1/* crypto/store/str_lib.c */ 2/* 3 * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project 4 * 2003. 5 */ 6/* ==================================================================== 7 * Copyright (c) 2003 The OpenSSL Project. All rights reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 16 * 2. Redistributions in binary form must reproduce the above copyright 17 * notice, this list of conditions and the following disclaimer in 18 * the documentation and/or other materials provided with the 19 * distribution. 20 * 21 * 3. All advertising materials mentioning features or use of this 22 * software must display the following acknowledgment: 23 * "This product includes software developed by the OpenSSL Project 24 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" 25 * 26 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 27 * endorse or promote products derived from this software without 28 * prior written permission. For written permission, please contact 29 * openssl-core@openssl.org. 30 * 31 * 5. Products derived from this software may not be called "OpenSSL" 32 * nor may "OpenSSL" appear in their names without prior written 33 * permission of the OpenSSL Project. 34 * 35 * 6. Redistributions of any form whatsoever must retain the following 36 * acknowledgment: 37 * "This product includes software developed by the OpenSSL Project 38 * for use in the OpenSSL Toolkit (http://www.openssl.org/)" 39 * 40 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 41 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 43 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 44 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 45 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 46 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 47 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 49 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 50 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 51 * OF THE POSSIBILITY OF SUCH DAMAGE. 52 * ==================================================================== 53 * 54 * This product includes cryptographic software written by Eric Young 55 * (eay@cryptsoft.com). This product includes software written by Tim 56 * Hudson (tjh@cryptsoft.com). 57 * 58 */ 59 60#include <string.h> 61#include <openssl/bn.h> 62#include <openssl/err.h> 63#ifndef OPENSSL_NO_ENGINE 64# include <openssl/engine.h> 65#endif 66#include <openssl/sha.h> 67#include <openssl/x509.h> 68#include "str_locl.h" 69 70const char *const STORE_object_type_string[STORE_OBJECT_TYPE_NUM + 1] = { 71 0, 72 "X.509 Certificate", 73 "X.509 CRL", 74 "Private Key", 75 "Public Key", 76 "Number", 77 "Arbitrary Data" 78}; 79 80const int STORE_param_sizes[STORE_PARAM_TYPE_NUM + 1] = { 81 0, 82 sizeof(int), /* EVP_TYPE */ 83 sizeof(size_t), /* BITS */ 84 -1, /* KEY_PARAMETERS */ 85 0 /* KEY_NO_PARAMETERS */ 86}; 87 88const int STORE_attr_sizes[STORE_ATTR_TYPE_NUM + 1] = { 89 0, 90 -1, /* FRIENDLYNAME: C string */ 91 SHA_DIGEST_LENGTH, /* KEYID: SHA1 digest, 160 bits */ 92 SHA_DIGEST_LENGTH, /* ISSUERKEYID: SHA1 digest, 160 bits */ 93 SHA_DIGEST_LENGTH, /* SUBJECTKEYID: SHA1 digest, 160 bits */ 94 SHA_DIGEST_LENGTH, /* ISSUERSERIALHASH: SHA1 digest, 160 bits */ 95 sizeof(X509_NAME *), /* ISSUER: X509_NAME * */ 96 sizeof(BIGNUM *), /* SERIAL: BIGNUM * */ 97 sizeof(X509_NAME *), /* SUBJECT: X509_NAME * */ 98 SHA_DIGEST_LENGTH, /* CERTHASH: SHA1 digest, 160 bits */ 99 -1, /* EMAIL: C string */ 100 -1, /* FILENAME: C string */ 101}; 102 103STORE *STORE_new_method(const STORE_METHOD *method) 104{ 105 STORE *ret; 106 107 if (method == NULL) { 108 STOREerr(STORE_F_STORE_NEW_METHOD, ERR_R_PASSED_NULL_PARAMETER); 109 return NULL; 110 } 111 112 ret = (STORE *)OPENSSL_malloc(sizeof(STORE)); 113 if (ret == NULL) { 114 STOREerr(STORE_F_STORE_NEW_METHOD, ERR_R_MALLOC_FAILURE); 115 return NULL; 116 } 117 118 ret->meth = method; 119 120 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_STORE, ret, &ret->ex_data); 121 if (ret->meth->init && !ret->meth->init(ret)) { 122 STORE_free(ret); 123 ret = NULL; 124 } 125 return ret; 126} 127 128STORE *STORE_new_engine(ENGINE *engine) 129{ 130 STORE *ret = NULL; 131 ENGINE *e = engine; 132 const STORE_METHOD *meth = 0; 133 134#ifdef OPENSSL_NO_ENGINE 135 e = NULL; 136#else 137 if (engine) { 138 if (!ENGINE_init(engine)) { 139 STOREerr(STORE_F_STORE_NEW_ENGINE, ERR_R_ENGINE_LIB); 140 return NULL; 141 } 142 e = engine; 143 } else { 144 STOREerr(STORE_F_STORE_NEW_ENGINE, ERR_R_PASSED_NULL_PARAMETER); 145 return NULL; 146 } 147 if (e) { 148 meth = ENGINE_get_STORE(e); 149 if (!meth) { 150 STOREerr(STORE_F_STORE_NEW_ENGINE, ERR_R_ENGINE_LIB); 151 ENGINE_finish(e); 152 return NULL; 153 } 154 } 155#endif 156 157 ret = STORE_new_method(meth); 158 if (ret == NULL) { 159 STOREerr(STORE_F_STORE_NEW_ENGINE, ERR_R_STORE_LIB); 160 return NULL; 161 } 162 163 ret->engine = e; 164 165 return (ret); 166} 167 168void STORE_free(STORE *store) 169{ 170 if (store == NULL) 171 return; 172 if (store->meth->clean) 173 store->meth->clean(store); 174 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_STORE, store, &store->ex_data); 175 OPENSSL_free(store); 176} 177 178int STORE_ctrl(STORE *store, int cmd, long i, void *p, void (*f) (void)) 179{ 180 if (store == NULL) { 181 STOREerr(STORE_F_STORE_CTRL, ERR_R_PASSED_NULL_PARAMETER); 182 return 0; 183 } 184 if (store->meth->ctrl) 185 return store->meth->ctrl(store, cmd, i, p, f); 186 STOREerr(STORE_F_STORE_CTRL, STORE_R_NO_CONTROL_FUNCTION); 187 return 0; 188} 189 190int STORE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func, 191 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func) 192{ 193 return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_STORE, argl, argp, 194 new_func, dup_func, free_func); 195} 196 197int STORE_set_ex_data(STORE *r, int idx, void *arg) 198{ 199 return (CRYPTO_set_ex_data(&r->ex_data, idx, arg)); 200} 201 202void *STORE_get_ex_data(STORE *r, int idx) 203{ 204 return (CRYPTO_get_ex_data(&r->ex_data, idx)); 205} 206 207const STORE_METHOD *STORE_get_method(STORE *store) 208{ 209 return store->meth; 210} 211 212const STORE_METHOD *STORE_set_method(STORE *store, const STORE_METHOD *meth) 213{ 214 store->meth = meth; 215 return store->meth; 216} 217 218/* API helpers */ 219 