742b139f54
Suggested by Götz Babin-Ebell <babin-ebell@trustcenter.de>.
1575 lines
37 KiB
C
1575 lines
37 KiB
C
/* crypto/store/str_lib.c -*- mode:C; c-file-style: "eay" -*- */
|
|
/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
|
|
* project 2003.
|
|
*/
|
|
/* ====================================================================
|
|
* Copyright (c) 2003 The OpenSSL Project. All rights reserved.
|
|
*
|
|
* Redistribution and use in source and binary forms, with or without
|
|
* modification, are permitted provided that the following conditions
|
|
* are met:
|
|
*
|
|
* 1. Redistributions of source code must retain the above copyright
|
|
* notice, this list of conditions and the following disclaimer.
|
|
*
|
|
* 2. Redistributions in binary form must reproduce the above copyright
|
|
* notice, this list of conditions and the following disclaimer in
|
|
* the documentation and/or other materials provided with the
|
|
* distribution.
|
|
*
|
|
* 3. All advertising materials mentioning features or use of this
|
|
* software must display the following acknowledgment:
|
|
* "This product includes software developed by the OpenSSL Project
|
|
* for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
|
|
*
|
|
* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
|
|
* endorse or promote products derived from this software without
|
|
* prior written permission. For written permission, please contact
|
|
* openssl-core@openssl.org.
|
|
*
|
|
* 5. Products derived from this software may not be called "OpenSSL"
|
|
* nor may "OpenSSL" appear in their names without prior written
|
|
* permission of the OpenSSL Project.
|
|
*
|
|
* 6. Redistributions of any form whatsoever must retain the following
|
|
* acknowledgment:
|
|
* "This product includes software developed by the OpenSSL Project
|
|
* for use in the OpenSSL Toolkit (http://www.openssl.org/)"
|
|
*
|
|
* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
|
|
* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
|
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
|
|
* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
|
|
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
|
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
* ====================================================================
|
|
*
|
|
* This product includes cryptographic software written by Eric Young
|
|
* (eay@cryptsoft.com). This product includes software written by Tim
|
|
* Hudson (tjh@cryptsoft.com).
|
|
*
|
|
*/
|
|
|
|
#include <string.h>
|
|
#include <openssl/bn.h>
|
|
#include <openssl/err.h>
|
|
#include <openssl/engine.h>
|
|
#include "str_locl.h"
|
|
|
|
const char * const STORE_object_type_string[STORE_OBJECT_TYPE_NUM+1] =
|
|
{
|
|
0,
|
|
"X.509 Certificate",
|
|
"X.509 CRL",
|
|
"Private Key",
|
|
"Public Key",
|
|
"Number"
|
|
};
|
|
|
|
const int STORE_param_sizes[STORE_PARAM_TYPE_NUM+1] =
|
|
{
|
|
0,
|
|
sizeof(int), /* EVP_TYPE */
|
|
sizeof(size_t), /* BITS */
|
|
-1, /* KEY_PARAMETERS */
|
|
0 /* KEY_NO_PARAMETERS */
|
|
};
|
|
|
|
const int STORE_attr_sizes[STORE_ATTR_TYPE_NUM+1] =
|
|
{
|
|
0,
|
|
-1, /* FRIENDLYNAME: C string */
|
|
SHA_DIGEST_LENGTH, /* KEYID: SHA1 digest, 160 bits */
|
|
SHA_DIGEST_LENGTH, /* ISSUERKEYID: SHA1 digest, 160 bits */
|
|
SHA_DIGEST_LENGTH, /* SUBJECTKEYID: SHA1 digest, 160 bits */
|
|
SHA_DIGEST_LENGTH, /* ISSUERSERIALHASH: SHA1 digest, 160 bits */
|
|
sizeof(X509_NAME *), /* ISSUER: X509_NAME * */
|
|
sizeof(BIGNUM *), /* SERIAL: BIGNUM * */
|
|
sizeof(X509_NAME *), /* SUBJECT: X509_NAME * */
|
|
SHA_DIGEST_LENGTH, /* CERTHASH: SHA1 digest, 160 bits */
|
|
-1, /* EMAIL: C string */
|
|
-1, /* FILENAME: C string */
|
|
};
|
|
|
|
STORE *STORE_new_method(const STORE_METHOD *method)
|
|
{
|
|
STORE *ret;
|
|
|
|
ret=(STORE *)OPENSSL_malloc(sizeof(STORE));
|
|
if (ret == NULL)
|
|
{
|
|
STOREerr(STORE_F_STORE_NEW_METHOD,ERR_R_MALLOC_FAILURE);
|
|
return NULL;
|
|
}
|
|
if (method == NULL)
|
|
{
|
|
STOREerr(STORE_F_STORE_NEW_METHOD,ERR_R_PASSED_NULL_PARAMETER);
|
|
return NULL;
|
|
}
|
|
else
|
|
ret->meth=method;
|
|
|
|
CRYPTO_new_ex_data(CRYPTO_EX_INDEX_STORE, ret, &ret->ex_data);
|
|
if (ret->meth->init && !ret->meth->init(ret))
|
|
{
|
|
STORE_free(ret);
|
|
ret = NULL;
|
|
}
|
|
return ret;
|
|
}
|
|
|
|
STORE *STORE_new_engine(ENGINE *engine)
|
|
{
|
|
STORE *ret = NULL;
|
|
ENGINE *e = engine;
|
|
const STORE_METHOD *meth = 0;
|
|
|
|
#ifdef OPENSSL_NO_ENGINE
|
|
e = NULL;
|
|
#else
|
|
if (engine)
|
|
{
|
|
if (!ENGINE_init(engine))
|
|
{
|
|
STOREerr(STORE_F_STORE_NEW_ENGINE, ERR_R_ENGINE_LIB);
|
|
return NULL;
|
|
}
|
|
e = engine;
|
|
}
|
|
else
|
|
{
|
|
STOREerr(STORE_F_STORE_NEW_ENGINE,ERR_R_PASSED_NULL_PARAMETER);
|
|
return NULL;
|
|
}
|
|
if(e)
|
|
{
|
|
meth = ENGINE_get_STORE(e);
|
|
if(!meth)
|
|
{
|
|
STOREerr(STORE_F_STORE_NEW_ENGINE,
|
|
ERR_R_ENGINE_LIB);
|
|
ENGINE_finish(e);
|
|
return NULL;
|
|
}
|
|
}
|
|
#endif
|
|
|
|
ret = STORE_new_method(meth);
|
|
if (ret == NULL)
|
|
{
|
|
STOREerr(STORE_F_STORE_NEW_ENGINE,ERR_R_STORE_LIB);
|
|
return NULL;
|
|
}
|
|
|
|
ret->engine = e;
|
|
|
|
return(ret);
|
|
}
|
|
|
|
void STORE_free(STORE *store)
|
|
{
|
|
if (store == NULL)
|
|
return;
|
|
if (store->meth->clean)
|
|
store->meth->clean(store);
|
|
