2 * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
4 * Licensed under the OpenSSL license (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
11 #include "internal/cryptlib.h"
12 #include "internal/refcount.h"
13 #include <openssl/x509.h>
14 #include "internal/x509_int.h"
15 #include <openssl/x509v3.h>
18 X509_LOOKUP
*X509_LOOKUP_new(X509_LOOKUP_METHOD
*method
)
20 X509_LOOKUP
*ret
= OPENSSL_zalloc(sizeof(*ret
));
23 X509err(X509_F_X509_LOOKUP_NEW
, ERR_R_MALLOC_FAILURE
);
28 if (method
->new_item
!= NULL
&& method
->new_item(ret
) == 0) {
35 void X509_LOOKUP_free(X509_LOOKUP
*ctx
)
39 if ((ctx
->method
!= NULL
) && (ctx
->method
->free
!= NULL
))
40 (*ctx
->method
->free
) (ctx
);
44 int X509_STORE_lock(X509_STORE
*s
)
46 return CRYPTO_THREAD_write_lock(s
->lock
);
49 int X509_STORE_unlock(X509_STORE
*s
)
51 return CRYPTO_THREAD_unlock(s
->lock
);
54 int X509_LOOKUP_init(X509_LOOKUP
*ctx
)
56 if (ctx
->method
== NULL
)
58 if (ctx
->method
->init
!= NULL
)
59 return ctx
->method
->init(ctx
);
64 int X509_LOOKUP_shutdown(X509_LOOKUP
*ctx
)
66 if (ctx
->method
== NULL
)
68 if (ctx
->method
->shutdown
!= NULL
)
69 return ctx
->method
->shutdown(ctx
);
74 int X509_LOOKUP_ctrl(X509_LOOKUP
*ctx
, int cmd
, const char *argc
, long argl
,
77 if (ctx
->method
== NULL
)
79 if (ctx
->method
->ctrl
!= NULL
)
80 return ctx
->method
->ctrl(ctx
, cmd
, argc
, argl
, ret
);
85 int X509_LOOKUP_by_subject(X509_LOOKUP
*ctx
, X509_LOOKUP_TYPE type
,
86 X509_NAME
*name
, X509_OBJECT
*ret
)
88 if ((ctx
->method
== NULL
) || (ctx
->method
->get_by_subject
== NULL
))
92 return ctx
->method
->get_by_subject(ctx
, type
, name
, ret
);
95 int X509_LOOKUP_by_issuer_serial(X509_LOOKUP
*ctx
, X509_LOOKUP_TYPE type
,
96 X509_NAME
*name
, ASN1_INTEGER
*serial
,
99 if ((ctx
->method
== NULL
) || (ctx
->method
->get_by_issuer_serial
== NULL
))
101 return ctx
->method
->get_by_issuer_serial(ctx
, type
, name
, serial
, ret
);
104 int X509_LOOKUP_by_fingerprint(X509_LOOKUP
*ctx
, X509_LOOKUP_TYPE type
,
105 const unsigned char *bytes
, int len
,
108 if ((ctx
->method
== NULL
) || (ctx
->method
->get_by_fingerprint
== NULL
))
110 return ctx
->method
->get_by_fingerprint(ctx
, type
, bytes
, len
, ret
);
113 int X509_LOOKUP_by_alias(X509_LOOKUP
*ctx
, X509_LOOKUP_TYPE type
,
114 const char *str
, int len
, X509_OBJECT
*ret
)
116 if ((ctx
->method
== NULL
) || (ctx
->method
->get_by_alias
== NULL
))
118 return ctx
->method
->get_by_alias(ctx
, type
, str
, len
, ret
);
121 static int x509_object_cmp(const X509_OBJECT
*const *a
,
122 const X509_OBJECT
*const *b
)
126 ret
= ((*a
)->type
- (*b
)->type
);
129 switch ((*a
)->type
) {
131 ret
= X509_subject_name_cmp((*a
)->data
.x509
, (*b
)->data
.x509
);
134 ret
= X509_CRL_cmp((*a
)->data
.crl
, (*b
)->data
.crl
);
143 X509_STORE
*X509_STORE_new(void)
145 X509_STORE
