]> git.ipfire.org Git - thirdparty/openssl.git/blob - crypto/x509/x509_lu.c
projects / thirdparty / openssl.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Remove unnecessary #include <openssl/lhash.h> directives.
[thirdparty/openssl.git] / crypto / x509 / x509_lu.c
1 /*
2 * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the OpenSSL license (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 #include <stdio.h>
11 #include "internal/cryptlib.h"
12 #include "internal/refcount.h"
13 #include <openssl/x509.h>
14 #include "internal/x509_int.h"
15 #include <openssl/x509v3.h>
16 #include "x509_lcl.h"
17
18 X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method)
19 {
20 X509_LOOKUP *ret;
21
22 ret = OPENSSL_zalloc(sizeof(*ret));
23 if (ret == NULL)
24 return NULL;
25
26 ret->method = method;
27 if ((method->new_item != NULL) && !method->new_item(ret)) {
28 OPENSSL_free(ret);
29 return NULL;
30 }
31 return ret;
32 }
33
34 void X509_LOOKUP_free(X509_LOOKUP *ctx)
35 {
36 if (ctx == NULL)
37 return;
38 if ((ctx->method != NULL) && (ctx->method->free != NULL))
39 (*ctx->method->free) (ctx);
40 OPENSSL_free(ctx);
41 }
42
43 int X509_STORE_lock(X509_STORE *s)
44 {
45 return CRYPTO_THREAD_write_lock(s->lock);
46 }
47
48 int X509_STORE_unlock(X509_STORE *s)
49 {
50 return CRYPTO_THREAD_unlock(s->lock);
51 }
52
53 int X509_LOOKUP_init(X509_LOOKUP *ctx)
54 {
55 if (ctx->method == NULL)
56 return 0;
57 if (ctx->method->init != NULL)
58 return ctx->method->init(ctx);
59 else
60 return 1;
61 }
62
63 int X509_LOOKUP_shutdown(X509_LOOKUP *ctx)
64 {
65 if (ctx->method == NULL)
66 return 0;
67 if (ctx->method->shutdown != NULL)
68 return ctx->method->shutdown(ctx);
69 else
70 return 1;
71 }
72
73 int X509_LOOKUP_ctrl(X509_LOOKUP *ctx, int cmd, const char *argc, long argl,
74 char **ret)
75 {
76 if (ctx->method == NULL)
77 return -1;
78 if (ctx->method->ctrl != NULL)
79 return ctx->method->ctrl(ctx, cmd, argc, argl, ret);
80 else
81 return 1;
82 }
83
84 int X509_LOOKUP_by_subject(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type,
85 X509_NAME *name, X509_OBJECT *ret)
86 {
87 if ((ctx->method == NULL) || (ctx->method->get_by_subject == NULL))
88 return 0;
89 if (ctx->skip)
90 return 0;
91 return ctx->method->get_by_subject(ctx, type, name, ret);
92 }
93
94 int X509_LOOKUP_by_issuer_serial(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type,
95 X509_NAME *name, ASN1_INTEGER *serial,
96 X509_OBJECT *ret)
97 {
98 if ((ctx->method == NULL) || (ctx->method->get_by_issuer_serial == NULL))
99 return 0;
100 return ctx->method->get_by_issuer_serial(ctx, type, name, serial, ret);
101 }
102
103 int X509_LOOKUP_by_fingerprint(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type,
104 const unsigned char *bytes, int len,
105 X509_OBJECT *ret)
106 {
107 if ((ctx->method == NULL) || (ctx->method->get_by_fingerprint == NULL))
108 return 0;
109 return ctx->method->get_by_fingerprint(ctx, type, bytes, len, ret);
110 }
