1 /* crypto/store/str_lib.c -*- mode:C; c-file-style: "eay" -*- */
3 * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
6 /* ====================================================================
7 * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
16 * 2. Redistributions in binary form must reproduce the above copyright
17 * notice, this list of conditions and the following disclaimer in
18 * the documentation and/or other materials provided with the
21 * 3. All advertising materials mentioning features or use of this
22 * software must display the following acknowledgment:
23 * "This product includes software developed by the OpenSSL Project
24 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
26 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
27 * endorse or promote products derived from this software without
28 * prior written permission. For written permission, please contact
29 * openssl-core@openssl.org.
31 * 5. Products derived from this software may not be called "OpenSSL"
32 * nor may "OpenSSL" appear in their names without prior written
33 * permission of the OpenSSL Project.
35 * 6. Redistributions of any form whatsoever must retain the following
37 * "This product includes software developed by the OpenSSL Project
38 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
40 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
41 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
43 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
44 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
45 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
46 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
47 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
49 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
50 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
51 * OF THE POSSIBILITY OF SUCH DAMAGE.
52 * ====================================================================
54 * This product includes cryptographic software written by Eric Young
55 * (eay@cryptsoft.com). This product includes software written by Tim
56 * Hudson (tjh@cryptsoft.com).
61 #include <openssl/bn.h>
62 #include <openssl/err.h>
63 #ifndef OPENSSL_NO_ENGINE
64 # include <openssl/engine.h>
66 #include <openssl/sha.h>
67 #include <openssl/x509.h>
70 const char *const STORE_object_type_string
[STORE_OBJECT_TYPE_NUM
+ 1] = {
80 const int STORE_param_sizes
[STORE_PARAM_TYPE_NUM
+ 1] = {
82 sizeof(int), /* EVP_TYPE */
83 sizeof(size_t), /* BITS */
84 -1, /* KEY_PARAMETERS */
85 0 /* KEY_NO_PARAMETERS */
88 const int STORE_attr_sizes
[STORE_ATTR_TYPE_NUM
+ 1] = {
90 -1, /* FRIENDLYNAME: C string */
91 SHA_DIGEST_LENGTH
, /* KEYID: SHA1 digest, 160 bits */
92 SHA_DIGEST_LENGTH
, /* ISSUERKEYID: SHA1 digest, 160 bits */
93 SHA_DIGEST_LENGTH
, /* SUBJECTKEYID: SHA1 digest, 160 bits */
94 SHA_DIGEST_LENGTH
, /* ISSUERSERIALHASH: SHA1 digest, 160 bits */
95 sizeof(X509_NAME
*), /* ISSUER: X509_NAME * */
96 sizeof(BIGNUM
*), /* SERIAL: BIGNUM * */
97 sizeof(X509_NAME
*), /* SUBJECT: X509_NAME * */
98 SHA_DIGEST_LENGTH
, /* CERTHASH: SHA1 digest, 160 bits */
99 -1, /* EMAIL: C string */
100 -1, /* FILENAME: C string */
103 STORE
*STORE_new_method(const STORE_METHOD
*method
)
107 if (method
== NULL
) {
108 STOREerr(STORE_F_STORE_NEW_METHOD
, ERR_R_PASSED_NULL_PARAMETER
);
112 ret
= (STORE
*)OPENSSL_malloc(sizeof(STORE
));
114 STOREerr(STORE_F_STORE_NEW_METHOD
, ERR_R_MALLOC_FAILURE
);
120 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_STORE
, ret
, &ret
->ex_data
);
121 if (ret
->meth
->init
&& !ret
->meth
->init(ret
)) {
128 STORE
*STORE_new_engine(ENGINE
*engine
)
132 const STORE_METHOD
*meth
= 0;
134 #ifdef OPENSSL_NO_ENGINE
138 if (!ENGINE_init(engine
)) {
139 STOREerr(STORE_F_STORE_NEW_ENGINE
, ERR_R_ENGINE_LIB
);
144 STOREerr(STORE_F_STORE_NEW_ENGINE
, ERR_R_PASSED_NULL_PARAMETER
);
148 meth
= ENGINE_get_STORE(e
);
150 STOREerr(STORE_F_STORE_NEW_ENGINE
, ERR_R_ENGINE_LIB
);
157 ret
= STORE_new_method(meth
);
159 STOREerr(STORE_F_STORE_NEW_ENGINE
, ERR_R_STORE_LIB
);
168 void STORE_free(STORE
*store
)
172 if (store
->meth
->clean
)
173 store
->meth
->clean(store
);
174 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_STORE
, store
, &store
->ex_data
);
178 int STORE_ctrl(STORE
*store
, int cmd
, long i
, void *p
, void (*f
) (void))
181 STOREerr(STORE_F_STORE_CTRL
, ERR_R_PASSED_NULL_PARAMETER
);
184 if (store
->meth
->ctrl
)
185 return store
->meth
->ctrl(store
, cmd
, i
, p
, f
);
186 STOREerr(STORE_F_STORE_CTRL
, STORE_R_NO_CONTROL_FUNCTION
);
190 int STORE_get_ex_new_index(long argl
, void *argp
, CRYPTO_EX_new
*new_func
,
191 CRYPTO_EX_dup
*dup_func
, CRYPTO_EX_free
*free_func
)
193 return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_STORE
, argl
, argp
,
194 new_func
, dup_func
, free_func
);
197 int STORE_set_ex_data(STORE
*r
, int idx
, void *arg
)
199 return (CRYPTO_set_ex_data(&r
->ex_data
, idx
, arg
));
202 void *STORE_get_ex_data(STORE
*r
, int idx
)
204 return (CRYPTO_get_ex_data(&r
->ex_data
, idx
));
207 const STORE_METHOD
*STORE_get_method(STORE
*store
)
212 const STORE_METHOD
*STORE_set_method(STORE
*store
, const STORE_METHOD
*meth
)
220 #define check_store(s,fncode,fnname,fnerrcode) \
223 if ((s) == NULL || (s)->meth == NULL) \
