]>
git.ipfire.org Git - thirdparty/openssl.git/blob - crypto/x509/x509_lu.c
1 /* crypto/x509/x509_lu.c */
2 /* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
64 X509_LOOKUP
*X509_LOOKUP_new(method
)
65 X509_LOOKUP_METHOD
*method
;
69 ret
=(X509_LOOKUP
*)Malloc(sizeof(X509_LOOKUP
));
70 if (ret
== NULL
) return(NULL
);
75 ret
->method_data
=NULL
;
77 if ((method
->new_item
!= NULL
) && !method
->new_item(ret
))
85 void X509_LOOKUP_free(ctx
)
88 if (ctx
== NULL
) return;
89 if ( (ctx
->method
!= NULL
) &&
90 (ctx
->method
->free
!= NULL
))
91 ctx
->method
->free(ctx
);
95 int X509_LOOKUP_init(ctx
)
98 if (ctx
->method
== NULL
) return(0);
99 if (ctx
->method
->init
!= NULL
)
100 return(ctx
->method
->init(ctx
));
105 int X509_LOOKUP_shutdown(ctx
)
108 if (ctx
->method
== NULL
) return(0);
109 if (ctx
->method
->init
!= NULL
)
110 return(ctx
->method
->shutdown(ctx
));
115 int X509_LOOKUP_ctrl(ctx
,cmd
,argc
,argl
,ret
)
122 if (ctx
->method
== NULL
) return(-1);
123 if (ctx
->method
->ctrl
!= NULL
)
124 return(ctx
->method
->ctrl(ctx
,cmd
,argc
,argl
,ret
));
129 int X509_LOOKUP_by_subject(ctx
,type
,name
,ret
)
135 if ((ctx
->method
== NULL
) || (ctx
->method
->get_by_subject
== NULL
))
136 return(X509_LU_FAIL
);
137 if (ctx
->skip
) return(0);
138 return(ctx
->method
->get_by_subject(ctx
,type
,name
,ret
));
141 int X509_LOOKUP_by_issuer_serial(ctx
,type
,name
,serial
,ret
)
145 ASN1_INTEGER
*serial
;
148 if ((ctx
->method
== NULL
) ||
149 (ctx
->method
->get_by_issuer_serial
== NULL
))
150 return(X509_LU_FAIL
);
151 return(ctx
->method
->get_by_issuer_serial(ctx
,type
,name
,serial
,ret
));
154 int X509_LOOKUP_by_fingerprint(ctx
,type
,bytes
,len
,ret
)
157 unsigned char *bytes
;
161 if ((ctx
->method
== NULL
) || (ctx
->method
->get_by_fingerprint
== NULL
))
162 return(X509_LU_FAIL
);
163 return(ctx
->method
->get_by_fingerprint(ctx
,type
,bytes
,len
,ret
));
166 int X509_LOOKUP_by_alias(ctx
,type
,str
,len
,ret
)
173 if ((ctx
->method
== NULL
) || (ctx
->method
->get_by_alias
))
174 return(X509_LU_FAIL
);
175 return(ctx
->method
->get_by_alias(ctx
,str
,len
,ret
));
178 static unsigned long x509_object_hash(a
)
186 h
=X509_NAME_hash(a
->data
.x509
->cert_info
->subject
);
189 h
=X509_NAME_hash(a
->data
.crl
->crl
->issuer
);
197 static int x509_object_cmp(a
,b
)
202 ret
=(a
->type
- b
->type
);
203 if (ret
) return(ret
);
207 ret
=X509_subject_name_cmp(a
->data
.x509
,b
->data
.x509
);
210 ret
=X509_CRL_cmp(a
->data
.crl
,b
->data
.crl
);
218 X509_STORE
*X509_STORE_new()
222 if ((ret
=(X509_STORE
*)Malloc(sizeof(X509_STORE
))) == NULL
)
224 ret
->certs
=lh_new(x509_object_hash
,x509_object_cmp
);
226 ret
->get_cert_methods
=sk_new_null();
234 static void cleanup(a
)
237 if (a
->type
== X509_LU_X509
)
239 X509_free(a
->data
.x509
);
241 else if (a
->type
== X509_LU_CRL
)
243 X509_CRL_free(a
->data
.crl
);
251 void X509_STORE_free(vfy
)
258 sk
=vfy
->get_cert_methods
;
259 for (i
=0; i
<sk_num(sk
); i
++)
261 lu
=(X509_LOOKUP
*)sk_value(sk
,i
);
262 X509_LOOKUP_shutdown(lu
);
263 X509_LOOKUP_free(lu
);
267 lh_doall(vfy
->certs
,cleanup
);
272 X509_LOOKUP
*X509_STORE_add_lookup(v
,m
)
274 X509_LOOKUP_METHOD
*m
;
280 sk
=v
->get_cert_methods
;
281 for (i
=0; i
<sk_num(sk
); i
++)
283 lu
=(X509_LOOKUP
*)sk_value(sk
,i
);
290 lu
=X509_LOOKUP_new(m
);
296 if (sk_push(v
->get_cert_methods
,(char *)lu
))
300 X509_LOOKUP_free(lu
);
306 int X509_STORE_get_by_subject(vs
,type
,name
,ret
)
312 X509_STORE
*ctx
=vs
->ctx
;
314 X509_OBJECT stmp
,*tmp
;
317 tmp
=X509_OBJECT_retrive_by_subject(ctx
->certs
,type
,name
);
321 for (i
=vs
->current_method
; i
<sk_num(ctx
->get_cert_methods
); i
++)
323 lu
=(X509_LOOKUP
*)sk_value(ctx
->get_cert_methods
,i
);
324 j
=X509_LOOKUP_by_subject(lu
,type
,name
,&stmp
);
327 vs
->current_method
=j
;
336 vs
->current_method
=0;
341 /* if (ret->data.ptr != NULL)
342 X509_OBJECT_free_contents(ret); */
345 ret
->data
.ptr
=tmp
->data
.ptr
;
347 X509_OBJECT_up_ref_count(ret
);
352 void X509_OBJECT_up_ref_count(a
)
358 CRYPTO_add(&a
->data
.x509
->references
,1,CRYPTO_LOCK_X509
);
361 CRYPTO_add(&a
->data
.crl
->references
,1,CRYPTO_LOCK_X509_CRL
);
366 void X509_OBJECT_free_contents(a
)
372 X509_free(a
->data
.x509
);
375 X509_CRL_free(a
->data
.crl
);
380 X509_OBJECT
*X509_OBJECT_retrive_by_subject(h
,type
,name
)
385 X509_OBJECT stmp
,*tmp
;
389 X509_CRL_INFO crl_info_s
;
395 stmp
.data
.x509
= &x509_s
;
396 x509_s
.cert_info
= &cinf_s
;
400 stmp
.data
.crl
= &crl_s
;
401 crl_s
.crl
= &crl_info_s
;
402 crl_info_s
.issuer
=name
;
408 tmp
=(X509_OBJECT
*)lh_retrieve(h
,(char *)&stmp
);
412 void X509_STORE_CTX_init(ctx
,store
,x509
,chain
)
419 ctx
->current_method
=0;
421 ctx
->untrusted
=chain
;
422 ctx
->last_untrusted
=0;
427 ctx
->current_cert
=NULL
;
430 void X509_STORE_CTX_cleanup(ctx
)
433 if (ctx
->chain
!= NULL
)
435 sk_pop_free(ctx
->chain
,X509_free
);