1 /* crypto/store/str_lib.c -*- mode:C; c-file-style: "eay" -*- */
3 * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
6 /* ====================================================================
7 * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
16 * 2. Redistributions in binary form must reproduce the above copyright
17 * notice, this list of conditions and the following disclaimer in
18 * the documentation and/or other materials provided with the
21 * 3. All advertising materials mentioning features or use of this
22 * software must display the following acknowledgment:
23 * "This product includes software developed by the OpenSSL Project
24 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
26 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
27 * endorse or promote products derived from this software without
28 * prior written permission. For written permission, please contact
29 * openssl-core@openssl.org.
31 * 5. Products derived from this software may not be called "OpenSSL"
32 * nor may "OpenSSL" appear in their names without prior written
33 * permission of the OpenSSL Project.
35 * 6. Redistributions of any form whatsoever must retain the following
37 * "This product includes software developed by the OpenSSL Project
38 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
40 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
41 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
43 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
44 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
45 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
46 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
47 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
49 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
50 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
51 * OF THE POSSIBILITY OF SUCH DAMAGE.
52 * ====================================================================
54 * This product includes cryptographic software written by Eric Young
55 * (eay@cryptsoft.com). This product includes software written by Tim
56 * Hudson (tjh@cryptsoft.com).
61 #include <openssl/bn.h>
62 #include <openssl/err.h>
63 #ifndef OPENSSL_NO_ENGINE
64 # include <openssl/engine.h>
66 #include <openssl/sha.h>
67 #include <openssl/x509.h>
70 const char *const STORE_object_type_string[STORE_OBJECT_TYPE_NUM + 1] = {
80 const int STORE_param_sizes[STORE_PARAM_TYPE_NUM + 1] = {
82 sizeof(int), /* EVP_TYPE */
83 sizeof(size_t), /* BITS */
84 -1, /* KEY_PARAMETERS */
85 0 /* KEY_NO_PARAMETERS */
88 const int STORE_attr_sizes[STORE_ATTR_TYPE_NUM + 1] = {
90 -1, /* FRIENDLYNAME: C string */
91 SHA_DIGEST_LENGTH, /* KEYID: SHA1 digest, 160 bits */
92 SHA_DIGEST_LENGTH, /* ISSUERKEYID: SHA1 digest, 160 bits */
93 SHA_DIGEST_LENGTH, /* SUBJECTKEYID: SHA1 digest, 160 bits */
94 SHA_DIGEST_LENGTH, /* ISSUERSERIALHASH: SHA1 digest, 160 bits */
95 sizeof(X509_NAME *), /* ISSUER: X509_NAME * */
96 sizeof(BIGNUM *), /* SERIAL: BIGNUM * */
97 sizeof(X509_NAME *), /* SUBJECT: X509_NAME * */
98 SHA_DIGEST_LENGTH, /* CERTHASH: SHA1 digest, 160 bits */
99 -1, /* EMAIL: C string */
100 -1, /* FILENAME: C string */
103 STORE *STORE_new_method(const STORE_METHOD *method)
107 if (method == NULL) {
108 STOREerr(STORE_F_STORE_NEW_METHOD, ERR_R_PASSED_NULL_PARAMETER);
112 ret = OPENSSL_malloc(sizeof(STORE));
114 STOREerr(STORE_F_STORE_NEW_METHOD, ERR_R_MALLOC_FAILURE);
120 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_STORE, ret, &ret->ex_data);
121 if (ret->meth->init && !ret->meth->init(ret)) {
128 STORE *STORE_new_engine(ENGINE *engine)
132 const STORE_METHOD *meth = 0;
134 #ifdef OPENSSL_NO_ENGINE
138 if (!ENGINE_init(engine)) {
139 STOREerr(STORE_F_STORE_NEW_ENGINE, ERR_R_ENGINE_LIB);
144 STOREerr(STORE_F_STORE_NEW_ENGINE, ERR_R_PASSED_NULL_PARAMETER);
148 meth = ENGINE_get_STORE(e);
150 STOREerr(STORE_F_STORE_NEW_ENGINE, ERR_R_ENGINE_LIB);
157 ret = STORE_new_method(meth);
159 STOREerr(STORE_F_STORE_NEW_ENGINE, ERR_R_STORE_LIB);
168 void STORE_free(STORE *store)
172 if (store->meth->clean)
173 store->meth->clean(store);
174 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_STORE, store, &store->ex_data);
178 int STORE_ctrl(STORE *store, int cmd, long i, void *p, void (*f) (void))
181 STOREerr(STORE_F_STORE_CTRL, ERR_R_PASSED_NULL_PARAMETER);
184 if (store->meth->ctrl)
185 return store->meth->ctrl(store, cmd, i, p, f);
186 STOREerr(STORE_F_STORE_CTRL, STORE_R_NO_CONTROL_FUNCTION);
190 int STORE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
191 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
193 return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_STORE, argl, argp,
194 new_func, dup_func, free_func);
197 int STORE_set_ex_data(STORE *r, int idx, void *arg)
199 return (CRYPTO_set_ex_data(&r->ex_data, idx, arg));
202 void *STORE_get_ex_data(STORE *r, int idx)
204 return (CRYPTO_get_ex_data(&r->ex_data, idx));
207 const STORE_METHOD *STORE_get_method(STORE *store)
212 const STORE_METHOD *STORE_set_method(STORE *store, const STORE_METHOD *meth)
220 #define check_store(s,fncode,fnname,fnerrcode) \