225 STOREerr((fncode), ERR_R_PASSED_NULL_PARAMETER); \
228 if ((s)->meth->fnname == NULL) \
230 STOREerr((fncode), (fnerrcode)); \
238 X509
*STORE_get_certificate(STORE
*s
, OPENSSL_ITEM attributes
[],
239 OPENSSL_ITEM parameters
[])
241 STORE_OBJECT
*object
;
244 check_store(s
, STORE_F_STORE_GET_CERTIFICATE
,
245 get_object
, STORE_R_NO_GET_OBJECT_FUNCTION
);
247 object
= s
->meth
->get_object(s
, STORE_OBJECT_TYPE_X509_CERTIFICATE
,
248 attributes
, parameters
);
249 if (!object
|| !object
->data
.x509
.certificate
) {
250 STOREerr(STORE_F_STORE_GET_CERTIFICATE
,
251 STORE_R_FAILED_GETTING_CERTIFICATE
);
254 CRYPTO_add(&object
->data
.x509
.certificate
->references
, 1,
257 REF_PRINT("X509", data
);
259 x
= object
->data
.x509
.certificate
;
260 STORE_OBJECT_free(object
);
264 int STORE_store_certificate(STORE
*s
, X509
*data
, OPENSSL_ITEM attributes
[],
265 OPENSSL_ITEM parameters
[])
267 STORE_OBJECT
*object
;
270 check_store(s
, STORE_F_STORE_CERTIFICATE
,
271 store_object
, STORE_R_NO_STORE_OBJECT_FUNCTION
);
273 object
= STORE_OBJECT_new();
275 STOREerr(STORE_F_STORE_STORE_CERTIFICATE
, ERR_R_MALLOC_FAILURE
);
279 CRYPTO_add(&data
->references
, 1, CRYPTO_LOCK_X509
);
281 REF_PRINT("X509", data
);
283 object
->data
.x509
.certificate
= data
;
285 i
= s
->meth
->store_object(s
, STORE_OBJECT_TYPE_X509_CERTIFICATE
,
286 object
, attributes
, parameters
);
288 STORE_OBJECT_free(object
);
291 STOREerr(STORE_F_STORE_STORE_CERTIFICATE
,
292 STORE_R_FAILED_STORING_CERTIFICATE
);
298 int STORE_modify_certificate(STORE
*s
, OPENSSL_ITEM search_attributes
[],
299 OPENSSL_ITEM add_attributes
[],
300 OPENSSL_ITEM modify_attributes
[],
301 OPENSSL_ITEM delete_attributes
[],
302 OPENSSL_ITEM parameters
[])
304 check_store(s
, STORE_F_STORE_MODIFY_CERTIFICATE
,
305 modify_object
, STORE_R_NO_MODIFY_OBJECT_FUNCTION
);
307 if (!s
->meth
->modify_object(s
, STORE_OBJECT_TYPE_X509_CERTIFICATE
,
308 search_attributes
, add_attributes
,
309 modify_attributes
, delete_attributes
,
311 STOREerr(STORE_F_STORE_MODIFY_CERTIFICATE
,
312 STORE_R_FAILED_MODIFYING_CERTIFICATE
);
318 int STORE_revoke_certificate(STORE
*s
, OPENSSL_ITEM attributes
[],
319 OPENSSL_ITEM parameters
[])
321 check_store(s
, STORE_F_STORE_REVOKE_CERTIFICATE
,
322 revoke_object
, STORE_R_NO_REVOKE_OBJECT_FUNCTION
);
324 if (!s
->meth
->revoke_object(s
, STORE_OBJECT_TYPE_X509_CERTIFICATE
,
325 attributes
, parameters
)) {
326 STOREerr(STORE_F_STORE_REVOKE_CERTIFICATE
,
327 STORE_R_FAILED_REVOKING_CERTIFICATE
);
333 int STORE_delete_certificate(STORE
*s
, OPENSSL_ITEM attributes
[],
334 OPENSSL_ITEM parameters
[])
336 check_store(s
, STORE_F_STORE_DELETE_CERTIFICATE
,
337 delete_object
, STORE_R_NO_DELETE_OBJECT_FUNCTION
);
339 if (!s
->meth
->delete_object(s
, STORE_OBJECT_TYPE_X509_CERTIFICATE
,
340 attributes
, parameters
)) {
341 STOREerr(STORE_F_STORE_DELETE_CERTIFICATE
,
342 STORE_R_FAILED_DELETING_CERTIFICATE
);
348 void *STORE_list_certificate_start(STORE
*s
, OPENSSL_ITEM attributes
[],
349 OPENSSL_ITEM parameters
[])
353 check_store(s
, STORE_F_STORE_LIST_CERTIFICATE_START
,
354 list_object_start
, STORE_R_NO_LIST_OBJECT_START_FUNCTION
);
356 handle
= s
->meth
->list_object_start(s
,
357 STORE_OBJECT_TYPE_X509_CERTIFICATE
,
358 attributes
, parameters
);
360 STOREerr(STORE_F_STORE_LIST_CERTIFICATE_START
,
361 STORE_R_FAILED_LISTING_CERTIFICATES
);
367 X509
*STORE_list_certificate_next(STORE
*s
, void *handle
)
369 STORE_OBJECT
*object
;
372 check_store(s
, STORE_F_STORE_LIST_CERTIFICATE_NEXT
,
373 list_object_next
, STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION
);
375 object
= s
->meth
->list_object_next(s
, handle
);
376 if (!object
|| !object
->data
.x509
.certificate
) {
377 STOREerr(STORE_F_STORE_LIST_CERTIFICATE_NEXT
,
378 STORE_R_FAILED_LISTING_CERTIFICATES
);
381 CRYPTO_add(&object
->data
.x509
.certificate
->references
, 1,
384 REF_PRINT("X509", data
);
386 x
= object
->data
.x509
.certificate
;
387 STORE_OBJECT_free(object
);
391 int STORE_list_certificate_end(STORE
*s
, void *handle
)
393 check_store(s
, STORE_F_STORE_LIST_CERTIFICATE_END
,
394 list_object_end
, STORE_R_NO_LIST_OBJECT_END_FUNCTION
);
396 if (!s
->meth
->list_object_end(s
, handle
)) {
397 STOREerr(STORE_F_STORE_LIST_CERTIFICATE_END
,
398 STORE_R_FAILED_LISTING_CERTIFICATES
);
404 int STORE_list_certificate_endp(STORE
*s
, void *handle
)
406 check_store(s
, STORE_F_STORE_LIST_CERTIFICATE_ENDP
,
407 list_object_endp
, STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION
);
409 if (!s
->meth
->list_object_endp(s
, handle
)) {
410 STOREerr(STORE_F_STORE_LIST_CERTIFICATE_ENDP
,
411 STORE_R_FAILED_LISTING_CERTIFICATES
);
417 EVP_PKEY
*STORE_generate_key(STORE
*s
, OPENSSL_ITEM attributes
[],
418 OPENSSL_ITEM parameters
[])
420 STORE_OBJECT
*object
;
423 check_store(s
, STORE_F_STORE_GENERATE_KEY
,
424 generate_object
, STORE_R_NO_GENERATE_OBJECT_FUNCTION
);
426 object
= s
->meth
->generate_object(s
, STORE_OBJECT_TYPE_PRIVATE_KEY
,
427 attributes
, parameters
);
428 if (!object
|| !object
->data
.key
) {
429 STOREerr(STORE_F_STORE_GENERATE_KEY
, STORE_R_FAILED_GENERATING_KEY
);
432 CRYPTO_add(&object
->data
.key
->references
, 1, CRYPTO_LOCK_EVP_PKEY
);
434 REF_PRINT("EVP_PKEY", data
);
436 pkey
= object
->data
.key
;
437 STORE_OBJECT_free(object
);