220#define check_store(s,fncode,fnname,fnerrcode) \ 221 do \ 222 { \ 223 if ((s) == NULL || (s)->meth == NULL) \ 224 { \ 225 STOREerr((fncode), ERR_R_PASSED_NULL_PARAMETER); \ 226 return 0; \ 227 } \ 228 if ((s)->meth->fnname == NULL) \ 229 { \ 230 STOREerr((fncode), (fnerrcode)); \ 231 return 0; \ 232 } \ 233 } \ 234 while(0) 235 236/* API functions */ 237 238X509 *STORE_get_certificate(STORE *s, OPENSSL_ITEM attributes[], 239 OPENSSL_ITEM parameters[]) 240{ 241 STORE_OBJECT *object; 242 X509 *x; 243 244 check_store(s, STORE_F_STORE_GET_CERTIFICATE, 245 get_object, STORE_R_NO_GET_OBJECT_FUNCTION); 246 247 object = s->meth->get_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE, 248 attributes, parameters); 249 if (!object || !object->data.x509.certificate) { 250 STOREerr(STORE_F_STORE_GET_CERTIFICATE, 251 STORE_R_FAILED_GETTING_CERTIFICATE); 252 return 0; 253 } 254 CRYPTO_add(&object->data.x509.certificate->references, 1, 255 CRYPTO_LOCK_X509); 256#ifdef REF_PRINT 257 REF_PRINT("X509", data); 258#endif 259 x = object->data.x509.certificate; 260 STORE_OBJECT_free(object); 261 return x; 262} 263 264int STORE_store_certificate(STORE *s, X509 *data, OPENSSL_ITEM attributes[], 265 OPENSSL_ITEM parameters[]) 266{ 267 STORE_OBJECT *object; 268 int i; 269 270 check_store(s, STORE_F_STORE_CERTIFICATE, 271 store_object, STORE_R_NO_STORE_OBJECT_FUNCTION); 272 273 object = STORE_OBJECT_new(); 274 if (!object) { 275 STOREerr(STORE_F_STORE_STORE_CERTIFICATE, ERR_R_MALLOC_FAILURE); 276 return 0; 277 } 278 279 CRYPTO_add(&data->references, 1, CRYPTO_LOCK_X509); 280#ifdef REF_PRINT 281 REF_PRINT("X509", data); 282#endif 283 object->data.x509.certificate = data; 284 285 i = s->meth->store_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE, 286 object, attributes, parameters); 287 288 STORE_OBJECT_free(object); 289 290 if (!i) { 291 STOREerr(STORE_F_STORE_STORE_CERTIFICATE, 292 STORE_R_FAILED_STORING_CERTIFICATE); 293 return 0; 294 } 295 return 1; 296} 297 298int STORE_modify_certificate(STORE *s, OPENSSL_ITEM search_attributes[], 299 OPENSSL_ITEM add_attributes[], 300 OPENSSL_ITEM modify_attributes[], 301 OPENSSL_ITEM delete_attributes[], 302 OPENSSL_ITEM parameters[]) 303{ 304 check_store(s, STORE_F_STORE_MODIFY_CERTIFICATE, 305 modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION); 306 307 if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE, 308 search_attributes, add_attributes, 309 modify_attributes, delete_attributes, 310 parameters)) { 311 STOREerr(STORE_F_STORE_MODIFY_CERTIFICATE, 312 STORE_R_FAILED_MODIFYING_CERTIFICATE); 313 return 0; 314 } 315 return 1; 316} 317 318int STORE_revoke_certificate(STORE *s, OPENSSL_ITEM attributes[], 319 OPENSSL_ITEM parameters[]) 320{ 321 check_store(s, STORE_F_STORE_REVOKE_CERTIFICATE, 322 revoke_object, STORE_R_NO_REVOKE_OBJECT_FUNCTION); 323 324 if (!s->meth->revoke_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE, 325 attributes, parameters)) { 326 STOREerr(STORE_F_STORE_REVOKE_CERTIFICATE, 327 STORE_R_FAILED_REVOKING_CERTIFICATE); 328 return 0; 329 } 330 return 1; 331} 332 333int STORE_delete_certificate(STORE *s, OPENSSL_ITEM attributes[], 334 OPENSSL_ITEM parameters[]) 335{ 336 check_store(s, STORE_F_STORE_DELETE_CERTIFICATE, 337 delete_object, STORE_R_NO_DELETE_OBJECT_FUNCTION); 338 339 if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE, 340 attributes, parameters)) { 341 STOREerr(STORE_F_STORE_DELETE_CERTIFICATE, 342 STORE_R_FAILED_DELETING_CERTIFICATE); 343 return 0; 344 } 345 return 1; 346} 347 348void *STORE_list_certificate_start(STORE *s, OPENSSL_ITEM attributes[], 349 OPENSSL_ITEM parameters[]) 350{ 351 void *handle; 352 353 check_store(s, STORE_F_STORE_LIST_CERTIFICATE_START, 354 list_object_start, STORE_R_NO_LIST_OBJECT_START_FUNCTION); 355 356 handle = s->meth->list_object_start(s, 357 STORE_OBJECT_TYPE_X509_CERTIFICATE, 358 attributes, parameters); 359 if (!handle) { 360 STOREerr(STORE_F_STORE_LIST_CERTIFICATE_START, 361 STORE_R_FAILED_LISTING_CERTIFICATES); 362 return 0; 363 } 364 return handle; 365} 366 367X509 *STORE_list_certificate_next(STORE *s, void *handle) 368{ 369 STORE_OBJECT *object; 370 X509 *x; 371 372 check_store(s, STORE_F_STORE_LIST_CERTIFICATE_NEXT, 373 list_object_next, STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION); 374 375 object = s->meth->list_object_next(s, handle); 376 if (!object || !object->data.x509.certificate) { 377 STOREerr(STORE_F_STORE_LIST_CERTIFICATE_NEXT, 378 STORE_R_FAILED_LISTING_CERTIFICATES); 379 return 0; 380 } 381 CRYPTO_add(&object->data.x509.certificate->references, 1, 382 CRYPTO_LOCK_X509); 383#ifdef REF_PRINT 384 REF_PRINT("X509", data); 385#endif 386 x = object->data.x509.certificate; 387 STORE_OBJECT_free(object); 388 return x; 389} 390 391int STORE_list_certificate_end(STORE *s, void *handle) 392{ 393 check_store(s, STORE_F_STORE_LIST_CERTIFICATE_END, 394 list_object_end, STORE_R_NO_LIST_OBJECT_END_FUNCTION); 395 396 if (!s->meth->list_object_end(s, handle)) { 397 STOREerr(STORE_F_STORE_LIST_CERTIFICATE_END, 398 STORE_R_FAILED_LISTING_CERTIFICATES); 399 return 0; 400 } 401 return 1; 402} 403 404int STORE_list_certificate_endp(STORE *s, void *handle) 405{ 406 check_store(s, STORE_F_STORE_LIST_CERTIFICATE_ENDP, 407 list_object_endp, STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION); 408 409 if (!s->meth->list_object_endp(s, handle)) { 410 STOREerr(STORE_F_STORE_LIST_CERTIFICATE_ENDP, 411 STORE_R_FAILED_LISTING_CERTIFICATES); 412 return 0; 413 } 414 return 1; 415} 416 417EVP_PKEY *STORE_generate_key(STORE *s, OPENSSL_ITEM attributes[], 418 OPENSSL_ITEM parameters[]) 419{ 420 STORE_OBJECT *object; 421 EVP_PKEY *pkey; 422 423 check_store(s, STORE_F_STORE_GENERATE_KEY, 424 generate_object, STORE_R_NO_GENERATE_OBJECT_FUNCTION); 425 426 object = s->meth->generate_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY, 427 attributes, parameters); 428 if (!object || !object->data.key) { 429 STOREerr(STORE_F_STORE_GENERATE_KEY, STORE_R_FAILED_GENERATING_KEY); 430 return 0; 431 } 432 CRYPTO_add(&object->data.key->references, 1, CRYPTO_LOCK_EVP_PKEY); 433#ifdef REF_PRINT 434 REF_PRINT("EVP_PKEY", data); 435#endif 436 pkey = object->data.key; 437 STORE_OBJECT_free(object); 438 return pkey; 439} 440 441EVP_PKEY *STORE_get_private_key(STORE *s, OPENSSL_ITEM attributes[], 442 OPENSSL_ITEM parameters[]) 443{ 444 STORE_OBJECT *object; 445 EVP_PKEY *pkey; 446 447 check_store(s, STORE_F_STORE_GET_PRIVATE_KEY, 448 get_object, STORE_R_NO_GET_OBJECT_FUNCTION); 449 450 object = s->meth->get_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY, 451 attributes, parameters); 452 if (!object || !object->data.key || !object->data.key) { 453 STOREerr(STORE_F_STORE_GET_PRIVATE_KEY, STORE_R_FAILED_GETTING_KEY); 454 return 0; 455 } 456 CRYPTO_add(&object->data.key->references, 1, CRYPTO_LOCK_EVP_PKEY); 457#ifdef REF_PRINT 458 REF_PRINT("EVP_PKEY", data); 459#endif 460 pkey = object->data.key; 461 STORE_OBJECT_free(object); 462 return pkey; 463} 464 465int STORE_store_private_key(STORE *s, EVP_PKEY *data, 466 OPENSSL_ITEM attributes[], 467 OPENSSL_ITEM parameters[]) 468{ 469 STORE_OBJECT *object; 470 int i; 471 472 check_store(s, STORE_F_STORE_STORE_PRIVATE_KEY, 473 store_object, STORE_R_NO_STORE_OBJECT_FUNCTION); 474 475 object = STORE_OBJECT_new(); 476 if (!object) { 477 STOREerr(STORE_F_STORE_STORE_PRIVATE_KEY, ERR_R_MALLOC_FAILURE); 478 return 0; 479 } 480 object->data.key = EVP_PKEY_new(); 481 if (!object->data.key) { 482 STOREerr(STORE_F_STORE_STORE_PRIVATE_KEY, ERR_R_MALLOC_FAILURE); 483 return 0; 484 } 485 486 CRYPTO_add(&data->references, 1, CRYPTO_LOCK_EVP_PKEY); 487#ifdef REF_PRINT 488 REF_PRINT("EVP_PKEY", data); 489#endif 490 object->data.key = data; 491 492 i = s->meth->store_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY, object, 493 attributes, parameters); 494 495 STORE_OBJECT_free(object); 496 497 if (!i) { 498 STOREerr(STORE_F_STORE_STORE_PRIVATE_KEY, STORE_R_FAILED_STORING_KEY); 499 return 0; 500 } 501 return i; 502} 503 504int STORE_modify_private_key(STORE *s, OPENSSL_ITEM search_attributes[], 505 OPENSSL_ITEM add_attributes[], 506 OPENSSL_ITEM modify_attributes[], 507 OPENSSL_ITEM delete_attributes[], 508 OPENSSL_ITEM parameters[]) 509{ 510 check_store(s, STORE_F_STORE_MODIFY_PRIVATE_KEY, 511 modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION); 512 513 if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY, 514 search_attributes, add_attributes, 515 modify_attributes, delete_attributes, 516 parameters)) { 517 STOREerr(STORE_F_STORE_MODIFY_PRIVATE_KEY, 518 STORE_R_FAILED_MODIFYING_PRIVATE_KEY); 519 return 0; 520 } 521 return 1; 522} 523 524int STORE_revoke_private_key(STORE *s, OPENSSL_ITEM attributes[], 525 OPENSSL_ITEM parameters[]) 526{ 527 int i; 528 529 check_store(s, STORE_F_STORE_REVOKE_PRIVATE_KEY, 530 revoke_object, STORE_R_NO_REVOKE_OBJECT_FUNCTION); 531 532 i = s->meth->revoke_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY, 533 attributes, parameters); 534 535 if (!i) { 536 STOREerr(STORE_F_STORE_REVOKE_PRIVATE_KEY, 537 STORE_R_FAILED_REVOKING_KEY); 538 return 0; 539 } 540 return i; 541} 542 543int STORE_delete_private_key(STORE *s, OPENSSL_ITEM attributes[], 544 OPENSSL_ITEM parameters[]) 545{ 546 check_store(s, STORE_F_STORE_DELETE_PRIVATE_KEY, 547 delete_object, STORE_R_NO_DELETE_OBJECT_FUNCTION); 548 549 if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY, 550 attributes, parameters)) { 551 STOREerr(STORE_F_STORE_DELETE_PRIVATE_KEY, 552 STORE_R_FAILED_DELETING_KEY); 553 return 0; 554 } 555 return 1; 556} 557 558void *STORE_list_private_key_start(STORE *s, OPENSSL_ITEM attributes[], 559 OPENSSL_ITEM parameters[]) 560{ 561 void *handle; 562 563 check_store(s, STORE_F_STORE_LIST_PRIVATE_KEY_START, 564 list_object_start, STORE_R_NO_LIST_OBJECT_START_FUNCTION); 565 566 handle = s->meth->list_object_start(s, STORE_OBJECT_TYPE_PRIVATE_KEY, 567 attributes, parameters); 568 if (!handle) { 569 STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_START, 570 STORE_R_FAILED_LISTING_KEYS); 571 return 0; 572 } 573 return handle; 574} 575 576EVP_PKEY *STORE_list_private_key_next(STORE *s, void *handle) 577{ 578 STORE_OBJECT *object; 579 EVP_PKEY *pkey; 580 581 check_store(s, STORE_F_STORE_LIST_PRIVATE_KEY_NEXT, 582 list_object_next, STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION); 583 584 object = s->meth->list_object_next(s, handle); 585 if (!object || !object->data.key || !object->data.key) { 586 STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_NEXT, 587 STORE_R_FAILED_LISTING_KEYS); 588 return 0; 589 } 590 CRYPTO_add(&object->data.key->references, 1, CRYPTO_LOCK_EVP_PKEY); 591#ifdef REF_PRINT 592 REF_PRINT("EVP_PKEY", data); 593#endif 594 pkey = object->data.key; 595 STORE_OBJECT_free(object); 596 return pkey; 597} 598 599int STORE_list_private_key_end(STORE *s, void *handle) 600{ 601 check_store(s, STORE_F_STORE_LIST_PRIVATE_KEY_END, 602 list_object_end, STORE_R_NO_LIST_OBJECT_END_FUNCTION); 603 604 if (!s->meth->list_object_end(s, handle)) { 605 STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_END, 606 STORE_R_FAILED_LISTING_KEYS); 607 return 0; 608 } 609 return 1; 610} 611 612int STORE_list_private_key_endp(STORE *s, void *handle) 613{ 614 check_store(s, STORE_F_STORE_LIST_PRIVATE_KEY_ENDP, 615 list_object_endp, STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION); 616 617 if (!s->meth->list_object_endp(s, handle)) { 618 STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_ENDP, 619 STORE_R_FAILED_LISTING_KEYS); 620 return 0; 621 } 622 return 1; 623} 624 625EVP_PKEY *STORE_get_public_key(STORE *s, OPENSSL_ITEM attributes[], 626 OPENSSL_ITEM parameters[]) 627{ 628 STORE_OBJECT *object; 629 EVP_PKEY *pkey; 630 631 check_store(s, STORE_F_STORE_GET_PUBLIC_KEY, 632 get_object, STORE_R_NO_GET_OBJECT_FUNCTION); 633 634 object = s->meth->get_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY, 635 attributes, parameters); 636 if (!object || !object->data.key || !object->data.key) { 637 STOREerr(STORE_F_STORE_GET_PUBLIC_KEY, STORE_R_FAILED_GETTING_KEY); 638 return 0; 639 } 640 CRYPTO_add(&object->data.key->references, 1, CRYPTO_LOCK_EVP_PKEY); 641#ifdef REF_PRINT 642 REF_PRINT("EVP_PKEY", data); 643#endif 644 pkey = object->data.key; 645 STORE_OBJECT_free(object); 646 return pkey; 647} 648 649int STORE_store_public_key(STORE *s, EVP_PKEY *data, 650 OPENSSL_ITEM attributes[], 651 OPENSSL_ITEM parameters[]) 652{ 653 STORE_OBJECT *object; 654 int i; 655 656 check_store(s, STORE_F_STORE_STORE_PUBLIC_KEY, 657 