223 if ((s) == NULL || (s)->meth == NULL) \
225 STOREerr((fncode), ERR_R_PASSED_NULL_PARAMETER); \
228 if ((s)->meth->fnname == NULL) \
230 STOREerr((fncode), (fnerrcode)); \
238 X509 *STORE_get_certificate(STORE *s, OPENSSL_ITEM attributes[],
239 OPENSSL_ITEM parameters[])
241 STORE_OBJECT *object;
244 check_store(s, STORE_F_STORE_GET_CERTIFICATE,
245 get_object, STORE_R_NO_GET_OBJECT_FUNCTION);
247 object = s->meth->get_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
248 attributes, parameters);
249 if (!object || !object->data.x509.certificate) {
250 STOREerr(STORE_F_STORE_GET_CERTIFICATE,
251 STORE_R_FAILED_GETTING_CERTIFICATE);
254 CRYPTO_add(&object->data.x509.certificate->references, 1,
257 REF_PRINT("X509", data);
259 x = object->data.x509.certificate;
260 STORE_OBJECT_free(object);
264 int STORE_store_certificate(STORE *s, X509 *data, OPENSSL_ITEM attributes[],
265 OPENSSL_ITEM parameters[])
267 STORE_OBJECT *object;
270 check_store(s, STORE_F_STORE_CERTIFICATE,
271 store_object, STORE_R_NO_STORE_OBJECT_FUNCTION);
273 object = STORE_OBJECT_new();
275 STOREerr(STORE_F_STORE_STORE_CERTIFICATE, ERR_R_MALLOC_FAILURE);
279 CRYPTO_add(&data->references, 1, CRYPTO_LOCK_X509);
281 REF_PRINT("X509", data);
283 object->data.x509.certificate = data;
285 i = s->meth->store_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
286 object, attributes, parameters);
288 STORE_OBJECT_free(object);
291 STOREerr(STORE_F_STORE_STORE_CERTIFICATE,
292 STORE_R_FAILED_STORING_CERTIFICATE);
298 int STORE_modify_certificate(STORE *s, OPENSSL_ITEM search_attributes[],
299 OPENSSL_ITEM add_attributes[],
300 OPENSSL_ITEM modify_attributes[],
301 OPENSSL_ITEM delete_attributes[],
302 OPENSSL_ITEM parameters[])
304 check_store(s, STORE_F_STORE_MODIFY_CERTIFICATE,
305 modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION);
307 if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
308 search_attributes, add_attributes,
309 modify_attributes, delete_attributes,
311 STOREerr(STORE_F_STORE_MODIFY_CERTIFICATE,
312 STORE_R_FAILED_MODIFYING_CERTIFICATE);
318 int STORE_revoke_certificate(STORE *s, OPENSSL_ITEM attributes[],
319 OPENSSL_ITEM parameters[])
321 check_store(s, STORE_F_STORE_REVOKE_CERTIFICATE,
322 revoke_object, STORE_R_NO_REVOKE_OBJECT_FUNCTION);
324 if (!s->meth->revoke_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
325 attributes, parameters)) {
326 STOREerr(STORE_F_STORE_REVOKE_CERTIFICATE,
327 STORE_R_FAILED_REVOKING_CERTIFICATE);
333 int STORE_delete_certificate(STORE *s, OPENSSL_ITEM attributes[],
334 OPENSSL_ITEM parameters[])
336 check_store(s, STORE_F_STORE_DELETE_CERTIFICATE,
337 delete_object, STORE_R_NO_DELETE_OBJECT_FUNCTION);
339 if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
340 attributes, parameters)) {
341 STOREerr(STORE_F_STORE_DELETE_CERTIFICATE,
342 STORE_R_FAILED_DELETING_CERTIFICATE);
348 void *STORE_list_certificate_start(STORE *s, OPENSSL_ITEM attributes[],
349 OPENSSL_ITEM parameters[])
353 check_store(s, STORE_F_STORE_LIST_CERTIFICATE_START,
354 list_object_start, STORE_R_NO_LIST_OBJECT_START_FUNCTION);
356 handle = s->meth->list_object_start(s,
357 STORE_OBJECT_TYPE_X509_CERTIFICATE,
358 attributes, parameters);
360 STOREerr(STORE_F_STORE_LIST_CERTIFICATE_START,
361 STORE_R_FAILED_LISTING_CERTIFICATES);
367 X509 *STORE_list_certificate_next(STORE *s, void *handle)
369 STORE_OBJECT *object;
372 check_store(s, STORE_F_STORE_LIST_CERTIFICATE_NEXT,
373 list_object_next, STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
375 object = s->meth->list_object_next(s, handle);
376 if (!object || !object->data.x509.certificate) {
377 STOREerr(STORE_F_STORE_LIST_CERTIFICATE_NEXT,
378 STORE_R_FAILED_LISTING_CERTIFICATES);
381 CRYPTO_add(&object->data.x509.certificate->references, 1,
384 REF_PRINT("X509", data);
386 x = object->data.x509.certificate;
387 STORE_OBJECT_free(object);
391 int STORE_list_certificate_end(STORE *s, void *handle)
393 check_store(s, STORE_F_STORE_LIST_CERTIFICATE_END,
394 list_object_end, STORE_R_NO_LIST_OBJECT_END_FUNCTION);
396 if (!s->meth->list_object_end(s, handle)) {
397 STOREerr(STORE_F_STORE_LIST_CERTIFICATE_END,
398 STORE_R_FAILED_LISTING_CERTIFICATES);
404 int STORE_list_certificate_endp(STORE *s, void *handle)
406 check_store(s, STORE_F_STORE_LIST_CERTIFICATE_ENDP,
407 list_object_endp, STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
409 if (!s->meth->list_object_endp(s, handle)) {
410 STOREerr(STORE_F_STORE_LIST_CERTIFICATE_ENDP,
411 STORE_R_FAILED_LISTING_CERTIFICATES);
417 EVP_PKEY *STORE_generate_key(STORE *s, OPENSSL_ITEM attributes[],
418 OPENSSL_ITEM parameters[])
420 STORE_OBJECT *object;
423 check_store(s, STORE_F_STORE_GENERATE_KEY,
424 generate_object, STORE_R_NO_GENERATE_OBJECT_FUNCTION);
426 object = s->meth->generate_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
427 attributes, parameters);
428 if (!object || !object->data.key) {
429 STOREerr(STORE_F_STORE_GENERATE_KEY, STORE_R_FAILED_GENERATING_KEY);
432 CRYPTO_add(&object->data.key->references, 1, CRYPTO_LOCK_EVP_PKEY);
434 REF_PRINT("EVP_PKEY", data);
436 pkey = object->data.key;