*ret
= OPENSSL_zalloc(sizeof(*ret
));
148 X509err(X509_F_X509_STORE_NEW
, ERR_R_MALLOC_FAILURE
);
151 if ((ret
->objs
= sk_X509_OBJECT_new(x509_object_cmp
)) == NULL
) {
152 X509err(X509_F_X509_STORE_NEW
, ERR_R_MALLOC_FAILURE
);
156 if ((ret
->get_cert_methods
= sk_X509_LOOKUP_new_null()) == NULL
) {
157 X509err(X509_F_X509_STORE_NEW
, ERR_R_MALLOC_FAILURE
);
161 if ((ret
->param
= X509_VERIFY_PARAM_new()) == NULL
) {
162 X509err(X509_F_X509_STORE_NEW
, ERR_R_MALLOC_FAILURE
);
165 if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE
, ret
, &ret
->ex_data
)) {
166 X509err(X509_F_X509_STORE_NEW
, ERR_R_MALLOC_FAILURE
);
170 ret
->lock
= CRYPTO_THREAD_lock_new();
171 if (ret
->lock
== NULL
) {
172 X509err(X509_F_X509_STORE_NEW
, ERR_R_MALLOC_FAILURE
);
180 X509_VERIFY_PARAM_free(ret
->param
);
181 sk_X509_OBJECT_free(ret
->objs
);
182 sk_X509_LOOKUP_free(ret
->get_cert_methods
);
187 void X509_STORE_free(X509_STORE
*vfy
)
190 STACK_OF(X509_LOOKUP
) *sk
;
195 CRYPTO_DOWN_REF(&vfy
->references
, &i
, vfy
->lock
);
196 REF_PRINT_COUNT("X509_STORE", vfy
);
199 REF_ASSERT_ISNT(i
< 0);
201 sk
= vfy
->get_cert_methods
;
202 for (i
= 0; i
< sk_X509_LOOKUP_num(sk
); i
++) {
203 lu
= sk_X509_LOOKUP_value(sk
, i
);
204 X509_LOOKUP_shutdown(lu
);
205 X509_LOOKUP_free(lu
);
207 sk_X509_LOOKUP_free(sk
);
208 sk_X509_OBJECT_pop_free(vfy
->objs
, X509_OBJECT_free
);
210 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_X509_STORE
, vfy
, &vfy
->ex_data
);
211 X509_VERIFY_PARAM_free(vfy
->param
);
212 CRYPTO_THREAD_lock_free(vfy
->lock
);
216 int X509_STORE_up_ref(X509_STORE
*vfy
)
220 if (CRYPTO_UP_REF(&vfy
->references
, &i
, vfy
->lock
) <= 0)
223 REF_PRINT_COUNT("X509_STORE", a
);
224 REF_ASSERT_ISNT(i
< 2);
225 return ((i
> 1) ? 1 : 0);
228 X509_LOOKUP
*X509_STORE_add_lookup(X509_STORE
*v
, X509_LOOKUP_METHOD
*m
)
231 STACK_OF(X509_LOOKUP
) *sk
;
234 sk
= v
->get_cert_methods
;
235 for (i
= 0; i
< sk_X509_LOOKUP_num(sk
); i
++) {
236 lu
= sk_X509_LOOKUP_value(sk
, i
);
237 if (m
== lu
->method
) {
242 lu
= X509_LOOKUP_new(m
);
244 X509err(X509_F_X509_STORE_ADD_LOOKUP
, ERR_R_MALLOC_FAILURE
);
249 if (sk_X509_LOOKUP_push(v
->get_cert_methods
, lu
))
252 X509err(X509_F_X509_STORE_ADD_LOOKUP
, ERR_R_MALLOC_FAILURE
);
253 X509_LOOKUP_free(lu
);
257 X509_OBJECT
*X509_STORE_CTX_get_obj_by_subject(X509_STORE_CTX
*vs
,
258 X509_LOOKUP_TYPE type
,
261 X509_OBJECT
*ret
= X509_OBJECT_new();
265 if (!X509_STORE_CTX_get_by_subject(vs
, type
, name
, ret
)) {
266 X509_OBJECT_free(ret
);
272 int X509_STORE_CTX_get_by_subject(X509_STORE_CTX
*vs
, X509_LOOKUP_TYPE type
,
273 X509_NAME
*name
, X509_OBJECT
*ret
)
275 X509_STORE
*ctx
= vs
->ctx
;
277 X509_OBJECT stmp
, *tmp
;
283 CRYPTO_THREAD_write_lock(ctx
->lock
);
284 tmp
= X509_OBJECT_retrieve_by_subject(ctx
->objs
, type
, name
);
285 CRYPTO_THREAD_unlock(ctx