store_object, STORE_R_NO_STORE_OBJECT_FUNCTION); 658 659 object = STORE_OBJECT_new(); 660 if (!object) { 661 STOREerr(STORE_F_STORE_STORE_PUBLIC_KEY, ERR_R_MALLOC_FAILURE); 662 return 0; 663 } 664 object->data.key = EVP_PKEY_new(); 665 if (!object->data.key) { 666 STOREerr(STORE_F_STORE_STORE_PUBLIC_KEY, ERR_R_MALLOC_FAILURE); 667 return 0; 668 } 669 670 CRYPTO_add(&data->references, 1, CRYPTO_LOCK_EVP_PKEY); 671#ifdef REF_PRINT 672 REF_PRINT("EVP_PKEY", data); 673#endif 674 object->data.key = data; 675 676 i = s->meth->store_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY, object, 677 attributes, parameters); 678 679 STORE_OBJECT_free(object); 680 681 if (!i) { 682 STOREerr(STORE_F_STORE_STORE_PUBLIC_KEY, STORE_R_FAILED_STORING_KEY); 683 return 0; 684 } 685 return i; 686} 687 688int STORE_modify_public_key(STORE *s, OPENSSL_ITEM search_attributes[], 689 OPENSSL_ITEM add_attributes[], 690 OPENSSL_ITEM modify_attributes[], 691 OPENSSL_ITEM delete_attributes[], 692 OPENSSL_ITEM parameters[]) 693{ 694 check_store(s, STORE_F_STORE_MODIFY_PUBLIC_KEY, 695 modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION); 696 697 if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY, 698 search_attributes, add_attributes, 699 modify_attributes, delete_attributes, 700 parameters)) { 701 STOREerr(STORE_F_STORE_MODIFY_PUBLIC_KEY, 702 STORE_R_FAILED_MODIFYING_PUBLIC_KEY); 703 return 0; 704 } 705 return 1; 706} 707 708int STORE_revoke_public_key(STORE *s, OPENSSL_ITEM attributes[], 709 OPENSSL_ITEM parameters[]) 710{ 711 int i; 712 713 check_store(s, STORE_F_STORE_REVOKE_PUBLIC_KEY, 714 revoke_object, STORE_R_NO_REVOKE_OBJECT_FUNCTION); 715 716 i = s->meth->revoke_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY, 717 attributes, parameters); 718 719 if (!i) { 720 STOREerr(STORE_F_STORE_REVOKE_PUBLIC_KEY, 721 STORE_R_FAILED_REVOKING_KEY); 722 return 0; 723 } 724 return i; 725} 726 727int STORE_delete_public_key(STORE *s, OPENSSL_ITEM attributes[], 728 OPENSSL_ITEM parameters[]) 729{ 730 check_store(s, STORE_F_STORE_DELETE_PUBLIC_KEY, 731 delete_object, STORE_R_NO_DELETE_OBJECT_FUNCTION); 732 733 if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY, 734 attributes, parameters)) { 735 STOREerr(STORE_F_STORE_DELETE_PUBLIC_KEY, 736 STORE_R_FAILED_DELETING_KEY); 737 return 0; 738 } 739 return 1; 740} 741 742void *STORE_list_public_key_start(STORE *s, OPENSSL_ITEM attributes[], 743 OPENSSL_ITEM parameters[]) 744{ 745 void *handle; 746 747 check_store(s, STORE_F_STORE_LIST_PUBLIC_KEY_START, 748 list_object_start, STORE_R_NO_LIST_OBJECT_START_FUNCTION); 749 750 handle = s->meth->list_object_start(s, STORE_OBJECT_TYPE_PUBLIC_KEY, 751 attributes, parameters); 752 if (!handle) { 753 STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_START, 754 STORE_R_FAILED_LISTING_KEYS); 755 return 0; 756 } 757 return handle; 758} 759 760EVP_PKEY *STORE_list_public_key_next(STORE *s, void *handle) 761{ 762 STORE_OBJECT *object; 763 EVP_PKEY *pkey; 764 765 check_store(s, STORE_F_STORE_LIST_PUBLIC_KEY_NEXT, 766 list_object_next, STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION); 767 768 object = s->meth->list_object_next(s, handle); 769 if (!object || !object->data.key || !object->data.key) { 770 STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_NEXT, 771 STORE_R_FAILED_LISTING_KEYS); 772 return 0; 773 } 774 CRYPTO_add(&object->data.key->references, 1, CRYPTO_LOCK_EVP_PKEY); 775#ifdef REF_PRINT 776 REF_PRINT("EVP_PKEY", data); 777#endif 778 pkey = object->data.key; 779 STORE_OBJECT_free(object); 780 return pkey; 781} 782 783int STORE_list_public_key_end(STORE *s, void *handle) 784{ 785 check_store(s, STORE_F_STORE_LIST_PUBLIC_KEY_END, 786 list_object_end, STORE_R_NO_LIST_OBJECT_END_FUNCTION); 787 788 if (!s->meth->list_object_end(s, handle)) { 789 STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_END, 790 STORE_R_FAILED_LISTING_KEYS); 791 return 0; 792 } 793 return 1; 794} 795 796int STORE_list_public_key_endp(STORE *s, void *handle) 797{ 798 check_store(s, STORE_F_STORE_LIST_PUBLIC_KEY_ENDP, 799 list_object_endp, STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION); 800 801 if (!s->meth->list_object_endp(s, handle)) { 802 STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_ENDP, 803 STORE_R_FAILED_LISTING_KEYS); 804 return 0; 805 } 806 return 1; 807} 808 809X509_CRL *STORE_generate_crl(STORE *s, OPENSSL_ITEM attributes[], 810 OPENSSL_ITEM parameters[]) 811{ 812 STORE_OBJECT *object; 813 X509_CRL *crl; 814 815 check_store(s, STORE_F_STORE_GENERATE_CRL, 816 generate_object, STORE_R_NO_GENERATE_CRL_FUNCTION); 817 818 object = s->meth->generate_object(s, STORE_OBJECT_TYPE_X509_CRL, 819 attributes, parameters); 820 if (!object || !object->data.crl) { 821 STOREerr(STORE_F_STORE_GENERATE_CRL, STORE_R_FAILED_GENERATING_CRL); 822 return 0; 823 } 824 CRYPTO_add(&object->data.crl->references, 1, CRYPTO_LOCK_X509_CRL); 825#ifdef REF_PRINT 826 REF_PRINT("X509_CRL", data); 827#endif 828 crl = object->data.crl; 829 STORE_OBJECT_free(object); 830 return crl; 831} 832 833X509_CRL *STORE_get_crl(STORE *s, OPENSSL_ITEM attributes[], 834 OPENSSL_ITEM parameters[]) 835{ 836 STORE_OBJECT *object; 837 X509_CRL *crl; 838 839 check_store(s, STORE_F_STORE_GET_CRL, 840 get_object, STORE_R_NO_GET_OBJECT_FUNCTION); 841 842 object = s->meth->get_object(s, STORE_OBJECT_TYPE_X509_CRL, 843 attributes, parameters); 844 if (!object || !object->data.crl) { 845 STOREerr(STORE_F_STORE_GET_CRL, STORE_R_FAILED_GETTING_KEY); 846 return 0; 847 } 848 CRYPTO_add(&object->data.crl->references, 1, CRYPTO_LOCK_X509_CRL); 849#ifdef REF_PRINT 850 REF_PRINT("X509_CRL", data); 851#endif 852 crl = object->data.crl; 853 STORE_OBJECT_free(object); 854 return crl; 855} 856 857int STORE_store_crl(STORE *s, X509_CRL *data, OPENSSL_ITEM attributes[], 858 OPENSSL_ITEM parameters[]) 859{ 860 STORE_OBJECT *object; 861 int i; 862 863 check_store(s, STORE_F_STORE_STORE_CRL, 864 store_object, STORE_R_NO_STORE_OBJECT_FUNCTION); 865 866 object = STORE_OBJECT_new(); 867 if (!object) { 868 STOREerr(STORE_F_STORE_STORE_CRL, ERR_R_MALLOC_FAILURE); 869 return 0; 870 } 871 872 CRYPTO_add(&data->references, 1, CRYPTO_LOCK_X509_CRL); 873#ifdef REF_PRINT 874 REF_PRINT("X509_CRL", data); 875#endif 876 object->data.crl = data; 877 878 i = s->meth->store_object(s, STORE_OBJECT_TYPE_X509_CRL, object, 879 attributes, parameters); 880 881 STORE_OBJECT_free(object); 882 883 if (!i) { 884 STOREerr(STORE_F_STORE_STORE_CRL, STORE_R_FAILED_STORING_KEY); 885 return 0; 886 } 887 return i; 888} 889 890int STORE_modify_crl(STORE *s, OPENSSL_ITEM search_attributes[], 891 OPENSSL_ITEM add_attributes[], 892 OPENSSL_ITEM modify_attributes[], 893 OPENSSL_ITEM delete_attributes[], 894 OPENSSL_ITEM parameters[]) 895{ 896 check_store(s, STORE_F_STORE_MODIFY_CRL, 897 modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION); 898 899 if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_X509_CRL, 900 search_attributes, add_attributes, 901 modify_attributes, delete_attributes, 902 parameters)) { 903 STOREerr(STORE_F_STORE_MODIFY_CRL, STORE_R_FAILED_MODIFYING_CRL); 904 return 0; 905 } 906 return 1; 907} 908 909int STORE_delete_crl(STORE *s, OPENSSL_ITEM attributes[], 910 OPENSSL_ITEM parameters[]) 911{ 912 check_store(s, STORE_F_STORE_DELETE_CRL, 913 delete_object, STORE_R_NO_DELETE_OBJECT_FUNCTION); 914 915 if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_X509_CRL, 916 attributes, parameters)) { 917 STOREerr(STORE_F_STORE_DELETE_CRL, STORE_R_FAILED_DELETING_KEY); 918 return 0; 919 } 920 return 1; 921} 922 923void *STORE_list_crl_start(STORE *s, OPENSSL_ITEM attributes[], 924 OPENSSL_ITEM parameters[]) 925{ 926 void *handle; 927 928 check_store(s, STORE_F_STORE_LIST_CRL_START, 929 list_object_start, STORE_R_NO_LIST_OBJECT_START_FUNCTION); 930 931 handle = s->meth->list_object_start(s, STORE_OBJECT_TYPE_X509_CRL, 932 attributes, parameters); 933 if (!handle) { 934 STOREerr(STORE_F_STORE_LIST_CRL_START, STORE_R_FAILED_LISTING_KEYS); 935 return 0; 936 } 937 return handle; 938} 939 940X509_CRL *STORE_list_crl_next(STORE *s, void *handle) 941{ 942 STORE_OBJECT *object; 943 X509_CRL *crl; 944 945 check_store(s, STORE_F_STORE_LIST_CRL_NEXT, 946 list_object_next, STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION); 947 948 object = s->meth->list_object_next(s, handle); 949 if (!object || !object->data.crl) { 950 STOREerr(STORE_F_STORE_LIST_CRL_NEXT, STORE_R_FAILED_LISTING_KEYS); 951 return 0; 952 } 953 CRYPTO_add(&object->data.crl->references, 1, CRYPTO_LOCK_X509_CRL); 954#ifdef REF_PRINT 955 REF_PRINT("X509_CRL", data); 956#endif 957 crl = object->data.crl; 958 STORE_OBJECT_free(object); 959 return crl; 960} 961 962int STORE_list_crl_end(STORE *s, void *handle) 963{ 964 check_store(s, STORE_F_STORE_LIST_CRL_END, 965 list_object_end, STORE_R_NO_LIST_OBJECT_END_FUNCTION); 966 967 if (!s->meth->list_object_end(s, handle)) { 968 STOREerr(STORE_F_STORE_LIST_CRL_END, STORE_R_FAILED_LISTING_KEYS); 969 return 0; 970 } 971 return 1; 972} 973 974int STORE_list_crl_endp(STORE *s, void *handle) 975{ 976 check_store(s, STORE_F_STORE_LIST_CRL_ENDP, 977 list_object_endp, STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION); 978 979 if (!s->meth->list_object_endp(s, handle)) { 980 STOREerr(STORE_F_STORE_LIST_CRL_ENDP, STORE_R_FAILED_LISTING_KEYS); 981 return 0; 982 } 983 return 1; 984} 985 986int STORE_store_number(STORE *s, BIGNUM *data, OPENSSL_ITEM attributes[], 987 OPENSSL_ITEM parameters[]) 988{ 989 STORE_OBJECT *object; 990 int i; 991 992 check_store(s, STORE_F_STORE_STORE_NUMBER, 993 store_object, STORE_R_NO_STORE_OBJECT_NUMBER_FUNCTION); 994 995 object = STORE_OBJECT_new(); 996 if (!object) { 997 STOREerr(STORE_F_STORE_STORE_NUMBER, ERR_R_MALLOC_FAILURE); 998 return 0; 999 } 1000 1001 object->data.number = data; 1002 1003 i = s->meth->store_object(s, STORE_OBJECT_TYPE_NUMBER, object, 1004 attributes, parameters); 1005 1006 STORE_OBJECT_free(object); 1007 1008 if (!i) { 1009 STOREerr(STORE_F_STORE_STORE_NUMBER, STORE_R_FAILED_STORING_NUMBER); 1010 return 0; 1011 } 1012 return 1; 1013} 1014 1015int STORE_modify_number(STORE *s, OPENSSL_ITEM search_attributes[], 1016 OPENSSL_ITEM add_attributes[], 1017 OPENSSL_ITEM modify_attributes[], 1018 OPENSSL_ITEM delete_attributes[], 1019 OPENSSL_ITEM parameters[]) 1020{ 1021 check_store(s, STORE_F_STORE_MODIFY_NUMBER, 1022 modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION); 1023 1024 if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_NUMBER, 1025 search_attributes, add_attributes, 1026 modify_attributes, delete_attributes, 1027 parameters)) { 1028 STOREerr(STORE_F_STORE_MODIFY_NUMBER, 1029 STORE_R_FAILED_MODIFYING_NUMBER); 1030 return 0; 1031 } 1032 return 1; 1033} 1034 1035BIGNUM *STORE_get_number(STORE *s, OPENSSL_ITEM attributes[], 1036 OPENSSL_ITEM parameters[]) 1037{ 1038 STORE_OBJECT *object; 1039 BIGNUM *n; 1040 1041 check_store(s, STORE_F_STORE_GET_NUMBER, 1042 get_object, STORE_R_NO_GET_OBJECT_NUMBER_FUNCTION); 1043 1044 object = s->meth->get_object(s, STORE_OBJECT_TYPE_NUMBER, attributes, 1045 parameters); 1046 if (!object || !object->data.number) { 1047 STOREerr(STORE_F_STORE_GET_NUMBER, STORE_R_FAILED_GETTING_NUMBER); 1048 return 0; 1049 } 1050 n = object->data.number; 1051 object->data.number = NULL; 1052 STORE_OBJECT_free(object); 1053 return n; 1054} 1055 1056int STORE_delete_number(STORE *s, OPENSSL_ITEM attributes[], 1057 OPENSSL_ITEM parameters[]) 1058{ 1059 check_store(s, STORE_F_STORE_DELETE_NUMBER, 1060 delete_object, STORE_R_NO_DELETE_NUMBER_FUNCTION); 1061 1062 if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_NUMBER, attributes, 1063 parameters)) { 1064 STOREerr(STORE_F_STORE_DELETE_NUMBER, STORE_R_FAILED_DELETING_NUMBER); 1065 return 0; 1066 } 1067 return 1; 1068} 1069 1070int STORE_store_arbitrary(STORE *s, BUF_MEM *data, OPENSSL_ITEM attributes[], 1071 OPENSSL_ITEM parameters[]) 1072{ 1073 STORE_OBJECT *object; 1074 int i; 1075 1076 check_store(s, STORE_F_STORE_STORE_ARBITRARY, 1077 store_object, STORE_R_NO_STORE_OBJECT_ARBITRARY_FUNCTION); 1078 1079 object = STORE_OBJECT_new(); 1080 if (!object) { 1081 STOREerr(STORE_F_STORE_STORE_ARBITRARY, ERR_R_MALLOC_FAILURE); 1082 return 0; 1083 } 1084 1085 object->data.arbitrary = data; 1086 1087 i = s->meth->store_object(s, STORE_OBJECT_TYPE_ARBITRARY, object, 1088 attributes, parameters); 1089 1090 STORE_OBJECT_free(object); 1091 1092 if (!i) { 1093 STOREerr(STORE_F_STORE_STORE_ARBITRARY, 1094 STORE_R_FAILED_STORING_ARBITRARY); 1095 return 0; 1096 } 1097 return 1; 1098} 1099 1100int STORE_modify_arbitrary(STORE *s, OPENSSL_ITEM search_attributes[], 1101 OPENSSL_ITEM add_attributes[], 1102 OPENSSL_ITEM modify_attributes[], 1103 OPENSSL_ITEM delete_attributes[], 1104 OPENSSL_ITEM parameters[]) 1105{ 1106 check_store(s, STORE_F_STORE_MODIFY_ARBITRARY, 1107 modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION); 1108 1109 if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_ARBITRARY, 1110 search_attributes, add_attributes, 1111 modify_attributes, delete_attributes, 1112 parameters)) { 1113 STOREerr(STORE_F_STORE_MODIFY_ARBITRARY, 1114 STORE_R_FAILED_MODIFYING_ARBITRARY); 1115 return 0; 1116 } 1117 return 1; 1118} 1119 1120BUF_MEM *STORE_get_arbitrary(STORE *s, OPENSSL_ITEM attributes[], 1121 OPENSSL_ITEM parameters[]) 1122{ 1123 STORE_OBJECT *object; 1124 BUF_MEM *b; 1125 1126 check_store(s, STORE_F_STORE_GET_ARBITRARY, 1127 get_object, STORE_R_NO_GET_OBJECT_ARBITRARY_FUNCTION); 1128 1129 object = s->meth->get_object(s, STORE_OBJECT_TYPE_ARBITRARY, 1130 attributes, parameters); 1131 if (!object || !object->data.arbitrary) { 1132 STOREerr(STORE_F_STORE_GET_ARBITRARY, 1133 STORE_R_FAILED_GETTING_ARBITRARY); 1134 return 0; 1135 } 1136 b = object->data.arbitrary; 1137 object->data.arbitrary = NULL; 1138 STORE_OBJECT_free(object); 1139 return b; 1140} 1141 1142int STORE_delete_arbitrary(STORE *s, OPENSSL_ITEM attributes[], 1143 OPENSSL_ITEM parameters[]) 1144{ 1145 check_store(s, STORE_F_STORE_DELETE_ARBITRARY, 1146 delete_object, STORE_R_NO_DELETE_ARBITRARY_FUNCTION); 1147 1148 if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_ARBITRARY, attributes, 1149 parameters)) { 1150 STOREerr(STORE_F_STORE_DELETE_ARBITRARY, 1151 STORE_R_FAILED_DELETING_ARBITRARY); 1152 return 0; 1153 } 1154 return 1; 1155} 1156 1157STORE_OBJECT *STORE_OBJECT_new(void) 1158{ 1159 STORE_OBJECT *object = OPENSSL_malloc(sizeof(STORE_OBJECT)); 1160 if (object) 1161 memset(object, 0, sizeof(STORE_OBJECT)); 1162 return object; 1163} 1164 1165void STORE_OBJECT_free(STORE_OBJECT *data) 1166{ 1167 if (!data) 1168 return; 1169 switch (data->type) { 1170 case STORE_OBJECT_TYPE_X509_CERTIFICATE: 1171 X509_free(data->data.x509.certificate); 1172 break; 1173 case STORE_OBJECT_TYPE_X509_CRL: 1174 X509_CRL_free(data->data.crl); 1175 break; 1176 case STORE_OBJECT_TYPE_PRIVATE_KEY: 1177 case STORE_OBJECT_TYPE_PUBLIC_KEY: 1178 EVP_PKEY_free(data->data.key); 1179 break; 1180 case STORE_OBJECT_TYPE_NUMBER: 1181 BN_free(data->data.number); 1182 break; 1183 case STORE_OBJECT_TYPE_ARBITRARY: 1184 BUF_MEM_free(data->data.arbitrary); 1185 break; 1186 } 1187 OPENSSL_free(data); 1188} 1189 1190IMPLEMENT_STACK_OF(STORE_OBJECT*) 1191 1192struct STORE_attr_info_st { 1193 unsigned char set[(STORE_ATTR_TYPE_NUM + 8) / 8]; 1194 union { 1195 char *cstring; 1196 unsigned char *sha1string; 1197 X509_NAME *dn; 1198 BIGNUM *number; 1199 void *any; 1200 } values[STORE_ATTR_TYPE_NUM + 1]; 1201 size_t value_sizes[STORE_ATTR_TYPE_NUM + 1]; 1202}; 1203 1204#define ATTR_IS_SET(a,i) ((i) > 0 && (i) < STORE_ATTR_TYPE_NUM \ 1205 && ((a)->set[(i) / 8] & (1 << ((i) % 8)))) 1206#define SET_ATTRBIT(a,i) ((a)->set[(i) / 8] |= (1 << ((i) % 8))) 1207#define CLEAR_ATTRBIT(a,i) ((a)->set[(i) / 8] &= ~(1 << ((i) % 8))) 1208 1209STORE_ATTR_INFO *STORE_ATTR_INFO_new(void) 1210{ 1211 return (STORE_ATTR_INFO *)OPENSSL_malloc(sizeof(STORE_ATTR_INFO)); 1212} 1213 1214static void STORE_ATTR_INFO_attr_free(STORE_ATTR_INFO *attrs, 1215 STORE_ATTR_TYPES code) 1216{ 1217 if (ATTR_IS_SET(attrs, code)) { 1218 switch (code) { 1219 case STORE_ATTR_FRIENDLYNAME: 1220 case STORE_ATTR_EMAIL: 1221 case STORE_ATTR_FILENAME: 1222 STORE_ATTR_INFO_modify_cstr(attrs, code, NULL, 0); 1223 break; 1224 case STORE_ATTR_KEYID: 1225 case STORE_ATTR_ISSUERKEYID: 1226 case STORE_ATTR_SUBJECTKEYID: 1227 case STORE_ATTR_ISSUERSERIALHASH: 1228 case STORE_ATTR_CERTHASH: 1229 STORE_ATTR_INFO_modify_sha1str(attrs, code, NULL, 0); 1230 break; 1231 case STORE_ATTR_ISSUER: 1232 case STORE_ATTR_SUBJECT: 1233 STORE_ATTR_INFO_modify_dn(attrs, code, NULL); 1234 break; 1235 case STORE_ATTR_SERIAL: 1236 STORE_ATTR_INFO_modify_number(attrs, code, NULL); 1237 break; 1238 default: 1239 break; 1240 } 1241 } 1242} 1243 1244int STORE_ATTR_INFO_free(STORE_ATTR_INFO *attrs) 1245{ 1246 if (attrs) { 1247 STORE_ATTR_TYPES i; 1248 for (i = 0; i++ < STORE_ATTR_TYPE_NUM;) 1249 STORE_ATTR_INFO_attr_free(attrs, i); 1250 OPENSSL_free(attrs); 1251 } 1252 return 1; 1253} 1254 1255char *STORE_ATTR_INFO_get0_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code) 1256{ 1257 if (!attrs) { 1258 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_CSTR, 1259 ERR_R_PASSED_NULL_PARAMETER); 1260 return NULL; 1261 } 1262 if (ATTR_IS_SET(attrs, code)) 1263 return attrs->values[code].cstring; 1264 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_CSTR, STORE_R_NO_VALUE); 1265 return NULL; 1266} 1267 1268unsigned char *STORE_ATTR_INFO_get0_sha1str(STORE_ATTR_INFO *attrs, 1269 STORE_ATTR_TYPES code) 1270{ 1271 if (!attrs) { 1272 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_SHA1STR, 1273 ERR_R_PASSED_NULL_PARAMETER); 1274 return NULL; 1275 } 1276 if (ATTR_IS_SET(attrs, code)) 1277 return attrs->values[code].sha1string; 1278 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_SHA1STR, STORE_R_NO_VALUE); 1279 return NULL; 1280} 1281 1282X509_NAME *STORE_ATTR_INFO_get0_dn(STORE_ATTR_INFO *attrs, 1283 STORE_ATTR_TYPES code) 1284{ 1285 if (!attrs) { 1286 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_DN, 1287 ERR_R_PASSED_NULL_PARAMETER); 1288 return NULL; 1289 } 1290 if (ATTR_IS_SET(attrs, code)) 1291 return attrs->values[code].dn; 1292 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_DN, STORE_R_NO_VALUE); 1293 return NULL; 1294} 1295 1296BIGNUM *STORE_ATTR_INFO_get0_number(STORE_ATTR_INFO *attrs, 1297 STORE_ATTR_TYPES code) 1298{ 1299 if (!attrs) { 1300 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_NUMBER, 1301 ERR_R_PASSED_NULL_PARAMETER); 1302 return NULL; 1303 } 1304 if (ATTR_IS_SET(attrs, code)) 1305 return attrs->values[code].number; 1306 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_NUMBER, STORE_R_NO_VALUE); 1307 return NULL; 1308} 1309 1310int STORE_ATTR_INFO_set_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code, 1311 char *cstr, size_t cstr_size) 1312{ 