437 STORE_OBJECT_free(object);
441 EVP_PKEY *STORE_get_private_key(STORE *s, OPENSSL_ITEM attributes[],
442 OPENSSL_ITEM parameters[])
444 STORE_OBJECT *object;
447 check_store(s, STORE_F_STORE_GET_PRIVATE_KEY,
448 get_object, STORE_R_NO_GET_OBJECT_FUNCTION);
450 object = s->meth->get_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
451 attributes, parameters);
452 if (!object || !object->data.key || !object->data.key) {
453 STOREerr(STORE_F_STORE_GET_PRIVATE_KEY, STORE_R_FAILED_GETTING_KEY);
456 CRYPTO_add(&object->data.key->references, 1, CRYPTO_LOCK_EVP_PKEY);
458 REF_PRINT("EVP_PKEY", data);
460 pkey = object->data.key;
461 STORE_OBJECT_free(object);
465 int STORE_store_private_key(STORE *s, EVP_PKEY *data,
466 OPENSSL_ITEM attributes[],
467 OPENSSL_ITEM parameters[])
469 STORE_OBJECT *object;
472 check_store(s, STORE_F_STORE_STORE_PRIVATE_KEY,
473 store_object, STORE_R_NO_STORE_OBJECT_FUNCTION);
475 object = STORE_OBJECT_new();
477 STOREerr(STORE_F_STORE_STORE_PRIVATE_KEY, ERR_R_MALLOC_FAILURE);
480 object->data.key = EVP_PKEY_new();
481 if (!object->data.key) {
482 STOREerr(STORE_F_STORE_STORE_PRIVATE_KEY, ERR_R_MALLOC_FAILURE);
486 CRYPTO_add(&data->references, 1, CRYPTO_LOCK_EVP_PKEY);
488 REF_PRINT("EVP_PKEY", data);
490 object->data.key = data;
492 i = s->meth->store_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY, object,
493 attributes, parameters);
495 STORE_OBJECT_free(object);
498 STOREerr(STORE_F_STORE_STORE_PRIVATE_KEY, STORE_R_FAILED_STORING_KEY);
504 int STORE_modify_private_key(STORE *s, OPENSSL_ITEM search_attributes[],
505 OPENSSL_ITEM add_attributes[],
506 OPENSSL_ITEM modify_attributes[],
507 OPENSSL_ITEM delete_attributes[],
508 OPENSSL_ITEM parameters[])
510 check_store(s, STORE_F_STORE_MODIFY_PRIVATE_KEY,
511 modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION);
513 if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
514 search_attributes, add_attributes,
515 modify_attributes, delete_attributes,
517 STOREerr(STORE_F_STORE_MODIFY_PRIVATE_KEY,
518 STORE_R_FAILED_MODIFYING_PRIVATE_KEY);
524 int STORE_revoke_private_key(STORE *s, OPENSSL_ITEM attributes[],
525 OPENSSL_ITEM parameters[])
529 check_store(s, STORE_F_STORE_REVOKE_PRIVATE_KEY,
530 revoke_object, STORE_R_NO_REVOKE_OBJECT_FUNCTION);
532 i = s->meth->revoke_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
533 attributes, parameters);
536 STOREerr(STORE_F_STORE_REVOKE_PRIVATE_KEY,
537 STORE_R_FAILED_REVOKING_KEY);
543 int STORE_delete_private_key(STORE *s, OPENSSL_ITEM attributes[],
544 OPENSSL_ITEM parameters[])
546 check_store(s, STORE_F_STORE_DELETE_PRIVATE_KEY,
547 delete_object, STORE_R_NO_DELETE_OBJECT_FUNCTION);
549 if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
550 attributes, parameters)) {
551 STOREerr(STORE_F_STORE_DELETE_PRIVATE_KEY,
552 STORE_R_FAILED_DELETING_KEY);
558 void *STORE_list_private_key_start(STORE *s, OPENSSL_ITEM attributes[],
559 OPENSSL_ITEM parameters[])
563 check_store(s, STORE_F_STORE_LIST_PRIVATE_KEY_START,
564 list_object_start, STORE_R_NO_LIST_OBJECT_START_FUNCTION);
566 handle = s->meth->list_object_start(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
567 attributes, parameters);
569 STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_START,
570 STORE_R_FAILED_LISTING_KEYS);
576 EVP_PKEY *STORE_list_private_key_next(STORE *s, void *handle)
578 STORE_OBJECT *object;
581 check_store(s, STORE_F_STORE_LIST_PRIVATE_KEY_NEXT,
582 list_object_next, STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
584 object = s->meth->list_object_next(s, handle);
585 if (!object || !object->data.key || !object->data.key) {
586 STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_NEXT,
587 STORE_R_FAILED_LISTING_KEYS);
590 CRYPTO_add(&object->data.key->references, 1, CRYPTO_LOCK_EVP_PKEY);
592 REF_PRINT("EVP_PKEY", data);
594 pkey = object->data.key;
595 STORE_OBJECT_free(object);
599 int STORE_list_private_key_end(STORE *s, void *handle)
601 check_store(s, STORE_F_STORE_LIST_PRIVATE_KEY_END,
602 list_object_end, STORE_R_NO_LIST_OBJECT_END_FUNCTION);
604 if (!s->meth->list_object_end(s, handle)) {
605 STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_END,
606 STORE_R_FAILED_LISTING_KEYS);
612 int STORE_list_private_key_endp(STORE *s, void *handle)
614 check_store(s, STORE_F_STORE_LIST_PRIVATE_KEY_ENDP,
615 list_object_endp, STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
617 if (!s->meth->list_object_endp(s, handle)) {
618 STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_ENDP,
619 STORE_R_FAILED_LISTING_KEYS);
625 EVP_PKEY *STORE_get_public_key(STORE *s, OPENSSL_ITEM attributes[],
626 OPENSSL_ITEM parameters[])
628 STORE_OBJECT *object;
631 check_store(s, STORE_F_STORE_GET_PUBLIC_KEY,
632 get_object, STORE_R_NO_GET_OBJECT_FUNCTION);
634 object = s->meth->get_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
635 attributes, parameters);
636 if (!object || !object->data.key || !object->data.key) {
637 STOREerr(STORE_F_STORE_GET_PUBLIC_KEY, STORE_R_FAILED_GETTING_KEY);
640 CRYPTO_add(&object->data.key->references, 1, CRYPTO_LOCK_EVP_PKEY);
642 REF_PRINT("EVP_PKEY", data);