CRYPTO_free_ex_data(CRYPTO_EX_INDEX_STORE, store, &store->ex_data);
|
|
OPENSSL_free(store);
|
|
}
|
|
|
|
|
|
int STORE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
|
|
CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
|
|
{
|
|
return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_STORE, argl, argp,
|
|
new_func, dup_func, free_func);
|
|
}
|
|
|
|
int STORE_set_ex_data(STORE *r, int idx, void *arg)
|
|
{
|
|
return(CRYPTO_set_ex_data(&r->ex_data,idx,arg));
|
|
}
|
|
|
|
void *STORE_get_ex_data(STORE *r, int idx)
|
|
{
|
|
return(CRYPTO_get_ex_data(&r->ex_data,idx));
|
|
}
|
|
|
|
const STORE_METHOD *STORE_get_method(STORE *store)
|
|
{
|
|
return store->meth;
|
|
}
|
|
|
|
const STORE_METHOD *STORE_set_method(STORE *store, const STORE_METHOD *meth)
|
|
{
|
|
store->meth=meth;
|
|
return store->meth;
|
|
}
|
|
|
|
|
|
/* API helpers */
|
|
|
|
#define check_store(s,fncode,fnname,fnerrcode) \
|
|
do \
|
|
{ \
|
|
if ((s) == NULL || (s)->meth) \
|
|
{ \
|
|
STOREerr((fncode), ERR_R_PASSED_NULL_PARAMETER); \
|
|
return 0; \
|
|
} \
|
|
if ((s)->meth->fnname == NULL) \
|
|
{ \
|
|
STOREerr((fncode), (fnerrcode)); \
|
|
return 0; \
|
|
} \
|
|
} \
|
|
while(0)
|
|
|
|
/* API functions */
|
|
|
|
X509 *STORE_get_certificate(STORE *s, OPENSSL_ITEM attributes[])
|
|
{
|
|
STORE_OBJECT *object;
|
|
X509 *x;
|
|
|
|
check_store(s,STORE_F_STORE_GET_CERTIFICATE,
|
|
get_object,STORE_R_NO_GET_OBJECT_FUNCTION);
|
|
|
|
object = s->meth->get_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE, attributes);
|
|
if (!object || !object->data.x509.certificate)
|
|
{
|
|
STOREerr(STORE_F_STORE_GET_CERTIFICATE,
|
|
STORE_R_FAILED_GETTING_CERTIFICATE);
|
|
return 0;
|
|
}
|
|
CRYPTO_add(&object->data.x509.certificate->references,1,CRYPTO_LOCK_X509);
|
|
#ifdef REF_PRINT
|
|
REF_PRINT("X509",data);
|
|
#endif
|
|
x = object->data.x509.certificate;
|
|
STORE_OBJECT_free(object);
|
|
return x;
|
|
}
|
|
|
|
int store_certificate(STORE *s, X509 *data, OPENSSL_ITEM attributes[])
|
|
{
|
|
STORE_OBJECT *object = STORE_OBJECT_new();
|
|
int i;
|
|
|
|
check_store(s,STORE_F_STORE_CERTIFICATE,
|
|
store_object,STORE_R_NO_STORE_OBJECT_FUNCTION);
|
|
|
|
if (!object)
|
|
{
|
|
STOREerr(STORE_F_STORE_CERTIFICATE,
|
|
ERR_R_MALLOC_FAILURE);
|
|
return 0;
|
|
}
|
|
|
|
CRYPTO_add(&data->references,1,CRYPTO_LOCK_X509);
|
|
#ifdef REF_PRINT
|
|
REF_PRINT("X509",data);
|
|
#endif
|
|
object->data.x509.certificate = data;
|
|
|
|
i = s->meth->store_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE, object, attributes);
|
|
|
|
STORE_OBJECT_free(object);
|
|
|
|
if (!i)
|
|
{
|
|
STOREerr(STORE_F_STORE_CERTIFICATE,
|
|
STORE_R_FAILED_STORING_CERTIFICATE);
|
|
return 0;
|
|
}
|
|
return 1;
|
|
}
|
|
|
|
int STORE_revoke_certificate(STORE *s, OPENSSL_ITEM attributes[])
|
|
{
|
|
check_store(s,STORE_F_STORE_REVOKE_CERTIFICATE,
|
|
revoke_object,STORE_R_NO_REVOKE_OBJECT_FUNCTION);
|
|
|
|
if (!s->meth->revoke_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE, attributes))
|
|
{
|
|
STOREerr(STORE_F_STORE_REVOKE_CERTIFICATE,
|
|
STORE_R_FAILED_REVOKING_CERTIFICATE);
|
|
return 0;
|
|
}
|
|
return 1;
|
|
}
|
|
|
|
int STORE_delete_certificate(STORE *s, OPENSSL_ITEM attributes[])
|
|
{
|
|
check_store(s,STORE_F_STORE_DELETE_CERTIFICATE,
|
|
delete_object,STORE_R_NO_DELETE_OBJECT_FUNCTION);
|
|
|
|
if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE, attributes))
|
|
{
|
|
STOREerr(STORE_F_STORE_DELETE_CERTIFICATE,
|
|
STORE_R_FAILED_DELETING_CERTIFICATE);
|
|
return 0;
|
|
}
|
|
return 1;
|
|
}
|
|
|
|
void *STORE_list_certificate_start(STORE *s, OPENSSL_ITEM attributes[])
|
|
{
|
|
void *handle;
|
|
|
|
check_store(s,STORE_F_STORE_LIST_CERTIFICATE_START,
|
|
list_object_start,STORE_R_NO_LIST_OBJECT_START_FUNCTION);
|
|
|
|
handle = s->meth->list_object_start(s, STORE_OBJECT_TYPE_X509_CERTIFICATE, attributes);
|
|
if (!handle)
|
|
{
|
|
STOREerr(STORE_F_STORE_LIST_CERTIFICATE_START,
|
|
STORE_R_FAILED_LISTING_CERTIFICATES);
|
|
return 0;
|
|
}
|
|
return handle;
|
|
}
|
|
|
|
X509 *STORE_list_certificate_next(STORE *s, void *handle)
|
|
{
|
|
STORE_OBJECT *object;
|
|
X509 *x;
|
|
|
|
check_store(s,STORE_F_STORE_LIST_CERTIFICATE_NEXT,
|
|
list_object_next,STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
|
|
|
|
object = s->meth->list_object_next(s, handle);
|
|
if (!object || !object->data.x509.certificate)
|
|
{
|
|
STOREerr(STORE_F_STORE_LIST_CERTIFICATE_NEXT,
|
|
STORE_R_FAILED_LISTING_CERTIFICATES);
|
|
return 0;
|
|
}
|
|
CRYPTO_add(&object->data.x509.certificate->references,1,CRYPTO_LOCK_X509);
|
|
#ifdef REF_PRINT
|
|
REF_PRINT("X509",data);
|
|
#endif
|
|
x = object->data.x509.certificate;
|
|
STORE_OBJECT_free(object);
|
|
return x;
|
|
}
|
|
|
|
int STORE_list_certificate_end(STORE *s, void *handle)
|
|
{
|
|
check_store(s,STORE_F_STORE_LIST_CERTIFICATE_END,
|
|
list_object_end,STORE_R_NO_LIST_OBJECT_END_FUNCTION);
|
|
|
|
if (!s->meth->list_object_end(s, handle))
|
|
{
|
|
STOREerr(STORE_F_STORE_LIST_CERTIFICATE_END,
|
|
STORE_R_FAILED_LISTING_CERTIFICATES);
|
|
return 0;
|
|
}
|
|
return 1;
|
|
}
|
|
|
|
int STORE_list_certificate_endp(STORE *s, void *handle)
|
|
{
|
|
check_store(s,STORE_F_STORE_LIST_CERTIFICATE_ENDP,
|
|
list_object_endp,STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
|
|
|
|