111
112 int X509_LOOKUP_by_alias(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type,
113 const char *str, int len, X509_OBJECT *ret)
114 {
115 if ((ctx->method == NULL) || (ctx->method->get_by_alias == NULL))
116 return 0;
117 return ctx->method->get_by_alias(ctx, type, str, len, ret);
118 }
119
120 static int x509_object_cmp(const X509_OBJECT *const *a,
121 const X509_OBJECT *const *b)
122 {
123 int ret;
124
125 ret = ((*a)->type - (*b)->type);
126 if (ret)
127 return ret;
128 switch ((*a)->type) {
129 case X509_LU_X509:
130 ret = X509_subject_name_cmp((*a)->data.x509, (*b)->data.x509);
131 break;
132 case X509_LU_CRL:
133 ret = X509_CRL_cmp((*a)->data.crl, (*b)->data.crl);
134 break;
135 case X509_LU_NONE:
136 /* abort(); */
137 return 0;
138 }
139 return ret;
140 }
141
142 X509_STORE *X509_STORE_new(void)
143 {
144 X509_STORE *ret;
145
146 if ((ret = OPENSSL_zalloc(sizeof(*ret))) == NULL)
147 return NULL;
148 if ((ret->objs = sk_X509_OBJECT_new(x509_object_cmp)) == NULL)
149 goto err;
150 ret->cache = 1;
151 if ((ret->get_cert_methods = sk_X509_LOOKUP_new_null()) == NULL)
152 goto err;
153
154 if ((ret->param = X509_VERIFY_PARAM_new()) == NULL)
155 goto err;
156
157 if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_X509_STORE, ret, &ret->ex_data))
158 goto err;
159
160 ret->lock = CRYPTO_THREAD_lock_new();
161 if (ret->lock == NULL)
162 goto err;
163
164 ret->references = 1;
165 return ret;
166
167 err:
168 X509_VERIFY_PARAM_free(ret->param);
169 sk_X509_OBJECT_free(ret->objs);
170 sk_X509_LOOKUP_free(ret->get_cert_methods);
171 OPENSSL_free(ret);
172 return NULL;
173 }
174
175 void X509_STORE_free(X509_STORE *vfy)
176 {
177 int i;
178 STACK_OF(X509_LOOKUP) *sk;
179 X509_LOOKUP *lu;
180
181 if (vfy == NULL)
182 return;
183
184 CRYPTO_DOWN_REF(&vfy->references, &i, vfy->lock);
185 REF_PRINT_COUNT("X509_STORE", vfy);
186 if (i > 0)
187 return;
188 REF_ASSERT_ISNT(i < 0);
189
190 sk = vfy->get_cert_methods;
191 for (i = 0; i < sk_X509_LOOKUP_num(sk); i++) {
192 lu = sk_X509_LOOKUP_value(sk, i);
193 X509_LOOKUP_shutdown(lu);
194 X509_LOOKUP_free(lu);
195 }
196 sk_X509_LOOKUP_free(sk);
197 sk_X509_OBJECT_pop_free(vfy->objs, X509_OBJECT_free);
198
199 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_X509_STORE, vfy, &vfy->ex_data);
200 X509_VERIFY_PARAM_free(vfy->param);
201 CRYPTO_THREAD_lock_free(vfy->lock);
202 OPENSSL_free(vfy);
203 }
204
205 int X509_STORE_up_ref(X509_STORE *vfy)
206 {
207 int i;
208
209 if (CRYPTO_UP_REF(&vfy->references, &i, vfy->lock) <= 0)
210 return 0;
211
212 REF_PRINT_COUNT("X509_STORE", a);
213 REF_ASSERT_ISNT(i < 2);
214 return ((i > 1) ? 1 : 0);
215 }
216
217 X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m)
218 {
219 int i;
220 STACK_OF(X509_LOOKUP) *sk;
221 X509_LOOKUP *lu;
222
223 sk = v->get_cert_methods;
224 for (i = 0; i < sk_X509_LOOKUP_num(sk); i++) {
225 lu = sk_X509_LOOKUP_value(sk, i);
226 if (m == lu->method) {
227 return lu;
228 }
229 }