441 EVP_PKEY
*STORE_get_private_key(STORE
*s
, OPENSSL_ITEM attributes
[],
442 OPENSSL_ITEM parameters
[])
444 STORE_OBJECT
*object
;
447 check_store(s
, STORE_F_STORE_GET_PRIVATE_KEY
,
448 get_object
, STORE_R_NO_GET_OBJECT_FUNCTION
);
450 object
= s
->meth
->get_object(s
, STORE_OBJECT_TYPE_PRIVATE_KEY
,
451 attributes
, parameters
);
452 if (!object
|| !object
->data
.key
|| !object
->data
.key
) {
453 STOREerr(STORE_F_STORE_GET_PRIVATE_KEY
, STORE_R_FAILED_GETTING_KEY
);
456 CRYPTO_add(&object
->data
.key
->references
, 1, CRYPTO_LOCK_EVP_PKEY
);
458 REF_PRINT("EVP_PKEY", data
);
460 pkey
= object
->data
.key
;
461 STORE_OBJECT_free(object
);
465 int STORE_store_private_key(STORE
*s
, EVP_PKEY
*data
,
466 OPENSSL_ITEM attributes
[],
467 OPENSSL_ITEM parameters
[])
469 STORE_OBJECT
*object
;
472 check_store(s
, STORE_F_STORE_STORE_PRIVATE_KEY
,
473 store_object
, STORE_R_NO_STORE_OBJECT_FUNCTION
);
475 object
= STORE_OBJECT_new();
477 STOREerr(STORE_F_STORE_STORE_PRIVATE_KEY
, ERR_R_MALLOC_FAILURE
);
480 object
->data
.key
= EVP_PKEY_new();
481 if (!object
->data
.key
) {
482 STOREerr(STORE_F_STORE_STORE_PRIVATE_KEY
, ERR_R_MALLOC_FAILURE
);
486 CRYPTO_add(&data
->references
, 1, CRYPTO_LOCK_EVP_PKEY
);
488 REF_PRINT("EVP_PKEY", data
);
490 object
->data
.key
= data
;
492 i
= s
->meth
->store_object(s
, STORE_OBJECT_TYPE_PRIVATE_KEY
, object
,
493 attributes
, parameters
);
495 STORE_OBJECT_free(object
);
498 STOREerr(STORE_F_STORE_STORE_PRIVATE_KEY
, STORE_R_FAILED_STORING_KEY
);
504 int STORE_modify_private_key(STORE
*s
, OPENSSL_ITEM search_attributes
[],
505 OPENSSL_ITEM add_attributes
[],
506 OPENSSL_ITEM modify_attributes
[],
507 OPENSSL_ITEM delete_attributes
[],
508 OPENSSL_ITEM parameters
[])
510 check_store(s
, STORE_F_STORE_MODIFY_PRIVATE_KEY
,
511 modify_object
, STORE_R_NO_MODIFY_OBJECT_FUNCTION
);
513 if (!s
->meth
->modify_object(s
, STORE_OBJECT_TYPE_PRIVATE_KEY
,
514 search_attributes
, add_attributes
,
515 modify_attributes
, delete_attributes
,
517 STOREerr(STORE_F_STORE_MODIFY_PRIVATE_KEY
,
518 STORE_R_FAILED_MODIFYING_PRIVATE_KEY
);
524 int STORE_revoke_private_key(STORE
*s
, OPENSSL_ITEM attributes
[],
525 OPENSSL_ITEM parameters
[])
529 check_store(s
, STORE_F_STORE_REVOKE_PRIVATE_KEY
,
530 revoke_object
, STORE_R_NO_REVOKE_OBJECT_FUNCTION
);
532 i
= s
->meth
->revoke_object(s
, STORE_OBJECT_TYPE_PRIVATE_KEY
,
533 attributes
, parameters
);
536 STOREerr(STORE_F_STORE_REVOKE_PRIVATE_KEY
,
537 STORE_R_FAILED_REVOKING_KEY
);
543 int STORE_delete_private_key(STORE
*s
, OPENSSL_ITEM attributes
[],
544 OPENSSL_ITEM parameters
[])
546 check_store(s
, STORE_F_STORE_DELETE_PRIVATE_KEY
,
547 delete_object
, STORE_R_NO_DELETE_OBJECT_FUNCTION
);
549 if (!s
->meth
->delete_object(s
, STORE_OBJECT_TYPE_PRIVATE_KEY
,
550 attributes
, parameters
)) {
551 STOREerr(STORE_F_STORE_DELETE_PRIVATE_KEY
,
552 STORE_R_FAILED_DELETING_KEY
);
558 void *STORE_list_private_key_start(STORE
*s
, OPENSSL_ITEM attributes
[],
559 OPENSSL_ITEM parameters
[])
563 check_store(s
, STORE_F_STORE_LIST_PRIVATE_KEY_START
,
564 list_object_start
, STORE_R_NO_LIST_OBJECT_START_FUNCTION
);
566 handle
= s
->meth
->list_object_start(s
, STORE_OBJECT_TYPE_PRIVATE_KEY
,
567 attributes
, parameters
);
569 STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_START
,
570 STORE_R_FAILED_LISTING_KEYS
);
576 EVP_PKEY
*STORE_list_private_key_next(STORE
*s
, void *handle
)
578 STORE_OBJECT
*object
;
581 check_store(s
, STORE_F_STORE_LIST_PRIVATE_KEY_NEXT
,
582 list_object_next
, STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION
);
584 object
= s
->meth
->list_object_next(s
, handle
);
585 if (!object
|| !object
->data
.key
|| !object
->data
.key
) {
586 STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_NEXT
,
587 STORE_R_FAILED_LISTING_KEYS
);
590 CRYPTO_add(&object
->data
.key
->references
, 1, CRYPTO_LOCK_EVP_PKEY
);
592 REF_PRINT("EVP_PKEY", data
);
594 pkey
= object
->data
.key
;
595 STORE_OBJECT_free(object
);
599 int STORE_list_private_key_end(STORE
*s
, void *handle
)
601 check_store(s
, STORE_F_STORE_LIST_PRIVATE_KEY_END
,
602 list_object_end
, STORE_R_NO_LIST_OBJECT_END_FUNCTION
);
604 if (!s
->meth
->list_object_end(s
, handle
)) {
605 STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_END
,
606 STORE_R_FAILED_LISTING_KEYS
);
612 int STORE_list_private_key_endp(STORE
*s
, void *handle
)
614 check_store(s
, STORE_F_STORE_LIST_PRIVATE_KEY_ENDP
,
615 list_object_endp
, STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION
);
617 if (!s
->meth
->list_object_endp(s
, handle
)) {
618 STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_ENDP
,
619 STORE_R_FAILED_LISTING_KEYS
);
625 EVP_PKEY
*STORE_get_public_key(STORE
*s
, OPENSSL_ITEM attributes
[],
626 OPENSSL_ITEM parameters
[])
628 STORE_OBJECT
*object
;
631 check_store(s
, STORE_F_STORE_GET_PUBLIC_KEY
,
632 get_object
, STORE_R_NO_GET_OBJECT_FUNCTION
);
634 object
= s
->meth
->get_object(s
, STORE_OBJECT_TYPE_PUBLIC_KEY
,
635 attributes
, parameters
);
636 if (!object
|| !object
->data
.key
|| !object
->data
.key
) {
637 STOREerr(STORE_F_STORE_GET_PUBLIC_KEY
, STORE_R_FAILED_GETTING_KEY
);
640 CRYPTO_add(&object
->data
.key
->references
, 1, CRYPTO_LOCK_EVP_PKEY
);
642 REF_PRINT("EVP_PKEY", data
);
644 pkey
= object
->data
.key
;
