]> git.ipfire.org Git - thirdparty/openssl.git/blob - crypto/store/str_lib.c
projects / thirdparty / openssl.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Run util/openssl-format-source -v -c .
[thirdparty/openssl.git] / crypto / store / str_lib.c
1 /* crypto/store/str_lib.c -*- mode:C; c-file-style: "eay" -*- */
2 /*
3 * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
4 * 2003.
5 */
6 /* ====================================================================
7 * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
8 *
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions
11 * are met:
12 *
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
15 *
16 * 2. Redistributions in binary form must reproduce the above copyright
17 * notice, this list of conditions and the following disclaimer in
18 * the documentation and/or other materials provided with the
19 * distribution.
20 *
21 * 3. All advertising materials mentioning features or use of this
22 * software must display the following acknowledgment:
23 * "This product includes software developed by the OpenSSL Project
24 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
25 *
26 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
27 * endorse or promote products derived from this software without
28 * prior written permission. For written permission, please contact
29 * openssl-core@openssl.org.
30 *
31 * 5. Products derived from this software may not be called "OpenSSL"
32 * nor may "OpenSSL" appear in their names without prior written
33 * permission of the OpenSSL Project.
34 *
35 * 6. Redistributions of any form whatsoever must retain the following
36 * acknowledgment:
37 * "This product includes software developed by the OpenSSL Project
38 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
39 *
40 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
41 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
43 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
44 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
45 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
46 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
47 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
49 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
50 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
51 * OF THE POSSIBILITY OF SUCH DAMAGE.
52 * ====================================================================
53 *
54 * This product includes cryptographic software written by Eric Young
55 * (eay@cryptsoft.com). This product includes software written by Tim
56 * Hudson (tjh@cryptsoft.com).
57 *
58 */
59
60 #include <string.h>
61 #include <openssl/bn.h>
62 #include <openssl/err.h>
63 #ifndef OPENSSL_NO_ENGINE
64 # include <openssl/engine.h>
65 #endif
66 #include <openssl/sha.h>
67 #include <openssl/x509.h>
68 #include "str_locl.h"
69
70 const char *const STORE_object_type_string[STORE_OBJECT_TYPE_NUM + 1] = {
71 0,
72 "X.509 Certificate",
73 "X.509 CRL",
74 "Private Key",
75 "Public Key",
76 "Number",
77 "Arbitrary Data"
78 };
79
80 const int STORE_param_sizes[STORE_PARAM_TYPE_NUM + 1] = {
81 0,
82 sizeof(int), /* EVP_TYPE */
83 sizeof(size_t), /* BITS */
84 -1, /* KEY_PARAMETERS */
85 0 /* KEY_NO_PARAMETERS */
86 };
87
88 const int STORE_attr_sizes[STORE_ATTR_TYPE_NUM + 1] = {
89 0,
90 -1, /* FRIENDLYNAME: C string */
91 SHA_DIGEST_LENGTH, /* KEYID: SHA1 digest, 160 bits */
92 SHA_DIGEST_LENGTH, /* ISSUERKEYID: SHA1 digest, 160 bits */
93 SHA_DIGEST_LENGTH, /* SUBJECTKEYID: SHA1 digest, 160 bits */
94 SHA_DIGEST_LENGTH, /* ISSUERSERIALHASH: SHA1 digest, 160 bits */
95 sizeof(X509_NAME *), /* ISSUER: X509_NAME * */
96 sizeof(BIGNUM *), /* SERIAL: BIGNUM * */
97 sizeof(X509_NAME *), /* SUBJECT: X509_NAME * */
98 SHA_DIGEST_LENGTH, /* CERTHASH: SHA1 digest, 160 bits */
99 -1, /* EMAIL: C string */
100 -1, /* FILENAME: C string */
101 };
102
103 STORE *STORE_new_method(const STORE_METHOD *method)
104 {
105 STORE *ret;
106
107 if (method == NULL) {
108 STOREerr(STORE_F_STORE_NEW_METHOD, ERR_R_PASSED_NULL_PARAMETER);
109 return NULL;
110 }
111
112 ret = (STORE *)OPENSSL_malloc(sizeof(STORE));
113 if (ret == NULL) {
114 STOREerr(STORE_F_STORE_NEW_METHOD, ERR_R_MALLOC_FAILURE);
115 return NULL;
116 }
117
118 ret->meth = method;
119
120 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_STORE, ret, &ret->ex_data);
121 if (ret->meth->init && !ret->meth->init(ret)) {
122 STORE_free(ret);
123 ret = NULL;
124 }
125 return ret;
126 }
127
128 STORE *STORE_new_engine(ENGINE *engine)
129 {
130 STORE *ret = NULL;
131 ENGINE *e = engine;
132 const STORE_METHOD *meth = 0;
133
134 #ifdef OPENSSL_NO_ENGINE
135 e = NULL;
136 #else
137 if (engine) {
138 if (!ENGINE_init(engine)) {
139 STOREerr(STORE_F_STORE_NEW_ENGINE, ERR_R_ENGINE_LIB);
140 return NULL;
141 }
142 e = engine;
143 } else {
144 STOREerr(STORE_F_STORE_NEW_ENGINE, ERR_R_PASSED_NULL_PARAMETER);
145 return NULL;
146 }
147 if (e) {
148 meth = ENGINE_get_STORE(e);
149 if (!meth) {
150 STOREerr(STORE_F_STORE_NEW_ENGINE, ERR_R_ENGINE_LIB);
151 ENGINE_finish(e);
152 return NULL;
153 }
154 }
155 #endif
156
157 ret = STORE_new_method(meth);
158 if (ret == NULL) {
159 STOREerr(STORE_F_STORE_NEW_ENGINE, ERR_R_STORE_LIB);
160 return NULL;
161 }
162
163 ret->engine = e;
164
165 return (ret);
166 }
167
168 void STORE_free(STORE *store)
169 {
170 if (store == NULL)
171 return;
172 if (store->meth->clean)
173 store->meth->clean(store);
174 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_STORE, store, &store->ex_data);
175 OPENSSL_free(store);
176 }
177
178 int STORE_ctrl(STORE *store, int cmd, long i, void *p, void (*f) (void))
179 {
180 if (store == NULL) {
181 STOREerr(STORE_F_STORE_CTRL, ERR_R_PASSED_NULL_PARAMETER);
182 return 0;
183 }
184 if (store->meth->ctrl)
185 return store->meth->ctrl(store, cmd, i, p, f);
186 STOREerr(STORE_F_STORE_CTRL, STORE_R_NO_CONTROL_FUNCTION);
187 return 0;
188 }
189
190 int STORE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
191 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
192 {
193 return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_STORE, argl, argp,
194 new_func, dup_func, free_func);
195 }
196
197 int STORE_set_ex_data(STORE *r, int idx, void *arg)
198 {
199 return (CRYPTO_set_ex_data(&r->ex_data, idx, arg));
200 }
201
202 void *STORE_get_ex_data(STORE *r, int idx)
203 {