->lock
);
287 if (tmp
== NULL
|| type
== X509_LU_CRL
) {
288 for (i
= 0; i
< sk_X509_LOOKUP_num(ctx
->get_cert_methods
); i
++) {
289 lu
= sk_X509_LOOKUP_value(ctx
->get_cert_methods
, i
);
290 j
= X509_LOOKUP_by_subject(lu
, type
, name
, &stmp
);
300 ret
->type
= tmp
->type
;
301 ret
->data
.ptr
= tmp
->data
.ptr
;
303 X509_OBJECT_up_ref_count(ret
);
308 static int x509_store_add(X509_STORE
*ctx
, void *x
, int crl
) {
310 int ret
= 0, added
= 0;
314 obj
= X509_OBJECT_new();
319 obj
->type
= X509_LU_CRL
;
320 obj
->data
.crl
= (X509_CRL
*)x
;
322 obj
->type
= X509_LU_X509
;
323 obj
->data
.x509
= (X509
*)x
;
325 X509_OBJECT_up_ref_count(obj
);
327 CRYPTO_THREAD_write_lock(ctx
->lock
);
329 if (X509_OBJECT_retrieve_match(ctx
->objs
, obj
)) {
332 added
= sk_X509_OBJECT_push(ctx
->objs
, obj
);
336 CRYPTO_THREAD_unlock(ctx
->lock
);
338 if (added
== 0) /* obj not pushed */
339 X509_OBJECT_free(obj
);
344 int X509_STORE_add_cert(X509_STORE
*ctx
, X509
*x
)
346 if (!x509_store_add(ctx
, x
, 0)) {
347 X509err(X509_F_X509_STORE_ADD_CERT
, ERR_R_MALLOC_FAILURE
);
353 int X509_STORE_add_crl(X509_STORE
*ctx
, X509_CRL
*x
)
355 if (!x509_store_add(ctx
, x
, 1)) {
356 X509err(X509_F_X509_STORE_ADD_CRL
, ERR_R_MALLOC_FAILURE
);
362 int X509_OBJECT_up_ref_count(X509_OBJECT
*a
)
368 return X509_up_ref(a
->data
.x509
);
370 return X509_CRL_up_ref(a
->data
.crl
);
375 X509
*X509_OBJECT_get0_X509(const X509_OBJECT
*a
)
377 if (a
== NULL
|| a
->type
!= X509_LU_X509
)
382 X509_CRL
*X509_OBJECT_get0_X509_CRL(X509_OBJECT
*a
)
384 if (a
== NULL
|| a
->type
!= X509_LU_CRL
)
389 X509_LOOKUP_TYPE
X509_OBJECT_get_type(const X509_OBJECT
*a
)
394 X509_OBJECT
*X509_OBJECT_new()
396 X509_OBJECT
*ret
= OPENSSL_zalloc(sizeof(*ret
));
399 X509err(X509_F_X509_OBJECT_NEW
, ERR_R_MALLOC_FAILURE
);
402 ret
->type
= X509_LU_NONE
;
407 void X509_OBJECT_free(X509_OBJECT
*a
)
415 X509_free(a
->data
.x509
);
418 X509_CRL_free(a
->data
.crl
);
424 static int x509_object_idx_cnt(STACK_OF(X509_OBJECT
) *h
, X509_LOOKUP_TYPE type
,
425 X509_NAME
*name
, int *pnmatch
)
435 stmp
.data
.x509
= &x509_s
;
436 x509_s
.cert_info
.subject
= name
;
439 stmp
.data
.crl
= &crl_s
;
440 crl_s
.crl
.issuer
= name
;
447 idx
= sk_X509_OBJECT_find(h
, &stmp
);
448 if (idx
>= 0 && pnmatch
) {
450 const X509_OBJECT
*tobj
, *pstmp
;
453 for (tidx
= idx
+ 1; tidx
< sk_X509_OBJECT_num(h
); tidx
++) {
454 tobj
= sk_X509_OBJECT_value(h
, tidx
);
455 if (x509_object_cmp(&tobj
, &pstmp
))
463 int X509_OBJECT_idx_by_subject(STACK_OF(X509_OBJECT
) *h
, X509_LOOKUP_TYPE type
,
466 return x509_object_idx_cnt(h
, type
, name
, NULL
);
469 X509_OBJECT
*X509_OBJECT_retrieve_by_subject(STACK_OF(X509_OBJECT
) *h
,
470 X509_LOOKUP_TYPE type
,
474 idx
= X509_OBJECT_idx_by_subject(h
, type
, name
);
477 return sk_X509_OBJECT_value(h
, idx
);