645 STORE_OBJECT_free(object
);
649 int STORE_store_public_key(STORE
*s
, EVP_PKEY
*data
,
650 OPENSSL_ITEM attributes
[],
651 OPENSSL_ITEM parameters
[])
653 STORE_OBJECT
*object
;
656 check_store(s
, STORE_F_STORE_STORE_PUBLIC_KEY
,
657 store_object
, STORE_R_NO_STORE_OBJECT_FUNCTION
);
659 object
= STORE_OBJECT_new();
661 STOREerr(STORE_F_STORE_STORE_PUBLIC_KEY
, ERR_R_MALLOC_FAILURE
);
664 object
->data
.key
= EVP_PKEY_new();
665 if (!object
->data
.key
) {
666 STOREerr(STORE_F_STORE_STORE_PUBLIC_KEY
, ERR_R_MALLOC_FAILURE
);
670 CRYPTO_add(&data
->references
, 1, CRYPTO_LOCK_EVP_PKEY
);
672 REF_PRINT("EVP_PKEY", data
);
674 object
->data
.key
= data
;
676 i
= s
->meth
->store_object(s
, STORE_OBJECT_TYPE_PUBLIC_KEY
, object
,
677 attributes
, parameters
);
679 STORE_OBJECT_free(object
);
682 STOREerr(STORE_F_STORE_STORE_PUBLIC_KEY
, STORE_R_FAILED_STORING_KEY
);
688 int STORE_modify_public_key(STORE
*s
, OPENSSL_ITEM search_attributes
[],
689 OPENSSL_ITEM add_attributes
[],
690 OPENSSL_ITEM modify_attributes
[],
691 OPENSSL_ITEM delete_attributes
[],
692 OPENSSL_ITEM parameters
[])
694 check_store(s
, STORE_F_STORE_MODIFY_PUBLIC_KEY
,
695 modify_object
, STORE_R_NO_MODIFY_OBJECT_FUNCTION
);
697 if (!s
->meth
->modify_object(s
, STORE_OBJECT_TYPE_PUBLIC_KEY
,
698 search_attributes
, add_attributes
,
699 modify_attributes
, delete_attributes
,
701 STOREerr(STORE_F_STORE_MODIFY_PUBLIC_KEY
,
702 STORE_R_FAILED_MODIFYING_PUBLIC_KEY
);
708 int STORE_revoke_public_key(STORE
*s
, OPENSSL_ITEM attributes
[],
709 OPENSSL_ITEM parameters
[])
713 check_store(s
, STORE_F_STORE_REVOKE_PUBLIC_KEY
,
714 revoke_object
, STORE_R_NO_REVOKE_OBJECT_FUNCTION
);
716 i
= s
->meth
->revoke_object(s
, STORE_OBJECT_TYPE_PUBLIC_KEY
,
717 attributes
, parameters
);
720 STOREerr(STORE_F_STORE_REVOKE_PUBLIC_KEY
,
721 STORE_R_FAILED_REVOKING_KEY
);
727 int STORE_delete_public_key(STORE
*s
, OPENSSL_ITEM attributes
[],
728 OPENSSL_ITEM parameters
[])
730 check_store(s
, STORE_F_STORE_DELETE_PUBLIC_KEY
,
731 delete_object
, STORE_R_NO_DELETE_OBJECT_FUNCTION
);
733 if (!s
->meth
->delete_object(s
, STORE_OBJECT_TYPE_PUBLIC_KEY
,
734 attributes
, parameters
)) {
735 STOREerr(STORE_F_STORE_DELETE_PUBLIC_KEY
,
736 STORE_R_FAILED_DELETING_KEY
);
742 void *STORE_list_public_key_start(STORE
*s
, OPENSSL_ITEM attributes
[],
743 OPENSSL_ITEM parameters
[])
747 check_store(s
, STORE_F_STORE_LIST_PUBLIC_KEY_START
,
748 list_object_start
, STORE_R_NO_LIST_OBJECT_START_FUNCTION
);
750 handle
= s
->meth
->list_object_start(s
, STORE_OBJECT_TYPE_PUBLIC_KEY
,
751 attributes
, parameters
);
753 STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_START
,
754 STORE_R_FAILED_LISTING_KEYS
);
760 EVP_PKEY
*STORE_list_public_key_next(STORE
*s
, void *handle
)
762 STORE_OBJECT
*object
;
765 check_store(s
, STORE_F_STORE_LIST_PUBLIC_KEY_NEXT
,
766 list_object_next
, STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION
);
768 object
= s
->meth
->list_object_next(s
, handle
);
769 if (!object
|| !object
->data
.key
|| !object
->data
.key
) {
770 STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_NEXT
,
771 STORE_R_FAILED_LISTING_KEYS
);
774 CRYPTO_add(&object
->data
.key
->references
, 1, CRYPTO_LOCK_EVP_PKEY
);
776 REF_PRINT("EVP_PKEY", data
);
778 pkey
= object
->data
.key
;
779 STORE_OBJECT_free(object
);
783 int STORE_list_public_key_end(STORE
*s
, void *handle
)
785 check_store(s
, STORE_F_STORE_LIST_PUBLIC_KEY_END
,
786 list_object_end
, STORE_R_NO_LIST_OBJECT_END_FUNCTION
);
788 if (!s
->meth
->list_object_end(s
, handle
)) {
789 STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_END
,
790 STORE_R_FAILED_LISTING_KEYS
);
796 int STORE_list_public_key_endp(STORE
*s
, void *handle
)
798 check_store(s
, STORE_F_STORE_LIST_PUBLIC_KEY_ENDP
,
799 list_object_endp
, STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION
);
801 if (!s
->meth
->list_object_endp(s
, handle
)) {
802 STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_ENDP
,
803 STORE_R_FAILED_LISTING_KEYS
);
809 X509_CRL
*STORE_generate_crl(STORE
*s
, OPENSSL_ITEM attributes
[],
810 OPENSSL_ITEM parameters
[])
812 STORE_OBJECT
*object
;
815 check_store(s
, STORE_F_STORE_GENERATE_CRL
,
816 generate_object
, STORE_R_NO_GENERATE_CRL_FUNCTION
);
818 object
= s
->meth
->generate_object(s
, STORE_OBJECT_TYPE_X509_CRL
,
819 attributes
, parameters
);
820 if (!object
|| !object
->data
.crl
) {
821 STOREerr(STORE_F_STORE_GENERATE_CRL
, STORE_R_FAILED_GENERATING_CRL
);
824 CRYPTO_add(&object
->data
.crl
->references
, 1, CRYPTO_LOCK_X509_CRL
);
826 REF_PRINT("X509_CRL", data
);
828 crl
= object
->data
.crl
;
829 STORE_OBJECT_free(object
);
833 X509_CRL
*STORE_get_crl(STORE
*s
, OPENSSL_ITEM attributes
[],
834 OPENSSL_ITEM parameters
[])
836 STORE_OBJECT
*object
;
839 check_store(s
, STORE_F_STORE_GET_CRL
,
840 get_object
, STORE_R_NO_GET_OBJECT_FUNCTION
);
842 object
= s
->meth
->get_object(s
, STORE_OBJECT_TYPE_X509_CRL
,
843 attributes
, parameters
);
844 if (!object
|| !object
->data
.crl
) {
845 STOREerr(STORE_F_STORE_GET_CRL
, STORE_R_FAILED_GETTING_KEY
);
848 CRYPTO_add(&object
->data
.crl
->references
, 1, CRYPTO_LOCK_X509_CRL
);
850 REF_PRINT("X509_CRL", data
);
852 crl
= object
->data
.crl
;
853 STORE_OBJECT_free(object
);
857 int STORE_store_crl(STORE
*s