644 pkey = object->data.key;
645 STORE_OBJECT_free(object);
649 int STORE_store_public_key(STORE *s, EVP_PKEY *data,
650 OPENSSL_ITEM attributes[],
651 OPENSSL_ITEM parameters[])
653 STORE_OBJECT *object;
656 check_store(s, STORE_F_STORE_STORE_PUBLIC_KEY,
657 store_object, STORE_R_NO_STORE_OBJECT_FUNCTION);
659 object = STORE_OBJECT_new();
661 STOREerr(STORE_F_STORE_STORE_PUBLIC_KEY, ERR_R_MALLOC_FAILURE);
664 object->data.key = EVP_PKEY_new();
665 if (!object->data.key) {
666 STOREerr(STORE_F_STORE_STORE_PUBLIC_KEY, ERR_R_MALLOC_FAILURE);
670 CRYPTO_add(&data->references, 1, CRYPTO_LOCK_EVP_PKEY);
672 REF_PRINT("EVP_PKEY", data);
674 object->data.key = data;
676 i = s->meth->store_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY, object,
677 attributes, parameters);
679 STORE_OBJECT_free(object);
682 STOREerr(STORE_F_STORE_STORE_PUBLIC_KEY, STORE_R_FAILED_STORING_KEY);
688 int STORE_modify_public_key(STORE *s, OPENSSL_ITEM search_attributes[],
689 OPENSSL_ITEM add_attributes[],
690 OPENSSL_ITEM modify_attributes[],
691 OPENSSL_ITEM delete_attributes[],
692 OPENSSL_ITEM parameters[])
694 check_store(s, STORE_F_STORE_MODIFY_PUBLIC_KEY,
695 modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION);
697 if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
698 search_attributes, add_attributes,
699 modify_attributes, delete_attributes,
701 STOREerr(STORE_F_STORE_MODIFY_PUBLIC_KEY,
702 STORE_R_FAILED_MODIFYING_PUBLIC_KEY);
708 int STORE_revoke_public_key(STORE *s, OPENSSL_ITEM attributes[],
709 OPENSSL_ITEM parameters[])
713 check_store(s, STORE_F_STORE_REVOKE_PUBLIC_KEY,
714 revoke_object, STORE_R_NO_REVOKE_OBJECT_FUNCTION);
716 i = s->meth->revoke_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
717 attributes, parameters);
720 STOREerr(STORE_F_STORE_REVOKE_PUBLIC_KEY,
721 STORE_R_FAILED_REVOKING_KEY);
727 int STORE_delete_public_key(STORE *s, OPENSSL_ITEM attributes[],
728 OPENSSL_ITEM parameters[])
730 check_store(s, STORE_F_STORE_DELETE_PUBLIC_KEY,
731 delete_object, STORE_R_NO_DELETE_OBJECT_FUNCTION);
733 if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
734 attributes, parameters)) {
735 STOREerr(STORE_F_STORE_DELETE_PUBLIC_KEY,
736 STORE_R_FAILED_DELETING_KEY);
742 void *STORE_list_public_key_start(STORE *s, OPENSSL_ITEM attributes[],
743 OPENSSL_ITEM parameters[])
747 check_store(s, STORE_F_STORE_LIST_PUBLIC_KEY_START,
748 list_object_start, STORE_R_NO_LIST_OBJECT_START_FUNCTION);
750 handle = s->meth->list_object_start(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
751 attributes, parameters);
753 STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_START,
754 STORE_R_FAILED_LISTING_KEYS);
760 EVP_PKEY *STORE_list_public_key_next(STORE *s, void *handle)
762 STORE_OBJECT *object;
765 check_store(s, STORE_F_STORE_LIST_PUBLIC_KEY_NEXT,
766 list_object_next, STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
768 object = s->meth->list_object_next(s, handle);
769 if (!object || !object->data.key || !object->data.key) {
770 STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_NEXT,
771 STORE_R_FAILED_LISTING_KEYS);
774 CRYPTO_add(&object->data.key->references, 1, CRYPTO_LOCK_EVP_PKEY);
776 REF_PRINT("EVP_PKEY", data);
778 pkey = object->data.key;
779 STORE_OBJECT_free(object);
783 int STORE_list_public_key_end(STORE *s, void *handle)
785 check_store(s, STORE_F_STORE_LIST_PUBLIC_KEY_END,
786 list_object_end, STORE_R_NO_LIST_OBJECT_END_FUNCTION);
788 if (!s->meth->list_object_end(s, handle)) {
789 STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_END,
790 STORE_R_FAILED_LISTING_KEYS);
796 int STORE_list_public_key_endp(STORE *s, void *handle)
798 check_store(s, STORE_F_STORE_LIST_PUBLIC_KEY_ENDP,
799 list_object_endp, STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
801 if (!s->meth->list_object_endp(s, handle)) {
802 STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_ENDP,
803 STORE_R_FAILED_LISTING_KEYS);
809 X509_CRL *STORE_generate_crl(STORE *s, OPENSSL_ITEM attributes[],
810 OPENSSL_ITEM parameters[])
812 STORE_OBJECT *object;
815 check_store(s, STORE_F_STORE_GENERATE_CRL,
816 generate_object, STORE_R_NO_GENERATE_CRL_FUNCTION);
818 object = s->meth->generate_object(s, STORE_OBJECT_TYPE_X509_CRL,
819 attributes, parameters);
820 if (!object || !object->data.crl) {
821 STOREerr(STORE_F_STORE_GENERATE_CRL, STORE_R_FAILED_GENERATING_CRL);
824 CRYPTO_add(&object->data.crl->references, 1, CRYPTO_LOCK_X509_CRL);
826 REF_PRINT("X509_CRL", data);
828 crl = object->data.crl;
829 STORE_OBJECT_free(object);
833 X509_CRL *STORE_get_crl(STORE *s, OPENSSL_ITEM attributes[],
834 OPENSSL_ITEM parameters[])
836 STORE_OBJECT *object;
839 check_store(s, STORE_F_STORE_GET_CRL,
840 get_object, STORE_R_NO_GET_OBJECT_FUNCTION);
842 object = s->meth->get_object(s, STORE_OBJECT_TYPE_X509_CRL,
843 attributes, parameters);
844 if (!object || !object->data.crl) {
845 STOREerr(STORE_F_STORE_GET_CRL, STORE_R_FAILED_GETTING_KEY);
848 CRYPTO_add(&object->data.crl->references, 1, CRYPTO_LOCK_X509_CRL);
850 REF_PRINT("X509_CRL", data);
852 crl = object->data.crl;
853 STORE_OBJECT_free(object);