230 /* a new one */
231 lu = X509_LOOKUP_new(m);
232 if (lu == NULL)
233 return NULL;
234 else {
235 lu->store_ctx = v;
236 if (sk_X509_LOOKUP_push(v->get_cert_methods, lu))
237 return lu;
238 else {
239 X509_LOOKUP_free(lu);
240 return NULL;
241 }
242 }
243 }
244
245 X509_OBJECT *X509_STORE_CTX_get_obj_by_subject(X509_STORE_CTX *vs,
246 X509_LOOKUP_TYPE type,
247 X509_NAME *name)
248 {
249 X509_OBJECT *ret = X509_OBJECT_new();
250
251 if (ret == NULL)
252 return NULL;
253 if (!X509_STORE_CTX_get_by_subject(vs, type, name, ret)) {
254 X509_OBJECT_free(ret);
255 return NULL;
256 }
257 return ret;
258 }
259
260 int X509_STORE_CTX_get_by_subject(X509_STORE_CTX *vs, X509_LOOKUP_TYPE type,
261 X509_NAME *name, X509_OBJECT *ret)
262 {
263 X509_STORE *ctx = vs->ctx;
264 X509_LOOKUP *lu;
265 X509_OBJECT stmp, *tmp;
266 int i, j;
267
268 CRYPTO_THREAD_write_lock(ctx->lock);
269 tmp = X509_OBJECT_retrieve_by_subject(ctx->objs, type, name);
270 CRYPTO_THREAD_unlock(ctx->lock);
271
272 if (tmp == NULL || type == X509_LU_CRL) {
273 for (i = 0; i < sk_X509_LOOKUP_num(ctx->get_cert_methods); i++) {
274 lu = sk_X509_LOOKUP_value(ctx->get_cert_methods, i);
275 j = X509_LOOKUP_by_subject(lu, type, name, &stmp);
276 if (j) {
277 tmp = &stmp;
278 break;
279 }
280 }
281 if (tmp == NULL)
282 return 0;
283 }
284
285 ret->type = tmp->type;
286 ret->data.ptr = tmp->data.ptr;
287
288 X509_OBJECT_up_ref_count(ret);
289
290 return 1;
291 }
292
293 static int x509_store_add(X509_STORE *ctx, void *x, int crl) {
294 X509_OBJECT *obj;
295 int ret = 0, added = 0;
296
297 if (x == NULL)
298 return 0;
299 obj = X509_OBJECT_new();
300 if (obj == NULL)
301 return 0;
302
303 if (crl) {
304 obj->type = X509_LU_CRL;
305 obj->data.crl = (X509_CRL *)x;
306 } else {
307 obj->type = X509_LU_X509;
308 obj->data.x509 = (X509 *)x;
309 }
310 X509_OBJECT_up_ref_count(obj);
311
312 CRYPTO_THREAD_write_lock(ctx->lock);
313
314 if (X509_OBJECT_retrieve_match(ctx->objs, obj)) {
315 ret = 1;
316 } else {
317 added = sk_X509_OBJECT_push(ctx->objs, obj);
318 ret = added != 0;
319 }
320
321 CRYPTO_THREAD_unlock(ctx->lock);
322
323 if (added == 0) /* obj not pushed */
324 X509_OBJECT_free(obj);
325
326 return ret;
327 }
328
329 int X509_STORE_add_cert(X509_STORE *ctx, X509 *x)
330 {
331 if (!x509_store_add(ctx, x, 0)) {
332 X509err(X509_F_X509_STORE_ADD_CERT, ERR_R_MALLOC_FAILURE);
333 return 0;
334 }
335 return 1;
336 }
337
338 int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x)
339 {
340 if (!x509_store_add(ctx, x, 1)) {
341 X509err(X509_F_X509_STORE_ADD_CRL, ERR_R_MALLOC_FAILURE);
342 return 0;
343 }
344 return 1;
345 }
346
347 int X509_OBJECT_up_ref_count(X509_OBJECT *a)
348 {
349 switch (a->type) {
350 case X509_LU_NONE:
351 break;
352 case X509_LU_X509:
353 return X509_up_ref(a->data.x509);
354 case X509_LU_CRL:
355 return X509_CRL_up_ref(a->data.crl);
356 }
357 return 1;
358 }
359
360 X509 *X509_OBJECT_get0_X509(const X509_OBJECT *a)
361 {