, X509_CRL
*data
, OPENSSL_ITEM attributes
[],
858 OPENSSL_ITEM parameters
[])
860 STORE_OBJECT
*object
;
863 check_store(s
, STORE_F_STORE_STORE_CRL
,
864 store_object
, STORE_R_NO_STORE_OBJECT_FUNCTION
);
866 object
= STORE_OBJECT_new();
868 STOREerr(STORE_F_STORE_STORE_CRL
, ERR_R_MALLOC_FAILURE
);
872 CRYPTO_add(&data
->references
, 1, CRYPTO_LOCK_X509_CRL
);
874 REF_PRINT("X509_CRL", data
);
876 object
->data
.crl
= data
;
878 i
= s
->meth
->store_object(s
, STORE_OBJECT_TYPE_X509_CRL
, object
,
879 attributes
, parameters
);
881 STORE_OBJECT_free(object
);
884 STOREerr(STORE_F_STORE_STORE_CRL
, STORE_R_FAILED_STORING_KEY
);
890 int STORE_modify_crl(STORE
*s
, OPENSSL_ITEM search_attributes
[],
891 OPENSSL_ITEM add_attributes
[],
892 OPENSSL_ITEM modify_attributes
[],
893 OPENSSL_ITEM delete_attributes
[],
894 OPENSSL_ITEM parameters
[])
896 check_store(s
, STORE_F_STORE_MODIFY_CRL
,
897 modify_object
, STORE_R_NO_MODIFY_OBJECT_FUNCTION
);
899 if (!s
->meth
->modify_object(s
, STORE_OBJECT_TYPE_X509_CRL
,
900 search_attributes
, add_attributes
,
901 modify_attributes
, delete_attributes
,
903 STOREerr(STORE_F_STORE_MODIFY_CRL
, STORE_R_FAILED_MODIFYING_CRL
);
909 int STORE_delete_crl(STORE
*s
, OPENSSL_ITEM attributes
[],
910 OPENSSL_ITEM parameters
[])
912 check_store(s
, STORE_F_STORE_DELETE_CRL
,
913 delete_object
, STORE_R_NO_DELETE_OBJECT_FUNCTION
);
915 if (!s
->meth
->delete_object(s
, STORE_OBJECT_TYPE_X509_CRL
,
916 attributes
, parameters
)) {
917 STOREerr(STORE_F_STORE_DELETE_CRL
, STORE_R_FAILED_DELETING_KEY
);
923 void *STORE_list_crl_start(STORE
*s
, OPENSSL_ITEM attributes
[],
924 OPENSSL_ITEM parameters
[])
928 check_store(s
, STORE_F_STORE_LIST_CRL_START
,
929 list_object_start
, STORE_R_NO_LIST_OBJECT_START_FUNCTION
);
931 handle
= s
->meth
->list_object_start(s
, STORE_OBJECT_TYPE_X509_CRL
,
932 attributes
, parameters
);
934 STOREerr(STORE_F_STORE_LIST_CRL_START
, STORE_R_FAILED_LISTING_KEYS
);
940 X509_CRL
*STORE_list_crl_next(STORE
*s
, void *handle
)
942 STORE_OBJECT
*object
;
945 check_store(s
, STORE_F_STORE_LIST_CRL_NEXT
,
946 list_object_next
, STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION
);
948 object
= s
->meth
->list_object_next(s
, handle
);
949 if (!object
|| !object
->data
.crl
) {
950 STOREerr(STORE_F_STORE_LIST_CRL_NEXT
, STORE_R_FAILED_LISTING_KEYS
);
953 CRYPTO_add(&object
->data
.crl
->references
, 1, CRYPTO_LOCK_X509_CRL
);
955 REF_PRINT("X509_CRL", data
);
957 crl
= object
->data
.crl
;
958 STORE_OBJECT_free(object
);
962 int STORE_list_crl_end(STORE
*s
, void *handle
)
964 check_store(s
, STORE_F_STORE_LIST_CRL_END
,
965 list_object_end
, STORE_R_NO_LIST_OBJECT_END_FUNCTION
);
967 if (!s
->meth
->list_object_end(s
, handle
)) {
968 STOREerr(STORE_F_STORE_LIST_CRL_END
, STORE_R_FAILED_LISTING_KEYS
);
974 int STORE_list_crl_endp(STORE
*s
, void *handle
)
976 check_store(s
, STORE_F_STORE_LIST_CRL_ENDP
,
977 list_object_endp
, STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION
);
979 if (!s
->meth
->list_object_endp(s
, handle
)) {
980 STOREerr(STORE_F_STORE_LIST_CRL_ENDP
, STORE_R_FAILED_LISTING_KEYS
);
986 int STORE_store_number(STORE
*s
, BIGNUM
*data
, OPENSSL_ITEM attributes
[],
987 OPENSSL_ITEM parameters
[])
989 STORE_OBJECT
*object
;
992 check_store(s
, STORE_F_STORE_STORE_NUMBER
,
993 store_object
, STORE_R_NO_STORE_OBJECT_NUMBER_FUNCTION
);
995 object
= STORE_OBJECT_new();
997 STOREerr(STORE_F_STORE_STORE_NUMBER
, ERR_R_MALLOC_FAILURE
);
1001 object
->data
.number
= data
;
1003 i
= s
->meth
->store_object(s
, STORE_OBJECT_TYPE_NUMBER
, object
,
1004 attributes
, parameters
);
1006 STORE_OBJECT_free(object
);
1009 STOREerr(STORE_F_STORE_STORE_NUMBER
, STORE_R_FAILED_STORING_NUMBER
);
1015 int STORE_modify_number(STORE
*s
, OPENSSL_ITEM search_attributes
[],
1016 OPENSSL_ITEM add_attributes
[],
1017 OPENSSL_ITEM modify_attributes
[],
1018 OPENSSL_ITEM delete_attributes
[],
1019 OPENSSL_ITEM parameters
[])
1021 check_store(s
, STORE_F_STORE_MODIFY_NUMBER
,
1022 modify_object
, STORE_R_NO_MODIFY_OBJECT_FUNCTION
);
1024 if (!s
->meth
->modify_object(s
, STORE_OBJECT_TYPE_NUMBER
,
1025 search_attributes
, add_attributes
,
1026 modify_attributes
, delete_attributes
,
1028 STOREerr(STORE_F_STORE_MODIFY_NUMBER
,
1029 STORE_R_FAILED_MODIFYING_NUMBER
);
1035 BIGNUM
*STORE_get_number(STORE
*s
, OPENSSL_ITEM attributes
[],
1036 OPENSSL_ITEM parameters
[])
1038 STORE_OBJECT
*object
;
1041 check_store(s
, STORE_F_STORE_GET_NUMBER
,
1042 get_object
, STORE_R_NO_GET_OBJECT_NUMBER_FUNCTION
);
1044 object
= s
->meth
->get_object(s
, STORE_OBJECT_TYPE_NUMBER
, attributes
,
1046 if (!object
|| !object
->data
.number
) {
1047 STOREerr(STORE_F_STORE_GET_NUMBER
, STORE_R_FAILED_GETTING_NUMBER
);
1050 n
= object
->data
.number
;
1051 object
->data
.number
= NULL
;
1052 STORE_OBJECT_free(object
);
1056 int STORE_delete_number(STORE
*s
, OPENSSL_ITEM attributes
[],
1057 OPENSSL_ITEM parameters
[])
1059 check_store(s
, STORE_F_STORE_DELETE_NUMBER
,
1060 delete_object
, STORE_R_NO_DELETE_NUMBER_FUNCTION
);
1062 if (!s
->meth
->delete_object(s
, STORE_OBJECT_TYPE_NUMBER
, attributes
,
1064 STOREerr(STORE_F_STORE_DELETE_NUMBER
, STORE_R_FAILED_DELETING_NUMBER
);
1070 int STORE_store_arbitrary(STORE
*s
, BUF_MEM
*data
, OPENSSL_ITEM attributes
[],