if (!s->meth->list_object_endp(s, handle))
|
|
{
|
|
STOREerr(STORE_F_STORE_LIST_CERTIFICATE_ENDP,
|
|
STORE_R_FAILED_LISTING_CERTIFICATES);
|
|
return 0;
|
|
}
|
|
return 1;
|
|
}
|
|
|
|
EVP_PKEY *STORE_generate_key(STORE *s,
|
|
int evp_type, size_t bits, OPENSSL_ITEM attributes[])
|
|
{
|
|
STORE_OBJECT *object;
|
|
EVP_PKEY *pkey;
|
|
OPENSSL_ITEM params[3];
|
|
|
|
params[0].code = STORE_PARAM_EVP_TYPE;
|
|
params[0].value = &evp_type;
|
|
params[0].value_size = sizeof(evp_type);
|
|
params[1].code = STORE_PARAM_BITS;
|
|
params[1].value = &bits;
|
|
params[1].value_size = sizeof(bits);
|
|
params[2].code = 0;
|
|
|
|
check_store(s,STORE_F_STORE_GENERATE_KEY,
|
|
generate_object,STORE_R_NO_GENERATE_OBJECT_FUNCTION);
|
|
|
|
object = s->meth->generate_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
|
|
params, attributes);
|
|
if (!object || !object->data.key)
|
|
{
|
|
STOREerr(STORE_F_STORE_GENERATE_KEY,
|
|
STORE_R_FAILED_GENERATING_KEY);
|
|
return 0;
|
|
}
|
|
CRYPTO_add(&object->data.key->references,1,CRYPTO_LOCK_EVP_PKEY);
|
|
#ifdef REF_PRINT
|
|
REF_PRINT("EVP_PKEY",data);
|
|
#endif
|
|
pkey = object->data.key;
|
|
STORE_OBJECT_free(object);
|
|
return pkey;
|
|
}
|
|
|
|
EVP_PKEY *STORE_get_private_key(STORE *s, OPENSSL_ITEM attributes[])
|
|
{
|
|
STORE_OBJECT *object;
|
|
EVP_PKEY *pkey;
|
|
|
|
check_store(s,STORE_F_STORE_GET_PRIVATE_KEY,
|
|
get_object,STORE_R_NO_GET_OBJECT_FUNCTION);
|
|
|
|
object = s->meth->get_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY, attributes);
|
|
if (!object || !object->data.key || !object->data.key)
|
|
{
|
|
STOREerr(STORE_F_STORE_GET_PRIVATE_KEY,
|
|
STORE_R_FAILED_GETTING_KEY);
|
|
return 0;
|
|
}
|
|
CRYPTO_add(&object->data.key->references,1,CRYPTO_LOCK_EVP_PKEY);
|
|
#ifdef REF_PRINT
|
|
REF_PRINT("EVP_PKEY",data);
|
|
#endif
|
|
pkey = object->data.key;
|
|
STORE_OBJECT_free(object);
|
|
return pkey;
|
|
}
|
|
|
|
int store_private_key(STORE *s, EVP_PKEY *data, OPENSSL_ITEM attributes[])
|
|
{
|
|
STORE_OBJECT *object = STORE_OBJECT_new();
|
|
int i;
|
|
|
|
check_store(s,STORE_F_STORE_PRIVATE_KEY,
|
|
store_object,STORE_R_NO_STORE_OBJECT_FUNCTION);
|
|
|
|
if (!object)
|
|
{
|
|
STOREerr(STORE_F_STORE_PRIVATE_KEY,
|
|
ERR_R_MALLOC_FAILURE);
|
|
return 0;
|
|
}
|
|
object->data.key = EVP_PKEY_new();
|
|
if (!object->data.key)
|
|
{
|
|
STOREerr(STORE_F_STORE_PRIVATE_KEY,
|
|
ERR_R_MALLOC_FAILURE);
|
|
return 0;
|
|
}
|
|
|
|
CRYPTO_add(&data->references,1,CRYPTO_LOCK_EVP_PKEY);
|
|
#ifdef REF_PRINT
|
|
REF_PRINT("EVP_PKEY",data);
|
|
#endif
|
|
object->data.key = data;
|
|
|
|
i = s->meth->store_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY, object, attributes);
|
|
|
|
STORE_OBJECT_free(object);
|
|
|
|
if (!i)
|
|
{
|
|
STOREerr(STORE_F_STORE_PRIVATE_KEY,
|
|
STORE_R_FAILED_STORING_KEY);
|
|
return 0;
|
|
}
|
|
return i;
|
|
}
|
|
|
|
int STORE_revoke_private_key(STORE *s, OPENSSL_ITEM attributes[])
|
|
{
|
|
int i;
|
|
|
|
check_store(s,STORE_F_STORE_REVOKE_PRIVATE_KEY,
|
|
revoke_object,STORE_R_NO_REVOKE_OBJECT_FUNCTION);
|
|
|
|
i = s->meth->revoke_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY, attributes);
|
|
|
|
if (!i)
|
|
{
|
|
STOREerr(STORE_F_STORE_REVOKE_PRIVATE_KEY,
|
|
STORE_R_FAILED_REVOKING_KEY);
|
|
return 0;
|
|
}
|
|
return i;
|
|
}
|
|
|
|
int STORE_delete_private_key(STORE *s, OPENSSL_ITEM attributes[])
|
|
{
|
|
check_store(s,STORE_F_STORE_DELETE_PRIVATE_KEY,
|
|
delete_object,STORE_R_NO_DELETE_OBJECT_FUNCTION);
|
|
|
|
if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY, attributes))
|
|
{
|
|
STOREerr(STORE_F_STORE_DELETE_PRIVATE_KEY,
|
|
STORE_R_FAILED_DELETING_KEY);
|
|
return 0;
|
|
}
|
|
return 1;
|
|
}
|
|
|
|
void *STORE_list_private_key_start(STORE *s, OPENSSL_ITEM attributes[])
|
|
{
|
|
void *handle;
|
|
|
|
check_store(s,STORE_F_STORE_LIST_PRIVATE_KEY_START,
|
|
list_object_start,STORE_R_NO_LIST_OBJECT_START_FUNCTION);
|
|
|
|
handle = s->meth->list_object_start(s, STORE_OBJECT_TYPE_PRIVATE_KEY, attributes);
|
|
if (!handle)
|
|
{
|
|
STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_START,
|
|
STORE_R_FAILED_LISTING_KEYS);
|
|
return 0;
|
|
}
|
|
return handle;
|
|
}
|
|
|
|
EVP_PKEY *STORE_list_private_key_next(STORE *s, void *handle)
|
|
{
|
|
STORE_OBJECT *object;
|
|
EVP_PKEY *pkey;
|
|
|
|
check_store(s,STORE_F_STORE_LIST_PRIVATE_KEY_NEXT,
|
|
list_object_next,STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
|
|
|
|
object = s->meth->list_object_next(s, handle);
|
|
if (!object || !object->data.key || !object->data.key)
|
|
{
|
|
STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_NEXT,
|
|
STORE_R_FAILED_LISTING_KEYS);
|
|
return 0;
|
|
}
|
|
CRYPTO_add(&object->data.key->references,1,CRYPTO_LOCK_EVP_PKEY);
|
|
#ifdef REF_PRINT
|
|
REF_PRINT("EVP_PKEY",data);
|
|
#endif
|
|
pkey = object->data.key;
|
|
STORE_OBJECT_free(object);
|
|
return pkey;
|
|
}
|
|
|
|
int STORE_list_private_key_end(STORE *s, void *handle)
|
|
{
|
|
check_store(s,STORE_F_STORE_LIST_PRIVATE_KEY_END,
|
|
list_object_end,STORE_R_NO_LIST_OBJECT_END_FUNCTION);
|
|
|
|
if (!s->meth->list_object_end(s, handle))
|
|
{
|
|
STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_END,
|
|
STORE_R_FAILED_LISTING_KEYS);
|
|
return 0;
|
|
}
|
|
return 1;
|
|
}
|
|
|
|