204 return (CRYPTO_get_ex_data(&r->ex_data, idx));
205 }
206
207 const STORE_METHOD *STORE_get_method(STORE *store)
208 {
209 return store->meth;
210 }
211
212 const STORE_METHOD *STORE_set_method(STORE *store, const STORE_METHOD *meth)
213 {
214 store->meth = meth;
215 return store->meth;
216 }
217
218 /* API helpers */
219
220 #define check_store(s,fncode,fnname,fnerrcode) \
221 do \
222 { \
223 if ((s) == NULL || (s)->meth == NULL) \
224 { \
225 STOREerr((fncode), ERR_R_PASSED_NULL_PARAMETER); \
226 return 0; \
227 } \
228 if ((s)->meth->fnname == NULL) \
229 { \
230 STOREerr((fncode), (fnerrcode)); \
231 return 0; \
232 } \
233 } \
234 while(0)
235
236 /* API functions */
237
238 X509 *STORE_get_certificate(STORE *s, OPENSSL_ITEM attributes[],
239 OPENSSL_ITEM parameters[])
240 {
241 STORE_OBJECT *object;
242 X509 *x;
243
244 check_store(s, STORE_F_STORE_GET_CERTIFICATE,
245 get_object, STORE_R_NO_GET_OBJECT_FUNCTION);
246
247 object = s->meth->get_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
248 attributes, parameters);
249 if (!object || !object->data.x509.certificate) {
250 STOREerr(STORE_F_STORE_GET_CERTIFICATE,
251 STORE_R_FAILED_GETTING_CERTIFICATE);
252 return 0;
253 }
254 CRYPTO_add(&object->data.x509.certificate->references, 1,
255 CRYPTO_LOCK_X509);
256 #ifdef REF_PRINT
257 REF_PRINT("X509", data);
258 #endif
259 x = object->data.x509.certificate;
260 STORE_OBJECT_free(object);
261 return x;
262 }
263
264 int STORE_store_certificate(STORE *s, X509 *data, OPENSSL_ITEM attributes[],
265 OPENSSL_ITEM parameters[])
266 {
267 STORE_OBJECT *object;
268 int i;
269
270 check_store(s, STORE_F_STORE_CERTIFICATE,
271 store_object, STORE_R_NO_STORE_OBJECT_FUNCTION);
272
273 object = STORE_OBJECT_new();
274 if (!object) {
275 STOREerr(STORE_F_STORE_STORE_CERTIFICATE, ERR_R_MALLOC_FAILURE);
276 return 0;
277 }
278
279 CRYPTO_add(&data->references, 1, CRYPTO_LOCK_X509);
280 #ifdef REF_PRINT
281 REF_PRINT("X509", data);
282 #endif
283 object->data.x509.certificate = data;
284
285 i = s->meth->store_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
286 object, attributes, parameters);
287
288 STORE_OBJECT_free(object);
289
290 if (!i) {
291 STOREerr(STORE_F_STORE_STORE_CERTIFICATE,
292 STORE_R_FAILED_STORING_CERTIFICATE);
293 return 0;
294 }
295 return 1;
296 }
297
298 int STORE_modify_certificate(STORE *s, OPENSSL_ITEM search_attributes[],
299 OPENSSL_ITEM add_attributes[],
300 OPENSSL_ITEM modify_attributes[],
301 OPENSSL_ITEM delete_attributes[],
302 OPENSSL_ITEM parameters[])
303 {
304 check_store(s, STORE_F_STORE_MODIFY_CERTIFICATE,
305 modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION);
306
307 if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
308 search_attributes, add_attributes,
309 modify_attributes, delete_attributes,
310 parameters)) {
311 STOREerr(STORE_F_STORE_MODIFY_CERTIFICATE,
312 STORE_R_FAILED_MODIFYING_CERTIFICATE);
313 return 0;
314 }
315 return 1;
316 }
317
318 int STORE_revoke_certificate(STORE *s, OPENSSL_ITEM attributes[],
319 OPENSSL_ITEM parameters[])
320 {
321 check_store(s, STORE_F_STORE_REVOKE_CERTIFICATE,
322 revoke_object, STORE_R_NO_REVOKE_OBJECT_FUNCTION);
323
324 if (!s->meth->revoke_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
325 attributes, parameters)) {
326 STOREerr(STORE_F_STORE_REVOKE_CERTIFICATE,
327 STORE_R_FAILED_REVOKING_CERTIFICATE);
328 return 0;
329 }
330 return 1;
331 }
332
333 int STORE_delete_certificate(STORE *s, OPENSSL_ITEM attributes[],
334 OPENSSL_ITEM parameters[])
335 {
336 check_store(s, STORE_F_STORE_DELETE_CERTIFICATE,
337 delete_object, STORE_R_NO_DELETE_OBJECT_FUNCTION);
338
339 if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
340 attributes, parameters)) {
341 STOREerr(STORE_F_STORE_DELETE_CERTIFICATE,
342 STORE_R_FAILED_DELETING_CERTIFICATE);
343 return 0;
344 }
345 return 1;
346 }
347
348 void *STORE_list_certificate_start(STORE *s, OPENSSL_ITEM attributes[],
349 OPENSSL_ITEM parameters[])
350 {
351 void *handle;
352
353 check_store(s, STORE_F_STORE_LIST_CERTIFICATE_START,
354 list_object_start, STORE_R_NO_LIST_OBJECT_START_FUNCTION);
355
356 handle = s->meth->list_object_start(s,
357 STORE_OBJECT_TYPE_X509_CERTIFICATE,
358 attributes, parameters);
359 if (!handle) {
360 STOREerr(STORE_F_STORE_LIST_CERTIFICATE_START,
361 STORE_R_FAILED_LISTING_CERTIFICATES);
362 return 0;
363 }
364 return handle;
365 }
366
367 X509 *STORE_list_certificate_next(STORE *s, void *handle)
368 {
369 STORE_OBJECT *object;
370 X509 *x;
371
372 check_store(s, STORE_F_STORE_LIST_CERTIFICATE_NEXT,
373 list_object_next, STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
374
375 object = s->meth->list_object_next(s, handle);
376 if (!object || !object->data.x509.certificate) {
377 STOREerr(STORE_F_STORE_LIST_CERTIFICATE_NEXT,
378 STORE_R_FAILED_LISTING_CERTIFICATES);
379 return 0;
380 }
381 CRYPTO_add(&object->data.x509.certificate->references, 1,
382 CRYPTO_LOCK_X509);
383 #ifdef REF_PRINT
384 REF_PRINT("X509", data);
385 #endif
386 x = object->data.x509.certificate;
387 STORE_OBJECT_free(object);
388 return x;
389 }
390
391 int STORE_list_certificate_end(STORE *s, void *handle)
392 {
393 check_store(s, STORE_F_STORE_LIST_CERTIFICATE_END,
394 list_object_end, STORE_R_NO_LIST_OBJECT_END_FUNCTION);
395
396 if (!s->meth->list_object_end(s, handle)) {
397 STOREerr(STORE_F_STORE_LIST_CERTIFICATE_END,
398 STORE_R_FAILED_LISTING_CERTIFICATES);
399 return 0;
400 }
401 return 1;
402 }
403
404 int STORE_list_certificate_endp(STORE *s, void *handle)
405 {
406 check_store(s, STORE_F_STORE_LIST_CERTIFICATE_ENDP,
407 list_object_endp, STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
408
409 if (!s->meth->list_object_endp(s, handle)) {
410 STOREerr(STORE_F_STORE_LIST_CERTIFICATE_ENDP,
411 STORE_R_FAILED_LISTING_CERTIFICATES);
412 return 0;
413 }
414 return 1;
415 }
416
417 EVP_PKEY *STORE_generate_key(STORE *s, OPENSSL_ITEM attributes[],
418 OPENSSL_ITEM parameters[])
419 {
420 STORE_OBJECT *object;
421 EVP_PKEY *pkey;
422
423 check_store(s, STORE_F_STORE_GENERATE_KEY,
424 generate_object, STORE_R_NO_GENERATE_OBJECT_FUNCTION);
425
426 object = s->meth->generate_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
427 attributes, parameters);
428 if (!object || !object->data.key) {
429 STOREerr(STORE_F_STORE_GENERATE_KEY, STORE_R_FAILED_GENERATING_KEY);