1071 OPENSSL_ITEM parameters
[])
1073 STORE_OBJECT
*object
;
1076 check_store(s
, STORE_F_STORE_STORE_ARBITRARY
,
1077 store_object
, STORE_R_NO_STORE_OBJECT_ARBITRARY_FUNCTION
);
1079 object
= STORE_OBJECT_new();
1081 STOREerr(STORE_F_STORE_STORE_ARBITRARY
, ERR_R_MALLOC_FAILURE
);
1085 object
->data
.arbitrary
= data
;
1087 i
= s
->meth
->store_object(s
, STORE_OBJECT_TYPE_ARBITRARY
, object
,
1088 attributes
, parameters
);
1090 STORE_OBJECT_free(object
);
1093 STOREerr(STORE_F_STORE_STORE_ARBITRARY
,
1094 STORE_R_FAILED_STORING_ARBITRARY
);
1100 int STORE_modify_arbitrary(STORE
*s
, OPENSSL_ITEM search_attributes
[],
1101 OPENSSL_ITEM add_attributes
[],
1102 OPENSSL_ITEM modify_attributes
[],
1103 OPENSSL_ITEM delete_attributes
[],
1104 OPENSSL_ITEM parameters
[])
1106 check_store(s
, STORE_F_STORE_MODIFY_ARBITRARY
,
1107 modify_object
, STORE_R_NO_MODIFY_OBJECT_FUNCTION
);
1109 if (!s
->meth
->modify_object(s
, STORE_OBJECT_TYPE_ARBITRARY
,
1110 search_attributes
, add_attributes
,
1111 modify_attributes
, delete_attributes
,
1113 STOREerr(STORE_F_STORE_MODIFY_ARBITRARY
,
1114 STORE_R_FAILED_MODIFYING_ARBITRARY
);
1120 BUF_MEM
*STORE_get_arbitrary(STORE
*s
, OPENSSL_ITEM attributes
[],
1121 OPENSSL_ITEM parameters
[])
1123 STORE_OBJECT
*object
;
1126 check_store(s
, STORE_F_STORE_GET_ARBITRARY
,
1127 get_object
, STORE_R_NO_GET_OBJECT_ARBITRARY_FUNCTION
);
1129 object
= s
->meth
->get_object(s
, STORE_OBJECT_TYPE_ARBITRARY
,
1130 attributes
, parameters
);
1131 if (!object
|| !object
->data
.arbitrary
) {
1132 STOREerr(STORE_F_STORE_GET_ARBITRARY
,
1133 STORE_R_FAILED_GETTING_ARBITRARY
);
1136 b
= object
->data
.arbitrary
;
1137 object
->data
.arbitrary
= NULL
;
1138 STORE_OBJECT_free(object
);
1142 int STORE_delete_arbitrary(STORE
*s
, OPENSSL_ITEM attributes
[],
1143 OPENSSL_ITEM parameters
[])
1145 check_store(s
, STORE_F_STORE_DELETE_ARBITRARY
,
1146 delete_object
, STORE_R_NO_DELETE_ARBITRARY_FUNCTION
);
1148 if (!s
->meth
->delete_object(s
, STORE_OBJECT_TYPE_ARBITRARY
, attributes
,
1150 STOREerr(STORE_F_STORE_DELETE_ARBITRARY
,
1151 STORE_R_FAILED_DELETING_ARBITRARY
);
1157 STORE_OBJECT
*STORE_OBJECT_new(void)
1159 STORE_OBJECT
*object
= OPENSSL_malloc(sizeof(STORE_OBJECT
));
1161 memset(object
, 0, sizeof(STORE_OBJECT
));
1165 void STORE_OBJECT_free(STORE_OBJECT
*data
)
1169 switch (data
->type
) {
1170 case STORE_OBJECT_TYPE_X509_CERTIFICATE
:
1171 X509_free(data
->data
.x509
.certificate
);
1173 case STORE_OBJECT_TYPE_X509_CRL
:
1174 X509_CRL_free(data
->data
.crl
);
1176 case STORE_OBJECT_TYPE_PRIVATE_KEY
:
1177 case STORE_OBJECT_TYPE_PUBLIC_KEY
:
1178 EVP_PKEY_free(data
->data
.key
);
1180 case STORE_OBJECT_TYPE_NUMBER
:
1181 BN_free(data
->data
.number
);
1183 case STORE_OBJECT_TYPE_ARBITRARY
:
1184 BUF_MEM_free(data
->data
.arbitrary
);
1190 IMPLEMENT_STACK_OF(STORE_OBJECT
*)
1192 struct STORE_attr_info_st
{
1193 unsigned char set
[(STORE_ATTR_TYPE_NUM
+ 8) / 8];
1196 unsigned char *sha1string
;
1200 } values
[STORE_ATTR_TYPE_NUM
+ 1];
1201 size_t value_sizes
[STORE_ATTR_TYPE_NUM
+ 1];
1204 #define ATTR_IS_SET(a,i) ((i) > 0 && (i) < STORE_ATTR_TYPE_NUM \
1205 && ((a)->set[(i) / 8] & (1 << ((i) % 8))))
1206 #define SET_ATTRBIT(a,i) ((a)->set[(i) / 8] |= (1 << ((i) % 8)))
1207 #define CLEAR_ATTRBIT(a,i) ((a)->set[(i) / 8] &= ~(1 << ((i) % 8)))
1209 STORE_ATTR_INFO
*STORE_ATTR_INFO_new(void)
1211 return (STORE_ATTR_INFO
*)OPENSSL_malloc(sizeof(STORE_ATTR_INFO
));
1214 static void STORE_ATTR_INFO_attr_free(STORE_ATTR_INFO
*attrs
,
1215 STORE_ATTR_TYPES code
)
1217 if (ATTR_IS_SET(attrs
, code
)) {
1219 case STORE_ATTR_FRIENDLYNAME
:
1220 case STORE_ATTR_EMAIL
:
1221 case STORE_ATTR_FILENAME
:
1222 STORE_ATTR_INFO_modify_cstr(attrs
, code
, NULL
, 0);
1224 case STORE_ATTR_KEYID
:
1225 case STORE_ATTR_ISSUERKEYID
:
1226 case STORE_ATTR_SUBJECTKEYID
:
1227 case STORE_ATTR_ISSUERSERIALHASH
:
1228 case STORE_ATTR_CERTHASH
:
1229 STORE_ATTR_INFO_modify_sha1str(attrs
, code
, NULL
, 0);
1231 case STORE_ATTR_ISSUER
:
1232 case STORE_ATTR_SUBJECT
:
1233 STORE_ATTR_INFO_modify_dn(attrs
, code
, NULL
);
1235 case STORE_ATTR_SERIAL
:
1236 STORE_ATTR_INFO_modify_number(attrs
, code
, NULL
);
1244 int STORE_ATTR_INFO_free(STORE_ATTR_INFO
*attrs
)
1248 for (i
= 0; i
++ < STORE_ATTR_TYPE_NUM
;)
1249 STORE_ATTR_INFO_attr_free(attrs
, i
);
1250 OPENSSL_free(attrs
);
1255 char *STORE_ATTR_INFO_get0_cstr(STORE_ATTR_INFO
*attrs
, STORE_ATTR_TYPES code
)
1258 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_CSTR
,
1259 ERR_R_PASSED_NULL_PARAMETER
);
1262 if (ATTR_IS_SET(attrs
, code
))
1263 return attrs
->values
[code
].cstring
;
1264 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_CSTR
, STORE_R_NO_VALUE
);
1268 unsigned char *STORE_ATTR_INFO_get0_sha1str(STORE_ATTR_INFO
*attrs
,
1269 STORE_ATTR_TYPES code
)
1272 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_SHA1STR
,
1273 ERR_R_PASSED_NULL_PARAMETER
);
1276 if (ATTR_IS_SET(attrs
, code
))
1277 return attrs
->values
[code
].sha1string
;
1278 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_SHA1STR
, STORE_R_NO_VALUE
);
1282 X509_NAME
*STORE_ATTR_INFO_get0_dn(STORE_ATTR_INFO
*attrs
,
1283 STORE_ATTR_TYPES code
)
1286 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_DN
,
1287 ERR_R_PASSED_NULL_PARAMETER
);
1290 if (ATTR_IS_SET(attrs