480 STACK_OF(X509_OBJECT
) *X509_STORE_get0_objects(X509_STORE
*v
)
485 STACK_OF(X509
) *X509_STORE_CTX_get1_certs(X509_STORE_CTX
*ctx
, X509_NAME
*nm
)
488 STACK_OF(X509
) *sk
= NULL
;
492 if (ctx
->ctx
== NULL
)
495 CRYPTO_THREAD_write_lock(ctx
->ctx
->lock
);
496 idx
= x509_object_idx_cnt(ctx
->ctx
->objs
, X509_LU_X509
, nm
, &cnt
);
499 * Nothing found in cache: do lookup to possibly add new objects to
502 X509_OBJECT
*xobj
= X509_OBJECT_new();
504 CRYPTO_THREAD_unlock(ctx
->ctx
->lock
);
507 if (!X509_STORE_CTX_get_by_subject(ctx
, X509_LU_X509
, nm
, xobj
)) {
508 X509_OBJECT_free(xobj
);
511 X509_OBJECT_free(xobj
);
512 CRYPTO_THREAD_write_lock(ctx
->ctx
->lock
);
513 idx
= x509_object_idx_cnt(ctx
->ctx
->objs
, X509_LU_X509
, nm
, &cnt
);
515 CRYPTO_THREAD_unlock(ctx
->ctx
->lock
);
520 sk
= sk_X509_new_null();
521 for (i
= 0; i
< cnt
; i
++, idx
++) {
522 obj
= sk_X509_OBJECT_value(ctx
->ctx
->objs
, idx
);
525 if (!sk_X509_push(sk
, x
)) {
526 CRYPTO_THREAD_unlock(ctx
->ctx
->lock
);
528 sk_X509_pop_free(sk
, X509_free
);
532 CRYPTO_THREAD_unlock(ctx
->ctx
->lock
);
536 STACK_OF(X509_CRL
) *X509_STORE_CTX_get1_crls(X509_STORE_CTX
*ctx
, X509_NAME
*nm
)
539 STACK_OF(X509_CRL
) *sk
= sk_X509_CRL_new_null();
541 X509_OBJECT
*obj
, *xobj
= X509_OBJECT_new();
543 /* Always do lookup to possibly add new CRLs to cache */
547 || !X509_STORE_CTX_get_by_subject(ctx
, X509_LU_CRL
, nm
, xobj
)) {
548 X509_OBJECT_free(xobj
);
549 sk_X509_CRL_free(sk
);
552 X509_OBJECT_free(xobj
);
553 CRYPTO_THREAD_write_lock(ctx
->ctx
->lock
);
554 idx
= x509_object_idx_cnt(ctx
->ctx
->objs
, X509_LU_CRL
, nm
, &cnt
);
556 CRYPTO_THREAD_unlock(ctx
->ctx
->lock
);
557 sk_X509_CRL_free(sk
);
561 for (i
= 0; i
< cnt
; i
++, idx
++) {
562 obj
= sk_X509_OBJECT_value(ctx
->ctx
->objs
, idx
);
565 if (!sk_X509_CRL_push(sk
, x
)) {
566 CRYPTO_THREAD_unlock(ctx
->ctx
->lock
);
568 sk_X509_CRL_pop_free(sk
, X509_CRL_free
);
572 CRYPTO_THREAD_unlock(ctx
->ctx
->lock
);
576 X509_OBJECT
*X509_OBJECT_retrieve_match(STACK_OF(X509_OBJECT
) *h
,
581 idx
= sk_X509_OBJECT_find(h
, x
);
584 if ((x
->type
!= X509_LU_X509
) && (x
->type
!= X509_LU_CRL
))
585 return sk_X509_OBJECT_value(h
, idx
);
586 for (i
= idx
; i
< sk_X509_OBJECT_num(h
); i
++) {
587 obj
= sk_X509_OBJECT_value(h
, i
);
589 ((const X509_OBJECT
**)&obj
, (const X509_OBJECT
**)&x
))
591 if (x
->type
== X509_LU_X509
) {
592 if (!X509_cmp(obj
->data
.x509
, x
->data
.x509
))
594 } else if (x
->type
== X509_LU_CRL
) {
595 if (!X509_CRL_match(obj
->data
.crl
, x
->data
.crl
))
604 * Try to get issuer certificate from store. Due to limitations
605 * of the API this can only retrieve a single certificate matching
606 * a given subject name. However it will fill the cache with all
607 * matching certificates, so we can examine the cache for all
611 * 1 lookup successful.
