OSSL_STORE_F_OSSL_STORE_EXPECT:130:OSSL_STORE_expect
OSSL_STORE_F_OSSL_STORE_FILE_ATTACH_PEM_BIO_INT:128:\
ossl_store_file_attach_pem_bio_int
+OSSL_STORE_F_OSSL_STORE_FIND:131:OSSL_STORE_find
OSSL_STORE_F_OSSL_STORE_GET0_LOADER_INT:100:ossl_store_get0_loader_int
OSSL_STORE_F_OSSL_STORE_INFO_GET1_CERT:101:OSSL_STORE_INFO_get1_CERT
OSSL_STORE_F_OSSL_STORE_INFO_GET1_CRL:102:OSSL_STORE_INFO_get1_CRL
OSSL_STORE_F_OSSL_STORE_OPEN:114:OSSL_STORE_open
OSSL_STORE_F_OSSL_STORE_OPEN_INT:115:*
OSSL_STORE_F_OSSL_STORE_REGISTER_LOADER_INT:117:ossl_store_register_loader_int
+OSSL_STORE_F_OSSL_STORE_SEARCH_BY_ALIAS:132:OSSL_STORE_SEARCH_by_alias
+OSSL_STORE_F_OSSL_STORE_SEARCH_BY_ISSUER_SERIAL:133:\
+ OSSL_STORE_SEARCH_by_issuer_serial
+OSSL_STORE_F_OSSL_STORE_SEARCH_BY_KEY_FINGERPRINT:136:\
+ OSSL_STORE_SEARCH_by_key_fingerprint
+OSSL_STORE_F_OSSL_STORE_SEARCH_BY_NAME:137:OSSL_STORE_SEARCH_by_name
OSSL_STORE_F_OSSL_STORE_UNREGISTER_LOADER_INT:116:\
ossl_store_unregister_loader_int
OSSL_STORE_F_TRY_DECODE_PARAMS:121:try_decode_params
OSSL_STORE_R_AMBIGUOUS_CONTENT_TYPE:107:ambiguous content type
OSSL_STORE_R_BAD_PASSWORD_READ:115:bad password read
OSSL_STORE_R_ERROR_VERIFYING_PKCS12_MAC:113:error verifying pkcs12 mac
+OSSL_STORE_R_FINGERPRINT_SIZE_DOES_NOT_MATCH_DIGEST:121:\
+ fingerprint size does not match digest
OSSL_STORE_R_INVALID_SCHEME:106:invalid scheme
OSSL_STORE_R_IS_NOT_A:112:is not a
OSSL_STORE_R_LOADER_INCOMPLETE:116:loader incomplete
ui process interrupted or cancelled
OSSL_STORE_R_UNREGISTERED_SCHEME:105:unregistered scheme
OSSL_STORE_R_UNSUPPORTED_CONTENT_TYPE:110:unsupported content type
+OSSL_STORE_R_UNSUPPORTED_OPERATION:118:unsupported operation
OSSL_STORE_R_URI_AUTHORITY_UNSUPPORTED:111:uri authority unsupported
PEM_R_BAD_BASE64_DECODE:100:bad base64 decode
PEM_R_BAD_DECRYPT:101:bad decrypt
file_open,
file_ctrl,
file_expect,
+ NULL,
file_load,
file_eof,
file_error,
/*
* Generated by util/mkerr.pl DO NOT EDIT
- * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
"OSSL_STORE_expect"},
{ERR_PACK(ERR_LIB_OSSL_STORE, OSSL_STORE_F_OSSL_STORE_FILE_ATTACH_PEM_BIO_INT, 0),
"ossl_store_file_attach_pem_bio_int"},
+ {ERR_PACK(ERR_LIB_OSSL_STORE, OSSL_STORE_F_OSSL_STORE_FIND, 0),
+ "OSSL_STORE_find"},
{ERR_PACK(ERR_LIB_OSSL_STORE, OSSL_STORE_F_OSSL_STORE_GET0_LOADER_INT, 0),
"ossl_store_get0_loader_int"},
{ERR_PACK(ERR_LIB_OSSL_STORE, OSSL_STORE_F_OSSL_STORE_INFO_GET1_CERT, 0),
{ERR_PACK(ERR_LIB_OSSL_STORE, OSSL_STORE_F_OSSL_STORE_OPEN_INT, 0), ""},
{ERR_PACK(ERR_LIB_OSSL_STORE, OSSL_STORE_F_OSSL_STORE_REGISTER_LOADER_INT, 0),
"ossl_store_register_loader_int"},