857 int STORE_store_crl(STORE *s, X509_CRL *data, OPENSSL_ITEM attributes[],
858 OPENSSL_ITEM parameters[])
860 STORE_OBJECT *object;
863 check_store(s, STORE_F_STORE_STORE_CRL,
864 store_object, STORE_R_NO_STORE_OBJECT_FUNCTION);
866 object = STORE_OBJECT_new();
868 STOREerr(STORE_F_STORE_STORE_CRL, ERR_R_MALLOC_FAILURE);
872 CRYPTO_add(&data->references, 1, CRYPTO_LOCK_X509_CRL);
874 REF_PRINT("X509_CRL", data);
876 object->data.crl = data;
878 i = s->meth->store_object(s, STORE_OBJECT_TYPE_X509_CRL, object,
879 attributes, parameters);
881 STORE_OBJECT_free(object);
884 STOREerr(STORE_F_STORE_STORE_CRL, STORE_R_FAILED_STORING_KEY);
890 int STORE_modify_crl(STORE *s, OPENSSL_ITEM search_attributes[],
891 OPENSSL_ITEM add_attributes[],
892 OPENSSL_ITEM modify_attributes[],
893 OPENSSL_ITEM delete_attributes[],
894 OPENSSL_ITEM parameters[])
896 check_store(s, STORE_F_STORE_MODIFY_CRL,
897 modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION);
899 if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_X509_CRL,
900 search_attributes, add_attributes,
901 modify_attributes, delete_attributes,
903 STOREerr(STORE_F_STORE_MODIFY_CRL, STORE_R_FAILED_MODIFYING_CRL);
909 int STORE_delete_crl(STORE *s, OPENSSL_ITEM attributes[],
910 OPENSSL_ITEM parameters[])
912 check_store(s, STORE_F_STORE_DELETE_CRL,
913 delete_object, STORE_R_NO_DELETE_OBJECT_FUNCTION);
915 if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_X509_CRL,
916 attributes, parameters)) {
917 STOREerr(STORE_F_STORE_DELETE_CRL, STORE_R_FAILED_DELETING_KEY);
923 void *STORE_list_crl_start(STORE *s, OPENSSL_ITEM attributes[],
924 OPENSSL_ITEM parameters[])
928 check_store(s, STORE_F_STORE_LIST_CRL_START,
929 list_object_start, STORE_R_NO_LIST_OBJECT_START_FUNCTION);
931 handle = s->meth->list_object_start(s, STORE_OBJECT_TYPE_X509_CRL,
932 attributes, parameters);
934 STOREerr(STORE_F_STORE_LIST_CRL_START, STORE_R_FAILED_LISTING_KEYS);
940 X509_CRL *STORE_list_crl_next(STORE *s, void *handle)
942 STORE_OBJECT *object;
945 check_store(s, STORE_F_STORE_LIST_CRL_NEXT,
946 list_object_next, STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
948 object = s->meth->list_object_next(s, handle);
949 if (!object || !object->data.crl) {
950 STOREerr(STORE_F_STORE_LIST_CRL_NEXT, STORE_R_FAILED_LISTING_KEYS);
953 CRYPTO_add(&object->data.crl->references, 1, CRYPTO_LOCK_X509_CRL);
955 REF_PRINT("X509_CRL", data);
957 crl = object->data.crl;
958 STORE_OBJECT_free(object);
962 int STORE_list_crl_end(STORE *s, void *handle)
964 check_store(s, STORE_F_STORE_LIST_CRL_END,
965 list_object_end, STORE_R_NO_LIST_OBJECT_END_FUNCTION);
967 if (!s->meth->list_object_end(s, handle)) {
968 STOREerr(STORE_F_STORE_LIST_CRL_END, STORE_R_FAILED_LISTING_KEYS);
974 int STORE_list_crl_endp(STORE *s, void *handle)
976 check_store(s, STORE_F_STORE_LIST_CRL_ENDP,
977 list_object_endp, STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
979 if (!s->meth->list_object_endp(s, handle)) {
980 STOREerr(STORE_F_STORE_LIST_CRL_ENDP, STORE_R_FAILED_LISTING_KEYS);
986 int STORE_store_number(STORE *s, BIGNUM *data, OPENSSL_ITEM attributes[],
987 OPENSSL_ITEM parameters[])
989 STORE_OBJECT *object;
992 check_store(s, STORE_F_STORE_STORE_NUMBER,
993 store_object, STORE_R_NO_STORE_OBJECT_NUMBER_FUNCTION);
995 object = STORE_OBJECT_new();
997 STOREerr(STORE_F_STORE_STORE_NUMBER, ERR_R_MALLOC_FAILURE);
1001 object->data.number = data;
1003 i = s->meth->store_object(s, STORE_OBJECT_TYPE_NUMBER, object,
1004 attributes, parameters);
1006 STORE_OBJECT_free(object);
1009 STOREerr(STORE_F_STORE_STORE_NUMBER, STORE_R_FAILED_STORING_NUMBER);
1015 int STORE_modify_number(STORE *s, OPENSSL_ITEM search_attributes[],
1016 OPENSSL_ITEM add_attributes[],
1017 OPENSSL_ITEM modify_attributes[],
1018 OPENSSL_ITEM delete_attributes[],
1019 OPENSSL_ITEM parameters[])
1021 check_store(s, STORE_F_STORE_MODIFY_NUMBER,
1022 modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION);
1024 if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_NUMBER,
1025 search_attributes, add_attributes,
1026 modify_attributes, delete_attributes,
1028 STOREerr(STORE_F_STORE_MODIFY_NUMBER,
1029 STORE_R_FAILED_MODIFYING_NUMBER);
1035 BIGNUM *STORE_get_number(STORE *s, OPENSSL_ITEM attributes[],
1036 OPENSSL_ITEM parameters[])
1038 STORE_OBJECT *object;
1041 check_store(s, STORE_F_STORE_GET_NUMBER,
1042 get_object, STORE_R_NO_GET_OBJECT_NUMBER_FUNCTION);
1044 object = s->meth->get_object(s, STORE_OBJECT_TYPE_NUMBER, attributes,
1046 if (!object || !object->data.number) {
1047 STOREerr(STORE_F_STORE_GET_NUMBER, STORE_R_FAILED_GETTING_NUMBER);
1050 n = object->data.number;
1051 object->data.number = NULL;
1052 STORE_OBJECT_free(object);
1056 int STORE_delete_number(STORE *s, OPENSSL_ITEM attributes[],
1057 OPENSSL_ITEM parameters[])
1059 check_store(s, STORE_F_STORE_DELETE_NUMBER,
1060 delete_object, STORE_R_NO_DELETE_NUMBER_FUNCTION);
1062 if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_NUMBER, attributes,
1064 STOREerr(STORE_F_STORE_DELETE_NUMBER, STORE_R_FAILED_DELETING_NUMBER);
1070 int STORE_store_arbitrary(STORE *s, BUF_MEM *data, OPENSSL_ITEM attributes[],