int STORE_list_private_key_endp(STORE *s, void *handle)
|
|
{
|
|
check_store(s,STORE_F_STORE_LIST_PRIVATE_KEY_ENDP,
|
|
list_object_endp,STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
|
|
|
|
if (!s->meth->list_object_endp(s, handle))
|
|
{
|
|
STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_ENDP,
|
|
STORE_R_FAILED_LISTING_KEYS);
|
|
return 0;
|
|
}
|
|
return 1;
|
|
}
|
|
|
|
EVP_PKEY *STORE_get_public_key(STORE *s, OPENSSL_ITEM attributes[])
|
|
{
|
|
STORE_OBJECT *object;
|
|
EVP_PKEY *pkey;
|
|
|
|
check_store(s,STORE_F_STORE_GET_PUBLIC_KEY,
|
|
get_object,STORE_R_NO_GET_OBJECT_FUNCTION);
|
|
|
|
object = s->meth->get_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY, attributes);
|
|
if (!object || !object->data.key || !object->data.key)
|
|
{
|
|
STOREerr(STORE_F_STORE_GET_PUBLIC_KEY,
|
|
STORE_R_FAILED_GETTING_KEY);
|
|
return 0;
|
|
}
|
|
CRYPTO_add(&object->data.key->references,1,CRYPTO_LOCK_EVP_PKEY);
|
|
#ifdef REF_PRINT
|
|
REF_PRINT("EVP_PKEY",data);
|
|
#endif
|
|
pkey = object->data.key;
|
|
STORE_OBJECT_free(object);
|
|
return pkey;
|
|
}
|
|
|
|
int store_public_key(STORE *s, EVP_PKEY *data, OPENSSL_ITEM attributes[])
|
|
{
|
|
STORE_OBJECT *object = STORE_OBJECT_new();
|
|
int i;
|
|
|
|
check_store(s,STORE_F_STORE_PUBLIC_KEY,
|
|
store_object,STORE_R_NO_STORE_OBJECT_FUNCTION);
|
|
|
|
if (!object)
|
|
{
|
|
STOREerr(STORE_F_STORE_PUBLIC_KEY,
|
|
ERR_R_MALLOC_FAILURE);
|
|
return 0;
|
|
}
|
|
object->data.key = EVP_PKEY_new();
|
|
if (!object->data.key)
|
|
{
|
|
STOREerr(STORE_F_STORE_PUBLIC_KEY,
|
|
ERR_R_MALLOC_FAILURE);
|
|
return 0;
|
|
}
|
|
|
|
CRYPTO_add(&data->references,1,CRYPTO_LOCK_EVP_PKEY);
|
|
#ifdef REF_PRINT
|
|
REF_PRINT("EVP_PKEY",data);
|
|
#endif
|
|
object->data.key = data;
|
|
|
|
i = s->meth->store_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY, object, attributes);
|
|
|
|
STORE_OBJECT_free(object);
|
|
|
|
if (!i)
|
|
{
|
|
STOREerr(STORE_F_STORE_PUBLIC_KEY,
|
|
STORE_R_FAILED_STORING_KEY);
|
|
return 0;
|
|
}
|
|
return i;
|
|
}
|
|
|
|
int STORE_revoke_public_key(STORE *s, OPENSSL_ITEM attributes[])
|
|
{
|
|
int i;
|
|
|
|
check_store(s,STORE_F_STORE_REVOKE_PUBLIC_KEY,
|
|
revoke_object,STORE_R_NO_REVOKE_OBJECT_FUNCTION);
|
|
|
|
i = s->meth->revoke_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY, attributes);
|
|
|
|
if (!i)
|
|
{
|
|
STOREerr(STORE_F_STORE_REVOKE_PUBLIC_KEY,
|
|
STORE_R_FAILED_REVOKING_KEY);
|
|
return 0;
|
|
}
|
|
return i;
|
|
}
|
|
|
|
int STORE_delete_public_key(STORE *s, OPENSSL_ITEM attributes[])
|
|
{
|
|
check_store(s,STORE_F_STORE_DELETE_PUBLIC_KEY,
|
|
delete_object,STORE_R_NO_DELETE_OBJECT_FUNCTION);
|
|
|
|
if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY, attributes))
|
|
{
|
|
STOREerr(STORE_F_STORE_DELETE_PUBLIC_KEY,
|
|
STORE_R_FAILED_DELETING_KEY);
|
|
return 0;
|
|
}
|
|
return 1;
|
|
}
|
|
|
|
void *STORE_list_public_key_start(STORE *s, OPENSSL_ITEM attributes[])
|
|
{
|
|
void *handle;
|
|
|
|
check_store(s,STORE_F_STORE_LIST_PUBLIC_KEY_START,
|
|
list_object_start,STORE_R_NO_LIST_OBJECT_START_FUNCTION);
|
|
|
|
handle = s->meth->list_object_start(s, STORE_OBJECT_TYPE_PUBLIC_KEY, attributes);
|
|
if (!handle)
|
|
{
|
|
STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_START,
|
|
STORE_R_FAILED_LISTING_KEYS);
|
|
return 0;
|
|
}
|
|
return handle;
|
|
}
|
|
|
|
EVP_PKEY *STORE_list_public_key_next(STORE *s, void *handle)
|
|
{
|
|
STORE_OBJECT *object;
|
|
EVP_PKEY *pkey;
|
|
|
|
check_store(s,STORE_F_STORE_LIST_PUBLIC_KEY_NEXT,
|
|
list_object_next,STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
|
|
|
|
object = s->meth->list_object_next(s, handle);
|
|
if (!object || !object->data.key || !object->data.key)
|
|
{
|
|
STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_NEXT,
|
|
STORE_R_FAILED_LISTING_KEYS);
|
|
return 0;
|
|
}
|
|
CRYPTO_add(&object->data.key->references,1,CRYPTO_LOCK_EVP_PKEY);
|
|
#ifdef REF_PRINT
|
|
REF_PRINT("EVP_PKEY",data);
|
|
#endif
|
|
pkey = object->data.key;
|
|
STORE_OBJECT_free(object);
|
|
return pkey;
|
|
}
|
|
|
|
int STORE_list_public_key_end(STORE *s, void *handle)
|
|
{
|
|
check_store(s,STORE_F_STORE_LIST_PUBLIC_KEY_END,
|
|
list_object_end,STORE_R_NO_LIST_OBJECT_END_FUNCTION);
|
|
|
|
if (!s->meth->list_object_end(s, handle))
|
|
{
|
|
STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_END,
|
|
STORE_R_FAILED_LISTING_KEYS);
|
|
return 0;
|
|
}
|
|
return 1;
|
|
}
|
|
|
|
int STORE_list_public_key_endp(STORE *s, void *handle)
|
|
{
|
|
check_store(s,STORE_F_STORE_LIST_PUBLIC_KEY_ENDP,
|
|
list_object_endp,STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
|
|
|
|
if (!s->meth->list_object_endp(s, handle))
|
|
{
|
|
STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_ENDP,
|
|
STORE_R_FAILED_LISTING_KEYS);
|
|
return 0;
|
|
}
|
|
return 1;
|
|
}
|
|
|
|
X509_CRL *STORE_generate_crl(STORE *s, OPENSSL_ITEM attributes[])
|
|
{
|
|
STORE_OBJECT *object;
|
|
X509_CRL *crl;
|
|
|
|
check_store(s,STORE_F_STORE_GENERATE_CRL,
|
|
generate_object,STORE_R_NO_GENERATE_CRL_FUNCTION);
|
|
|
|
object = s->meth->generate_object(s, STORE_OBJECT_TYPE_X509_CRL, 0, attributes);
|
|
if (!object || !object->data.crl)
|
|
{
|
|
STOREerr(STORE_F_STORE_GENERATE_CRL,
|
|
STORE_R_FAILED_GENERATING_CRL);
|
|
return 0;
|
|
}
|
|