362 if (a == NULL || a->type != X509_LU_X509)
363 return NULL;
364 return a->data.x509;
365 }
366
367 X509_CRL *X509_OBJECT_get0_X509_CRL(X509_OBJECT *a)
368 {
369 if (a == NULL || a->type != X509_LU_CRL)
370 return NULL;
371 return a->data.crl;
372 }
373
374 X509_LOOKUP_TYPE X509_OBJECT_get_type(const X509_OBJECT *a)
375 {
376 return a->type;
377 }
378
379 X509_OBJECT *X509_OBJECT_new()
380 {
381 X509_OBJECT *ret = OPENSSL_zalloc(sizeof(*ret));
382
383 if (ret == NULL) {
384 X509err(X509_F_X509_OBJECT_NEW, ERR_R_MALLOC_FAILURE);
385 return NULL;
386 }
387 ret->type = X509_LU_NONE;
388 return ret;
389 }
390
391
392 void X509_OBJECT_free(X509_OBJECT *a)
393 {
394 if (a == NULL)
395 return;
396 switch (a->type) {
397 case X509_LU_NONE:
398 break;
399 case X509_LU_X509:
400 X509_free(a->data.x509);
401 break;
402 case X509_LU_CRL:
403 X509_CRL_free(a->data.crl);
404 break;
405 }
406 OPENSSL_free(a);
407 }
408
409 static int x509_object_idx_cnt(STACK_OF(X509_OBJECT) *h, X509_LOOKUP_TYPE type,
410 X509_NAME *name, int *pnmatch)
411 {
412 X509_OBJECT stmp;
413 X509 x509_s;
414 X509_CRL crl_s;
415 int idx;
416
417 stmp.type = type;
418 switch (type) {
419 case X509_LU_X509:
420 stmp.data.x509 = &x509_s;
421 x509_s.cert_info.subject = name;
422 break;
423 case X509_LU_CRL:
424 stmp.data.crl = &crl_s;
425 crl_s.crl.issuer = name;
426 break;
427 case X509_LU_NONE:
428 /* abort(); */
429 return -1;
430 }
431
432 idx = sk_X509_OBJECT_find(h, &stmp);
433 if (idx >= 0 && pnmatch) {
434 int tidx;
435 const X509_OBJECT *tobj, *pstmp;
436 *pnmatch = 1;
437 pstmp = &stmp;
438 for (tidx = idx + 1; tidx < sk_X509_OBJECT_num(h); tidx++) {
439 tobj = sk_X509_OBJECT_value(h, tidx);
440 if (x509_object_cmp(&tobj, &pstmp))
441 break;
442 (*pnmatch)++;
443 }
444 }
445 return idx;
446 }
447
448 int X509_OBJECT_idx_by_subject(STACK_OF(X509_OBJECT) *h, X509_LOOKUP_TYPE type,
449 X509_NAME *name)
450 {
451 return x509_object_idx_cnt(h, type, name, NULL);
452 }
453
454 X509_OBJECT *X509_OBJECT_retrieve_by_subject(STACK_OF(X509_OBJECT) *h,
455 X509_LOOKUP_TYPE type,
456 X509_NAME *name)
457 {
458 int idx;
459 idx = X509_OBJECT_idx_by_subject(h, type, name);
460 if (idx == -1)
461 return NULL;
462 return sk_X509_OBJECT_value(h, idx);
463 }
464
465 STACK_OF(X509_OBJECT) *X509_STORE_get0_objects(X509_STORE *v)
466 {
467 return v->objs;
468 }
469
470 STACK_OF(X509) *X509_STORE_CTX_get1_certs(X509_STORE_CTX *ctx, X509_NAME *nm)
471 {
472 int i, idx, cnt;
473 STACK_OF(X509) *sk = NULL;
474 X509 *x;
475 X509_OBJECT *obj;
476
477 CRYPTO_THREAD_write_lock(ctx->ctx->lock);
478 idx = x509_object_idx_cnt(ctx->ctx->objs, X509_LU_X509, nm, &cnt);
479 if (idx < 0) {
480 /*
481 * Nothing found in cache: do lookup to possibly add new objects to
482 * cache
483 */
484 X509_OBJECT *xobj = X509_OBJECT_new();
485
486 CRYPTO_THREAD_unlock(ctx->ctx->lock);
487 if (xobj == NULL)
488 return NULL;
489 if (!X509_STORE_CTX_get_by_subject(ctx, X509_LU_X509, nm, xobj)) {
490 X509_OBJECT_free(xobj);
