795 }
796 return 1;
797 }
798
799 X509_CRL *STORE_generate_crl(STORE *s, OPENSSL_ITEM attributes[],
800 OPENSSL_ITEM parameters[])
801 {
802 STORE_OBJECT *object;
803 X509_CRL *crl;
804
805 check_store(s, STORE_F_STORE_GENERATE_CRL,
806 generate_object, STORE_R_NO_GENERATE_CRL_FUNCTION);
807
808 object = s->meth->generate_object(s, STORE_OBJECT_TYPE_X509_CRL,
809 attributes, parameters);
810 if (!object || !object->data.crl) {
811 STOREerr(STORE_F_STORE_GENERATE_CRL, STORE_R_FAILED_GENERATING_CRL);
812 return 0;
813 }
814 X509_CRL_up_ref(object->data.crl);
815 #ifdef REF_PRINT
816 REF_PRINT("X509_CRL", data);
817 #endif
818 crl = object->data.crl;
819 STORE_OBJECT_free(object);
820 return crl;
821 }
822
823 X509_CRL *STORE_get_crl(STORE *s, OPENSSL_ITEM attributes[],
824 OPENSSL_ITEM parameters[])
825 {
826 STORE_OBJECT *object;
827 X509_CRL *crl;
828
829 check_store(s, STORE_F_STORE_GET_CRL,
830 get_object, STORE_R_NO_GET_OBJECT_FUNCTION);
831
832 object = s->meth->get_object(s, STORE_OBJECT_TYPE_X509_CRL,
833 attributes, parameters);
834 if (!object || !object->data.crl) {
835 STOREerr(STORE_F_STORE_GET_CRL, STORE_R_FAILED_GETTING_KEY);
836 return 0;
837 }
838 X509_CRL_up_ref(object->data.crl);
839 #ifdef REF_PRINT
840 REF_PRINT("X509_CRL", data);
841 #endif
842 crl = object->data.crl;
843 STORE_OBJECT_free(object);
844 return crl;
845 }
846
847 int STORE_store_crl(STORE *s, X509_CRL *data, OPENSSL_ITEM attributes[],
848 OPENSSL_ITEM parameters[])
849 {
850 STORE_OBJECT *object;
851 int i;
852
853 check_store(s, STORE_F_STORE_STORE_CRL,
854 store_object, STORE_R_NO_STORE_OBJECT_FUNCTION);
855
856 object = STORE_OBJECT_new();
857 if (object == NULL) {
858 STOREerr(STORE_F_STORE_STORE_CRL, ERR_R_MALLOC_FAILURE);
859 return 0;
860 }
861
862 X509_CRL_up_ref(data);
863 #ifdef REF_PRINT
864 REF_PRINT("X509_CRL", data);
865 #endif
866 object->data.crl = data;
867
868 i = s->meth->store_object(s, STORE_OBJECT_TYPE_X509_CRL, object,
869 attributes, parameters);
870
871 STORE_OBJECT_free(object);
872
873 if (!i) {
874 STOREerr(STORE_F_STORE_STORE_CRL, STORE_R_FAILED_STORING_KEY);
875 return 0;
876 }
877 return i;
878 }
879
880 int STORE_modify_crl(STORE *s, OPENSSL_ITEM search_attributes[],
881 OPENSSL_ITEM add_attributes[],
882 OPENSSL_ITEM modify_attributes[],
883 OPENSSL_ITEM delete_attributes[],
884 OPENSSL_ITEM parameters[])
885 {
886 check_store(s, STORE_F_STORE_MODIFY_CRL,
887 modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION);
888
889 if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_X509_CRL,
890 search_attributes, add_attributes,
891 modify_attributes, delete_attributes,
892 parameters)) {
893 STOREerr(STORE_F_STORE_MODIFY_CRL, STORE_R_FAILED_MODIFYING_CRL);
894 return 0;
895 }
896 return 1;
897 }
898
899 int STORE_delete_crl(STORE *s, OPENSSL_ITEM attributes[],
900 OPENSSL_ITEM parameters[])
901 {
902 check_store(s, STORE_F_STORE_DELETE_CRL,
903 delete_object, STORE_R_NO_DELETE_OBJECT_FUNCTION);
904
905 if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_X509_CRL,
906 attributes, parameters)) {
907 STOREerr(STORE_F_STORE_DELETE_CRL, STORE_R_FAILED_DELETING_KEY);
908 return 0;
909 }
910 return 1;
911 }
912
913 void *STORE_list_crl_start(STORE *s, OPENSSL_ITEM attributes[],
914 OPENSSL_ITEM parameters[])
915 {
916 void *handle;
917
918 check_store(s, STORE_F_STORE_LIST_CRL_START,