CRYPTO_add(&object->data.crl->references,1,CRYPTO_LOCK_X509_CRL);
|
|
#ifdef REF_PRINT
|
|
REF_PRINT("X509_CRL",data);
|
|
#endif
|
|
crl = object->data.crl;
|
|
STORE_OBJECT_free(object);
|
|
return crl;
|
|
}
|
|
|
|
X509_CRL *STORE_get_crl(STORE *s, OPENSSL_ITEM attributes[])
|
|
{
|
|
STORE_OBJECT *object;
|
|
X509_CRL *crl;
|
|
|
|
check_store(s,STORE_F_STORE_GET_CRL,
|
|
get_object,STORE_R_NO_GET_OBJECT_FUNCTION);
|
|
|
|
object = s->meth->get_object(s, STORE_OBJECT_TYPE_X509_CRL, attributes);
|
|
if (!object || !object->data.crl)
|
|
{
|
|
STOREerr(STORE_F_STORE_GET_CRL,
|
|
STORE_R_FAILED_GETTING_KEY);
|
|
return 0;
|
|
}
|
|
CRYPTO_add(&object->data.crl->references,1,CRYPTO_LOCK_X509_CRL);
|
|
#ifdef REF_PRINT
|
|
REF_PRINT("X509_CRL",data);
|
|
#endif
|
|
crl = object->data.crl;
|
|
STORE_OBJECT_free(object);
|
|
return crl;
|
|
}
|
|
|
|
int store_crl(STORE *s, X509_CRL *data, OPENSSL_ITEM attributes[])
|
|
{
|
|
STORE_OBJECT *object = STORE_OBJECT_new();
|
|
int i;
|
|
|
|
check_store(s,STORE_F_STORE_CRL,
|
|
store_object,STORE_R_NO_STORE_OBJECT_FUNCTION);
|
|
|
|
if (!object)
|
|
{
|
|
STOREerr(STORE_F_STORE_CRL,
|
|
ERR_R_MALLOC_FAILURE);
|
|
return 0;
|
|
}
|
|
|
|
CRYPTO_add(&data->references,1,CRYPTO_LOCK_X509_CRL);
|
|
#ifdef REF_PRINT
|
|
REF_PRINT("X509_CRL",data);
|
|
#endif
|
|
object->data.crl = data;
|
|
|
|
i = s->meth->store_object(s, STORE_OBJECT_TYPE_X509_CRL, object, attributes);
|
|
|
|
STORE_OBJECT_free(object);
|
|
|
|
if (!i)
|
|
{
|
|
STOREerr(STORE_F_STORE_CRL,
|
|
STORE_R_FAILED_STORING_KEY);
|
|
return 0;
|
|
}
|
|
return i;
|
|
}
|
|
|
|
int STORE_delete_crl(STORE *s, OPENSSL_ITEM attributes[])
|
|
{
|
|
check_store(s,STORE_F_STORE_DELETE_CRL,
|
|
delete_object,STORE_R_NO_DELETE_OBJECT_FUNCTION);
|
|
|
|
if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_X509_CRL, attributes))
|
|
{
|
|
STOREerr(STORE_F_STORE_DELETE_CRL,
|
|
STORE_R_FAILED_DELETING_KEY);
|
|
return 0;
|
|
}
|
|
return 1;
|
|
}
|
|
|
|
void *STORE_list_crl_start(STORE *s, OPENSSL_ITEM attributes[])
|
|
{
|
|
void *handle;
|
|
|
|
check_store(s,STORE_F_STORE_LIST_CRL_START,
|
|
list_object_start,STORE_R_NO_LIST_OBJECT_START_FUNCTION);
|
|
|
|
handle = s->meth->list_object_start(s, STORE_OBJECT_TYPE_X509_CRL, attributes);
|
|
if (!handle)
|
|
{
|
|
STOREerr(STORE_F_STORE_LIST_CRL_START,
|
|
STORE_R_FAILED_LISTING_KEYS);
|
|
return 0;
|
|
}
|
|
return handle;
|
|
}
|
|
|
|
X509_CRL *STORE_list_crl_next(STORE *s, void *handle)
|
|
{
|
|
STORE_OBJECT *object;
|
|
X509_CRL *crl;
|
|
|
|
check_store(s,STORE_F_STORE_LIST_CRL_NEXT,
|
|
list_object_next,STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
|
|
|
|
object = s->meth->list_object_next(s, handle);
|
|
if (!object || !object->data.crl)
|
|
{
|
|
STOREerr(STORE_F_STORE_LIST_CRL_NEXT,
|
|
STORE_R_FAILED_LISTING_KEYS);
|
|
return 0;
|
|
}
|
|
CRYPTO_add(&object->data.crl->references,1,CRYPTO_LOCK_X509_CRL);
|
|
#ifdef REF_PRINT
|
|
REF_PRINT("X509_CRL",data);
|
|
#endif
|
|
crl = object->data.crl;
|
|
STORE_OBJECT_free(object);
|
|
return crl;
|
|
}
|
|
|
|
int STORE_list_crl_end(STORE *s, void *handle)
|
|
{
|
|
check_store(s,STORE_F_STORE_LIST_CRL_END,
|
|
list_object_end,STORE_R_NO_LIST_OBJECT_END_FUNCTION);
|
|
|
|
if (!s->meth->list_object_end(s, handle))
|
|
{
|
|
STOREerr(STORE_F_STORE_LIST_CRL_END,
|
|
STORE_R_FAILED_LISTING_KEYS);
|
|
return 0;
|
|
}
|
|
return 1;
|
|
}
|
|
|
|
int STORE_list_crl_endp(STORE *s, void *handle)
|
|
{
|
|
check_store(s,STORE_F_STORE_LIST_CRL_ENDP,
|
|
list_object_endp,STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
|
|
|
|
if (!s->meth->list_object_endp(s, handle))
|
|
{
|
|
STOREerr(STORE_F_STORE_LIST_CRL_ENDP,
|
|
STORE_R_FAILED_LISTING_KEYS);
|
|
return 0;
|
|
}
|
|
return 1;
|
|
}
|
|
|
|
int store_number(STORE *s, BIGNUM *data, OPENSSL_ITEM attributes[])
|
|
{
|
|
STORE_OBJECT *object = STORE_OBJECT_new();
|
|
int i;
|
|
|
|
check_store(s,STORE_F_STORE_NUMBER,
|
|
store_object,STORE_R_NO_STORE_OBJECT_NUMBER_FUNCTION);
|
|
|
|
if (!object)
|
|
{
|
|
STOREerr(STORE_F_STORE_NUMBER,
|
|
ERR_R_MALLOC_FAILURE);
|
|
return 0;
|
|
}
|
|
|
|
object->data.number = data;
|
|
|
|
i = s->meth->store_object(s, STORE_OBJECT_TYPE_NUMBER, object, attributes);
|
|
|
|
STORE_OBJECT_free(object);
|
|
|
|
if (!i)
|
|
{
|
|
STOREerr(STORE_F_STORE_NUMBER,
|
|
STORE_R_FAILED_STORING_NUMBER);
|
|
return 0;
|
|
}
|
|
return 1;
|
|
}
|
|
|
|
BIGNUM *STORE_get_number(STORE *s, OPENSSL_ITEM attributes[])
|
|
{
|
|
STORE_OBJECT *object;
|
|
BIGNUM *n;
|
|
|
|
check_store(s,STORE_F_STORE_GET_NUMBER,
|
|
get_object,STORE_R_NO_GET_OBJECT_NUMBER_FUNCTION);
|
|
|
|
object = s->meth->get_object(s, STORE_OBJECT_TYPE_NUMBER, attributes);
|
|
if (!object || !object->data.number)
|
|
{
|
|
STOREerr(STORE_F_STORE_GET_NUMBER,
|
|
STORE_R_FAILED_GETTING_NUMBER);
|
|
return 0;
|
|
}
|
|
n = object->data.number;
|
|
object->data.number = NULL;
|
|
STORE_OBJECT_free(object);
|
|
return n;
|
|
}
|
|
|
|
int STORE_delete_number(STORE *s, OPENSSL_ITEM attributes[])
|
|
{
|
|
check_store(s,STORE_F_STORE_DELETE_NUMBER,
|
|
delete_object,STORE_R_NO_DELETE_NUMBER_FUNCTION);
|
|
|
|
if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_NUMBER, attributes))
|
|
{
|
|
STOREerr(STORE_F_STORE_DELETE_NUMBER,
|
|
STORE_R_FAILED_DELETING_NUMBER);
|
|
return 0;
|