491 return NULL;
492 }
493 X509_OBJECT_free(xobj);
494 CRYPTO_THREAD_write_lock(ctx->ctx->lock);
495 idx = x509_object_idx_cnt(ctx->ctx->objs, X509_LU_X509, nm, &cnt);
496 if (idx < 0) {
497 CRYPTO_THREAD_unlock(ctx->ctx->lock);
498 return NULL;
499 }
500 }
501
502 sk = sk_X509_new_null();
503 for (i = 0; i < cnt; i++, idx++) {
504 obj = sk_X509_OBJECT_value(ctx->ctx->objs, idx);
505 x = obj->data.x509;
506 X509_up_ref(x);
507 if (!sk_X509_push(sk, x)) {
508 CRYPTO_THREAD_unlock(ctx->ctx->lock);
509 X509_free(x);
510 sk_X509_pop_free(sk, X509_free);
511 return NULL;
512 }
513 }
514 CRYPTO_THREAD_unlock(ctx->ctx->lock);
515 return sk;
516 }
517
518 STACK_OF(X509_CRL) *X509_STORE_CTX_get1_crls(X509_STORE_CTX *ctx, X509_NAME *nm)
519 {
520 int i, idx, cnt;
521 STACK_OF(X509_CRL) *sk = sk_X509_CRL_new_null();
522 X509_CRL *x;
523 X509_OBJECT *obj, *xobj = X509_OBJECT_new();
524
525 /* Always do lookup to possibly add new CRLs to cache */
526 if (sk == NULL || xobj == NULL ||
527 !X509_STORE_CTX_get_by_subject(ctx, X509_LU_CRL, nm, xobj)) {
528 X509_OBJECT_free(xobj);
529 sk_X509_CRL_free(sk);
530 return NULL;
531 }
532 X509_OBJECT_free(xobj);
533 CRYPTO_THREAD_write_lock(ctx->ctx->lock);
534 idx = x509_object_idx_cnt(ctx->ctx->objs, X509_LU_CRL, nm, &cnt);
535 if (idx < 0) {
536 CRYPTO_THREAD_unlock(ctx->ctx->lock);
537 sk_X509_CRL_free(sk);
538 return NULL;
539 }
540
541 for (i = 0; i < cnt; i++, idx++) {
542 obj = sk_X509_OBJECT_value(ctx->ctx->objs, idx);
543 x = obj->data.crl;
544 X509_CRL_up_ref(x);
545 if (!sk_X509_CRL_push(sk, x)) {
546 CRYPTO_THREAD_unlock(ctx->ctx->lock);
547 X509_CRL_free(x);
548 sk_X509_CRL_pop_free(sk, X509_CRL_free);
549 return NULL;
550 }
551 }
552 CRYPTO_THREAD_unlock(ctx->ctx->lock);
553 return sk;
554 }
555
556 X509_OBJECT *X509_OBJECT_retrieve_match(STACK_OF(X509_OBJECT) *h,
557 X509_OBJECT *x)
558 {
559 int idx, i;
560 X509_OBJECT *obj;
561 idx = sk_X509_OBJECT_find(h, x);
562 if (idx == -1)
563 return NULL;
564 if ((x->type != X509_LU_X509) && (x->type != X509_LU_CRL))
565 return sk_X509_OBJECT_value(h, idx);
566 for (i = idx; i < sk_X509_OBJECT_num(h); i++) {
567 obj = sk_X509_OBJECT_value(h, i);
568 if (x509_object_cmp
569 ((const X509_OBJECT **)&obj, (const X509_OBJECT **)&x))
570 return NULL;
571 if (x->type == X509_LU_X509) {
572 if (!X509_cmp(obj->data.x509, x->data.x509))
573 return obj;
574 } else if (x->type == X509_LU_CRL) {
575 if (!X509_CRL_match(obj->data.crl, x->data.crl))
576 return obj;
577 } else
578 return obj;
579 }
580 return NULL;
581 }
582
583 /*-
584 * Try to get issuer certificate from store. Due to limitations
585 * of the API this can only retrieve a single certificate matching
586 * a given subject name. However it will fill the cache with all
587 * matching certificates, so we can examine the cache for all
588 * matches.
589 *
590 * Return values are:
591 * 1 lookup successful.
592 * 0 certificate not found.
593 * -1 some other error.