430 return 0;
431 }
432 CRYPTO_add(&object->data.key->references, 1, CRYPTO_LOCK_EVP_PKEY);
433 #ifdef REF_PRINT
434 REF_PRINT("EVP_PKEY", data);
435 #endif
436 pkey = object->data.key;
437 STORE_OBJECT_free(object);
438 return pkey;
439 }
440
441 EVP_PKEY *STORE_get_private_key(STORE *s, OPENSSL_ITEM attributes[],
442 OPENSSL_ITEM parameters[])
443 {
444 STORE_OBJECT *object;
445 EVP_PKEY *pkey;
446
447 check_store(s, STORE_F_STORE_GET_PRIVATE_KEY,
448 get_object, STORE_R_NO_GET_OBJECT_FUNCTION);
449
450 object = s->meth->get_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
451 attributes, parameters);
452 if (!object || !object->data.key || !object->data.key) {
453 STOREerr(STORE_F_STORE_GET_PRIVATE_KEY, STORE_R_FAILED_GETTING_KEY);
454 return 0;
455 }
456 CRYPTO_add(&object->data.key->references, 1, CRYPTO_LOCK_EVP_PKEY);
457 #ifdef REF_PRINT
458 REF_PRINT("EVP_PKEY", data);
459 #endif
460 pkey = object->data.key;
461 STORE_OBJECT_free(object);
462 return pkey;
463 }
464
465 int STORE_store_private_key(STORE *s, EVP_PKEY *data,
466 OPENSSL_ITEM attributes[],
467 OPENSSL_ITEM parameters[])
468 {
469 STORE_OBJECT *object;
470 int i;
471
472 check_store(s, STORE_F_STORE_STORE_PRIVATE_KEY,
473 store_object, STORE_R_NO_STORE_OBJECT_FUNCTION);
474
475 object = STORE_OBJECT_new();
476 if (!object) {
477 STOREerr(STORE_F_STORE_STORE_PRIVATE_KEY, ERR_R_MALLOC_FAILURE);
478 return 0;
479 }
480 object->data.key = EVP_PKEY_new();
481 if (!object->data.key) {
482 STOREerr(STORE_F_STORE_STORE_PRIVATE_KEY, ERR_R_MALLOC_FAILURE);
483 return 0;
484 }
485
486 CRYPTO_add(&data->references, 1, CRYPTO_LOCK_EVP_PKEY);
487 #ifdef REF_PRINT
488 REF_PRINT("EVP_PKEY", data);
489 #endif
490 object->data.key = data;
491
492 i = s->meth->store_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY, object,
493 attributes, parameters);
494
495 STORE_OBJECT_free(object);
496
497 if (!i) {
498 STOREerr(STORE_F_STORE_STORE_PRIVATE_KEY, STORE_R_FAILED_STORING_KEY);
499 return 0;
500 }
501 return i;
502 }
503
504 int STORE_modify_private_key(STORE *s, OPENSSL_ITEM search_attributes[],
505 OPENSSL_ITEM add_attributes[],
506 OPENSSL_ITEM modify_attributes[],
507 OPENSSL_ITEM delete_attributes[],
508 OPENSSL_ITEM parameters[])
509 {
510 check_store(s, STORE_F_STORE_MODIFY_PRIVATE_KEY,
511 modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION);
512
513 if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
514 search_attributes, add_attributes,
515 modify_attributes, delete_attributes,
516 parameters)) {
517 STOREerr(STORE_F_STORE_MODIFY_PRIVATE_KEY,
518 STORE_R_FAILED_MODIFYING_PRIVATE_KEY);
519 return 0;
520 }
521 return 1;
522 }
523
524 int STORE_revoke_private_key(STORE *s, OPENSSL_ITEM attributes[],
525 OPENSSL_ITEM parameters[])
526 {
527 int i;
528
529 check_store(s, STORE_F_STORE_REVOKE_PRIVATE_KEY,
530 revoke_object, STORE_R_NO_REVOKE_OBJECT_FUNCTION);
531
532 i = s->meth->revoke_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
533 attributes, parameters);
534
535 if (!i) {
536 STOREerr(STORE_F_STORE_REVOKE_PRIVATE_KEY,
537 STORE_R_FAILED_REVOKING_KEY);
538 return 0;
539 }
540 return i;
541 }
542
543 int STORE_delete_private_key(STORE *s, OPENSSL_ITEM attributes[],
544 OPENSSL_ITEM parameters[])
545 {
546 check_store(s, STORE_F_STORE_DELETE_PRIVATE_KEY,
547 delete_object, STORE_R_NO_DELETE_OBJECT_FUNCTION);
548
549 if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
550 attributes, parameters)) {
551 STOREerr(STORE_F_STORE_DELETE_PRIVATE_KEY,
552 STORE_R_FAILED_DELETING_KEY);
553 return 0;
554 }
555 return 1;
556 }
557
558 void *STORE_list_private_key_start(STORE *s, OPENSSL_ITEM attributes[],
559 OPENSSL_ITEM parameters[])
560 {
561 void *handle;
562
563 check_store(s, STORE_F_STORE_LIST_PRIVATE_KEY_START,
564 list_object_start, STORE_R_NO_LIST_OBJECT_START_FUNCTION);
565
566 handle = s->meth->list_object_start(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
567 attributes, parameters);
568 if (!handle) {
569 STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_START,
570 STORE_R_FAILED_LISTING_KEYS);
571 return 0;
572 }
573 return handle;
574 }
575
576 EVP_PKEY *STORE_list_private_key_next(STORE *s, void *handle)
577 {
578 STORE_OBJECT *object;
579 EVP_PKEY *pkey;
580
581 check_store(s, STORE_F_STORE_LIST_PRIVATE_KEY_NEXT,
582 list_object_next, STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
583
584 object = s->meth->list_object_next(s, handle);
585 if (!object || !object->data.key || !object->data.key) {
586 STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_NEXT,
587 STORE_R_FAILED_LISTING_KEYS);
588 return 0;
589 }
590 CRYPTO_add(&object->data.key->references, 1, CRYPTO_LOCK_EVP_PKEY);
591 #ifdef REF_PRINT
592 REF_PRINT("EVP_PKEY", data);
593 #endif
594 pkey = object->data.key;
595 STORE_OBJECT_free(object);
596 return pkey;
597 }
598
599 int STORE_list_private_key_end(STORE *s, void *handle)
600 {
601 check_store(s, STORE_F_STORE_LIST_PRIVATE_KEY_END,
602 list_object_end, STORE_R_NO_LIST_OBJECT_END_FUNCTION);
603
604 if (!s->meth->list_object_end(s, handle)) {
605 STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_END,
606 STORE_R_FAILED_LISTING_KEYS);
607 return 0;
608 }
609 return 1;
610 }
611
612 int STORE_list_private_key_endp(STORE *s, void *handle)
613 {
614 check_store(s, STORE_F_STORE_LIST_PRIVATE_KEY_ENDP,
615 list_object_endp, STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
616
617 if (!s->meth->list_object_endp(s, handle)) {
618 STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_ENDP,
619 STORE_R_FAILED_LISTING_KEYS);
620 return 0;
621 }
622 return 1;
623 }
624
625 EVP_PKEY *STORE_get_public_key(STORE *s, OPENSSL_ITEM attributes[],
626 OPENSSL_ITEM parameters[])
627 {
628 STORE_OBJECT *object;
629 EVP_PKEY *pkey;
630
631 check_store(s, STORE_F_STORE_GET_PUBLIC_KEY,
632 get_object, STORE_R_NO_GET_OBJECT_FUNCTION);
633
634 object = s->meth->get_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
635 attributes, parameters);
636 if (!object || !object->data.key || !object->data.key) {
637 STOREerr(STORE_F_STORE_GET_PUBLIC_KEY, STORE_R_FAILED_GETTING_KEY);
638 return 0;
639 }
640 CRYPTO_add(&object->data.key->references, 1, CRYPTO_LOCK_EVP_PKEY);
641 #ifdef REF_PRINT
642 REF_PRINT("EVP_PKEY", data);
643 #endif
644 pkey = object->data.key;
645 STORE_OBJECT_free(object);
646 return pkey;
647 }
648
