]>
git.ipfire.org Git - thirdparty/openssl.git/blob - crypto/x509/x509_lu.c
1 /* crypto/x509/x509_lu.c */
2 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
61 #include <openssl/lhash.h>
62 #include <openssl/x509.h>
64 static STACK_OF(CRYPTO_EX_DATA_FUNCS
) *x509_store_meth
=NULL
;
65 static STACK_OF(CRYPTO_EX_DATA_FUNCS
) *x509_store_ctx_meth
=NULL
;
67 X509_LOOKUP
*X509_LOOKUP_new(X509_LOOKUP_METHOD
*method
)
71 ret
=(X509_LOOKUP
*)Malloc(sizeof(X509_LOOKUP
));
72 if (ret
== NULL
) return(NULL
);
77 ret
->method_data
=NULL
;
79 if ((method
->new_item
!= NULL
) && !method
->new_item(ret
))
87 void X509_LOOKUP_free(X509_LOOKUP
*ctx
)
89 if (ctx
== NULL
) return;
90 if ( (ctx
->method
!= NULL
) &&
91 (ctx
->method
->free
!= NULL
))
92 ctx
->method
->free(ctx
);
96 int X509_LOOKUP_init(X509_LOOKUP
*ctx
)
98 if (ctx
->method
== NULL
) return(0);
99 if (ctx
->method
->init
!= NULL
)
100 return(ctx
->method
->init(ctx
));
105 int X509_LOOKUP_shutdown(X509_LOOKUP
*ctx
)
107 if (ctx
->method
== NULL
) return(0);
108 if (ctx
->method
->shutdown
!= NULL
)
109 return(ctx
->method
->shutdown(ctx
));
114 int X509_LOOKUP_ctrl(X509_LOOKUP
*ctx
, int cmd
, const char *argc
, long argl
,
117 if (ctx
->method
== NULL
) return(-1);
118 if (ctx
->method
->ctrl
!= NULL
)
119 return(ctx
->method
->ctrl(ctx
,cmd
,argc
,argl
,ret
));
124 int X509_LOOKUP_by_subject(X509_LOOKUP
*ctx
, int type
, X509_NAME
*name
,
127 if ((ctx
->method
== NULL
) || (ctx
->method
->get_by_subject
== NULL
))
128 return(X509_LU_FAIL
);
129 if (ctx
->skip
) return(0);
130 return(ctx
->method
->get_by_subject(ctx
,type
,name
,ret
));
133 int X509_LOOKUP_by_issuer_serial(X509_LOOKUP
*ctx
, int type
, X509_NAME
*name
,
134 ASN1_INTEGER
*serial
, X509_OBJECT
*ret
)
136 if ((ctx
->method
== NULL
) ||
137 (ctx
->method
->get_by_issuer_serial
== NULL
))
138 return(X509_LU_FAIL
);
139 return(ctx
->method
->get_by_issuer_serial(ctx
,type
,name
,serial
,ret
));
142 int X509_LOOKUP_by_fingerprint(X509_LOOKUP
*ctx
, int type
,
143 unsigned char *bytes
, int len
, X509_OBJECT
*ret
)
145 if ((ctx
->method
== NULL
) || (ctx
->method
->get_by_fingerprint
== NULL
))
146 return(X509_LU_FAIL
);
147 return(ctx
->method
->get_by_fingerprint(ctx
,type
,bytes
,len
,ret
));
150 int X509_LOOKUP_by_alias(X509_LOOKUP
*ctx
, int type
, char *str
, int len
,
153 if ((ctx
->method
== NULL
) || (ctx
->method
->get_by_alias
== NULL
))
154 return(X509_LU_FAIL
);
155 return(ctx
->method
->get_by_alias(ctx
,type
,str
,len
,ret
));
158 static unsigned long x509_object_hash(X509_OBJECT
*a
)
165 h
=X509_NAME_hash(a
->data
.x509
->cert_info
->subject
);
168 h
=X509_NAME_hash(a
->data
.crl
->crl
->issuer
);
176 static int x509_object_cmp(X509_OBJECT
*a
, X509_OBJECT
*b
)
180 ret
=(a
->type
- b
->type
);
181 if (ret
) return(ret
);
185 ret
=X509_subject_name_cmp(a
->data
.x509
,b
->data
.x509
);
188 ret
=X509_CRL_cmp(a
->data
.crl
,b
->data
.crl
);
196 X509_STORE
*X509_STORE_new(void)
200 if ((ret
=(X509_STORE
*)Malloc(sizeof(X509_STORE
))) == NULL
)
202 ret
->certs
=lh_new(x509_object_hash
,x509_object_cmp
);
204 ret