612 * 0 certificate not found.
613 * -1 some other error.
615 int X509_STORE_CTX_get1_issuer(X509
**issuer
, X509_STORE_CTX
*ctx
, X509
*x
)
618 X509_OBJECT
*obj
= X509_OBJECT_new(), *pobj
= NULL
;
624 xn
= X509_get_issuer_name(x
);
625 ok
= X509_STORE_CTX_get_by_subject(ctx
, X509_LU_X509
, xn
, obj
);
627 X509_OBJECT_free(obj
);
630 /* If certificate matches all OK */
631 if (ctx
->check_issued(ctx
, x
, obj
->data
.x509
)) {
632 if (x509_check_cert_time(ctx
, obj
->data
.x509
, -1)) {
633 *issuer
= obj
->data
.x509
;
634 X509_up_ref(*issuer
);
635 X509_OBJECT_free(obj
);
639 X509_OBJECT_free(obj
);
641 if (ctx
->ctx
== NULL
)
644 /* Else find index of first cert accepted by 'check_issued' */
646 CRYPTO_THREAD_write_lock(ctx
->ctx
->lock
);
647 idx
= X509_OBJECT_idx_by_subject(ctx
->ctx
->objs
, X509_LU_X509
, xn
);
648 if (idx
!= -1) { /* should be true as we've had at least one
650 /* Look through all matching certs for suitable issuer */
651 for (i
= idx
; i
< sk_X509_OBJECT_num(ctx
->ctx
->objs
); i
++) {
652 pobj
= sk_X509_OBJECT_value(ctx
->ctx
->objs
, i
);
653 /* See if we've run past the matches */
654 if (pobj
->type
!= X509_LU_X509
)
656 if (X509_NAME_cmp(xn
, X509_get_subject_name(pobj
->data
.x509
)))
658 if (ctx
->check_issued(ctx
, x
, pobj
->data
.x509
)) {
659 *issuer
= pobj
->data
.x509
;
662 * If times check, exit with match,
663 * otherwise keep looking. Leave last
664 * match in issuer so we return nearest
665 * match if no certificate time is OK.
668 if (x509_check_cert_time(ctx
, *issuer
, -1))
673 CRYPTO_THREAD_unlock(ctx
->ctx
->lock
);
675 X509_up_ref(*issuer
);
679 int X509_STORE_set_flags(X509_STORE
*ctx
, unsigned long flags
)
681 return X509_VERIFY_PARAM_set_flags(ctx
->param
, flags
);
684 int X509_STORE_set_depth(X509_STORE
*ctx
, int depth
)
686 X509_VERIFY_PARAM_set_depth(ctx
->param
, depth
);
690 int X509_STORE_set_purpose(X509_STORE
*ctx
, int purpose
)
692 return X509_VERIFY_PARAM_set_purpose(ctx
->param
, purpose
);
695 int X509_STORE_set_trust(X509_STORE
*ctx
, int trust
)
697 return X509_VERIFY_PARAM_set_trust(ctx
->param
, trust
);
700 int X509_STORE_set1_param(X509_STORE
*ctx
, X509_VERIFY_PARAM
*param
)
702 return X509_VERIFY_PARAM_set1(ctx
->param
, param
);
705 X509_VERIFY_PARAM
*X509_STORE_get0_param(X509_STORE
*ctx
)
710 void X509_STORE_set_verify(X509_STORE
*ctx
, X509_STORE_CTX_verify_fn verify
)
712 ctx
->verify
= verify
;
715 X509_STORE_CTX_verify_fn
X509_STORE_get_verify(X509_STORE
*ctx
)
720 void X509_STORE_set_verify_cb(X509_STORE
*ctx
,
721 X509_STORE_CTX_verify_cb verify_cb
)
723 ctx
->verify_cb
= verify_cb
;
726 X509_STORE_CTX_verify_cb
X509_STORE_get_verify_cb(X509_STORE
*ctx
)
728 return ctx
->verify_cb
;