649 int STORE_store_public_key(STORE *s, EVP_PKEY *data,
650 OPENSSL_ITEM attributes[],
651 OPENSSL_ITEM parameters[])
652 {
653 STORE_OBJECT *object;
654 int i;
655
656 check_store(s, STORE_F_STORE_STORE_PUBLIC_KEY,
657 store_object, STORE_R_NO_STORE_OBJECT_FUNCTION);
658
659 object = STORE_OBJECT_new();
660 if (!object) {
661 STOREerr(STORE_F_STORE_STORE_PUBLIC_KEY, ERR_R_MALLOC_FAILURE);
662 return 0;
663 }
664 object->data.key = EVP_PKEY_new();
665 if (!object->data.key) {
666 STOREerr(STORE_F_STORE_STORE_PUBLIC_KEY, ERR_R_MALLOC_FAILURE);
667 return 0;
668 }
669
670 CRYPTO_add(&data->references, 1, CRYPTO_LOCK_EVP_PKEY);
671 #ifdef REF_PRINT
672 REF_PRINT("EVP_PKEY", data);
673 #endif
674 object->data.key = data;
675
676 i = s->meth->store_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY, object,
677 attributes, parameters);
678
679 STORE_OBJECT_free(object);
680
681 if (!i) {
682 STOREerr(STORE_F_STORE_STORE_PUBLIC_KEY, STORE_R_FAILED_STORING_KEY);
683 return 0;
684 }
685 return i;
686 }
687
688 int STORE_modify_public_key(STORE *s, OPENSSL_ITEM search_attributes[],
689 OPENSSL_ITEM add_attributes[],
690 OPENSSL_ITEM modify_attributes[],
691 OPENSSL_ITEM delete_attributes[],
692 OPENSSL_ITEM parameters[])
693 {
694 check_store(s, STORE_F_STORE_MODIFY_PUBLIC_KEY,
695 modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION);
696
697 if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
698 search_attributes, add_attributes,
699 modify_attributes, delete_attributes,
700 parameters)) {
701 STOREerr(STORE_F_STORE_MODIFY_PUBLIC_KEY,
702 STORE_R_FAILED_MODIFYING_PUBLIC_KEY);
703 return 0;
704 }
705 return 1;
706 }
707
708 int STORE_revoke_public_key(STORE *s, OPENSSL_ITEM attributes[],
709 OPENSSL_ITEM parameters[])
710 {
711 int i;
712
713 check_store(s, STORE_F_STORE_REVOKE_PUBLIC_KEY,
714 revoke_object, STORE_R_NO_REVOKE_OBJECT_FUNCTION);
715
716 i = s->meth->revoke_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
717 attributes, parameters);
718
719 if (!i) {
720 STOREerr(STORE_F_STORE_REVOKE_PUBLIC_KEY,
721 STORE_R_FAILED_REVOKING_KEY);
722 return 0;
723 }
724 return i;
725 }
726
727 int STORE_delete_public_key(STORE *s, OPENSSL_ITEM attributes[],
728 OPENSSL_ITEM parameters[])
729 {
730 check_store(s, STORE_F_STORE_DELETE_PUBLIC_KEY,
731 delete_object, STORE_R_NO_DELETE_OBJECT_FUNCTION);
732
733 if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
734 attributes, parameters)) {
735 STOREerr(STORE_F_STORE_DELETE_PUBLIC_KEY,
736 STORE_R_FAILED_DELETING_KEY);
737 return 0;
738 }
739 return 1;
740 }
741
742 void *STORE_list_public_key_start(STORE *s, OPENSSL_ITEM attributes[],
743 OPENSSL_ITEM parameters[])
744 {
745 void *handle;
746
747 check_store(s, STORE_F_STORE_LIST_PUBLIC_KEY_START,
748 list_object_start, STORE_R_NO_LIST_OBJECT_START_FUNCTION);
749
750 handle = s->meth->list_object_start(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
751 attributes, parameters);
752 if (!handle) {
753 STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_START,
754 STORE_R_FAILED_LISTING_KEYS);
755 return 0;
756 }
757 return handle;
758 }
759
760 EVP_PKEY *STORE_list_public_key_next(STORE *s, void *handle)
761 {
762 STORE_OBJECT *object;
763 EVP_PKEY *pkey;
764
765 check_store(s, STORE_F_STORE_LIST_PUBLIC_KEY_NEXT,
766 list_object_next, STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
767
768 object = s->meth->list_object_next(s, handle);
769 if (!object || !object->data.key || !object->data.key) {
770 STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_NEXT,
771 STORE_R_FAILED_LISTING_KEYS);
772 return 0;
773 }
774 CRYPTO_add(&object->data.key->references, 1, CRYPTO_LOCK_EVP_PKEY);
775 #ifdef REF_PRINT
776 REF_PRINT("EVP_PKEY", data);
777 #endif
778 pkey = object->data.key;
779 STORE_OBJECT_free(object);
780 return pkey;
781 }
782
783 int STORE_list_public_key_end(STORE *s, void *handle)
784 {
785 check_store(s, STORE_F_STORE_LIST_PUBLIC_KEY_END,
786 list_object_end, STORE_R_NO_LIST_OBJECT_END_FUNCTION);
787
788 if (!s->meth->list_object_end(s, handle)) {
789 STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_END,
790 STORE_R_FAILED_LISTING_KEYS);
791 return 0;
792 }
793 return 1;
794 }
795
796 int STORE_list_public_key_endp(STORE *s, void *handle)
797 {
798 check_store(s, STORE_F_STORE_LIST_PUBLIC_KEY_ENDP,
799 list_object_endp, STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
800
801 if (!s->meth->list_object_endp(s, handle)) {
802 STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_ENDP,
803 STORE_R_FAILED_LISTING_KEYS);
804 return 0;
805 }
806 return 1;
807 }
808
809 X509_CRL *STORE_generate_crl(STORE *s, OPENSSL_ITEM attributes[],
810 OPENSSL_ITEM parameters[])
811 {
812 STORE_OBJECT *object;
813 X509_CRL *crl;
814
815 check_store(s, STORE_F_STORE_GENERATE_CRL,
816 generate_object, STORE_R_NO_GENERATE_CRL_FUNCTION);
817
818 object = s->meth->generate_object(s, STORE_OBJECT_TYPE_X509_CRL,
819 attributes, parameters);
820 if (!object || !object->data.crl) {
821 STOREerr(STORE_F_STORE_GENERATE_CRL, STORE_R_FAILED_GENERATING_CRL);
822 return 0;
823 }
824 CRYPTO_add(&object->data.crl->references, 1, CRYPTO_LOCK_X509_CRL);
825 #ifdef REF_PRINT
826 REF_PRINT("X509_CRL", data);
827 #endif
828 crl = object->data.crl;
829 STORE_OBJECT_free(object);
830 return crl;
831 }
832
833 X509_CRL *STORE_get_crl(STORE *s, OPENSSL_ITEM attributes[],
834 OPENSSL_ITEM parameters[])
835 {
836 STORE_OBJECT *object;
837 X509_CRL *crl;
838
839 check_store(s, STORE_F_STORE_GET_CRL,
840 get_object, STORE_R_NO_GET_OBJECT_FUNCTION);
841
842 object = s->meth->get_object(s, STORE_OBJECT_TYPE_X509_CRL,
843 attributes, parameters);
844 if (!object || !object->data.crl) {
845 STOREerr(STORE_F_STORE_GET_CRL, STORE_R_FAILED_GETTING_KEY);
846 return 0;
847 }
848 CRYPTO_add(&object->data.crl->references, 1, CRYPTO_LOCK_X509_CRL);
849 #ifdef REF_PRINT
850 REF_PRINT("X509_CRL", data);
851 #endif
852 crl = object->data.crl;
853 STORE_OBJECT_free(object);
854 return crl;
855 }
856
857 int STORE_store_crl(STORE *s, X509_CRL *data, OPENSSL_ITEM attributes[],
858 OPENSSL_ITEM parameters[])
859 {
860 STORE_OBJECT *object;
861 int i;
862
863 check_store(s, STORE_F_STORE_STORE_CRL,
864 store_object, STORE_R_NO_STORE_OBJECT_FUNCTION);
865
866 object = STORE_OBJECT_new();
867 if (!object) {
868 STOREerr(STORE_F_STORE_STORE_CRL, ERR_R_MALLOC_FAILURE);