919 list_object_start, STORE_R_NO_LIST_OBJECT_START_FUNCTION);
920
921 handle = s->meth->list_object_start(s, STORE_OBJECT_TYPE_X509_CRL,
922 attributes, parameters);
923 if (!handle) {
924 STOREerr(STORE_F_STORE_LIST_CRL_START, STORE_R_FAILED_LISTING_KEYS);
925 return 0;
926 }
927 return handle;
928 }
929
930 X509_CRL *STORE_list_crl_next(STORE *s, void *handle)
931 {
932 STORE_OBJECT *object;
933 X509_CRL *crl;
934
935 check_store(s, STORE_F_STORE_LIST_CRL_NEXT,
936 list_object_next, STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
937
938 object = s->meth->list_object_next(s, handle);
939 if (!object || !object->data.crl) {
940 STOREerr(STORE_F_STORE_LIST_CRL_NEXT, STORE_R_FAILED_LISTING_KEYS);
941 return 0;
942 }
943 X509_CRL_up_ref(object->data.crl);
944 #ifdef REF_PRINT
945 REF_PRINT("X509_CRL", data);
946 #endif
947 crl = object->data.crl;
948 STORE_OBJECT_free(object);
949 return crl;
950 }
951
952 int STORE_list_crl_end(STORE *s, void *handle)
953 {
954 check_store(s, STORE_F_STORE_LIST_CRL_END,
955 list_object_end, STORE_R_NO_LIST_OBJECT_END_FUNCTION);
956
957 if (!s->meth->list_object_end(s, handle)) {
958 STOREerr(STORE_F_STORE_LIST_CRL_END, STORE_R_FAILED_LISTING_KEYS);
959 return 0;
960 }
961 return 1;
962 }
963
964 int STORE_list_crl_endp(STORE *s, void *handle)
965 {
966 check_store(s, STORE_F_STORE_LIST_CRL_ENDP,
967 list_object_endp, STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
968
969 if (!s->meth->list_object_endp(s, handle)) {
970 STOREerr(STORE_F_STORE_LIST_CRL_ENDP, STORE_R_FAILED_LISTING_KEYS);
971 return 0;
972 }
973 return 1;
974 }
975
976 int STORE_store_number(STORE *s, BIGNUM *data, OPENSSL_ITEM attributes[],
977 OPENSSL_ITEM parameters[])
978 {
979 STORE_OBJECT *object;
980 int i;
981
982 check_store(s, STORE_F_STORE_STORE_NUMBER,
983 store_object, STORE_R_NO_STORE_OBJECT_NUMBER_FUNCTION);
984
985 object = STORE_OBJECT_new();
986 if (object == NULL) {
987 STOREerr(STORE_F_STORE_STORE_NUMBER, ERR_R_MALLOC_FAILURE);
988 return 0;
989 }
990
991 object->data.number = data;
992
993 i = s->meth->store_object(s, STORE_OBJECT_TYPE_NUMBER, object,
994 attributes, parameters);
995
996 STORE_OBJECT_free(object);
997
998 if (!i) {
999 STOREerr(STORE_F_STORE_STORE_NUMBER, STORE_R_FAILED_STORING_NUMBER);
1000 return 0;
1001 }
1002 return 1;
1003 }
1004
1005 int STORE_modify_number(STORE *s, OPENSSL_ITEM search_attributes[],
1006 OPENSSL_ITEM add_attributes[],
1007 OPENSSL_ITEM modify_attributes[],
1008 OPENSSL_ITEM delete_attributes[],
1009 OPENSSL_ITEM parameters[])
1010 {
1011 check_store(s, STORE_F_STORE_MODIFY_NUMBER,
1012 modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION);
1013
1014 if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_NUMBER,
1015 search_attributes, add_attributes,
1016 modify_attributes, delete_attributes,
1017 parameters)) {
1018 STOREerr(STORE_F_STORE_MODIFY_NUMBER,
1019 STORE_R_FAILED_MODIFYING_NUMBER);
1020 return 0;
1021 }
1022 return 1;
1023 }
1024
1025 BIGNUM *STORE_get_number(STORE *s, OPENSSL_ITEM attributes[],
1026 OPENSSL_ITEM parameters[])
1027 {
1028 STORE_OBJECT *object;
1029 BIGNUM *n;
1030
1031 check_store(s, STORE_F_STORE_GET_NUMBER,
1032 get_object, STORE_R_NO_GET_OBJECT_NUMBER_FUNCTION);
1033
1034 object = s->meth->get_object(s, STORE_OBJECT_TYPE_NUMBER, attributes,
1035 parameters);
1036 if (!object || !object->data.number) {