1071 OPENSSL_ITEM parameters[])
1073 STORE_OBJECT *object;
1076 check_store(s, STORE_F_STORE_STORE_ARBITRARY,
1077 store_object, STORE_R_NO_STORE_OBJECT_ARBITRARY_FUNCTION);
1079 object = STORE_OBJECT_new();
1081 STOREerr(STORE_F_STORE_STORE_ARBITRARY, ERR_R_MALLOC_FAILURE);
1085 object->data.arbitrary = data;
1087 i = s->meth->store_object(s, STORE_OBJECT_TYPE_ARBITRARY, object,
1088 attributes, parameters);
1090 STORE_OBJECT_free(object);
1093 STOREerr(STORE_F_STORE_STORE_ARBITRARY,
1094 STORE_R_FAILED_STORING_ARBITRARY);
1100 int STORE_modify_arbitrary(STORE *s, OPENSSL_ITEM search_attributes[],
1101 OPENSSL_ITEM add_attributes[],
1102 OPENSSL_ITEM modify_attributes[],
1103 OPENSSL_ITEM delete_attributes[],
1104 OPENSSL_ITEM parameters[])
1106 check_store(s, STORE_F_STORE_MODIFY_ARBITRARY,
1107 modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION);
1109 if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_ARBITRARY,
1110 search_attributes, add_attributes,
1111 modify_attributes, delete_attributes,
1113 STOREerr(STORE_F_STORE_MODIFY_ARBITRARY,
1114 STORE_R_FAILED_MODIFYING_ARBITRARY);
1120 BUF_MEM *STORE_get_arbitrary(STORE *s, OPENSSL_ITEM attributes[],
1121 OPENSSL_ITEM parameters[])
1123 STORE_OBJECT *object;
1126 check_store(s, STORE_F_STORE_GET_ARBITRARY,
1127 get_object, STORE_R_NO_GET_OBJECT_ARBITRARY_FUNCTION);
1129 object = s->meth->get_object(s, STORE_OBJECT_TYPE_ARBITRARY,
1130 attributes, parameters);
1131 if (!object || !object->data.arbitrary) {
1132 STOREerr(STORE_F_STORE_GET_ARBITRARY,
1133 STORE_R_FAILED_GETTING_ARBITRARY);
1136 b = object->data.arbitrary;
1137 object->data.arbitrary = NULL;
1138 STORE_OBJECT_free(object);
1142 int STORE_delete_arbitrary(STORE *s, OPENSSL_ITEM attributes[],
1143 OPENSSL_ITEM parameters[])
1145 check_store(s, STORE_F_STORE_DELETE_ARBITRARY,
1146 delete_object, STORE_R_NO_DELETE_ARBITRARY_FUNCTION);
1148 if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_ARBITRARY, attributes,
1150 STOREerr(STORE_F_STORE_DELETE_ARBITRARY,
1151 STORE_R_FAILED_DELETING_ARBITRARY);
1157 STORE_OBJECT *STORE_OBJECT_new(void)
1159 STORE_OBJECT *object = OPENSSL_malloc(sizeof(STORE_OBJECT));
1161 memset(object, 0, sizeof(STORE_OBJECT));
1165 void STORE_OBJECT_free(STORE_OBJECT *data)
1169 switch (data->type) {
1170 case STORE_OBJECT_TYPE_X509_CERTIFICATE:
1171 X509_free(data->data.x509.certificate);
1173 case STORE_OBJECT_TYPE_X509_CRL:
1174 X509_CRL_free(data->data.crl);
1176 case STORE_OBJECT_TYPE_PRIVATE_KEY:
1177 case STORE_OBJECT_TYPE_PUBLIC_KEY:
1178 EVP_PKEY_free(data->data.key);
1180 case STORE_OBJECT_TYPE_NUMBER:
1181 BN_free(data->data.number);
1183 case STORE_OBJECT_TYPE_ARBITRARY:
1184 BUF_MEM_free(data->data.arbitrary);
1190 struct STORE_attr_info_st {
1191 unsigned char set[(STORE_ATTR_TYPE_NUM + 8) / 8];
1194 unsigned char *sha1string;
1198 } values[STORE_ATTR_TYPE_NUM + 1];
1199 size_t value_sizes[STORE_ATTR_TYPE_NUM + 1];
1202 #define ATTR_IS_SET(a,i) ((i) > 0 && (i) < STORE_ATTR_TYPE_NUM \
1203 && ((a)->set[(i) / 8] & (1 << ((i) % 8))))
1204 #define SET_ATTRBIT(a,i) ((a)->set[(i) / 8] |= (1 << ((i) % 8)))
1205 #define CLEAR_ATTRBIT(a,i) ((a)->set[(i) / 8] &= ~(1 << ((i) % 8)))
1207 STORE_ATTR_INFO *STORE_ATTR_INFO_new(void)
1209 return OPENSSL_malloc(sizeof(STORE_ATTR_INFO));
1212 static void STORE_ATTR_INFO_attr_free(STORE_ATTR_INFO *attrs,
1213 STORE_ATTR_TYPES code)
1215 if (ATTR_IS_SET(attrs, code)) {
1217 case STORE_ATTR_FRIENDLYNAME:
1218 case STORE_ATTR_EMAIL:
1219 case STORE_ATTR_FILENAME:
1220 STORE_ATTR_INFO_modify_cstr(attrs, code, NULL, 0);
1222 case STORE_ATTR_KEYID:
1223 case STORE_ATTR_ISSUERKEYID:
1224 case STORE_ATTR_SUBJECTKEYID:
1225 case STORE_ATTR_ISSUERSERIALHASH:
1226 case STORE_ATTR_CERTHASH:
1227 STORE_ATTR_INFO_modify_sha1str(attrs, code, NULL, 0);
1229 case STORE_ATTR_ISSUER:
1230 case STORE_ATTR_SUBJECT:
1231 STORE_ATTR_INFO_modify_dn(attrs, code, NULL);
1233 case STORE_ATTR_SERIAL:
1234 STORE_ATTR_INFO_modify_number(attrs, code, NULL);
1242 int STORE_ATTR_INFO_free(STORE_ATTR_INFO *attrs)
1246 for (i = 0; i++ < STORE_ATTR_TYPE_NUM;)
1247 STORE_ATTR_INFO_attr_free(attrs, i);
1248 OPENSSL_free(attrs);
1253 char *STORE_ATTR_INFO_get0_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code)
1256 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_CSTR,
1257 ERR_R_PASSED_NULL_PARAMETER);
1260 if (ATTR_IS_SET(attrs, code))
1261 return attrs->values[code].cstring;
1262 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_CSTR, STORE_R_NO_VALUE);
1266 unsigned char *STORE_ATTR_INFO_get0_sha1str(STORE_ATTR_INFO *attrs,
1267 STORE_ATTR_TYPES code)
1270 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_SHA1STR,
1271 ERR_R_PASSED_NULL_PARAMETER);
1274 if (ATTR_IS_SET(attrs, code))
1275 return attrs->values[code].sha1string;
1276 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_SHA1STR, STORE_R_NO_VALUE);
1280 X509_NAME *STORE_ATTR_INFO_get0_dn(STORE_ATTR_INFO *attrs,
1281 STORE_ATTR_TYPES code)
1284 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_DN,
1285 ERR_R_PASSED_NULL_PARAMETER);
1288 if (ATTR_IS_SET(attrs, code))