869 return 0;
870 }
871
872 CRYPTO_add(&data->references, 1, CRYPTO_LOCK_X509_CRL);
873 #ifdef REF_PRINT
874 REF_PRINT("X509_CRL", data);
875 #endif
876 object->data.crl = data;
877
878 i = s->meth->store_object(s, STORE_OBJECT_TYPE_X509_CRL, object,
879 attributes, parameters);
880
881 STORE_OBJECT_free(object);
882
883 if (!i) {
884 STOREerr(STORE_F_STORE_STORE_CRL, STORE_R_FAILED_STORING_KEY);
885 return 0;
886 }
887 return i;
888 }
889
890 int STORE_modify_crl(STORE *s, OPENSSL_ITEM search_attributes[],
891 OPENSSL_ITEM add_attributes[],
892 OPENSSL_ITEM modify_attributes[],
893 OPENSSL_ITEM delete_attributes[],
894 OPENSSL_ITEM parameters[])
895 {
896 check_store(s, STORE_F_STORE_MODIFY_CRL,
897 modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION);
898
899 if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_X509_CRL,
900 search_attributes, add_attributes,
901 modify_attributes, delete_attributes,
902 parameters)) {
903 STOREerr(STORE_F_STORE_MODIFY_CRL, STORE_R_FAILED_MODIFYING_CRL);
904 return 0;
905 }
906 return 1;
907 }
908
909 int STORE_delete_crl(STORE *s, OPENSSL_ITEM attributes[],
910 OPENSSL_ITEM parameters[])
911 {
912 check_store(s, STORE_F_STORE_DELETE_CRL,
913 delete_object, STORE_R_NO_DELETE_OBJECT_FUNCTION);
914
915 if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_X509_CRL,
916 attributes, parameters)) {
917 STOREerr(STORE_F_STORE_DELETE_CRL, STORE_R_FAILED_DELETING_KEY);
918 return 0;
919 }
920 return 1;
921 }
922
923 void *STORE_list_crl_start(STORE *s, OPENSSL_ITEM attributes[],
924 OPENSSL_ITEM parameters[])
925 {
926 void *handle;
927
928 check_store(s, STORE_F_STORE_LIST_CRL_START,
929 list_object_start, STORE_R_NO_LIST_OBJECT_START_FUNCTION);
930
931 handle = s->meth->list_object_start(s, STORE_OBJECT_TYPE_X509_CRL,
932 attributes, parameters);
933 if (!handle) {
934 STOREerr(STORE_F_STORE_LIST_CRL_START, STORE_R_FAILED_LISTING_KEYS);
935 return 0;
936 }
937 return handle;
938 }
939
940 X509_CRL *STORE_list_crl_next(STORE *s, void *handle)
941 {
942 STORE_OBJECT *object;
943 X509_CRL *crl;
944
945 check_store(s, STORE_F_STORE_LIST_CRL_NEXT,
946 list_object_next, STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
947
948 object = s->meth->list_object_next(s, handle);
949 if (!object || !object->data.crl) {
950 STOREerr(STORE_F_STORE_LIST_CRL_NEXT, STORE_R_FAILED_LISTING_KEYS);
951 return 0;
952 }
953 CRYPTO_add(&object->data.crl->references, 1, CRYPTO_LOCK_X509_CRL);
954 #ifdef REF_PRINT
955 REF_PRINT("X509_CRL", data);
956 #endif
957 crl = object->data.crl;
958 STORE_OBJECT_free(object);
959 return crl;
960 }
961
962 int STORE_list_crl_end(STORE *s, void *handle)
963 {
964 check_store(s, STORE_F_STORE_LIST_CRL_END,
965 list_object_end, STORE_R_NO_LIST_OBJECT_END_FUNCTION);
966
967 if (!s->meth->list_object_end(s, handle)) {
968 STOREerr(STORE_F_STORE_LIST_CRL_END, STORE_R_FAILED_LISTING_KEYS);
969 return 0;
970 }
971 return 1;
972 }
973
974 int STORE_list_crl_endp(STORE *s, void *handle)
975 {
976 check_store(s, STORE_F_STORE_LIST_CRL_ENDP,
977 list_object_endp, STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
978
979 if (!s->meth->list_object_endp(s, handle)) {
980 STOREerr(STORE_F_STORE_LIST_CRL_ENDP, STORE_R_FAILED_LISTING_KEYS);
981 return 0;
982 }
983 return 1;
984 }
985
986 int STORE_store_number(STORE *s, BIGNUM *data, OPENSSL_ITEM attributes[],
987 OPENSSL_ITEM parameters[])
988 {
989 STORE_OBJECT *object;
990 int i;
991
992 check_store(s, STORE_F_STORE_STORE_NUMBER,
993 store_object, STORE_R_NO_STORE_OBJECT_NUMBER_FUNCTION);
994
995 object = STORE_OBJECT_new();
996 if (!object) {
997 STOREerr(STORE_F_STORE_STORE_NUMBER, ERR_R_MALLOC_FAILURE);
998 return 0;
999 }
1000
1001 object->data.number = data;
1002
1003 i = s->meth->store_object(s, STORE_OBJECT_TYPE_NUMBER, object,
1004 attributes, parameters);
1005
1006 STORE_OBJECT_free(object);
1007
1008 if (!i) {
1009 STOREerr(STORE_F_STORE_STORE_NUMBER, STORE_R_FAILED_STORING_NUMBER);
1010 return 0;
1011 }
1012 return 1;
1013 }
1014
1015 int STORE_modify_number(STORE *s, OPENSSL_ITEM search_attributes[],
1016 OPENSSL_ITEM add_attributes[],
1017 OPENSSL_ITEM modify_attributes[],
1018 OPENSSL_ITEM delete_attributes[],
1019 OPENSSL_ITEM parameters[])
1020 {
1021 check_store(s, STORE_F_STORE_MODIFY_NUMBER,
1022 modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION);
1023
1024 if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_NUMBER,
1025 search_attributes, add_attributes,
1026 modify_attributes, delete_attributes,
1027 parameters)) {
1028 STOREerr(STORE_F_STORE_MODIFY_NUMBER,
1029 STORE_R_FAILED_MODIFYING_NUMBER);
1030 return 0;
1031 }
1032 return 1;
1033 }
1034
1035 BIGNUM *STORE_get_number(STORE *s, OPENSSL_ITEM attributes[],
1036 OPENSSL_ITEM parameters[])
1037 {
1038 STORE_OBJECT *object;
1039 BIGNUM *n;
1040
1041 check_store(s, STORE_F_STORE_GET_NUMBER,
1042 get_object, STORE_R_NO_GET_OBJECT_NUMBER_FUNCTION);
1043
1044 object = s->meth->get_object(s, STORE_OBJECT_TYPE_NUMBER, attributes,
1045 parameters);
1046 if (!object || !object->data.number) {
1047 STOREerr(STORE_F_STORE_GET_NUMBER, STORE_R_FAILED_GETTING_NUMBER);
1048 return 0;
1049 }
1050 n = object->data.number;
1051 object->data.number = NULL;
1052 STORE_OBJECT_free(object);
1053 return n;
1054 }
1055
1056 int STORE_delete_number(STORE *s, OPENSSL_ITEM attributes[],
1057 OPENSSL_ITEM parameters[])
1058 {
1059 check_store(s, STORE_F_STORE_DELETE_NUMBER,
1060 delete_object, STORE_R_NO_DELETE_NUMBER_FUNCTION);
1061
1062 if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_NUMBER, attributes,
1063 parameters)) {
1064 STOREerr(STORE_F_STORE_DELETE_NUMBER, STORE_R_FAILED_DELETING_NUMBER);
1065 return 0;
1066 }
1067 return 1;
1068 }
1069
1070 int STORE_store_arbitrary(STORE *s, BUF_MEM *data, OPENSSL_ITEM attributes[],
1071 OPENSSL_ITEM parameters[])
1072 {
1073 STORE_OBJECT *object;
1074 int i;
1075
1076 check_store(s, STORE_F_STORE_STORE_ARBITRARY,
1077 store_object, STORE_R_NO_STORE_OBJECT_ARBITRARY_FUNCTION);
1078
1079 object = STORE_OBJECT_new();
1080 if (!object) {
1081 STOREerr(STORE_F_STORE_STORE_ARBITRARY, ERR_R_MALLOC_FAILURE);
1082 return 0;
1083 }
1084
1085 object->data.arbitrary = data;
1086
1087 i = s->meth->store_object(s, STORE_OBJECT_TYPE_ARBITRARY, object,
1088 attributes, parameters);
1089
1090 STORE_OBJECT_free(object);
1091