594 */
595 int X509_STORE_CTX_get1_issuer(X509 **issuer, X509_STORE_CTX *ctx, X509 *x)
596 {
597 X509_NAME *xn;
598 X509_OBJECT *obj = X509_OBJECT_new(), *pobj = NULL;
599 int i, ok, idx, ret;
600
601 if (obj == NULL)
602 return -1;
603 *issuer = NULL;
604 xn = X509_get_issuer_name(x);
605 ok = X509_STORE_CTX_get_by_subject(ctx, X509_LU_X509, xn, obj);
606 if (ok != 1) {
607 X509_OBJECT_free(obj);
608 return 0;
609 }
610 /* If certificate matches all OK */
611 if (ctx->check_issued(ctx, x, obj->data.x509)) {
612 if (x509_check_cert_time(ctx, obj->data.x509, -1)) {
613 *issuer = obj->data.x509;
614 X509_up_ref(*issuer);
615 X509_OBJECT_free(obj);
616 return 1;
617 }
618 }
619 X509_OBJECT_free(obj);
620
621 /* Else find index of first cert accepted by 'check_issued' */
622 ret = 0;
623 CRYPTO_THREAD_write_lock(ctx->ctx->lock);
624 idx = X509_OBJECT_idx_by_subject(ctx->ctx->objs, X509_LU_X509, xn);
625 if (idx != -1) { /* should be true as we've had at least one
626 * match */
627 /* Look through all matching certs for suitable issuer */
628 for (i = idx; i < sk_X509_OBJECT_num(ctx->ctx->objs); i++) {
629 pobj = sk_X509_OBJECT_value(ctx->ctx->objs, i);
630 /* See if we've run past the matches */
631 if (pobj->type != X509_LU_X509)
632 break;
633 if (X509_NAME_cmp(xn, X509_get_subject_name(pobj->data.x509)))
634 break;
635 if (ctx->check_issued(ctx, x, pobj->data.x509)) {
636 *issuer = pobj->data.x509;
637 ret = 1;
638 /*
639 * If times check, exit with match,
640 * otherwise keep looking. Leave last
641 * match in issuer so we return nearest
642 * match if no certificate time is OK.
643 */
644
645 if (x509_check_cert_time(ctx, *issuer, -1))
646 break;
647 }
648 }
649 }
650 CRYPTO_THREAD_unlock(ctx->ctx->lock);
651 if (*issuer)
652 X509_up_ref(*issuer);
653 return ret;
654 }
655
656 int X509_STORE_set_flags(X509_STORE *ctx, unsigned long flags)
657 {
658 return X509_VERIFY_PARAM_set_flags(ctx->param, flags);
659 }
660
661 int X509_STORE_set_depth(X509_STORE *ctx, int depth)
662 {
663 X509_VERIFY_PARAM_set_depth(ctx->param, depth);
664 return 1;
665 }
666
667 int X509_STORE_set_purpose(X509_STORE *ctx, int purpose)
668 {
669 return X509_VERIFY_PARAM_set_purpose(ctx->param, purpose);
670 }
671
672 int X509_STORE_set_trust(X509_STORE *ctx, int trust)
673 {
674 return X509_VERIFY_PARAM_set_trust(ctx->param, trust);
675 }
676
677 int X509_STORE_set1_param(X509_STORE *ctx, X509_VERIFY_PARAM *param)
678 {
679 return X509_VERIFY_PARAM_set1(ctx->param, param);
680 }
681
682 X509_VERIFY_PARAM *X509_STORE_get0_param(X509_STORE *ctx)
683 {
684 return ctx->param;
685 }
686
687 void X509_STORE_set_verify(X509_STORE *ctx, X509_STORE_CTX_verify_fn verify)
688 {
689 ctx->verify = verify;
690 }
691
692 X509_STORE_CTX_verify_fn X509_STORE_get_verify(X509_STORE *ctx)
693 {
694 return ctx->verify;
695 }
696
697 void X509_STORE_set_verify_cb(X509_STORE *ctx,
698 X509_STORE_CTX_verify_cb verify_cb)
699 {
700 ctx->verify_cb = verify_cb;
701 }
702
703 X509_STORE_CTX_verify_cb X509_STORE_get_verify_cb(X509_STORE *ctx)
704 {
705 return ctx->verify_cb;
706 }
707