1289 return attrs->values[code].dn;
1290 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_DN, STORE_R_NO_VALUE);
1294 BIGNUM *STORE_ATTR_INFO_get0_number(STORE_ATTR_INFO *attrs,
1295 STORE_ATTR_TYPES code)
1298 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_NUMBER,
1299 ERR_R_PASSED_NULL_PARAMETER);
1302 if (ATTR_IS_SET(attrs, code))
1303 return attrs->values[code].number;
1304 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_NUMBER, STORE_R_NO_VALUE);
1308 int STORE_ATTR_INFO_set_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1309 char *cstr, size_t cstr_size)
1312 STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR,
1313 ERR_R_PASSED_NULL_PARAMETER);
1316 if (!ATTR_IS_SET(attrs, code)) {
1317 if ((attrs->values[code].cstring = BUF_strndup(cstr, cstr_size)))
1319 STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR, ERR_R_MALLOC_FAILURE);
1322 STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR, STORE_R_ALREADY_HAS_A_VALUE);
1326 int STORE_ATTR_INFO_set_sha1str(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1327 unsigned char *sha1str, size_t sha1str_size)
1330 STOREerr(STORE_F_STORE_ATTR_INFO_SET_SHA1STR,
1331 ERR_R_PASSED_NULL_PARAMETER);
1334 if (!ATTR_IS_SET(attrs, code)) {
1335 if ((attrs->values[code].sha1string =
1336 (unsigned char *)BUF_memdup(sha1str, sha1str_size)))
1338 STOREerr(STORE_F_STORE_ATTR_INFO_SET_SHA1STR, ERR_R_MALLOC_FAILURE);
1341 STOREerr(STORE_F_STORE_ATTR_INFO_SET_SHA1STR,
1342 STORE_R_ALREADY_HAS_A_VALUE);
1346 int STORE_ATTR_INFO_set_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1350 STOREerr(STORE_F_STORE_ATTR_INFO_SET_DN, ERR_R_PASSED_NULL_PARAMETER);
1353 if (!ATTR_IS_SET(attrs, code)) {
1354 if ((attrs->values[code].dn = X509_NAME_dup(dn)))
1356 STOREerr(STORE_F_STORE_ATTR_INFO_SET_DN, ERR_R_MALLOC_FAILURE);
1359 STOREerr(STORE_F_STORE_ATTR_INFO_SET_DN, STORE_R_ALREADY_HAS_A_VALUE);
1363 int STORE_ATTR_INFO_set_number(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1367 STOREerr(STORE_F_STORE_ATTR_INFO_SET_NUMBER,
1368 ERR_R_PASSED_NULL_PARAMETER);
1371 if (!ATTR_IS_SET(attrs, code)) {
1372 if ((attrs->values[code].number = BN_dup(number)))
1374 STOREerr(STORE_F_STORE_ATTR_INFO_SET_NUMBER, ERR_R_MALLOC_FAILURE);
1377 STOREerr(STORE_F_STORE_ATTR_INFO_SET_NUMBER, STORE_R_ALREADY_HAS_A_VALUE);
1381 int STORE_ATTR_INFO_modify_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1382 char *cstr, size_t cstr_size)
1385 STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_CSTR,
1386 ERR_R_PASSED_NULL_PARAMETER);
1389 if (ATTR_IS_SET(attrs, code)) {
1390 OPENSSL_free(attrs->values[code].cstring);
1391 attrs->values[code].cstring = NULL;
1392 CLEAR_ATTRBIT(attrs, code);
1394 return STORE_ATTR_INFO_set_cstr(attrs, code, cstr, cstr_size);
1397 int STORE_ATTR_INFO_modify_sha1str(STORE_ATTR_INFO *attrs,
1398 STORE_ATTR_TYPES code,
1399 unsigned char *sha1str,
1400 size_t sha1str_size)
1403 STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_SHA1STR,
1404 ERR_R_PASSED_NULL_PARAMETER);
1407 if (ATTR_IS_SET(attrs, code)) {
1408 OPENSSL_free(attrs->values[code].sha1string);
1409 attrs->values[code].sha1string = NULL;
1410 CLEAR_ATTRBIT(attrs, code);
1412 return STORE_ATTR_INFO_set_sha1str(attrs, code, sha1str, sha1str_size);
1415 int STORE_ATTR_INFO_modify_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1419 STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_DN,
1420 ERR_R_PASSED_NULL_PARAMETER);
1423 if (ATTR_IS_SET(attrs, code)) {
1424 OPENSSL_free(attrs->values[code].dn);
1425 attrs->values[code].dn = NULL;
1426 CLEAR_ATTRBIT(attrs, code);
1428 return STORE_ATTR_INFO_set_dn(attrs, code, dn);
1431 int STORE_ATTR_INFO_modify_number(STORE_ATTR_INFO *attrs,
1432 STORE_ATTR_TYPES code, BIGNUM *number)
1435 STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_NUMBER,
1436 ERR_R_PASSED_NULL_PARAMETER);
1439 if (ATTR_IS_SET(attrs, code)) {
1440 OPENSSL_free(attrs->values[code].number);
1441 attrs->values[code].number = NULL;
1442 CLEAR_ATTRBIT(attrs, code);
1444 return STORE_ATTR_INFO_set_number(attrs, code, number);
1447 struct attr_list_ctx_st {
1448 OPENSSL_ITEM *attributes;
1450 void *STORE_parse_attrs_start(OPENSSL_ITEM *attributes)
1453 struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)
1454 OPENSSL_malloc(sizeof(struct attr_list_ctx_st));
1456 context->attributes = attributes;
1458 STOREerr(STORE_F_STORE_PARSE_ATTRS_START, ERR_R_MALLOC_FAILURE);
1461 STOREerr(STORE_F_STORE_PARSE_ATTRS_START, ERR_R_PASSED_NULL_PARAMETER);
1465 STORE_ATTR_INFO *STORE_parse_attrs_next(void *handle)
1467 struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)handle;
1469 if (context && context->attributes) {
1470 STORE_ATTR_INFO *attrs = NULL;
1472 while (context->attributes
1473 && context->attributes->code != STORE_ATTR_OR
1474 && context->attributes->code != STORE_ATTR_END) {
1475 switch (context->attributes->code) {
1476 case STORE_ATTR_FRIENDLYNAME:
1477 case STORE_ATTR_EMAIL:
1478 case STORE_ATTR_FILENAME:
1480 attrs = STORE_ATTR_INFO_new();
1481 if (attrs == NULL) {
1482 STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
1483 ERR_R_MALLOC_FAILURE);