731 void X509_STORE_set_get_issuer(X509_STORE
*ctx
,
732 X509_STORE_CTX_get_issuer_fn get_issuer
)
734 ctx
->get_issuer
= get_issuer
;
737 X509_STORE_CTX_get_issuer_fn
X509_STORE_get_get_issuer(X509_STORE
*ctx
)
739 return ctx
->get_issuer
;
742 void X509_STORE_set_check_issued(X509_STORE
*ctx
,
743 X509_STORE_CTX_check_issued_fn check_issued
)
745 ctx
->check_issued
= check_issued
;
748 X509_STORE_CTX_check_issued_fn
X509_STORE_get_check_issued(X509_STORE
*ctx
)
750 return ctx
->check_issued
;
753 void X509_STORE_set_check_revocation(X509_STORE
*ctx
,
754 X509_STORE_CTX_check_revocation_fn check_revocation
)
756 ctx
->check_revocation
= check_revocation
;
759 X509_STORE_CTX_check_revocation_fn
X509_STORE_get_check_revocation(X509_STORE
*ctx
)
761 return ctx
->check_revocation
;
764 void X509_STORE_set_get_crl(X509_STORE
*ctx
,
765 X509_STORE_CTX_get_crl_fn get_crl
)
767 ctx
->get_crl
= get_crl
;
770 X509_STORE_CTX_get_crl_fn
X509_STORE_get_get_crl(X509_STORE
*ctx
)
775 void X509_STORE_set_check_crl(X509_STORE
*ctx
,
776 X509_STORE_CTX_check_crl_fn check_crl
)
778 ctx
->check_crl
= check_crl
;
781 X509_STORE_CTX_check_crl_fn
X509_STORE_get_check_crl(X509_STORE
*ctx
)
783 return ctx
->check_crl
;
786 void X509_STORE_set_cert_crl(X509_STORE
*ctx
,
787 X509_STORE_CTX_cert_crl_fn cert_crl
)
789 ctx
->cert_crl
= cert_crl
;
792 X509_STORE_CTX_cert_crl_fn
X509_STORE_get_cert_crl(X509_STORE
*ctx
)
794 return ctx
->cert_crl
;
797 void X509_STORE_set_check_policy(X509_STORE
*ctx
,
798 X509_STORE_CTX_check_policy_fn check_policy
)
800 ctx
->check_policy
= check_policy
;
803 X509_STORE_CTX_check_policy_fn
X509_STORE_get_check_policy(X509_STORE
*ctx
)
805 return ctx
->check_policy
;
808 void X509_STORE_set_lookup_certs(X509_STORE
*ctx
,
809 X509_STORE_CTX_lookup_certs_fn lookup_certs
)
811 ctx
->lookup_certs
= lookup_certs
;
814 X509_STORE_CTX_lookup_certs_fn
X509_STORE_get_lookup_certs(X509_STORE
*ctx
)
816 return ctx
->lookup_certs
;
819 void X509_STORE_set_lookup_crls(X509_STORE
*ctx
,
820 X509_STORE_CTX_lookup_crls_fn lookup_crls
)
822 ctx
->lookup_crls
= lookup_crls
;
825 X509_STORE_CTX_lookup_crls_fn
X509_STORE_get_lookup_crls(X509_STORE
*ctx
)
827 return ctx
->lookup_crls
;
830 void X509_STORE_set_cleanup(X509_STORE
*ctx
,
831 X509_STORE_CTX_cleanup_fn ctx_cleanup
)
833 ctx
->cleanup
= ctx_cleanup
;
836 X509_STORE_CTX_cleanup_fn
X509_STORE_get_cleanup(X509_STORE
*ctx
)
841 int X509_STORE_set_ex_data(X509_STORE
*ctx
, int idx
, void *data
)
843 return CRYPTO_set_ex_data(&ctx
->ex_data
, idx
, data
);
846 void *X509_STORE_get_ex_data(X509_STORE
*ctx
, int idx
)
848 return CRYPTO_get_ex_data(&ctx
->ex_data
, idx
);
851 X509_STORE
*X509_STORE_CTX_get0_store(X509_STORE_CTX
*ctx
)