1313 if (!attrs) { 1314 STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR, 1315 ERR_R_PASSED_NULL_PARAMETER); 1316 return 0; 1317 } 1318 if (!ATTR_IS_SET(attrs, code)) { 1319 if ((attrs->values[code].cstring = BUF_strndup(cstr, cstr_size))) 1320 return 1; 1321 STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR, ERR_R_MALLOC_FAILURE); 1322 return 0; 1323 } 1324 STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR, STORE_R_ALREADY_HAS_A_VALUE); 1325 return 0; 1326} 1327 1328int STORE_ATTR_INFO_set_sha1str(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code, 1329 unsigned char *sha1str, size_t sha1str_size) 1330{ 1331 if (!attrs) { 1332 STOREerr(STORE_F_STORE_ATTR_INFO_SET_SHA1STR, 1333 ERR_R_PASSED_NULL_PARAMETER); 1334 return 0; 1335 } 1336 if (!ATTR_IS_SET(attrs, code)) { 1337 if ((attrs->values[code].sha1string = 1338 (unsigned char *)BUF_memdup(sha1str, sha1str_size))) 1339 return 1; 1340 STOREerr(STORE_F_STORE_ATTR_INFO_SET_SHA1STR, ERR_R_MALLOC_FAILURE); 1341 return 0; 1342 } 1343 STOREerr(STORE_F_STORE_ATTR_INFO_SET_SHA1STR, 1344 STORE_R_ALREADY_HAS_A_VALUE); 1345 return 0; 1346} 1347 1348int STORE_ATTR_INFO_set_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code, 1349 X509_NAME *dn) 1350{ 1351 if (!attrs) { 1352 STOREerr(STORE_F_STORE_ATTR_INFO_SET_DN, ERR_R_PASSED_NULL_PARAMETER); 1353 return 0; 1354 } 1355 if (!ATTR_IS_SET(attrs, code)) { 1356 if ((attrs->values[code].dn = X509_NAME_dup(dn))) 1357 return 1; 1358 STOREerr(STORE_F_STORE_ATTR_INFO_SET_DN, ERR_R_MALLOC_FAILURE); 1359 return 0; 1360 } 1361 STOREerr(STORE_F_STORE_ATTR_INFO_SET_DN, STORE_R_ALREADY_HAS_A_VALUE); 1362 return 0; 1363} 1364 1365int STORE_ATTR_INFO_set_number(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code, 1366 BIGNUM *number) 1367{ 1368 if (!attrs) { 1369 STOREerr(STORE_F_STORE_ATTR_INFO_SET_NUMBER, 1370 ERR_R_PASSED_NULL_PARAMETER); 1371 return 0; 1372 } 1373 if (!ATTR_IS_SET(attrs, code)) { 1374 if ((attrs->values[code].number = BN_dup(number))) 1375 return 1; 1376 STOREerr(STORE_F_STORE_ATTR_INFO_SET_NUMBER, ERR_R_MALLOC_FAILURE); 1377 return 0; 1378 } 1379 STOREerr(STORE_F_STORE_ATTR_INFO_SET_NUMBER, STORE_R_ALREADY_HAS_A_VALUE); 1380 return 0; 1381} 1382 1383int STORE_ATTR_INFO_modify_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code, 1384 char *cstr, size_t cstr_size) 1385{ 1386 if (!attrs) { 1387 STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_CSTR, 1388 ERR_R_PASSED_NULL_PARAMETER); 1389 return 0; 1390 } 1391 if (ATTR_IS_SET(attrs, code)) { 1392 OPENSSL_free(attrs->values[code].cstring); 1393 attrs->values[code].cstring = NULL; 1394 CLEAR_ATTRBIT(attrs, code); 1395 } 1396 return STORE_ATTR_INFO_set_cstr(attrs, code, cstr, cstr_size); 1397} 1398 1399int STORE_ATTR_INFO_modify_sha1str(STORE_ATTR_INFO *attrs, 1400 STORE_ATTR_TYPES code, 1401 unsigned char *sha1str, 1402 size_t sha1str_size) 1403{ 1404 if (!attrs) { 1405 STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_SHA1STR, 1406 ERR_R_PASSED_NULL_PARAMETER); 1407 return 0; 1408 } 1409 if (ATTR_IS_SET(attrs, code)) { 1410 OPENSSL_free(attrs->values[code].sha1string); 1411 attrs->values[code].sha1string = NULL; 1412 CLEAR_ATTRBIT(attrs, code); 1413 } 1414 return STORE_ATTR_INFO_set_sha1str(attrs, code, sha1str, sha1str_size); 1415} 1416 1417int STORE_ATTR_INFO_modify_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code, 1418 X509_NAME *dn) 1419{ 1420 if (!attrs) { 1421 STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_DN, 1422 ERR_R_PASSED_NULL_PARAMETER); 1423 return 0; 1424 } 1425 if (ATTR_IS_SET(attrs, code)) { 1426 OPENSSL_free(attrs->values[code].dn); 1427 attrs->values[code].dn = NULL; 1428 CLEAR_ATTRBIT(attrs, code); 1429 } 1430 return STORE_ATTR_INFO_set_dn(attrs, code, dn); 1431} 1432 1433int STORE_ATTR_INFO_modify_number(STORE_ATTR_INFO *attrs, 1434 STORE_ATTR_TYPES code, BIGNUM *number) 1435{ 1436 if (!attrs) { 1437 STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_NUMBER, 1438 ERR_R_PASSED_NULL_PARAMETER); 1439 return 0; 1440 } 1441 if (ATTR_IS_SET(attrs, code)) { 1442 OPENSSL_free(attrs->values[code].number); 1443 attrs->values[code].number = NULL; 1444 CLEAR_ATTRBIT(attrs, code); 1445 } 1446 return STORE_ATTR_INFO_set_number(attrs, code, number); 1447} 1448 1449struct attr_list_ctx_st { 1450 OPENSSL_ITEM *attributes; 1451}; 1452void *STORE_parse_attrs_start(OPENSSL_ITEM *attributes) 1453{ 1454 if (attributes) { 1455 struct attr_list_ctx_st *context = (struct attr_list_ctx_st *) 1456 OPENSSL_malloc(sizeof(struct attr_list_ctx_st)); 1457 if (context) 1458 context->attributes = attributes; 1459 else 1460 STOREerr(STORE_F_STORE_PARSE_ATTRS_START, ERR_R_MALLOC_FAILURE); 1461 return context; 1462 } 1463 STOREerr(STORE_F_STORE_PARSE_ATTRS_START, ERR_R_PASSED_NULL_PARAMETER); 1464 return 0; 1465} 1466 1467STORE_ATTR_INFO *STORE_parse_attrs_next(void *handle) 1468{ 1469 struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)handle; 1470 1471 if (context && context->attributes) { 1472 STORE_ATTR_INFO *attrs = NULL; 1473 1474 while (context->attributes 1475 && context->attributes->code != STORE_ATTR_OR 1476 && context->attributes->code != STORE_ATTR_END) { 1477 switch (context->attributes->code) { 1478 case STORE_ATTR_FRIENDLYNAME: 1479 case STORE_ATTR_EMAIL: 1480 case STORE_ATTR_FILENAME: 1481 if (!attrs) 1482 attrs = STORE_ATTR_INFO_new(); 1483 if (attrs == NULL) { 1484 STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT, 1485 ERR_R_MALLOC_FAILURE); 1486 goto err; 1487 } 1488 STORE_ATTR_INFO_set_cstr(attrs, 1489 context->attributes->code, 1490 context->attributes->value, 1491 context->attributes->value_size); 1492 break; 1493 case STORE_ATTR_KEYID: 1494 case STORE_ATTR_ISSUERKEYID: 1495 case STORE_ATTR_SUBJECTKEYID: 1496 case STORE_ATTR_ISSUERSERIALHASH: 1497 case STORE_ATTR_CERTHASH: 1498 if (!attrs) 1499 attrs = STORE_ATTR_INFO_new(); 1500 if (attrs == NULL) { 1501 STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT, 1502 ERR_R_MALLOC_FAILURE); 1503 goto err; 1504 } 1505 STORE_ATTR_INFO_set_sha1str(attrs, 1506 context->attributes->code, 1507 context->attributes->value, 1508 context->attributes->value_size); 1509 break; 1510 case STORE_ATTR_ISSUER: 1511 case STORE_ATTR_SUBJECT: 1512 if (!attrs) 1513 attrs = STORE_ATTR_INFO_new(); 1514 