1037 STOREerr(STORE_F_STORE_GET_NUMBER, STORE_R_FAILED_GETTING_NUMBER);
1038 return 0;
1039 }
1040 n = object->data.number;
1041 object->data.number = NULL;
1042 STORE_OBJECT_free(object);
1043 return n;
1044 }
1045
1046 int STORE_delete_number(STORE *s, OPENSSL_ITEM attributes[],
1047 OPENSSL_ITEM parameters[])
1048 {
1049 check_store(s, STORE_F_STORE_DELETE_NUMBER,
1050 delete_object, STORE_R_NO_DELETE_NUMBER_FUNCTION);
1051
1052 if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_NUMBER, attributes,
1053 parameters)) {
1054 STOREerr(STORE_F_STORE_DELETE_NUMBER, STORE_R_FAILED_DELETING_NUMBER);
1055 return 0;
1056 }
1057 return 1;
1058 }
1059
1060 int STORE_store_arbitrary(STORE *s, BUF_MEM *data, OPENSSL_ITEM attributes[],
1061 OPENSSL_ITEM parameters[])
1062 {
1063 STORE_OBJECT *object;
1064 int i;
1065
1066 check_store(s, STORE_F_STORE_STORE_ARBITRARY,
1067 store_object, STORE_R_NO_STORE_OBJECT_ARBITRARY_FUNCTION);
1068
1069 object = STORE_OBJECT_new();
1070 if (object == NULL) {
1071 STOREerr(STORE_F_STORE_STORE_ARBITRARY, ERR_R_MALLOC_FAILURE);
1072 return 0;
1073 }
1074
1075 object->data.arbitrary = data;
1076
1077 i = s->meth->store_object(s, STORE_OBJECT_TYPE_ARBITRARY, object,
1078 attributes, parameters);
1079
1080 STORE_OBJECT_free(object);
1081
1082 if (!i) {
1083 STOREerr(STORE_F_STORE_STORE_ARBITRARY,
1084 STORE_R_FAILED_STORING_ARBITRARY);
1085 return 0;
1086 }
1087 return 1;
1088 }
1089
1090 int STORE_modify_arbitrary(STORE *s, OPENSSL_ITEM search_attributes[],
1091 OPENSSL_ITEM add_attributes[],
1092 OPENSSL_ITEM modify_attributes[],
1093 OPENSSL_ITEM delete_attributes[],
1094 OPENSSL_ITEM parameters[])
1095 {
1096 check_store(s, STORE_F_STORE_MODIFY_ARBITRARY,
1097 modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION);
1098
1099 if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_ARBITRARY,
1100 search_attributes, add_attributes,
1101 modify_attributes, delete_attributes,
1102 parameters)) {
1103 STOREerr(STORE_F_STORE_MODIFY_ARBITRARY,
1104 STORE_R_FAILED_MODIFYING_ARBITRARY);
1105 return 0;
1106 }
1107 return 1;
1108 }
1109
1110 BUF_MEM *STORE_get_arbitrary(STORE *s, OPENSSL_ITEM attributes[],
1111 OPENSSL_ITEM parameters[])
1112 {
1113 STORE_OBJECT *object;
1114 BUF_MEM *b;
1115
1116 check_store(s, STORE_F_STORE_GET_ARBITRARY,
1117 get_object, STORE_R_NO_GET_OBJECT_ARBITRARY_FUNCTION);
1118
1119 object = s->meth->get_object(s, STORE_OBJECT_TYPE_ARBITRARY,
1120 attributes, parameters);
1121 if (!object || !object->data.arbitrary) {
1122 STOREerr(STORE_F_STORE_GET_ARBITRARY,
1123 STORE_R_FAILED_GETTING_ARBITRARY);
1124 return 0;
1125 }
1126 b = object->data.arbitrary;
1127 object->data.arbitrary = NULL;
1128 STORE_OBJECT_free(object);
1129 return b;
1130 }
1131
1132 int STORE_delete_arbitrary(STORE *s, OPENSSL_ITEM attributes[],
1133 OPENSSL_ITEM parameters[])
1134 {
1135 check_store(s, STORE_F_STORE_DELETE_ARBITRARY,
1136 delete_object, STORE_R_NO_DELETE_ARBITRARY_FUNCTION);
1137
1138 if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_ARBITRARY, attributes,
1139 parameters)) {
1140 STOREerr(STORE_F_STORE_DELETE_ARBITRARY,
1141 STORE_R_FAILED_DELETING_ARBITRARY);
1142 return 0;
1143 }
1144 return 1;
1145 }
1146
1147 STORE_OBJECT *STORE_OBJECT_new(void)
1148 {
1149 STORE_OBJECT *object = OPENSSL_zalloc(sizeof(*object));
1150 return object;
1151 }
1152
1153 void STORE_OBJECT_free(STORE_OBJECT *data)