|
}
|
|
return 1;
|
|
}
|
|
|
|
int store_arbitrary(STORE *s, BUF_MEM *data, OPENSSL_ITEM attributes[])
|
|
{
|
|
STORE_OBJECT *object = STORE_OBJECT_new();
|
|
int i;
|
|
|
|
check_store(s,STORE_F_STORE_ARBITRARY,
|
|
store_object,STORE_R_NO_STORE_OBJECT_ARBITRARY_FUNCTION);
|
|
|
|
if (!object)
|
|
{
|
|
STOREerr(STORE_F_STORE_ARBITRARY,
|
|
ERR_R_MALLOC_FAILURE);
|
|
return 0;
|
|
}
|
|
|
|
object->data.arbitrary = data;
|
|
|
|
i = s->meth->store_object(s, STORE_OBJECT_TYPE_ARBITRARY, object, attributes);
|
|
|
|
STORE_OBJECT_free(object);
|
|
|
|
if (!i)
|
|
{
|
|
STOREerr(STORE_F_STORE_ARBITRARY,
|
|
STORE_R_FAILED_STORING_ARBITRARY);
|
|
return 0;
|
|
}
|
|
return 1;
|
|
}
|
|
|
|
BUF_MEM *STORE_get_arbitrary(STORE *s, OPENSSL_ITEM attributes[])
|
|
{
|
|
STORE_OBJECT *object;
|
|
BUF_MEM *b;
|
|
|
|
check_store(s,STORE_F_STORE_GET_ARBITRARY,
|
|
get_object,STORE_R_NO_GET_OBJECT_ARBITRARY_FUNCTION);
|
|
|
|
object = s->meth->get_object(s, STORE_OBJECT_TYPE_ARBITRARY, attributes);
|
|
if (!object || !object->data.arbitrary)
|
|
{
|
|
STOREerr(STORE_F_STORE_GET_ARBITRARY,
|
|
STORE_R_FAILED_GETTING_ARBITRARY);
|
|
return 0;
|
|
}
|
|
b = object->data.arbitrary;
|
|
object->data.arbitrary = NULL;
|
|
STORE_OBJECT_free(object);
|
|
return b;
|
|
}
|
|
|
|
int STORE_delete_arbitrary(STORE *s, OPENSSL_ITEM attributes[])
|
|
{
|
|
check_store(s,STORE_F_STORE_DELETE_ARBITRARY,
|
|
delete_object,STORE_R_NO_DELETE_ARBITRARY_FUNCTION);
|
|
|
|
if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_ARBITRARY, attributes))
|
|
{
|
|
STOREerr(STORE_F_STORE_DELETE_ARBITRARY,
|
|
STORE_R_FAILED_DELETING_ARBITRARY);
|
|
return 0;
|
|
}
|
|
return 1;
|
|
}
|
|
|
|
STORE_OBJECT *STORE_OBJECT_new(void)
|
|
{
|
|
STORE_OBJECT *object = OPENSSL_malloc(sizeof(STORE_OBJECT));
|
|
if (object) memset(object, 0, sizeof(STORE_OBJECT));
|
|
return object;
|
|
}
|
|
void STORE_OBJECT_free(STORE_OBJECT *data)
|
|
{
|
|
if (!data) return;
|
|
switch (data->type)
|
|
{
|
|
case STORE_OBJECT_TYPE_X509_CERTIFICATE:
|
|
X509_free(data->data.x509.certificate);
|
|
break;
|
|
case STORE_OBJECT_TYPE_X509_CRL:
|
|
X509_CRL_free(data->data.crl);
|
|
break;
|
|
case STORE_OBJECT_TYPE_PRIVATE_KEY:
|
|
case STORE_OBJECT_TYPE_PUBLIC_KEY:
|
|
EVP_PKEY_free(data->data.key);
|
|
break;
|
|
case STORE_OBJECT_TYPE_NUMBER:
|
|
BN_free(data->data.number);
|
|
break;
|
|
case STORE_OBJECT_TYPE_ARBITRARY:
|
|
BUF_MEM_free(data->data.arbitrary);
|
|
break;
|
|
}
|
|
OPENSSL_free(data);
|
|
}
|
|
|
|
IMPLEMENT_STACK_OF(STORE_OBJECT*);
|
|
|
|
|
|
struct STORE_attr_info_st
|
|
{
|
|
unsigned char set[(STORE_ATTR_TYPE_NUM + 8) / 8];
|
|
union
|
|
{
|
|
char *cstring;
|
|
unsigned char *sha1string;
|
|
X509_NAME *dn;
|
|
BIGNUM *number;
|
|
void *any;
|
|
} values[STORE_ATTR_TYPE_NUM+1];
|
|
size_t value_sizes[STORE_ATTR_TYPE_NUM+1];
|
|
};
|
|
|
|
#define ATTR_IS_SET(a,i) ((i) > 0 && (i) < STORE_ATTR_TYPE_NUM \
|
|
&& ((a)->set[(i) / 8] & (1 << ((i) % 8))))
|
|
#define SET_ATTRBIT(a,i) ((a)->set[(i) / 8] |= (1 << ((i) % 8)))
|
|
#define CLEAR_ATTRBIT(a,i) ((a)->set[(i) / 8] &= ~(1 << ((i) % 8)))
|
|
|
|
STORE_ATTR_INFO *STORE_ATTR_INFO_new(void)
|
|
{
|
|
return (STORE_ATTR_INFO *)OPENSSL_malloc(sizeof(STORE_ATTR_INFO));
|
|
}
|
|
static void STORE_ATTR_INFO_attr_free(STORE_ATTR_INFO *attrs,
|
|
STORE_ATTR_TYPES code)
|
|
{
|
|
if (ATTR_IS_SET(attrs,code))
|
|
{
|
|
switch(code)
|
|
{
|
|
case STORE_ATTR_FRIENDLYNAME:
|
|
case STORE_ATTR_EMAIL:
|
|
case STORE_ATTR_FILENAME:
|
|
STORE_ATTR_INFO_modify_cstr(attrs, code, NULL, 0);
|
|
break;
|
|
case STORE_ATTR_KEYID:
|
|
case STORE_ATTR_ISSUERKEYID:
|
|
case STORE_ATTR_SUBJECTKEYID:
|
|
case STORE_ATTR_ISSUERSERIALHASH:
|
|
case STORE_ATTR_CERTHASH:
|
|
STORE_ATTR_INFO_modify_sha1str(attrs, code, NULL, 0);
|
|
break;
|
|
case STORE_ATTR_ISSUER:
|
|
case STORE_ATTR_SUBJECT:
|
|
STORE_ATTR_INFO_modify_dn(attrs, code, NULL);
|
|
break;
|
|
case STORE_ATTR_SERIAL:
|
|
STORE_ATTR_INFO_modify_number(attrs, code, NULL);
|
|
break;
|
|
default:
|
|
break;
|
|
}
|
|
}
|
|
}
|
|
int STORE_ATTR_INFO_free(STORE_ATTR_INFO *attrs)
|
|
{
|
|
if (attrs)
|
|
{
|
|
STORE_ATTR_TYPES i;
|
|
for(i = 0; i++ < STORE_ATTR_TYPE_NUM;)
|
|
STORE_ATTR_INFO_attr_free(attrs, i);
|
|
OPENSSL_free(attrs);
|
|
}
|
|
return 1;
|
|
}
|
|
char *STORE_ATTR_INFO_get0_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code)
|
|
{
|
|
if (!attrs)
|
|
{
|
|
STOREerr(STORE_F_STORE_ATTR_INFO_GET0_CSTR,
|
|
ERR_R_PASSED_NULL_PARAMETER);
|
|
return NULL;
|
|
}
|
|
if (ATTR_IS_SET(attrs,code))
|
|
return attrs->values[code].cstring;
|
|
STOREerr(STORE_F_STORE_ATTR_INFO_GET0_CSTR,
|
|
STORE_R_NO_VALUE);
|
|
return NULL;
|
|
}
|
|
unsigned char *STORE_ATTR_INFO_get0_sha1str(STORE_ATTR_INFO *attrs,
|
|
STORE_ATTR_TYPES code)
|
|
{
|
|
if (!attrs)
|
|
{
|
|
STOREerr(STORE_F_STORE_ATTR_INFO_GET0_SHA1STR,
|
|
ERR_R_PASSED_NULL_PARAMETER);
|
|
return NULL;
|
|
}
|
|
if (ATTR_IS_SET(attrs,code))
|
|
return attrs->values[code].sha1string;
|
|
STOREerr(STORE_F_STORE_ATTR_INFO_GET0_SHA1STR,
|
|
STORE_R_NO_VALUE);
|
|
return NULL;
|
|
}
|
|
X509_NAME *STORE_ATTR_INFO_get0_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code)
|
|
{
|
|
if (!attrs)
|
|
{
|
|
STOREerr(STORE_F_STORE_ATTR_INFO_GET0_DN,
|
|
ERR_R_PASSED_NULL_PARAMETER);
|
|
return NULL;