, code
))
1291 return attrs
->values
[code
].dn
;
1292 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_DN
, STORE_R_NO_VALUE
);
1296 BIGNUM
*STORE_ATTR_INFO_get0_number(STORE_ATTR_INFO
*attrs
,
1297 STORE_ATTR_TYPES code
)
1300 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_NUMBER
,
1301 ERR_R_PASSED_NULL_PARAMETER
);
1304 if (ATTR_IS_SET(attrs
, code
))
1305 return attrs
->values
[code
].number
;
1306 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_NUMBER
, STORE_R_NO_VALUE
);
1310 int STORE_ATTR_INFO_set_cstr(STORE_ATTR_INFO
*attrs
, STORE_ATTR_TYPES code
,
1311 char *cstr
, size_t cstr_size
)
1314 STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR
,
1315 ERR_R_PASSED_NULL_PARAMETER
);
1318 if (!ATTR_IS_SET(attrs
, code
)) {
1319 if ((attrs
->values
[code
].cstring
= BUF_strndup(cstr
, cstr_size
)))
1321 STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR
, ERR_R_MALLOC_FAILURE
);
1324 STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR
, STORE_R_ALREADY_HAS_A_VALUE
);
1328 int STORE_ATTR_INFO_set_sha1str(STORE_ATTR_INFO
*attrs
, STORE_ATTR_TYPES code
,
1329 unsigned char *sha1str
, size_t sha1str_size
)
1332 STOREerr(STORE_F_STORE_ATTR_INFO_SET_SHA1STR
,
1333 ERR_R_PASSED_NULL_PARAMETER
);
1336 if (!ATTR_IS_SET(attrs
, code
)) {
1337 if ((attrs
->values
[code
].sha1string
=
1338 (unsigned char *)BUF_memdup(sha1str
, sha1str_size
)))
1340 STOREerr(STORE_F_STORE_ATTR_INFO_SET_SHA1STR
, ERR_R_MALLOC_FAILURE
);
1343 STOREerr(STORE_F_STORE_ATTR_INFO_SET_SHA1STR
,
1344 STORE_R_ALREADY_HAS_A_VALUE
);
1348 int STORE_ATTR_INFO_set_dn(STORE_ATTR_INFO
*attrs
, STORE_ATTR_TYPES code
,
1352 STOREerr(STORE_F_STORE_ATTR_INFO_SET_DN
, ERR_R_PASSED_NULL_PARAMETER
);
1355 if (!ATTR_IS_SET(attrs
, code
)) {
1356 if ((attrs
->values
[code
].dn
= X509_NAME_dup(dn
)))
1358 STOREerr(STORE_F_STORE_ATTR_INFO_SET_DN
, ERR_R_MALLOC_FAILURE
);
1361 STOREerr(STORE_F_STORE_ATTR_INFO_SET_DN
, STORE_R_ALREADY_HAS_A_VALUE
);
1365 int STORE_ATTR_INFO_set_number(STORE_ATTR_INFO
*attrs
, STORE_ATTR_TYPES code
,
1369 STOREerr(STORE_F_STORE_ATTR_INFO_SET_NUMBER
,
1370 ERR_R_PASSED_NULL_PARAMETER
);
1373 if (!ATTR_IS_SET(attrs
, code
)) {
1374 if ((attrs
->values
[code
].number
= BN_dup(number
)))
1376 STOREerr(STORE_F_STORE_ATTR_INFO_SET_NUMBER
, ERR_R_MALLOC_FAILURE
);
1379 STOREerr(STORE_F_STORE_ATTR_INFO_SET_NUMBER
, STORE_R_ALREADY_HAS_A_VALUE
);
1383 int STORE_ATTR_INFO_modify_cstr(STORE_ATTR_INFO
*attrs
, STORE_ATTR_TYPES code
,
1384 char *cstr
, size_t cstr_size
)
1387 STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_CSTR
,
1388 ERR_R_PASSED_NULL_PARAMETER
);
1391 if (ATTR_IS_SET(attrs
, code
)) {
1392 OPENSSL_free(attrs
->values
[code
].cstring
);
1393 attrs
->values
[code
].cstring
= NULL
;
1394 CLEAR_ATTRBIT(attrs
, code
);
1396 return STORE_ATTR_INFO_set_cstr(attrs
, code
, cstr
, cstr_size
);
1399 int STORE_ATTR_INFO_modify_sha1str(STORE_ATTR_INFO
*attrs
,
1400 STORE_ATTR_TYPES code
,
1401 unsigned char *sha1str
,
1402 size_t sha1str_size
)
1405 STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_SHA1STR
,
1406 ERR_R_PASSED_NULL_PARAMETER
);
1409 if (ATTR_IS_SET(attrs
, code
)) {
1410 OPENSSL_free(attrs
->values
[code
].sha1string
);
1411 attrs
->values
[code
].sha1string
= NULL
;
1412 CLEAR_ATTRBIT(attrs
, code
);
1414 return STORE_ATTR_INFO_set_sha1str(attrs
, code
, sha1str
, sha1str_size
);
1417 int STORE_ATTR_INFO_modify_dn(STORE_ATTR_INFO
*attrs
, STORE_ATTR_TYPES code
,
1421 STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_DN
,
1422 ERR_R_PASSED_NULL_PARAMETER
);
1425 if (ATTR_IS_SET(attrs
, code
)) {
1426 OPENSSL_free(attrs
->values
[code
].dn
);
1427 attrs
->values
[code
].dn
= NULL
;
1428 CLEAR_ATTRBIT(attrs
, code
);
1430 return STORE_ATTR_INFO_set_dn(attrs
, code
, dn
);
1433 int STORE_ATTR_INFO_modify_number(STORE_ATTR_INFO
*attrs
,
1434 STORE_ATTR_TYPES code
, BIGNUM
*number
)
1437 STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_NUMBER
,
1438 ERR_R_PASSED_NULL_PARAMETER
);
1441 if (ATTR_IS_SET(attrs
, code
)) {
1442 OPENSSL_free(attrs
->values
[code
].number
);
1443 attrs
->values
[code
].number
= NULL
;
1444 CLEAR_ATTRBIT(attrs
, code
);
1446 return STORE_ATTR_INFO_set_number(attrs
, code
, number
);
1449 struct attr_list_ctx_st
{
1450 OPENSSL_ITEM
*attributes
;
1452 void *STORE_parse_attrs_start(OPENSSL_ITEM
*attributes
)
1455 struct attr_list_ctx_st
*context
= (struct attr_list_ctx_st
*)
1456 OPENSSL_malloc(sizeof(struct attr_list_ctx_st
));
1458 context
->attributes
= attributes
;
1460 STOREerr(STORE_F_STORE_PARSE_ATTRS_START
, ERR_R_MALLOC_FAILURE
);
1463 STOREerr(STORE_F_STORE_PARSE_ATTRS_START
, ERR_R_PASSED_NULL_PARAMETER
);
1467 STORE_ATTR_INFO
*STORE_parse_attrs_next(void *handle
)
1469 struct attr_list_ctx_st
*context
= (struct attr_list_ctx_st
*)handle
;
1471 if (context
&& context
->attributes
) {
1472 STORE_ATTR_INFO
*attrs
= NULL
;
1474 while (context
->attributes
1475 && context
->attributes
->code
!= STORE_ATTR_OR
1476 && context
->attributes
->code
!= STORE_ATTR_END
) {
1477 switch (context
->attributes
->code
) {
1478 case STORE_ATTR_FRIENDLYNAME
:
1479 case STORE_ATTR_EMAIL
:
1480 case STORE_ATTR_FILENAME
:
1482 attrs
= STORE_ATTR_INFO_new();
1483 if (attrs
== NULL
) {
1484 STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT
,
1485 ERR_R_MALLOC_FAILURE
);
1488 STORE_ATTR_INFO_set_cstr(attrs
,
1489 context
->attributes
->code
,
1490 context
->attributes
->value
,
1491 context
->attributes
->value_size
);
1493 case STORE_ATTR_KEYID
:
1494 case STORE_ATTR_ISSUERKEYID
:
1495 case STORE_ATTR_SUBJECTKEYID
:
1496 case STORE_ATTR_ISSUERSERIALHASH
:
1497 case STORE_ATTR_CERTHASH
:
1499 attrs
= STORE_ATTR_INFO_new();
1500 if (attrs
== NULL
) {
1501 STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT
,
1502 ERR_R_MALLOC_FAILURE
);
1505 STORE_ATTR_INFO_set_sha1str(attrs
,
1506 context
->attributes
->code
,
1507 context
->attributes
->value
,
1508 context
->attributes
->value_size
);
1510 case STORE_ATTR_ISSUER
:
1511 case STORE_ATTR_SUBJECT
:
1513 attrs
= STORE_ATTR_INFO_new();
1514 if (attrs
== NULL
) {
1515 STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT
,
1516 ERR_R_MALLOC_FAILURE
);
1519 STORE_ATTR_INFO_modify_dn(attrs
,
1520 context
->attributes
->code
,
1521 context
->attributes
->value
);
1523 case STORE_ATTR_SERIAL
:
1525 attrs
= STORE_ATTR_INFO_new();
1526 if (attrs
== NULL
) {
1527 STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT
,
1528 ERR_R_MALLOC_FAILURE
);
1531 STORE_ATTR_INFO_modify_number(attrs
,
1532 context
->attributes
->code
,
1533 context
->attributes
->value
);
1536 context
->attributes
++;
1538 if (context
->attributes
->code
== STORE_ATTR_OR
)
1539 context
->attributes
++;
1542 while (context
->attributes
1543 && context
->attributes
->code
!= STORE_ATTR_OR
1544 && context
->attributes
->code
!= STORE_ATTR_END
)
1545 context
->attributes
++;
1546 if (context
->attributes
->code
== STORE_ATTR_OR
)
1547 context
->attributes
++;
1550 STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT
, ERR_R_PASSED_NULL_PARAMETER
);
1554 int STORE_parse_attrs_end(void *handle
)
1556 struct attr_list_ctx_st
*context
= (struct attr_list_ctx_st
*)handle
;
1558 if (context
&& context
->attributes
) {
1560 OPENSSL_ITEM
*attributes
= context
->attributes
;
1562 OPENSSL_free(context
);
1565 STOREerr(STORE_F_STORE_PARSE_ATTRS_END
, ERR_R_PASSED_NULL_PARAMETER
);
1569 int STORE_parse_attrs_endp(void *handle
)
1571 struct attr_list_ctx_st
*context
= (struct attr_list_ctx_st
*)handle
;
1573 if (context
&& context
->attributes
) {
1574 return context
->attributes
->code
== STORE_ATTR_END
;
1576 STOREerr(STORE_F_STORE_PARSE_ATTRS_ENDP
, ERR_R_PASSED_NULL_PARAMETER
);
1580 static int attr_info_compare_compute_range(unsigned char *abits
,
1581 unsigned char *bbits
,
1582 unsigned int *alowp
,
1583 unsigned int *ahighp
,
1584 unsigned int *blowp
,
1585 unsigned int *bhighp
)
1587 unsigned int alow
= (unsigned int)-1, ahigh
= 0;
1588 unsigned int blow
= (unsigned int)-1, bhigh
= 0;
1591 for (i
= 0; i
< (STORE_ATTR_TYPE_NUM
+ 8) / 8; i
++, abits
++, bbits
++) {
1593 if (*abits
< *bbits
)
1595 if (*abits
> *bbits
)
1599 if (alow
== (unsigned int)-1) {
1601 if (!(*abits
& 0x01))
1603 if (!(*abits
& 0x02))
1605 if (!(*abits
& 0x04))
1607 if (!(*abits
& 0x08))
1609 if (!(*abits
& 0x10))
1611 if (!(*abits
& 0x20))
1613 if (!(*abits
& 0x40))
1617 if (!(*abits
& 0x80))
1619 if (!(*abits
& 0x40))
1621 if (!(*abits
& 0x20))
1623 if (!(*abits
& 0x10))
1625 if (!(*abits
& 0x08))
1627 if (!(*abits
& 0x04))
1629 if (!(*abits
& 0x02))
1633 if (blow
== (unsigned int)-1) {
1635 if (!(*bbits
& 0x01))
1637 if (!(*bbits
& 0x02))
1639 if (!(*bbits
& 0x04))
1641 if (!(*bbits
& 0x08))
1643 if (!(*bbits
& 0x10))
1645 if (!(*bbits
& 0x20))
1647 if (!(*bbits
& 0x40))
1651 if (!(*bbits
& 0x80))
1653 if (!(*bbits
& 0x40))
1655 if (!(*bbits
& 0x20))
1657 if (!(*bbits
& 0x10))
1659 if (!(*bbits
& 0x08))
1661 if (!(*bbits
& 0x04))
1663 if (!(*bbits
& 0x02))
1667 if (ahigh
+ alow
< bhigh
+ blow
)
1669 if (ahigh
+ alow
> bhigh
+ blow
)
1682 int STORE_ATTR_INFO_compare(STORE_ATTR_INFO
*a
, STORE_ATTR_INFO
*b
)
1690 return attr_info_compare_compute_range(a
->set
, b
->set
, 0, 0, 0, 0);
1693 int STORE_ATTR_INFO_in_range(STORE_ATTR_INFO
*a
, STORE_ATTR_INFO
*b
)
1695 unsigned int alow
, ahigh
, blow
, bhigh
;
1703 attr_info_compare_compute_range(a
->set
, b
->set
,
1704 &alow
, &ahigh
, &blow
, &bhigh
);
1705 if (alow
>= blow
&& ahigh
<= bhigh
)
1710 int STORE_ATTR_INFO_in(STORE_ATTR_INFO
*a
, STORE_ATTR_INFO
*b
)
1712 unsigned char *abits
, *bbits
;
1723 for (i
= 0; i
< (STORE_ATTR_TYPE_NUM
+ 8) / 8; i
++, abits
++, bbits
++) {
1724 if (*abits
&& (*bbits
& *abits
) != *abits
)
1730 int STORE_ATTR_INFO_in_ex(STORE_ATTR_INFO
*a
, STORE_ATTR_INFO
*b
)
1736 if (!STORE_ATTR_INFO_in(a
, b
))
1738 for (i
= 1; i
< STORE_ATTR_TYPE_NUM
; i
++)
1739 if (ATTR_IS_SET(a
, i
)) {
1741 case STORE_ATTR_FRIENDLYNAME
:
1742 case STORE_ATTR_EMAIL
:
1743 case STORE_ATTR_FILENAME
:
1744 if (strcmp(a
->values
[i
].cstring
, b
->values
[i
].cstring
))
1747 case STORE_ATTR_KEYID
:
1748 case STORE_ATTR_ISSUERKEYID
:
1749 case STORE_ATTR_SUBJECTKEYID
:
1750 case STORE_ATTR_ISSUERSERIALHASH
:
1751 case STORE_ATTR_CERTHASH
:
1752 if (memcmp(a
->values
[i
].sha1string
,
1753 b
->values
[i
].sha1string
, a
->value_sizes
[i
]))
1756 case STORE_ATTR_ISSUER
:
1757 case STORE_ATTR_SUBJECT
:
1758 if (X509_NAME_cmp(a
->values
[i
].dn
, b
->values
[i
].dn
))
1761 case STORE_ATTR_SERIAL
:
1762 if (BN_cmp(a
->values
[i
].number
, b
->values
[i
].number
))