1154 {
1155 if (!data)
1156 return;
1157 switch (data->type) {
1158 case STORE_OBJECT_TYPE_X509_CERTIFICATE:
1159 X509_free(data->data.x509.certificate);
1160 break;
1161 case STORE_OBJECT_TYPE_X509_CRL:
1162 X509_CRL_free(data->data.crl);
1163 break;
1164 case STORE_OBJECT_TYPE_PRIVATE_KEY:
1165 case STORE_OBJECT_TYPE_PUBLIC_KEY:
1166 EVP_PKEY_free(data->data.key);
1167 break;
1168 case STORE_OBJECT_TYPE_NUMBER:
1169 BN_free(data->data.number);
1170 break;
1171 case STORE_OBJECT_TYPE_ARBITRARY:
1172 BUF_MEM_free(data->data.arbitrary);
1173 break;
1174 }
1175 OPENSSL_free(data);
1176 }
1177
1178 struct STORE_attr_info_st {
1179 unsigned char set[(STORE_ATTR_TYPE_NUM + 8) / 8];
1180 union {
1181 char *cstring;
1182 unsigned char *sha1string;
1183 X509_NAME *dn;
1184 BIGNUM *number;
1185 void *any;
1186 } values[STORE_ATTR_TYPE_NUM + 1];
1187 size_t value_sizes[STORE_ATTR_TYPE_NUM + 1];
1188 };
1189
1190 #define ATTR_IS_SET(a,i) ((i) > 0 && (i) < STORE_ATTR_TYPE_NUM \
1191 && ((a)->set[(i) / 8] & (1 << ((i) % 8))))
1192 #define SET_ATTRBIT(a,i) ((a)->set[(i) / 8] |= (1 << ((i) % 8)))
1193 #define CLEAR_ATTRBIT(a,i) ((a)->set[(i) / 8] &= ~(1 << ((i) % 8)))
1194
1195 STORE_ATTR_INFO *STORE_ATTR_INFO_new(void)
1196 {
1197 STORE_ATTR_INFO *p = OPENSSL_malloc(sizeof(*p));
1198
1199 return p;
1200 }
1201
1202 static void STORE_ATTR_INFO_attr_free(STORE_ATTR_INFO *attrs,
1203 STORE_ATTR_TYPES code)
1204 {
1205 if (ATTR_IS_SET(attrs, code)) {
1206 switch (code) {
1207 case STORE_ATTR_FRIENDLYNAME:
1208 case STORE_ATTR_EMAIL:
1209 case STORE_ATTR_FILENAME:
1210 STORE_ATTR_INFO_modify_cstr(attrs, code, NULL, 0);
1211 break;
1212 case STORE_ATTR_KEYID:
1213 case STORE_ATTR_ISSUERKEYID:
1214 case STORE_ATTR_SUBJECTKEYID:
1215 case STORE_ATTR_ISSUERSERIALHASH:
1216 case STORE_ATTR_CERTHASH:
1217 STORE_ATTR_INFO_modify_sha1str(attrs, code, NULL, 0);
1218 break;
1219 case STORE_ATTR_ISSUER:
1220 case STORE_ATTR_SUBJECT:
1221 STORE_ATTR_INFO_modify_dn(attrs, code, NULL);
1222 break;
1223 case STORE_ATTR_SERIAL:
1224 STORE_ATTR_INFO_modify_number(attrs, code, NULL);
1225 break;
1226 default:
1227 break;
1228 }
1229 }
1230 }
1231
1232 int STORE_ATTR_INFO_free(STORE_ATTR_INFO *attrs)
1233 {
1234 if (attrs) {
1235 STORE_ATTR_TYPES i;
1236 for (i = 0; i++ < STORE_ATTR_TYPE_NUM;)
1237 STORE_ATTR_INFO_attr_free(attrs, i);
1238 OPENSSL_free(attrs);
1239 }
1240 return 1;
1241 }
1242
1243 char *STORE_ATTR_INFO_get0_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code)
1244 {
1245 if (!attrs) {
1246 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_CSTR,
1247 ERR_R_PASSED_NULL_PARAMETER);
1248 return NULL;
1249 }
1250 if (ATTR_IS_SET(attrs, code))
1251 return attrs->values[code].cstring;
1252 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_CSTR, STORE_R_NO_VALUE);
1253 return NULL;
1254 }
1255
1256 unsigned char *STORE_ATTR_INFO_get0_sha1str(STORE_ATTR_INFO *attrs,
1257 STORE_ATTR_TYPES code)
1258 {
1259 if (!attrs) {
1260 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_SHA1STR,
1261 ERR_R_PASSED_NULL_PARAMETER);
1262 return NULL;
1263 }
1264 if (ATTR_IS_SET(attrs, code))
1265 return attrs->values[code].sha1string;
1266 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_SHA1STR, STORE_R_NO_VALUE);
1267 return NULL;
1268 }
1269
1270 X509_NAME *STORE_ATTR_INFO_get0_dn(STORE_ATTR_INFO *attrs,
1271 STORE_ATTR_TYPES code)