1092 if (!i) {
1093 STOREerr(STORE_F_STORE_STORE_ARBITRARY,
1094 STORE_R_FAILED_STORING_ARBITRARY);
1095 return 0;
1096 }
1097 return 1;
1098 }
1099
1100 int STORE_modify_arbitrary(STORE *s, OPENSSL_ITEM search_attributes[],
1101 OPENSSL_ITEM add_attributes[],
1102 OPENSSL_ITEM modify_attributes[],
1103 OPENSSL_ITEM delete_attributes[],
1104 OPENSSL_ITEM parameters[])
1105 {
1106 check_store(s, STORE_F_STORE_MODIFY_ARBITRARY,
1107 modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION);
1108
1109 if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_ARBITRARY,
1110 search_attributes, add_attributes,
1111 modify_attributes, delete_attributes,
1112 parameters)) {
1113 STOREerr(STORE_F_STORE_MODIFY_ARBITRARY,
1114 STORE_R_FAILED_MODIFYING_ARBITRARY);
1115 return 0;
1116 }
1117 return 1;
1118 }
1119
1120 BUF_MEM *STORE_get_arbitrary(STORE *s, OPENSSL_ITEM attributes[],
1121 OPENSSL_ITEM parameters[])
1122 {
1123 STORE_OBJECT *object;
1124 BUF_MEM *b;
1125
1126 check_store(s, STORE_F_STORE_GET_ARBITRARY,
1127 get_object, STORE_R_NO_GET_OBJECT_ARBITRARY_FUNCTION);
1128
1129 object = s->meth->get_object(s, STORE_OBJECT_TYPE_ARBITRARY,
1130 attributes, parameters);
1131 if (!object || !object->data.arbitrary) {
1132 STOREerr(STORE_F_STORE_GET_ARBITRARY,
1133 STORE_R_FAILED_GETTING_ARBITRARY);
1134 return 0;
1135 }
1136 b = object->data.arbitrary;
1137 object->data.arbitrary = NULL;
1138 STORE_OBJECT_free(object);
1139 return b;
1140 }
1141
1142 int STORE_delete_arbitrary(STORE *s, OPENSSL_ITEM attributes[],
1143 OPENSSL_ITEM parameters[])
1144 {
1145 check_store(s, STORE_F_STORE_DELETE_ARBITRARY,
1146 delete_object, STORE_R_NO_DELETE_ARBITRARY_FUNCTION);
1147
1148 if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_ARBITRARY, attributes,
1149 parameters)) {
1150 STOREerr(STORE_F_STORE_DELETE_ARBITRARY,
1151 STORE_R_FAILED_DELETING_ARBITRARY);
1152 return 0;
1153 }
1154 return 1;
1155 }
1156
1157 STORE_OBJECT *STORE_OBJECT_new(void)
1158 {
1159 STORE_OBJECT *object = OPENSSL_malloc(sizeof(STORE_OBJECT));
1160 if (object)
1161 memset(object, 0, sizeof(STORE_OBJECT));
1162 return object;
1163 }
1164
1165 void STORE_OBJECT_free(STORE_OBJECT *data)
1166 {
1167 if (!data)
1168 return;
1169 switch (data->type) {
1170 case STORE_OBJECT_TYPE_X509_CERTIFICATE:
1171 X509_free(data->data.x509.certificate);
1172 break;
1173 case STORE_OBJECT_TYPE_X509_CRL:
1174 X509_CRL_free(data->data.crl);
1175 break;
1176 case STORE_OBJECT_TYPE_PRIVATE_KEY:
1177 case STORE_OBJECT_TYPE_PUBLIC_KEY:
1178 EVP_PKEY_free(data->data.key);
1179 break;
1180 case STORE_OBJECT_TYPE_NUMBER:
1181 BN_free(data->data.number);
1182 break;
1183 case STORE_OBJECT_TYPE_ARBITRARY:
1184 BUF_MEM_free(data->data.arbitrary);
1185 break;
1186 }
1187 OPENSSL_free(data);
1188 }
1189
1190 IMPLEMENT_STACK_OF(STORE_OBJECT*)
1191
1192 struct STORE_attr_info_st {
1193 unsigned char set[(STORE_ATTR_TYPE_NUM + 8) / 8];
1194 union {
1195 char *cstring;
1196 unsigned char *sha1string;
1197 X509_NAME *dn;
1198 BIGNUM *number;
1199 void *any;
1200 } values[STORE_ATTR_TYPE_NUM + 1];
1201 size_t value_sizes[STORE_ATTR_TYPE_NUM + 1];
1202 };
1203
1204 #define ATTR_IS_SET(a,i) ((i) > 0 && (i) < STORE_ATTR_TYPE_NUM \
1205 && ((a)->set[(i) / 8] & (1 << ((i) % 8))))
1206 #define SET_ATTRBIT(a,i) ((a)->set[(i) / 8] |= (1 << ((i) % 8)))
1207 #define CLEAR_ATTRBIT(a,i) ((a)->set[(i) / 8] &= ~(1 << ((i) % 8)))
1208
1209 STORE_ATTR_INFO *STORE_ATTR_INFO_new(void)
1210 {
1211 return (STORE_ATTR_INFO *)OPENSSL_malloc(sizeof(STORE_ATTR_INFO));
1212 }
1213
1214 static void STORE_ATTR_INFO_attr_free(STORE_ATTR_INFO *attrs,
1215 STORE_ATTR_TYPES code)
1216 {
1217 if (ATTR_IS_SET(attrs, code)) {
1218 switch (code) {
1219 case STORE_ATTR_FRIENDLYNAME:
1220 case STORE_ATTR_EMAIL:
1221 case STORE_ATTR_FILENAME:
1222 STORE_ATTR_INFO_modify_cstr(attrs, code, NULL, 0);
1223 break;
1224 case STORE_ATTR_KEYID:
1225 case STORE_ATTR_ISSUERKEYID:
1226 case STORE_ATTR_SUBJECTKEYID:
1227 case STORE_ATTR_ISSUERSERIALHASH:
1228 case STORE_ATTR_CERTHASH:
1229 STORE_ATTR_INFO_modify_sha1str(attrs, code, NULL, 0);
1230 break;
1231 case STORE_ATTR_ISSUER:
1232 case STORE_ATTR_SUBJECT:
1233 STORE_ATTR_INFO_modify_dn(attrs, code, NULL);
1234 break;
1235 case STORE_ATTR_SERIAL:
1236 STORE_ATTR_INFO_modify_number(attrs, code, NULL);
1237 break;
1238 default:
1239 break;
1240 }
1241 }
1242 }
1243
1244 int STORE_ATTR_INFO_free(STORE_ATTR_INFO *attrs)
1245 {
1246 if (attrs) {
1247 STORE_ATTR_TYPES i;
1248 for (i = 0; i++ < STORE_ATTR_TYPE_NUM;)
1249 STORE_ATTR_INFO_attr_free(attrs, i);
1250 OPENSSL_free(attrs);
1251 }
1252 return 1;
1253 }
1254
1255 char *STORE_ATTR_INFO_get0_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code)
1256 {
1257 if (!attrs) {
1258 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_CSTR,
1259 ERR_R_PASSED_NULL_PARAMETER);
1260 return NULL;
1261 }
1262 if (ATTR_IS_SET(attrs, code))
1263 return attrs->values[code].cstring;
1264 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_CSTR, STORE_R_NO_VALUE);
1265 return NULL;
1266 }
1267
1268 unsigned char *STORE_ATTR_INFO_get0_sha1str(STORE_ATTR_INFO *attrs,
1269 STORE_ATTR_TYPES code)
1270 {
1271 if (!attrs) {
1272 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_SHA1STR,
1273 ERR_R_PASSED_NULL_PARAMETER);
1274 return NULL;
1275 }
1276 if (ATTR_IS_SET(attrs, code))
1277 return attrs->values[code].sha1string;
1278 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_SHA1STR, STORE_R_NO_VALUE);
1279 return NULL;
1280 }
1281
1282 X509_NAME *STORE_ATTR_INFO_get0_dn(STORE_ATTR_INFO *attrs,
1283 STORE_ATTR_TYPES code)
1284 {
1285 if (!attrs) {
1286 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_DN,
1287 ERR_R_PASSED_NULL_PARAMETER);
1288 return NULL;
1289 }
1290 if (ATTR_IS_SET(attrs, code))
1291 return attrs->values[code].dn;
1292 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_DN, STORE_R_NO_VALUE);
1293 return NULL;
1294 }
1295
1296 BIGNUM *STORE_ATTR_INFO_get0_number(STORE_ATTR_INFO *attrs,
1297 STORE_ATTR_TYPES code)
1298 {
1299 if (!attrs) {
1300 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_NUMBER,
1301 ERR_R_PASSED_NULL_PARAMETER);
1302 return NULL;
1303 }
1304 if (ATTR_IS_SET(attrs, code))
1305 return attrs->values[code].number;
1306 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_NUMBER, STORE_R_NO_VALUE);
1307 return NULL;