1486 STORE_ATTR_INFO_set_cstr(attrs,
1487 context->attributes->code,
1488 context->attributes->value,
1489 context->attributes->value_size);
1491 case STORE_ATTR_KEYID:
1492 case STORE_ATTR_ISSUERKEYID:
1493 case STORE_ATTR_SUBJECTKEYID:
1494 case STORE_ATTR_ISSUERSERIALHASH:
1495 case STORE_ATTR_CERTHASH:
1497 attrs = STORE_ATTR_INFO_new();
1498 if (attrs == NULL) {
1499 STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
1500 ERR_R_MALLOC_FAILURE);
1503 STORE_ATTR_INFO_set_sha1str(attrs,
1504 context->attributes->code,
1505 context->attributes->value,
1506 context->attributes->value_size);
1508 case STORE_ATTR_ISSUER:
1509 case STORE_ATTR_SUBJECT:
1511 attrs = STORE_ATTR_INFO_new();
1512 if (attrs == NULL) {
1513 STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
1514 ERR_R_MALLOC_FAILURE);
1517 STORE_ATTR_INFO_modify_dn(attrs,
1518 context->attributes->code,
1519 context->attributes->value);
1521 case STORE_ATTR_SERIAL:
1523 attrs = STORE_ATTR_INFO_new();
1524 if (attrs == NULL) {
1525 STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
1526 ERR_R_MALLOC_FAILURE);
1529 STORE_ATTR_INFO_modify_number(attrs,
1530 context->attributes->code,
1531 context->attributes->value);
1534 context->attributes++;
1536 if (context->attributes->code == STORE_ATTR_OR)
1537 context->attributes++;
1540 while (context->attributes
1541 && context->attributes->code != STORE_ATTR_OR
1542 && context->attributes->code != STORE_ATTR_END)
1543 context->attributes++;
1544 if (context->attributes->code == STORE_ATTR_OR)
1545 context->attributes++;
1548 STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT, ERR_R_PASSED_NULL_PARAMETER);
1552 int STORE_parse_attrs_end(void *handle)
1554 struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)handle;
1556 if (context && context->attributes) {
1558 OPENSSL_ITEM *attributes = context->attributes;
1560 OPENSSL_free(context);
1563 STOREerr(STORE_F_STORE_PARSE_ATTRS_END, ERR_R_PASSED_NULL_PARAMETER);
1567 int STORE_parse_attrs_endp(void *handle)
1569 struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)handle;
1571 if (context && context->attributes) {
1572 return context->attributes->code == STORE_ATTR_END;
1574 STOREerr(STORE_F_STORE_PARSE_ATTRS_ENDP, ERR_R_PASSED_NULL_PARAMETER);
1578 static int attr_info_compare_compute_range(const unsigned char *abits,
1579 const unsigned char *bbits,
1580 unsigned int *alowp,
1581 unsigned int *ahighp,
1582 unsigned int *blowp,
1583 unsigned int *bhighp)
1585 unsigned int alow = (unsigned int)-1, ahigh = 0;
1586 unsigned int blow = (unsigned int)-1, bhigh = 0;
1589 for (i = 0; i < (STORE_ATTR_TYPE_NUM + 8) / 8; i++, abits++, bbits++) {
1591 if (*abits < *bbits)
1593 if (*abits > *bbits)
1597 if (alow == (unsigned int)-1) {
1599 if (!(*abits & 0x01))
1601 if (!(*abits & 0x02))
1603 if (!(*abits & 0x04))
1605 if (!(*abits & 0x08))
1607 if (!(*abits & 0x10))
1609 if (!(*abits & 0x20))
1611 if (!(*abits & 0x40))
1615 if (!(*abits & 0x80))
1617 if (!(*abits & 0x40))
1619 if (!(*abits & 0x20))
1621 if (!(*abits & 0x10))
1623 if (!(*abits & 0x08))
1625 if (!(*abits & 0x04))
1627 if (!(*abits & 0x02))
1631 if (blow == (unsigned int)-1) {
1633 if (!(*bbits & 0x01))
1635 if (!(*bbits & 0x02))
1637 if (!(*bbits & 0x04))
1639 if (!(*bbits & 0x08))
1641 if (!(*bbits & 0x10))
1643 if (!(*bbits & 0x20))
1645 if (!(*bbits & 0x40))
1649 if (!(*bbits & 0x80))
1651 if (!(*bbits & 0x40))
1653 if (!(*bbits & 0x20))
1655 if (!(*bbits & 0x10))
1657 if (!(*bbits & 0x08))
1659 if (!(*bbits & 0x04))
1661 if (!(*bbits & 0x02))
1665 if (ahigh + alow < bhigh + blow)
1667 if (ahigh + alow > bhigh + blow)
1680 int STORE_ATTR_INFO_compare(const STORE_ATTR_INFO *const *a,
1681 const STORE_ATTR_INFO *const *b)
1689 return attr_info_compare_compute_range((*a)->set, (*b)->set, 0, 0, 0, 0);
1692 int STORE_ATTR_INFO_in_range(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
1694 unsigned int alow, ahigh, blow, bhigh;
1702 attr_info_compare_compute_range(a->set, b->set,
1703 &alow, &ahigh, &blow, &bhigh);
1704 if (alow >= blow && ahigh <= bhigh)
1709 int STORE_ATTR_INFO_in(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
1711 unsigned char *abits, *bbits;
1722 for (i = 0; i < (STORE_ATTR_TYPE_NUM + 8) / 8; i++, abits++, bbits++) {
1723 if (*abits && (*bbits & *abits) != *abits)
1729 int STORE_ATTR_INFO_in_ex(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
1735 if (!STORE_ATTR_INFO_in(a, b))
1737 for (i = 1; i < STORE_ATTR_TYPE_NUM; i++)
1738 if (ATTR_IS_SET(a, i)) {
1740 case STORE_ATTR_FRIENDLYNAME:
1741 case STORE_ATTR_EMAIL:
1742 case STORE_ATTR_FILENAME:
1743 if (strcmp(a->values[i].cstring, b->values[i].cstring))
1746 case STORE_ATTR_KEYID:
1747 case STORE_ATTR_ISSUERKEYID:
1748 case STORE_ATTR_SUBJECTKEYID:
1749 case STORE_ATTR_ISSUERSERIALHASH:
1750 case STORE_ATTR_CERTHASH:
1751 if (memcmp(a->values[i].sha1string,
1752 b->values[i].sha1string, a->value_sizes[i]))
1755 case STORE_ATTR_ISSUER:
1756 case STORE_ATTR_SUBJECT:
1757 if (X509_NAME_cmp(a->values[i].dn, b->values[i].dn))
1760 case STORE_ATTR_SERIAL:
1761 if (BN_cmp(a->values[i].number, b->values[i].number))