1272 {
1273 if (!attrs) {
1274 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_DN,
1275 ERR_R_PASSED_NULL_PARAMETER);
1276 return NULL;
1277 }
1278 if (ATTR_IS_SET(attrs, code))
1279 return attrs->values[code].dn;
1280 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_DN, STORE_R_NO_VALUE);
1281 return NULL;
1282 }
1283
1284 BIGNUM *STORE_ATTR_INFO_get0_number(STORE_ATTR_INFO *attrs,
1285 STORE_ATTR_TYPES code)
1286 {
1287 if (!attrs) {
1288 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_NUMBER,
1289 ERR_R_PASSED_NULL_PARAMETER);
1290 return NULL;
1291 }
1292 if (ATTR_IS_SET(attrs, code))
1293 return attrs->values[code].number;
1294 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_NUMBER, STORE_R_NO_VALUE);
1295 return NULL;
1296 }
1297
1298 int STORE_ATTR_INFO_set_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1299 char *cstr, size_t cstr_size)
1300 {
1301 if (!attrs) {
1302 STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR,
1303 ERR_R_PASSED_NULL_PARAMETER);
1304 return 0;
1305 }
1306 if (!ATTR_IS_SET(attrs, code)) {
1307 if ((attrs->values[code].cstring = OPENSSL_strndup(cstr, cstr_size)))
1308 return 1;
1309 STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR, ERR_R_MALLOC_FAILURE);
1310 return 0;
1311 }
1312 STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR, STORE_R_ALREADY_HAS_A_VALUE);
1313 return 0;
1314 }
1315
1316 int STORE_ATTR_INFO_set_sha1str(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1317 unsigned char *sha1str, size_t sha1str_size)
1318 {
1319 if (!attrs) {
1320 STOREerr(STORE_F_STORE_ATTR_INFO_SET_SHA1STR,
1321 ERR_R_PASSED_NULL_PARAMETER);
1322 return 0;
1323 }
1324 if (!ATTR_IS_SET(attrs, code)) {
1325 if ((attrs->values[code].sha1string =
1326 (unsigned char *)OPENSSL_memdup(sha1str, sha1str_size)))
1327 return 1;
1328 STOREerr(STORE_F_STORE_ATTR_INFO_SET_SHA1STR, ERR_R_MALLOC_FAILURE);
1329 return 0;
1330 }
1331 STOREerr(STORE_F_STORE_ATTR_INFO_SET_SHA1STR,
1332 STORE_R_ALREADY_HAS_A_VALUE);
1333 return 0;
1334 }
1335
1336 int STORE_ATTR_INFO_set_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1337 X509_NAME *dn)
1338 {
1339 if (!attrs) {
1340 STOREerr(STORE_F_STORE_ATTR_INFO_SET_DN, ERR_R_PASSED_NULL_PARAMETER);
1341 return 0;
1342 }
1343 if (!ATTR_IS_SET(attrs, code)) {
1344 if ((attrs->values[code].dn = X509_NAME_dup(dn)))
1345 return 1;
1346 STOREerr(STORE_F_STORE_ATTR_INFO_SET_DN, ERR_R_MALLOC_FAILURE);
1347 return 0;
1348 }
1349 STOREerr(STORE_F_STORE_ATTR_INFO_SET_DN, STORE_R_ALREADY_HAS_A_VALUE);
1350 return 0;
1351 }
1352
1353 int STORE_ATTR_INFO_set_number(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1354 BIGNUM *number)
1355 {
1356 if (!attrs) {
1357 STOREerr(STORE_F_STORE_ATTR_INFO_SET_NUMBER,
1358 ERR_R_PASSED_NULL_PARAMETER);
1359 return 0;
1360 }
1361 if (!ATTR_IS_SET(attrs, code)) {
1362 if ((attrs->values[code].number = BN_dup(number)))
1363 return 1;
1364 STOREerr(STORE_F_STORE_ATTR_INFO_SET_NUMBER, ERR_R_MALLOC_FAILURE);
1365 return 0;
1366 }
1367 STOREerr(STORE_F_STORE_ATTR_INFO_SET_NUMBER, STORE_R_ALREADY_HAS_A_VALUE);
1368 return 0;
1369 }
1370
1371 int STORE_ATTR_INFO_modify_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1372 char *cstr, size_t cstr_size)
1373 {
1374 if (!attrs) {
1375 STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_CSTR,
1376 ERR_R_PASSED_NULL_PARAMETER);
1377 return 0;