1308 }
1309
1310 int STORE_ATTR_INFO_set_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1311 char *cstr, size_t cstr_size)
1312 {
1313 if (!attrs) {
1314 STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR,
1315 ERR_R_PASSED_NULL_PARAMETER);
1316 return 0;
1317 }
1318 if (!ATTR_IS_SET(attrs, code)) {
1319 if ((attrs->values[code].cstring = BUF_strndup(cstr, cstr_size)))
1320 return 1;
1321 STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR, ERR_R_MALLOC_FAILURE);
1322 return 0;
1323 }
1324 STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR, STORE_R_ALREADY_HAS_A_VALUE);
1325 return 0;
1326 }
1327
1328 int STORE_ATTR_INFO_set_sha1str(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1329 unsigned char *sha1str, size_t sha1str_size)
1330 {
1331 if (!attrs) {
1332 STOREerr(STORE_F_STORE_ATTR_INFO_SET_SHA1STR,
1333 ERR_R_PASSED_NULL_PARAMETER);
1334 return 0;
1335 }
1336 if (!ATTR_IS_SET(attrs, code)) {
1337 if ((attrs->values[code].sha1string =
1338 (unsigned char *)BUF_memdup(sha1str, sha1str_size)))
1339 return 1;
1340 STOREerr(STORE_F_STORE_ATTR_INFO_SET_SHA1STR, ERR_R_MALLOC_FAILURE);
1341 return 0;
1342 }
1343 STOREerr(STORE_F_STORE_ATTR_INFO_SET_SHA1STR,
1344 STORE_R_ALREADY_HAS_A_VALUE);
1345 return 0;
1346 }
1347
1348 int STORE_ATTR_INFO_set_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1349 X509_NAME *dn)
1350 {
1351 if (!attrs) {
1352 STOREerr(STORE_F_STORE_ATTR_INFO_SET_DN, ERR_R_PASSED_NULL_PARAMETER);
1353 return 0;
1354 }
1355 if (!ATTR_IS_SET(attrs, code)) {
1356 if ((attrs->values[code].dn = X509_NAME_dup(dn)))
1357 return 1;
1358 STOREerr(STORE_F_STORE_ATTR_INFO_SET_DN, ERR_R_MALLOC_FAILURE);
1359 return 0;
1360 }
1361 STOREerr(STORE_F_STORE_ATTR_INFO_SET_DN, STORE_R_ALREADY_HAS_A_VALUE);
1362 return 0;
1363 }
1364
1365 int STORE_ATTR_INFO_set_number(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1366 BIGNUM *number)
1367 {
1368 if (!attrs) {
1369 STOREerr(STORE_F_STORE_ATTR_INFO_SET_NUMBER,
1370 ERR_R_PASSED_NULL_PARAMETER);
1371 return 0;
1372 }
1373 if (!ATTR_IS_SET(attrs, code)) {
1374 if ((attrs->values[code].number = BN_dup(number)))
1375 return 1;
1376 STOREerr(STORE_F_STORE_ATTR_INFO_SET_NUMBER, ERR_R_MALLOC_FAILURE);
1377 return 0;
1378 }
1379 STOREerr(STORE_F_STORE_ATTR_INFO_SET_NUMBER, STORE_R_ALREADY_HAS_A_VALUE);
1380 return 0;
1381 }
1382
1383 int STORE_ATTR_INFO_modify_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1384 char *cstr, size_t cstr_size)
1385 {
1386 if (!attrs) {
1387 STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_CSTR,
1388 ERR_R_PASSED_NULL_PARAMETER);
1389 return 0;
1390 }
1391 if (ATTR_IS_SET(attrs, code)) {
1392 OPENSSL_free(attrs->values[code].cstring);
1393 attrs->values[code].cstring = NULL;
1394 CLEAR_ATTRBIT(attrs, code);
1395 }
1396 return STORE_ATTR_INFO_set_cstr(attrs, code, cstr, cstr_size);
1397 }
1398
1399 int STORE_ATTR_INFO_modify_sha1str(STORE_ATTR_INFO *attrs,
1400 STORE_ATTR_TYPES code,
1401 unsigned char *sha1str,
1402 size_t sha1str_size)
1403 {
1404 if (!attrs) {
1405 STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_SHA1STR,
1406 ERR_R_PASSED_NULL_PARAMETER);
1407 return 0;
1408 }
1409 if (ATTR_IS_SET(attrs, code)) {
1410 OPENSSL_free(attrs->values[code].sha1string);
1411 attrs->values[code].sha1string = NULL;
1412 CLEAR_ATTRBIT(attrs, code);
1413 }
1414 return STORE_ATTR_INFO_set_sha1str(attrs, code, sha1str, sha1str_size);
1415 }
1416
1417 int STORE_ATTR_INFO_modify_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1418 X509_NAME *dn)
1419 {
1420 if (!attrs) {
1421 STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_DN,
1422 ERR_R_PASSED_NULL_PARAMETER);
1423 return 0;
1424 }
1425 if (ATTR_IS_SET(attrs, code)) {
1426 OPENSSL_free(attrs->values[code].dn);
1427 attrs->values[code].dn = NULL;
1428 CLEAR_ATTRBIT(attrs, code);
1429 }
1430 return STORE_ATTR_INFO_set_dn(attrs, code, dn);
1431 }
1432
1433 int STORE_ATTR_INFO_modify_number(STORE_ATTR_INFO *attrs,
1434 STORE_ATTR_TYPES code, BIGNUM *number)
1435 {
1436 if (!attrs) {
1437 STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_NUMBER,
1438 ERR_R_PASSED_NULL_PARAMETER);
1439 return 0;
1440 }
1441 if (ATTR_IS_SET(attrs, code)) {
1442 OPENSSL_free(attrs->values[code].number);
1443 attrs->values[code].number = NULL;
1444 CLEAR_ATTRBIT(attrs, code);
1445 }
1446 return STORE_ATTR_INFO_set_number(attrs, code, number);
1447 }
1448
1449 struct attr_list_ctx_st {
1450 OPENSSL_ITEM *attributes;
1451 };
1452 void *STORE_parse_attrs_start(OPENSSL_ITEM *attributes)
1453 {
1454 if (attributes) {
1455 struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)
1456 OPENSSL_malloc(sizeof(struct attr_list_ctx_st));
1457 if (context)
1458 context->attributes = attributes;
1459 else
1460 STOREerr(STORE_F_STORE_PARSE_ATTRS_START, ERR_R_MALLOC_FAILURE);
1461 return context;
1462 }
1463 STOREerr(STORE_F_STORE_PARSE_ATTRS_START, ERR_R_PASSED_NULL_PARAMETER);
1464 return 0;
1465 }
1466
1467 STORE_ATTR_INFO *STORE_parse_attrs_next(void *handle)
1468 {
1469 struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)handle;
1470
1471 if (context && context->attributes) {
1472 STORE_ATTR_INFO *attrs = NULL;
1473
1474 while (context->attributes
1475 && context->attributes->code != STORE_ATTR_OR
1476 && context->attributes->code != STORE_ATTR_END) {
1477 switch (context->attributes->code) {
1478 case STORE_ATTR_FRIENDLYNAME:
1479 case STORE_ATTR_EMAIL:
1480 case STORE_ATTR_FILENAME:
1481 if (!attrs)
1482 attrs = STORE_ATTR_INFO_new();
1483 if (attrs == NULL) {
1484 STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
1485 ERR_R_MALLOC_FAILURE);
1486 goto err;
1487 }
1488 STORE_ATTR_INFO_set_cstr(attrs,
1489 context->attributes->code,
1490 context->attributes->value,
1491 context->attributes->value_size);
1492 break;
1493 case STORE_ATTR_KEYID:
1494 case STORE_ATTR_ISSUERKEYID:
1495 case STORE_ATTR_SUBJECTKEYID:
1496 case STORE_ATTR_ISSUERSERIALHASH:
1497 case STORE_ATTR_CERTHASH:
1498 if (!attrs)
1499 attrs = STORE_ATTR_INFO_new();
1500 if (attrs == NULL) {
1501 STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
1502 ERR_R_MALLOC_FAILURE);
1503 goto err;
1504 }
1505 STORE_ATTR_INFO_set_sha1str(attrs,
1506 context->attributes->code,
1507 context->attributes->value,
1508 context->attributes->value_size);
1509 break;
1510 case STORE_ATTR_ISSUER:
1511 case STORE_ATTR_SUBJECT:
1512 if (!attrs)
1513 attrs = STORE_ATTR_INFO_new();
1514 if (attrs == NULL) {
1515 STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
1516 ERR_R_MALLOC_FAILURE);
1517 goto err;
1518 }
1519 STORE_ATTR_INFO_modify_dn(attrs,
1520 context->attributes->code,
1521 context->attributes->value);
1522 break;
1523 case STORE_ATTR_SERIAL:
1524 if (!attrs)
1525 attrs = STORE_ATTR_INFO_new();
1526 if (attrs == NULL) {
1527 STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
1528 ERR_R_MALLOC_FAILURE);
1529 goto err;
1530 }
1531 STORE_ATTR_INFO_modify_number(attrs,
1532 context->attributes->code,
1533 context->attributes->value);
1534 break;
1535 }
1536 context->attributes++;
1537 }
1538 if (context->attributes->code == STORE_ATTR_OR)
1539 context->attributes++;
1540 return attrs;
1541 err:
1542 while (context->attributes
1543 && context->attributes->code != STORE_ATTR_OR
1544 && context->attributes->code != STORE_ATTR_END)
1545 context->attributes++;
1546 if (context->attributes->code == STORE_ATTR_OR)
1547 context->attributes++;
1548 return NULL;
1549 }
1550 STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT, ERR_R_PASSED_NULL_PARAMETER);
1551 return NULL;
1552 }
1553
1554 int STORE_parse_attrs_end(void *handle)
1555 {
1556 struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)handle;
1557
1558 if (context && context->attributes) {
1559 #if 0
1560 OPENSSL_ITEM *attributes = context->attributes;
1561 #endif
1562 OPENSSL_free(context);
1563 return 1;
1564 }
1565 STOREerr(STORE_F_STORE_PARSE_ATTRS_END, ERR_R_PASSED_NULL_PARAMETER);
1566 return 0;
1567 }
1568
1569 int STORE_parse_attrs_endp(void *handle)
1570 {
1571 struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)handle;
1572
1573 if (context && context->attributes) {
1574 return context->attributes->code == STORE_ATTR_END;
1575 }
1576 STOREerr(STORE_F_STORE_PARSE_ATTRS_ENDP, ERR_R_PASSED_NULL_PARAMETER);
1577 return 0;
1578 }
1579
1580 static int attr_info_compare_compute_range(unsigned char *abits,
1581 unsigned char *bbits,
1582 unsigned int *alowp,
1583 unsigned int *ahighp,
1584 unsigned int *blowp,
1585 unsigned int *bhighp)
1586 {
1587 unsigned int alow = (unsigned int)-1, ahigh = 0;
1588 unsigned int blow = (unsigned int)-1, bhigh = 0;
1589 int i, res = 0;
1590
1591 for (i = 0; i < (STORE_ATTR_TYPE_NUM + 8) / 8; i++, abits++, bbits++) {
1592 if (res == 0) {
1593 if (*abits < *bbits)
1594 res = -1;
1595 if (*abits > *bbits)
1596 res = 1;
1597 }
1598 if (*abits) {
1599 if (alow == (unsigned int)-1) {
1600 alow = i * 8;
1601 if (!(*abits & 0x01))
1602 alow++;
1603 if (!(*abits & 0x02))
1604 alow++;
1605 if (!(*abits & 0x04))
1606 alow++;
1607 if (!(*abits & 0x08))
1608 alow++;
1609 if (!(*abits & 0x10))
1610 alow++;
1611 if (!(*abits & 0x20))
1612 alow++;
1613 if (!(*abits & 0x40))
1614 alow++;
1615 }
1616 ahigh = i * 8 + 7;
1617 if (!(*abits & 0x80))
1618 ahigh++;
1619 if (!(*abits & 0x40))
1620 ahigh++;
1621 if (!(*abits & 0x20))
1622 ahigh++;
1623 if (!(*abits & 0x10))
1624 ahigh++;
1625 if (!(*abits & 0x08))
1626 ahigh++;
1627 if (!(*abits & 0x04))
1628 ahigh++;
1629 if (!(*abits & 0x02))
1630 ahigh++;
1631 }
1632 if (*bbits) {
1633 if (blow == (unsigned int)-1) {
1634 blow = i * 8;
1635 if (!(*bbits & 0x01))
1636 blow++;
1637 if (!(*bbits & 0x02))
1638 blow++;
1639 if (!(*bbits & 0x04))
1640 blow++;
1641 if (!(*bbits & 0x08))
1642 blow++;
1643 if (!(*bbits & 0x10))
1644 blow++;
1645 if (!(*bbits & 0x20))
1646 blow++;
1647 if (!(*bbits & 0x40))
1648 blow++;
1649 }
1650 bhigh = i * 8 + 7;
1651 if (!(*bbits & 0x80))
1652 bhigh++;
1653 if (!(*bbits & 0x40))
1654 bhigh++;
1655 if (!(*bbits & 0x20))
1656 bhigh++;
1657 if (!(*bbits & 0x10))
1658 bhigh++;
1659 if (!(*bbits & 0x08))
1660 bhigh++;
1661 if (!(*bbits & 0x04))
1662 bhigh++;
1663 if (!(*bbits & 0x02))
1664 bhigh++;
1665 }
1666 }
1667 if (ahigh + alow < bhigh + blow)
1668 res = -1;
1669 if (ahigh + alow > bhigh + blow)
1670 res = 1;
1671 if (alowp)
1672 *alowp = alow;
1673 if (ahighp)
1674 *ahighp = ahigh;
1675 if (blowp)
1676 *blowp = blow;
1677 if (bhighp)
1678 *bhighp = bhigh;
1679 return res;
1680 }
1681
1682 int STORE_ATTR_INFO_compare(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
1683 {
1684 if (a == b)
1685 return 0;
1686 if (!a)
1687 return -1;
1688 if (!b)
1689 return 1;
1690 return attr_info_compare_compute_range(a->set, b->set, 0, 0, 0, 0);
1691 }
1692
1693 int STORE_ATTR_INFO_in_range(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
1694 {
1695 unsigned int alow, ahigh, blow, bhigh;
1696
1697 if (a == b)
1698 return 1;
1699 if (!a)
1700 return 0;
1701 if (!b)
1702 return 0;
1703 attr_info_compare_compute_range(a->set, b->set,
1704 &alow, &ahigh, &blow, &bhigh);
1705 if (alow >= blow && ahigh <= bhigh)
1706 return 1;
1707 return 0;
1708 }
1709
1710 int STORE_ATTR_INFO_in(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
1711 {
1712 unsigned char *abits, *bbits;
1713 int i;
1714
1715 if (a == b)
1716 return 1;
1717 if (!a)
1718 return 0;
1719 if (!b)
1720 return 0;
1721 abits = a->set;
1722 bbits = b->set;
1723 for (i = 0; i < (STORE_ATTR_TYPE_NUM + 8) / 8; i++, abits++, bbits++) {
1724 if (*abits && (*bbits & *abits) != *abits)
1725 return 0;
1726 }
1727 return 1;
1728 }
1729
1730 int STORE_ATTR_INFO_in_ex(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
1731 {
1732 STORE_ATTR_TYPES i;
1733
1734 if (a == b)
1735 return 1;
1736 if (!STORE_ATTR_INFO_in(a, b))
1737 return 0;
1738 for (i = 1; i < STORE_ATTR_TYPE_NUM; i++)
1739 if (ATTR_IS_SET(a, i)) {
1740 switch (i) {
1741 case STORE_ATTR_FRIENDLYNAME:
1742 case STORE_ATTR_EMAIL:
1743 case STORE_ATTR_FILENAME:
1744 if (strcmp(a->values[i].cstring, b->values[i].cstring))
1745 return 0;
1746 break;
1747 case STORE_ATTR_KEYID:
1748 case STORE_ATTR_ISSUERKEYID:
1749 case STORE_ATTR_SUBJECTKEYID:
1750 case STORE_ATTR_ISSUERSERIALHASH:
1751 case STORE_ATTR_CERTHASH:
1752 if (memcmp(a->values[i].sha1string,
1753 b->values[i].sha1string, a->value_sizes[i]))
1754 return 0;
1755 break;
1756 case STORE_ATTR_ISSUER:
1757 case STORE_ATTR_SUBJECT:
1758 if (X509_NAME_cmp(a->values[i].dn, b->values[i].dn))
1759 return 0;
1760 break;
1761 case STORE_ATTR_SERIAL:
1762 if (BN_cmp(a->values[i].number, b->values[i].number))
1763 return 0;
1764 break;
1765 default:
1766 break;
1767 }
1768 }
1769
1770 return 1;
1771 }
A mirror of the official openssl repository