708 void X509_STORE_set_get_issuer(X509_STORE *ctx,
709 X509_STORE_CTX_get_issuer_fn get_issuer)
710 {
711 ctx->get_issuer = get_issuer;
712 }
713
714 X509_STORE_CTX_get_issuer_fn X509_STORE_get_get_issuer(X509_STORE *ctx)
715 {
716 return ctx->get_issuer;
717 }
718
719 void X509_STORE_set_check_issued(X509_STORE *ctx,
720 X509_STORE_CTX_check_issued_fn check_issued)
721 {
722 ctx->check_issued = check_issued;
723 }
724
725 X509_STORE_CTX_check_issued_fn X509_STORE_get_check_issued(X509_STORE *ctx)
726 {
727 return ctx->check_issued;
728 }
729
730 void X509_STORE_set_check_revocation(X509_STORE *ctx,
731 X509_STORE_CTX_check_revocation_fn check_revocation)
732 {
733 ctx->check_revocation = check_revocation;
734 }
735
736 X509_STORE_CTX_check_revocation_fn X509_STORE_get_check_revocation(X509_STORE *ctx)
737 {
738 return ctx->check_revocation;
739 }
740
741 void X509_STORE_set_get_crl(X509_STORE *ctx,
742 X509_STORE_CTX_get_crl_fn get_crl)
743 {
744 ctx->get_crl = get_crl;
745 }
746
747 X509_STORE_CTX_get_crl_fn X509_STORE_get_get_crl(X509_STORE *ctx)
748 {
749 return ctx->get_crl;
750 }
751
752 void X509_STORE_set_check_crl(X509_STORE *ctx,
753 X509_STORE_CTX_check_crl_fn check_crl)
754 {
755 ctx->check_crl = check_crl;
756 }
757
758 X509_STORE_CTX_check_crl_fn X509_STORE_get_check_crl(X509_STORE *ctx)
759 {
760 return ctx->check_crl;
761 }
762
763 void X509_STORE_set_cert_crl(X509_STORE *ctx,
764 X509_STORE_CTX_cert_crl_fn cert_crl)
765 {
766 ctx->cert_crl = cert_crl;
767 }
768
769 X509_STORE_CTX_cert_crl_fn X509_STORE_get_cert_crl(X509_STORE *ctx)
770 {
771 return ctx->cert_crl;
772 }
773
774 void X509_STORE_set_check_policy(X509_STORE *ctx,
775 X509_STORE_CTX_check_policy_fn check_policy)
776 {
777 ctx->check_policy = check_policy;
778 }
779
780 X509_STORE_CTX_check_policy_fn X509_STORE_get_check_policy(X509_STORE *ctx)
781 {
782 return ctx->check_policy;
783 }
784
785 void X509_STORE_set_lookup_certs(X509_STORE *ctx,
786 X509_STORE_CTX_lookup_certs_fn lookup_certs)
787 {
788 ctx->lookup_certs = lookup_certs;
789 }
790
791 X509_STORE_CTX_lookup_certs_fn X509_STORE_get_lookup_certs(X509_STORE *ctx)
792 {
793 return ctx->lookup_certs;
794 }
795
796 void X509_STORE_set_lookup_crls(X509_STORE *ctx,
797 X509_STORE_CTX_lookup_crls_fn lookup_crls)
798 {
799 ctx->lookup_crls = lookup_crls;
800 }
801
802 X509_STORE_CTX_lookup_crls_fn X509_STORE_get_lookup_crls(X509_STORE *ctx)
803 {
804 return ctx->lookup_crls;
805 }
806
807 void X509_STORE_set_cleanup(X509_STORE *ctx,
808 X509_STORE_CTX_cleanup_fn ctx_cleanup)
809 {
810 ctx->cleanup = ctx_cleanup;
811 }
812
813 X509_STORE_CTX_cleanup_fn X509_STORE_get_cleanup(X509_STORE *ctx)
814 {
815 return ctx->cleanup;
816 }
817
818 int X509_STORE_set_ex_data(X509_STORE *ctx, int idx, void *data)
819 {
820 return CRYPTO_set_ex_data(&ctx->ex_data, idx, data);
821 }
822
823 void *X509_STORE_get_ex_data(X509_STORE *ctx, int idx)
824 {
825 return CRYPTO_get_ex_data(&ctx->ex_data, idx);
826 }
827
828 X509_STORE *X509_STORE_CTX_get0_store(X509_STORE_CTX *ctx)
829 {
830 return ctx->ctx;
831 }
A mirror of the official openssl repository