1378 }
1379 if (ATTR_IS_SET(attrs, code)) {
1380 OPENSSL_free(attrs->values[code].cstring);
1381 attrs->values[code].cstring = NULL;
1382 CLEAR_ATTRBIT(attrs, code);
1383 }
1384 return STORE_ATTR_INFO_set_cstr(attrs, code, cstr, cstr_size);
1385 }
1386
1387 int STORE_ATTR_INFO_modify_sha1str(STORE_ATTR_INFO *attrs,
1388 STORE_ATTR_TYPES code,
1389 unsigned char *sha1str,
1390 size_t sha1str_size)
1391 {
1392 if (!attrs) {
1393 STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_SHA1STR,
1394 ERR_R_PASSED_NULL_PARAMETER);
1395 return 0;
1396 }
1397 if (ATTR_IS_SET(attrs, code)) {
1398 OPENSSL_free(attrs->values[code].sha1string);
1399 attrs->values[code].sha1string = NULL;
1400 CLEAR_ATTRBIT(attrs, code);
1401 }
1402 return STORE_ATTR_INFO_set_sha1str(attrs, code, sha1str, sha1str_size);
1403 }
1404
1405 int STORE_ATTR_INFO_modify_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1406 X509_NAME *dn)
1407 {
1408 if (!attrs) {
1409 STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_DN,
1410 ERR_R_PASSED_NULL_PARAMETER);
1411 return 0;
1412 }
1413 if (ATTR_IS_SET(attrs, code)) {
1414 OPENSSL_free(attrs->values[code].dn);
1415 attrs->values[code].dn = NULL;
1416 CLEAR_ATTRBIT(attrs, code);
1417 }
1418 return STORE_ATTR_INFO_set_dn(attrs, code, dn);
1419 }
1420
1421 int STORE_ATTR_INFO_modify_number(STORE_ATTR_INFO *attrs,
1422 STORE_ATTR_TYPES code, BIGNUM *number)
1423 {
1424 if (!attrs) {
1425 STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_NUMBER,
1426 ERR_R_PASSED_NULL_PARAMETER);
1427 return 0;
1428 }
1429 if (ATTR_IS_SET(attrs, code)) {
1430 OPENSSL_free(attrs->values[code].number);
1431 attrs->values[code].number = NULL;
1432 CLEAR_ATTRBIT(attrs, code);
1433 }
1434 return STORE_ATTR_INFO_set_number(attrs, code, number);
1435 }
1436
1437 struct attr_list_ctx_st {
1438 OPENSSL_ITEM *attributes;
1439 };
1440 void *STORE_parse_attrs_start(OPENSSL_ITEM *attributes)
1441 {
1442 if (attributes) {
1443 struct attr_list_ctx_st *context = OPENSSL_malloc(sizeof(*context));
1444 if (context != NULL)
1445 context->attributes = attributes;
1446 else
1447 STOREerr(STORE_F_STORE_PARSE_ATTRS_START, ERR_R_MALLOC_FAILURE);
1448 return context;
1449 }
1450 STOREerr(STORE_F_STORE_PARSE_ATTRS_START, ERR_R_PASSED_NULL_PARAMETER);
1451 return 0;
1452 }
1453
1454 STORE_ATTR_INFO *STORE_parse_attrs_next(void *handle)
1455 {
1456 struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)handle;
1457
1458 if (context && context->attributes) {
1459 STORE_ATTR_INFO *attrs = NULL;
1460
1461 while (context->attributes
1462 && context->attributes->code != STORE_ATTR_OR
1463 && context->attributes->code != STORE_ATTR_END) {
1464 switch (context->attributes->code) {
1465 case STORE_ATTR_FRIENDLYNAME:
1466 case STORE_ATTR_EMAIL:
1467 case STORE_ATTR_FILENAME:
1468 if (attrs == NULL)
1469 attrs = STORE_ATTR_INFO_new();
1470 if (attrs == NULL) {
1471 STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
1472 ERR_R_MALLOC_FAILURE);
1473 goto err;
1474 }
1475 STORE_ATTR_INFO_set_cstr(attrs,
1476 context->attributes->code,
1477 context->attributes->value,
1478 context->attributes->value_size);
1479 break;
1480 case STORE_ATTR_KEYID:
1481 case STORE_ATTR_ISSUERKEYID:
1482 case STORE_ATTR_SUBJECTKEYID:
1483 case STORE_ATTR_ISSUERSERIALHASH:
1484 case STORE_ATTR_CERTHASH:
1485 if (attrs == NULL)
1486 attrs = STORE_ATTR_INFO_new();