if (attrs == NULL) { 1515 STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT, 1516 ERR_R_MALLOC_FAILURE); 1517 goto err; 1518 } 1519 STORE_ATTR_INFO_modify_dn(attrs, 1520 context->attributes->code, 1521 context->attributes->value); 1522 break; 1523 case STORE_ATTR_SERIAL: 1524 if (!attrs) 1525 attrs = STORE_ATTR_INFO_new(); 1526 if (attrs == NULL) { 1527 STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT, 1528 ERR_R_MALLOC_FAILURE); 1529 goto err; 1530 } 1531 STORE_ATTR_INFO_modify_number(attrs, 1532 context->attributes->code, 1533 context->attributes->value); 1534 break; 1535 } 1536 context->attributes++; 1537 } 1538 if (context->attributes->code == STORE_ATTR_OR) 1539 context->attributes++; 1540 return attrs; 1541 err: 1542 while (context->attributes 1543 && context->attributes->code != STORE_ATTR_OR 1544 && context->attributes->code != STORE_ATTR_END) 1545 context->attributes++; 1546 if (context->attributes->code == STORE_ATTR_OR) 1547 context->attributes++; 1548 return NULL; 1549 } 1550 STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT, ERR_R_PASSED_NULL_PARAMETER); 1551 return NULL; 1552} 1553 1554int STORE_parse_attrs_end(void *handle) 1555{ 1556 struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)handle; 1557 1558 if (context && context->attributes) { 1559#if 0 1560 OPENSSL_ITEM *attributes = context->attributes; 1561#endif 1562 OPENSSL_free(context); 1563 return 1; 1564 } 1565 STOREerr(STORE_F_STORE_PARSE_ATTRS_END, ERR_R_PASSED_NULL_PARAMETER); 1566 return 0; 1567} 1568 1569int STORE_parse_attrs_endp(void *handle) 1570{ 1571 struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)handle; 1572 1573 if (context && context->attributes) { 1574 return context->attributes->code == STORE_ATTR_END; 1575 } 1576 STOREerr(STORE_F_STORE_PARSE_ATTRS_ENDP, ERR_R_PASSED_NULL_PARAMETER); 1577 return 0; 1578} 1579 1580static int attr_info_compare_compute_range(const unsigned char *abits, 1581 const unsigned char *bbits, 1582 unsigned int *alowp, 1583 unsigned int *ahighp, 1584 unsigned int *blowp, 1585 unsigned int *bhighp) 1586{ 1587 unsigned int alow = (unsigned int)-1, ahigh = 0; 1588 unsigned int blow = (unsigned int)-1, bhigh = 0; 1589 int i, res = 0; 1590 1591 for (i = 0; i < (STORE_ATTR_TYPE_NUM + 8) / 8; i++, abits++, bbits++) { 1592 if (res == 0) { 1593 if (*abits < *bbits) 1594 res = -1; 1595 if (*abits > *bbits) 1596 res = 1; 1597 } 1598 if (*abits) { 1599 if (alow == (unsigned int)-1) { 1600 alow = i * 8; 1601 if (!(*abits & 0x01)) 1602 alow++; 1603 if (!(*abits & 0x02)) 1604 alow++; 1605 if (!(*abits & 0x04)) 1606 alow++; 1607 if (!(*abits & 0x08)) 1608 alow++; 1609 if (!(*abits & 0x10)) 1610 alow++; 1611 if (!(*abits & 0x20)) 1612 alow++; 1613 if (!(*abits & 0x40)) 1614 alow++; 1615 } 1616 ahigh = i * 8 + 7; 1617 if (!(*abits & 0x80)) 1618 ahigh++; 1619 if (!(*abits & 0x40)) 1620 ahigh++; 1621 if (!(*abits & 0x20)) 1622 ahigh++; 1623 if (!(*abits & 0x10)) 1624 ahigh++; 1625 if (!(*abits & 0x08)) 1626 ahigh++; 1627 if (!(*abits & 0x04)) 1628 ahigh++; 1629 if (!(*abits & 0x02)) 1630 ahigh++; 1631 } 1632 if (*bbits) { 1633 if (blow == (unsigned int)-1) { 1634 blow = i * 8; 1635 if (!(*bbits & 0x01)) 1636 blow++; 1637 if (!(*bbits & 0x02)) 1638 blow++; 1639 if (!(*bbits & 0x04)) 1640 blow++; 1641 if (!(*bbits & 0x08)) 1642 blow++; 1643 if (!(*bbits & 0x10)) 1644 blow++; 1645 if (!(*bbits & 0x20)) 1646 blow++; 1647 if (!(*bbits & 0x40)) 1648 blow++; 1649 } 1650 bhigh = i * 8 + 7; 1651 if (!(*bbits & 0x80)) 1652 bhigh++; 1653 if (!(*bbits & 0x40)) 1654 bhigh++; 1655 if (!(*bbits & 0x20)) 1656 bhigh++; 1657 if (!(*bbits & 0x10)) 1658 bhigh++; 1659 if (!(*bbits & 0x08)) 1660 bhigh++; 1661 if (!(*bbits & 0x04)) 1662 bhigh++; 1663 if (!(*bbits & 0x02)) 1664 bhigh++; 1665 } 1666 } 1667 if (ahigh + alow < bhigh + blow) 1668 res = -1; 1669 if (ahigh + alow > bhigh + blow) 1670 res = 1; 1671 if (alowp) 1672 *alowp = alow; 1673 if (ahighp) 1674 *ahighp = ahigh; 1675 if (blowp) 1676 *blowp = blow; 1677 if (bhighp) 1678 *bhighp = bhigh; 1679 return res; 1680} 1681 1682int STORE_ATTR_INFO_compare(const STORE_ATTR_INFO *const *a, 1683 const STORE_ATTR_INFO *const *b) 1684{ 1685 if (a == b) 1686 return 0; 1687 if (!a) 1688 return -1; 1689 if (!b) 1690 return 1; 1691 return attr_info_compare_compute_range((*a)->set, (*b)->set, 0, 0, 0, 0); 1692} 1693 1694int STORE_ATTR_INFO_in_range(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b) 1695{ 1696 unsigned int alow, ahigh, blow, bhigh; 1697 1698 if (a == b) 1699 return 1; 1700 if (!a) 1701 return 0; 1702 if (!b) 1703 return 0; 1704 attr_info_compare_compute_range(a->set, b->set, 1705 &alow, &ahigh, &blow, &bhigh); 1706 if (alow >= blow && ahigh <= bhigh) 1707 return 1; 1708 return 0; 1709} 1710 1711int STORE_ATTR_INFO_in(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b) 1712{ 1713 unsigned char *abits, *bbits; 1714 int i; 1715 1716 if (a == b) 1717 return 1; 1718 if (!a) 1719 return 0; 1720 if (!b) 1721 return 0; 1722 abits = a->set; 1723 bbits = b->set; 1724 for (i = 0; i < (STORE_ATTR_TYPE_NUM + 8) / 8; i++, abits++, bbits++) { 1725 if (*abits && (*bbits & *abits) != *abits) 1726 return 0; 1727 } 1728 return 1; 1729} 1730 1731int STORE_ATTR_INFO_in_ex(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b) 1732{ 1733 STORE_ATTR_TYPES i; 1734 1735 if (a == b) 1736 return 1; 1737 if (!STORE_ATTR_INFO_in(a, b)) 1738 return 0; 1739 for (i = 1; i < STORE_ATTR_TYPE_NUM; i++) 1740 if (ATTR_IS_SET(a, i)) { 1741 switch (i) { 1742 case STORE_ATTR_FRIENDLYNAME: 1743 case STORE_ATTR_EMAIL: 1744 case STORE_ATTR_FILENAME: 1745 if (strcmp(a->values[i].cstring, b->values[i].cstring)) 1746 return 0; 1747 break; 1748 case STORE_ATTR_KEYID: 1749 case STORE_ATTR_ISSUERKEYID: 1750 case STORE_ATTR_SUBJECTKEYID: 1751 case STORE_ATTR_ISSUERSERIALHASH: 1752 case STORE_ATTR_CERTHASH: 1753 if (memcmp(a->values[i].sha1string, 1754 b->values[i].sha1string, a->value_sizes[i])) 1755 return 0; 1756 break; 1757 case STORE_ATTR_ISSUER: 1758 case STORE_ATTR_SUBJECT: 1759 if (X509_NAME_cmp(a->values[i].dn, b->values[i].dn)) 1760 return 0; 1761 break; 1762 case STORE_ATTR_SERIAL: 1763 if (BN_cmp(a->values[i].number, b->values[i].number)) 1764 return 0; 1765 break; 1766 default: 1767 break; 1768 } 1769 } 1770 1771 return 1; 1772} 1773