|
|
}
|
|
if (ATTR_IS_SET(attrs,code))
|
|
return attrs->values[code].dn;
|
|
STOREerr(STORE_F_STORE_ATTR_INFO_GET0_DN,
|
|
STORE_R_NO_VALUE);
|
|
return NULL;
|
|
}
|
|
BIGNUM *STORE_ATTR_INFO_get0_number(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code)
|
|
{
|
|
if (!attrs)
|
|
{
|
|
STOREerr(STORE_F_STORE_ATTR_INFO_GET0_NUMBER,
|
|
ERR_R_PASSED_NULL_PARAMETER);
|
|
return NULL;
|
|
}
|
|
if (ATTR_IS_SET(attrs,code))
|
|
return attrs->values[code].number;
|
|
STOREerr(STORE_F_STORE_ATTR_INFO_GET0_NUMBER,
|
|
STORE_R_NO_VALUE);
|
|
return NULL;
|
|
}
|
|
int STORE_ATTR_INFO_set_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
|
|
char *cstr, size_t cstr_size)
|
|
{
|
|
if (!attrs)
|
|
{
|
|
STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR,
|
|
ERR_R_PASSED_NULL_PARAMETER);
|
|
return 0;
|
|
}
|
|
if (!ATTR_IS_SET(attrs,code))
|
|
{
|
|
if ((attrs->values[code].cstring = BUF_strndup(cstr, cstr_size)))
|
|
return 1;
|
|
STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR,
|
|
ERR_R_MALLOC_FAILURE);
|
|
return 0;
|
|
}
|
|
STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR, STORE_R_ALREADY_HAS_A_VALUE);
|
|
return 0;
|
|
}
|
|
int STORE_ATTR_INFO_set_sha1str(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
|
|
unsigned char *sha1str, size_t sha1str_size)
|
|
{
|
|
if (!attrs)
|
|
{
|
|
STOREerr(STORE_F_STORE_ATTR_INFO_SET_SHA1STR,
|
|
ERR_R_PASSED_NULL_PARAMETER);
|
|
return 0;
|
|
}
|
|
if (!ATTR_IS_SET(attrs,code))
|
|
{
|
|
if ((attrs->values[code].sha1string =
|
|
(unsigned char *)BUF_memdup(sha1str,
|
|
sha1str_size)))
|
|
return 1;
|
|
STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR,
|
|
ERR_R_MALLOC_FAILURE);
|
|
return 0;
|
|
}
|
|
STOREerr(STORE_F_STORE_ATTR_INFO_SET_SHA1STR, STORE_R_ALREADY_HAS_A_VALUE);
|
|
return 0;
|
|
}
|
|
int STORE_ATTR_INFO_set_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
|
|
X509_NAME *dn)
|
|
{
|
|
if (!attrs)
|
|
{
|
|
STOREerr(STORE_F_STORE_ATTR_INFO_SET_DN,
|
|
ERR_R_PASSED_NULL_PARAMETER);
|
|
return 0;
|
|
}
|
|
if (!ATTR_IS_SET(attrs,code))
|
|
{
|
|
if ((attrs->values[code].dn = X509_NAME_dup(dn)))
|
|
return 1;
|
|
STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR,
|
|
ERR_R_MALLOC_FAILURE);
|
|
return 0;
|
|
}
|
|
STOREerr(STORE_F_STORE_ATTR_INFO_SET_DN, STORE_R_ALREADY_HAS_A_VALUE);
|
|
return 0;
|
|
}
|
|
int STORE_ATTR_INFO_set_number(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
|
|
BIGNUM *number)
|
|
{
|
|
if (!attrs)
|
|
{
|
|
STOREerr(STORE_F_STORE_ATTR_INFO_SET_NUMBER,
|
|
ERR_R_PASSED_NULL_PARAMETER);
|
|
return 0;
|
|
}
|
|
if (!ATTR_IS_SET(attrs,code))
|
|
{
|
|
if ((attrs->values[code].number = BN_dup(number)))
|
|
return 1;
|
|
STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR,
|
|
ERR_R_MALLOC_FAILURE);
|
|
return 0;
|
|
}
|
|
STOREerr(STORE_F_STORE_ATTR_INFO_SET_NUMBER, STORE_R_ALREADY_HAS_A_VALUE);
|
|
return 0;
|
|
}
|
|
int STORE_ATTR_INFO_modify_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
|
|
char *cstr, size_t cstr_size)
|
|
{
|
|
if (!attrs)
|
|
{
|
|
STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_CSTR,
|
|
ERR_R_PASSED_NULL_PARAMETER);
|
|
return 0;
|
|
}
|
|
if (ATTR_IS_SET(attrs,code))
|
|
{
|
|
OPENSSL_free(attrs->values[code].cstring);
|
|
attrs->values[code].cstring = NULL;
|
|
CLEAR_ATTRBIT(attrs, code);
|
|
}
|
|
return STORE_ATTR_INFO_set_cstr(attrs, code, cstr, cstr_size);
|
|
}
|
|
int STORE_ATTR_INFO_modify_sha1str(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
|
|
unsigned char *sha1str, size_t sha1str_size)
|
|
{
|
|
if (!attrs)
|
|
{
|
|
STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_SHA1STR,
|
|
ERR_R_PASSED_NULL_PARAMETER);
|
|
return 0;
|
|
}
|
|
if (ATTR_IS_SET(attrs,code))
|
|
{
|
|
OPENSSL_free(attrs->values[code].sha1string);
|
|
attrs->values[code].sha1string = NULL;
|
|
CLEAR_ATTRBIT(attrs, code);
|
|
}
|
|
return STORE_ATTR_INFO_set_sha1str(attrs, code, sha1str, sha1str_size);
|
|
}
|
|
int STORE_ATTR_INFO_modify_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
|
|
X509_NAME *dn)
|
|
{
|
|
if (!attrs)
|
|
{
|
|
STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_DN,
|
|
ERR_R_PASSED_NULL_PARAMETER);
|
|
return 0;
|
|
}
|
|
if (ATTR_IS_SET(attrs,code))
|
|
{
|
|
OPENSSL_free(attrs->values[code].dn);
|
|
attrs->values[code].dn = NULL;
|
|
CLEAR_ATTRBIT(attrs, code);
|
|
}
|
|
return STORE_ATTR_INFO_set_dn(attrs, code, dn);
|
|
}
|
|
int STORE_ATTR_INFO_modify_number(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
|
|
BIGNUM *number)
|
|
{
|
|
if (!attrs)
|
|
{
|
|
STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_NUMBER,
|
|
ERR_R_PASSED_NULL_PARAMETER);
|
|
return 0;
|
|
}
|
|
if (ATTR_IS_SET(attrs,code))
|
|
{
|
|
OPENSSL_free(attrs->values[code].number);
|
|
attrs->values[code].number = NULL;
|
|
CLEAR_ATTRBIT(attrs, code);
|
|
}
|
|
return STORE_ATTR_INFO_set_number(attrs, code, number);
|
|
}
|
|
|
|
struct attr_list_ctx_st
|
|
{
|
|
OPENSSL_ITEM *attributes;
|
|
};
|
|
void *STORE_parse_attrs_start(OPENSSL_ITEM *attributes)
|
|
{
|
|
if (attributes)
|
|
{
|
|
struct attr_list_ctx_st *context =
|
|
(struct attr_list_ctx_st *)OPENSSL_malloc(sizeof(struct attr_list_ctx_st));
|
|
if (context)
|
|
context->attributes = attributes;
|
|
else
|
|
STOREerr(STORE_F_STORE_PARSE_ATTRS_END,