1487 if (attrs == NULL) {
1488 STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
1489 ERR_R_MALLOC_FAILURE);
1490 goto err;
1491 }
1492 STORE_ATTR_INFO_set_sha1str(attrs,
1493 context->attributes->code,
1494 context->attributes->value,
1495 context->attributes->value_size);
1496 break;
1497 case STORE_ATTR_ISSUER:
1498 case STORE_ATTR_SUBJECT:
1499 if (attrs == NULL)
1500 attrs = STORE_ATTR_INFO_new();
1501 if (attrs == NULL) {
1502 STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
1503 ERR_R_MALLOC_FAILURE);
1504 goto err;
1505 }
1506 STORE_ATTR_INFO_modify_dn(attrs,
1507 context->attributes->code,
1508 context->attributes->value);
1509 break;
1510 case STORE_ATTR_SERIAL:
1511 if (attrs == NULL)
1512 attrs = STORE_ATTR_INFO_new();
1513 if (attrs == NULL) {
1514 STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
1515 ERR_R_MALLOC_FAILURE);
1516 goto err;
1517 }
1518 STORE_ATTR_INFO_modify_number(attrs,
1519 context->attributes->code,
1520 context->attributes->value);
1521 break;
1522 }
1523 context->attributes++;
1524 }
1525 if (context->attributes->code == STORE_ATTR_OR)
1526 context->attributes++;
1527 return attrs;
1528 err:
1529 while (context->attributes
1530 && context->attributes->code != STORE_ATTR_OR
1531 && context->attributes->code != STORE_ATTR_END)
1532 context->attributes++;
1533 if (context->attributes->code == STORE_ATTR_OR)
1534 context->attributes++;
1535 return NULL;
1536 }
1537 STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT, ERR_R_PASSED_NULL_PARAMETER);
1538 return NULL;
1539 }
1540
1541 int STORE_parse_attrs_end(void *handle)
1542 {
1543 struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)handle;
1544
1545 if (context && context->attributes) {
1546 #if 0
1547 OPENSSL_ITEM *attributes = context->attributes;
1548 #endif
1549 OPENSSL_free(context);
1550 return 1;
1551 }
1552 STOREerr(STORE_F_STORE_PARSE_ATTRS_END, ERR_R_PASSED_NULL_PARAMETER);
1553 return 0;
1554 }
1555
1556 int STORE_parse_attrs_endp(void *handle)
1557 {
1558 struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)handle;
1559
1560 if (context && context->attributes) {
1561 return context->attributes->code == STORE_ATTR_END;
1562 }
1563 STOREerr(STORE_F_STORE_PARSE_ATTRS_ENDP, ERR_R_PASSED_NULL_PARAMETER);
1564 return 0;
1565 }
1566
1567 static int attr_info_compare_compute_range(const unsigned char *abits,
1568 const unsigned char *bbits,
1569 unsigned int *alowp,
1570 unsigned int *ahighp,
1571 unsigned int *blowp,
1572 unsigned int *bhighp)
1573 {
1574 unsigned int alow = (unsigned int)-1, ahigh = 0;
1575 unsigned int blow = (unsigned int)-1, bhigh = 0;
1576 int i, res = 0;
1577
1578 for (i = 0; i < (STORE_ATTR_TYPE_NUM + 8) / 8; i++, abits++, bbits++) {
1579 if (res == 0) {
1580 if (*abits < *bbits)
1581 res = -1;
1582 if (*abits > *bbits)
1583 res = 1;
1584 }
1585 if (*abits) {
1586 if (alow == (unsigned int)-1) {
1587 alow = i * 8;
1588 if (!(*abits & 0x01))
1589 alow++;
1590 if (!(*abits & 0x02))
1591 alow++;
1592 if (!(*abits & 0x04))
1593 alow++;
1594 if (!(*abits & 0x08))
1595 alow++;
1596 if (!(*abits & 0x10))
1597 alow++;
1598 if (!(*abits & 0x20))
1599 alow++;
1600 if (!(*abits & 0x40))
1601 alow++;
1602 }
1603 ahigh = i * 8 + 7;
1604 if (!(*abits & 0x80))
1605 ahigh++;
1606 if (!(*abits & 0x40))
1607 ahigh++;
1608 if (!(*abits & 0x20))
1609 ahigh++;
1610 if (!(*abits & 0x10))
1611 ahigh++;