->get_cert_methods
=sk_X509_LOOKUP_new_null();
207 memset(&ret
->ex_data
,0,sizeof(CRYPTO_EX_DATA
));
213 static void cleanup(X509_OBJECT
*a
)
215 if (a
->type
== X509_LU_X509
)
217 X509_free(a
->data
.x509
);
219 else if (a
->type
== X509_LU_CRL
)
221 X509_CRL_free(a
->data
.crl
);
229 void X509_STORE_free(X509_STORE
*vfy
)
232 STACK_OF(X509_LOOKUP
) *sk
;
238 sk
=vfy
->get_cert_methods
;
239 for (i
=0; i
<sk_X509_LOOKUP_num(sk
); i
++)
241 lu
=sk_X509_LOOKUP_value(sk
,i
);
242 X509_LOOKUP_shutdown(lu
);
243 X509_LOOKUP_free(lu
);
245 sk_X509_LOOKUP_free(sk
);
247 CRYPTO_free_ex_data(x509_store_meth
,vfy
,&vfy
->ex_data
);
248 lh_doall(vfy
->certs
,cleanup
);
253 X509_LOOKUP
*X509_STORE_add_lookup(X509_STORE
*v
, X509_LOOKUP_METHOD
*m
)
256 STACK_OF(X509_LOOKUP
) *sk
;
259 sk
=v
->get_cert_methods
;
260 for (i
=0; i
<sk_X509_LOOKUP_num(sk
); i
++)
262 lu
=sk_X509_LOOKUP_value(sk
,i
);
269 lu
=X509_LOOKUP_new(m
);
275 if (sk_X509_LOOKUP_push(v
->get_cert_methods
,lu
))
279 X509_LOOKUP_free(lu
);
285 int X509_STORE_get_by_subject(X509_STORE_CTX
*vs
, int type
, X509_NAME
*name
,
288 X509_STORE
*ctx
=vs
->ctx
;
290 X509_OBJECT stmp
,*tmp
;
293 tmp
=X509_OBJECT_retrieve_by_subject(ctx
->certs
,type
,name
);
297 for (i
=vs
->current_method
; i
<sk_X509_LOOKUP_num(ctx
->get_cert_methods
); i
++)
299 lu
=sk_X509_LOOKUP_value(ctx
->get_cert_methods
,i
);
300 j
=X509_LOOKUP_by_subject(lu
,type
,name
,&stmp
);
303 vs
->current_method
=j
;
312 vs
->current_method
=0;
317 /* if (ret->data.ptr != NULL)
318 X509_OBJECT_free_contents(ret); */
321 ret
->data
.ptr
=tmp
->data
.ptr
;
323 X509_OBJECT_up_ref_count(ret
);
328 void X509_OBJECT_up_ref_count(X509_OBJECT
*a
)
333 CRYPTO_add(&a
->data
.x509
->references
,1,CRYPTO_LOCK_X509
);
336 CRYPTO_add(&a
->data
.crl
->references
,1,CRYPTO_LOCK_X509_CRL
);
341 void X509_OBJECT_free_contents(X509_OBJECT
*a
)
346 X509_free(a
->data
.x509
);
349 X509_CRL_free(a
->data
.crl
);
354 X509_OBJECT
*X509_OBJECT_retrieve_by_subject(LHASH
*h
, int type
,
357 X509_OBJECT stmp
,*tmp
;
361 X509_CRL_INFO crl_info_s
;
367 stmp
.data
.x509
= &x509_s
;
368 x509_s
.cert_info
= &cinf_s
;
372 stmp
.data
.crl
= &crl_s
;
373 crl_s
.crl
= &crl_info_s
;
374 crl_info_s
.issuer
=name
;
380 tmp
=(X509_OBJECT
*)lh_retrieve(h
,&stmp
);
384 X509_STORE_CTX
*X509_STORE_CTX_new(void)
387 ctx
= (X509_STORE_CTX
*)Malloc(sizeof(X509_STORE_CTX
));
388 if(ctx
) memset(ctx
, 0, sizeof(X509_STORE_CTX
));
392 void X509_STORE_CTX_free(X509_STORE_CTX
*ctx
)
394 X509_STORE_CTX_cleanup(ctx
);
398 void X509_STORE_CTX_init(X509_STORE_CTX
*ctx
, X509_STORE
*store
, X509
*x509
,
399 STACK_OF(X509
) *chain
)
402 ctx
->current_method
=0;
404 ctx
->untrusted
=chain
;
405 ctx
->last_untrusted
=0;
412 ctx
->current_cert
=NULL
;
413 memset(&(ctx
->ex_data
),0,sizeof(CRYPTO_EX_DATA
));
416 void X509_STORE_CTX_cleanup(X509_STORE_CTX
*ctx
)
418 if (ctx
->chain
!= NULL
)
420 sk_X509_pop_free(ctx
->chain
,X509_free
);
423 CRYPTO_free_ex_data(x509_store_ctx_meth
,ctx
,&(ctx
->ex_data
));
424 memset(&ctx
->ex_data
,0,sizeof(CRYPTO_EX_DATA
));
427 IMPLEMENT_STACK_OF(X509_LOOKUP
)