|
|
ERR_R_MALLOC_FAILURE);
|
|
return context;
|
|
}
|
|
STOREerr(STORE_F_STORE_PARSE_ATTRS_END, ERR_R_PASSED_NULL_PARAMETER);
|
|
return 0;
|
|
}
|
|
STORE_ATTR_INFO *STORE_parse_attrs_next(void *handle)
|
|
{
|
|
struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)handle;
|
|
|
|
if (context && context->attributes)
|
|
{
|
|
STORE_ATTR_INFO *attrs = NULL;
|
|
|
|
while(context->attributes
|
|
&& context->attributes->code != STORE_ATTR_OR
|
|
&& context->attributes->code != STORE_ATTR_END)
|
|
{
|
|
switch(context->attributes->code)
|
|
{
|
|
case STORE_ATTR_FRIENDLYNAME:
|
|
case STORE_ATTR_EMAIL:
|
|
case STORE_ATTR_FILENAME:
|
|
if (!attrs) attrs = STORE_ATTR_INFO_new();
|
|
if (attrs == NULL)
|
|
{
|
|
STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
|
|
ERR_R_MALLOC_FAILURE);
|
|
goto err;
|
|
}
|
|
STORE_ATTR_INFO_set_cstr(attrs,
|
|
context->attributes->code,
|
|
context->attributes->value,
|
|
context->attributes->value_size);
|
|
break;
|
|
case STORE_ATTR_KEYID:
|
|
case STORE_ATTR_ISSUERKEYID:
|
|
case STORE_ATTR_SUBJECTKEYID:
|
|
case STORE_ATTR_ISSUERSERIALHASH:
|
|
case STORE_ATTR_CERTHASH:
|
|
if (!attrs) attrs = STORE_ATTR_INFO_new();
|
|
if (attrs == NULL)
|
|
{
|
|
STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
|
|
ERR_R_MALLOC_FAILURE);
|
|
goto err;
|
|
}
|
|
STORE_ATTR_INFO_set_sha1str(attrs,
|
|
context->attributes->code,
|
|
context->attributes->value,
|
|
context->attributes->value_size);
|
|
break;
|
|
case STORE_ATTR_ISSUER:
|
|
case STORE_ATTR_SUBJECT:
|
|
if (!attrs) attrs = STORE_ATTR_INFO_new();
|
|
if (attrs == NULL)
|
|
{
|
|
STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
|
|
ERR_R_MALLOC_FAILURE);
|
|
goto err;
|
|
}
|
|
STORE_ATTR_INFO_modify_dn(attrs,
|
|
context->attributes->code,
|
|
context->attributes->value);
|
|
break;
|
|
case STORE_ATTR_SERIAL:
|
|
if (!attrs) attrs = STORE_ATTR_INFO_new();
|
|
if (attrs == NULL)
|
|
{
|
|
STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
|
|
ERR_R_MALLOC_FAILURE);
|
|
goto err;
|
|
}
|
|
STORE_ATTR_INFO_modify_number(attrs,
|
|
context->attributes->code,
|
|
context->attributes->value);
|
|
break;
|
|
}
|
|
context->attributes++;
|
|
}
|
|
if (context->attributes->code == STORE_ATTR_OR)
|
|
context->attributes++;
|
|
return attrs;
|
|
err:
|
|
while(context->attributes
|
|
&& context->attributes->code != STORE_ATTR_OR
|
|
&& context->attributes->code != STORE_ATTR_END)
|
|
context->attributes++;
|
|
if (context->attributes->code == STORE_ATTR_OR)
|
|
context->attributes++;
|
|
return NULL;
|
|
}
|
|
STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT, ERR_R_PASSED_NULL_PARAMETER);
|
|
return NULL;
|
|
}
|
|
int STORE_parse_attrs_end(void *handle)
|
|
{
|
|
struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)handle;
|
|
|
|
if (context && context->attributes)
|
|
{
|
|
#if 0
|
|
OPENSSL_ITEM *attributes = context->attributes;
|
|
#endif
|
|
OPENSSL_free(context);
|
|
return 1;
|
|
}
|
|
STOREerr(STORE_F_STORE_PARSE_ATTRS_END, ERR_R_PASSED_NULL_PARAMETER);
|
|
return 0;
|
|
}
|
|
|
|
int STORE_parse_attrs_endp(void *handle)
|
|
{
|
|
struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)handle;
|
|
|
|
if (context && context->attributes)
|
|
{
|
|
return context->attributes->code == STORE_ATTR_END;
|
|
}
|
|
STOREerr(STORE_F_STORE_PARSE_ATTRS_END, ERR_R_PASSED_NULL_PARAMETER);
|
|
return 0;
|
|
}
|
|
|
|
int STORE_ATTR_INFO_compare(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
|
|
{
|
|
unsigned char *abits, *bbits;
|
|
int i;
|
|
|
|
if (a == b) return 0;
|
|
if (!a) return -1;
|
|
if (!b) return 1;
|
|
abits = a->set;
|
|
bbits = b->set;
|
|
for (i = 0; i < (STORE_ATTR_TYPE_NUM + 8) / 8; i++, abits++, bbits++)
|
|
{
|
|
if (*abits < *bbits) return -1;
|
|
if (*abits > *bbits) return 1;
|
|
}
|
|
return 0;
|
|
}
|
|
int STORE_ATTR_INFO_in(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
|
|
{
|
|
unsigned char *abits, *bbits;
|
|
int i;
|
|
|
|
if (a == b) return 1;
|
|
if (!a) return 0;
|
|
if (!b) return 0;
|
|
abits = a->set;
|
|
bbits = b->set;
|
|
for (i = 0; i < (STORE_ATTR_TYPE_NUM + 8) / 8; i++, abits++, bbits++)
|
|
{
|
|
if (*abits && *bbits != *abits)
|
|
return 0;
|
|
}
|
|
return 1;
|
|
}
|
|
int STORE_ATTR_INFO_in_ex(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
|
|
{
|
|
STORE_ATTR_TYPES i;
|
|
|
|
if (a == b) return 1;
|
|
if (!STORE_ATTR_INFO_in(a, b)) return 0;
|
|
for (i = 1; i < STORE_ATTR_TYPE_NUM; i++)
|
|
if (ATTR_IS_SET(a, i))
|
|
{
|
|
switch(i)
|
|
{
|
|
case STORE_ATTR_FRIENDLYNAME:
|
|
case STORE_ATTR_EMAIL:
|
|
case STORE_ATTR_FILENAME:
|
|
if (strcmp(a->values[i].cstring,
|
|
b->values[i].cstring))
|
|
return 0;
|
|
break;
|
|
case STORE_ATTR_KEYID:
|
|
case STORE_ATTR_ISSUERKEYID:
|
|
case STORE_ATTR_SUBJECTKEYID:
|
|
case STORE_ATTR_ISSUERSERIALHASH:
|
|
case STORE_ATTR_CERTHASH:
|
|
if (memcmp(a->values[i].sha1string,
|
|
b->values[i].sha1string,
|
|
a->value_sizes[i]))
|
|
return 0;
|
|
break;
|
|
case STORE_ATTR_ISSUER:
|
|
case STORE_ATTR_SUBJECT:
|
|
if (X509_NAME_cmp(a->values[i].dn,
|
|
b->values[i].dn))
|
|
return 0;
|
|
break;
|
|
case STORE_ATTR_SERIAL:
|
|
if (BN_cmp(a->values[i].number,
|
|
b->values[i].number))
|
|
return 0;
|
|
break;
|
|
default:
|
|
break;
|
|
}
|
|
}
|
|
|
|
return 1;
|
|
}
|