1612 if (!(*abits & 0x08))
1613 ahigh++;
1614 if (!(*abits & 0x04))
1615 ahigh++;
1616 if (!(*abits & 0x02))
1617 ahigh++;
1618 }
1619 if (*bbits) {
1620 if (blow == (unsigned int)-1) {
1621 blow = i * 8;
1622 if (!(*bbits & 0x01))
1623 blow++;
1624 if (!(*bbits & 0x02))
1625 blow++;
1626 if (!(*bbits & 0x04))
1627 blow++;
1628 if (!(*bbits & 0x08))
1629 blow++;
1630 if (!(*bbits & 0x10))
1631 blow++;
1632 if (!(*bbits & 0x20))
1633 blow++;
1634 if (!(*bbits & 0x40))
1635 blow++;
1636 }
1637 bhigh = i * 8 + 7;
1638 if (!(*bbits & 0x80))
1639 bhigh++;
1640 if (!(*bbits & 0x40))
1641 bhigh++;
1642 if (!(*bbits & 0x20))
1643 bhigh++;
1644 if (!(*bbits & 0x10))
1645 bhigh++;
1646 if (!(*bbits & 0x08))
1647 bhigh++;
1648 if (!(*bbits & 0x04))
1649 bhigh++;
1650 if (!(*bbits & 0x02))
1651 bhigh++;
1652 }
1653 }
1654 if (ahigh + alow < bhigh + blow)
1655 res = -1;
1656 if (ahigh + alow > bhigh + blow)
1657 res = 1;
1658 if (alowp)
1659 *alowp = alow;
1660 if (ahighp)
1661 *ahighp = ahigh;
1662 if (blowp)
1663 *blowp = blow;
1664 if (bhighp)
1665 *bhighp = bhigh;
1666 return res;
1667 }
1668
1669 int STORE_ATTR_INFO_compare(const STORE_ATTR_INFO *const *a,
1670 const STORE_ATTR_INFO *const *b)
1671 {
1672 if (a == b)
1673 return 0;
1674 if (!a)
1675 return -1;
1676 if (!b)
1677 return 1;
1678 return attr_info_compare_compute_range((*a)->set, (*b)->set, 0, 0, 0, 0);
1679 }
1680
1681 int STORE_ATTR_INFO_in_range(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
1682 {
1683 unsigned int alow, ahigh, blow, bhigh;
1684
1685 if (a == b)
1686 return 1;
1687 if (!a)
1688 return 0;
1689 if (!b)
1690 return 0;
1691 attr_info_compare_compute_range(a->set, b->set,
1692 &alow, &ahigh, &blow, &bhigh);
1693 if (alow >= blow && ahigh <= bhigh)
1694 return 1;
1695 return 0;
1696 }
1697
1698 int STORE_ATTR_INFO_in(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
1699 {
1700 unsigned char *abits, *bbits;
1701 int i;
1702
1703 if (a == b)
1704 return 1;
1705 if (!a)
1706 return 0;
1707 if (!b)
1708 return 0;
1709 abits = a->set;
1710 bbits = b->set;
1711 for (i = 0; i < (STORE_ATTR_TYPE_NUM + 8) / 8; i++, abits++, bbits++) {
1712 if (*abits && (*bbits & *abits) != *abits)
1713 return 0;
1714 }
1715 return 1;
1716 }
1717
1718 int STORE_ATTR_INFO_in_ex(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
1719 {
1720 STORE_ATTR_TYPES i;
1721
1722 if (a == b)
1723 return 1;
1724 if (!STORE_ATTR_INFO_in(a, b))
1725 return 0;
1726 for (i = 1; i < STORE_ATTR_TYPE_NUM; i++)
1727 if (ATTR_IS_SET(a, i)) {
1728 switch (i) {
1729 case STORE_ATTR_FRIENDLYNAME:
1730 case STORE_ATTR_EMAIL:
1731 case STORE_ATTR_FILENAME:
1732 if (strcmp(a->values[i].cstring, b->values[i].cstring))
1733 return 0;
1734 break;
1735 case STORE_ATTR_KEYID:
1736 case STORE_ATTR_ISSUERKEYID:
1737 case STORE_ATTR_SUBJECTKEYID:
1738 case STORE_ATTR_ISSUERSERIALHASH:
1739 case STORE_ATTR_CERTHASH:
1740 if (memcmp(a->values[i].sha1string,
1741 b->values[i].sha1string, a->value_sizes[i]))
1742 return 0;
1743 break;
1744 case STORE_ATTR_ISSUER:
1745 case STORE_ATTR_SUBJECT:
1746 if (X509_NAME_cmp(a->values[i].dn, b->values[i].dn))
1747 return 0;
1748 break;
1749 case STORE_ATTR_SERIAL:
1750 if (BN_cmp(a->values[i].number, b->values[i].number))
1751 return 0;
1752 break;
1753 default:
1754 break;
1755 }
1756 }
1757
1758 return 1;
1759 }
A mirror of the official openssl repository