+ {ERR_PACK(ERR_LIB_OSSL_STORE, OSSL_STORE_F_OSSL_STORE_SEARCH_BY_ALIAS, 0),
+ "OSSL_STORE_SEARCH_by_alias"},
+ {ERR_PACK(ERR_LIB_OSSL_STORE, OSSL_STORE_F_OSSL_STORE_SEARCH_BY_ISSUER_SERIAL, 0),
+ "OSSL_STORE_SEARCH_by_issuer_serial"},
+ {ERR_PACK(ERR_LIB_OSSL_STORE, OSSL_STORE_F_OSSL_STORE_SEARCH_BY_KEY_FINGERPRINT, 0),
+ "OSSL_STORE_SEARCH_by_key_fingerprint"},
+ {ERR_PACK(ERR_LIB_OSSL_STORE, OSSL_STORE_F_OSSL_STORE_SEARCH_BY_NAME, 0),
+ "OSSL_STORE_SEARCH_by_name"},
{ERR_PACK(ERR_LIB_OSSL_STORE, OSSL_STORE_F_OSSL_STORE_UNREGISTER_LOADER_INT, 0),
"ossl_store_unregister_loader_int"},
{ERR_PACK(ERR_LIB_OSSL_STORE, OSSL_STORE_F_TRY_DECODE_PARAMS, 0),
"bad password read"},
{ERR_PACK(ERR_LIB_OSSL_STORE, 0, OSSL_STORE_R_ERROR_VERIFYING_PKCS12_MAC),
"error verifying pkcs12 mac"},
+ {ERR_PACK(ERR_LIB_OSSL_STORE, 0, OSSL_STORE_R_FINGERPRINT_SIZE_DOES_NOT_MATCH_DIGEST),
+ "fingerprint size does not match digest"},
{ERR_PACK(ERR_LIB_OSSL_STORE, 0, OSSL_STORE_R_INVALID_SCHEME),
"invalid scheme"},
{ERR_PACK(ERR_LIB_OSSL_STORE, 0, OSSL_STORE_R_IS_NOT_A), "is not a"},
"unregistered scheme"},
{ERR_PACK(ERR_LIB_OSSL_STORE, 0, OSSL_STORE_R_UNSUPPORTED_CONTENT_TYPE),
"unsupported content type"},
+ {ERR_PACK(ERR_LIB_OSSL_STORE, 0, OSSL_STORE_R_UNSUPPORTED_OPERATION),
+ "unsupported operation"},
{ERR_PACK(ERR_LIB_OSSL_STORE, 0, OSSL_STORE_R_URI_AUTHORITY_UNSUPPORTED),
"uri authority unsupported"},
{0, NULL}
return 1;
}
+int OSSL_STORE_find(OSSL_STORE_CTX *ctx, OSSL_STORE_SEARCH *search)
+{
+ if (ctx->loading) {
+ OSSL_STOREerr(OSSL_STORE_F_OSSL_STORE_FIND,
+ OSSL_STORE_R_LOADING_STARTED);
+ return 0;
+ }
+ if (ctx->loader->find == NULL) {
+ OSSL_STOREerr(OSSL_STORE_F_OSSL_STORE_FIND,
+ OSSL_STORE_R_UNSUPPORTED_OPERATION);
+ return 0;
+ }
+
+ return ctx->loader->find(ctx->loader_ctx, search);
+}
+
OSSL_STORE_INFO *OSSL_STORE_load(OSSL_STORE_CTX *ctx)
{
OSSL_STORE_INFO *v = NULL;
}
}
+int OSSL_STORE_supports_search(OSSL_STORE_CTX *ctx, int search_type)
+{
+ OSSL_STORE_SEARCH tmp_search;
+
+ if (ctx->loader->find == NULL)
+ return 0;
+ tmp_search.search_type = search_type;
+ return ctx->loader->find(NULL, &tmp_search);
+}
+
+/* Search term constructors */
+OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_name(X509_NAME *name)
+{
+ OSSL_STORE_SEARCH *search = OPENSSL_zalloc(sizeof(*search));
+
+ if (search == NULL) {
+ OSSL_STOREerr(OSSL_STORE_F_OSSL_STORE_SEARCH_BY_NAME,
+ ERR_R_MALLOC_FAILURE);
+ return NULL;
+ }
+
+ search->search_type = OSSL_STORE_SEARCH_BY_NAME;
+ search->name = name;
+ return search;
+}
+
+OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_issuer_serial(X509_NAME *name,
+ const ASN1_INTEGER *serial)
+{
+ OSSL_STORE_SEARCH *search = OPENSSL_zalloc(sizeof(*search));
+
+ if (search == NULL) {
+ OSSL_STOREerr(OSSL_STORE_F_OSSL_STORE_SEARCH_BY_ISSUER_SERIAL,
+ ERR_R_MALLOC_FAILURE);
+ return NULL;
+ }
+
+ search->search_type = OSSL_STORE_SEARCH_BY_ISSUER_SERIAL;
+ search->name = name;
+ search->serial = serial;
+ return search;
+}
+
+OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_key_fingerprint(const EVP_MD *digest,
+ const unsigned char
+ *bytes, size_t len)
+{
+ OSSL_STORE_SEARCH *search = OPENSSL_zalloc(sizeof(*search));
+
+ if (search == NULL) {
+ OSSL_STOREerr(OSSL_STORE_F_OSSL_STORE_SEARCH_BY_KEY_FINGERPRINT,
+ ERR_R_MALLOC_FAILURE);
+ return NULL;
+ }
+
+ if (digest != NULL && len != (size_t)EVP_MD_size(digest)) {
+ char buf1[20], buf2[20];
+
+ BIO_snprintf(buf1, sizeof(buf1), "%d", EVP_MD_size(digest));
+ BIO_snprintf(buf2, sizeof(buf2), "%zu", len);
+ OSSL_STOREerr(OSSL_STORE_F_OSSL_STORE_SEARCH_BY_KEY_FINGERPRINT,
+ OSSL_STORE_R_FINGERPRINT_SIZE_DOES_NOT_MATCH_DIGEST);
+ ERR_add_error_data(5, EVP_MD_name(digest), " size is ", buf1,
+ ", fingerprint size is ", buf2);
+ }
+
+ search->search_type = OSSL_STORE_SEARCH_BY_KEY_FINGERPRINT;
+ search->digest = digest;
+ search->string = bytes;
+ search->stringlength = len;
+ return search;
+}
+
+OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_alias(const char *alias)
+{
+ OSSL_STORE_SEARCH *search = OPENSSL_zalloc(sizeof(*search));
+
+ if (search == NULL) {
+ OSSL_STOREerr(OSSL_STORE_F_OSSL_STORE_SEARCH_BY_ALIAS,
+ ERR_R_MALLOC_FAILURE);
+ return NULL;
+ }
+
+ search->search_type = OSSL_STORE_SEARCH_BY_ALIAS;
+ search->string = (const unsigned char *)alias;
+ search->stringlength = strlen(alias);
+ return search;
+}
+
+/* Search term destructor */
+void OSSL_STORE_SEARCH_free(OSSL_STORE_SEARCH *search)
+{
+ OPENSSL_free(search);
+}
+
+/* Search term accessors */
+int OSSL_STORE_SEARCH_get_type(const OSSL_STORE_SEARCH *criterion)
+{
+ return criterion->search_type;
+}
+
+X509_NAME *OSSL_STORE_SEARCH_get0_name(OSSL_STORE_SEARCH *criterion)
+{
+ return criterion->name;
+}
+
+const ASN1_INTEGER *OSSL_STORE_SEARCH_get0_serial(const OSSL_STORE_SEARCH
+ *criterion)
+{
+ return criterion->serial;
+}
+
+const unsigned char *OSSL_STORE_SEARCH_get0_bytes(const OSSL_STORE_SEARCH
+ *criterion, size_t *length)
+{
+ *length = criterion->stringlength;
+ return criterion->string;
+}
+
+const char *OSSL_STORE_SEARCH_get0_string(const OSSL_STORE_SEARCH *criterion)
+{
+ return (const char *)criterion->string;
+}
+
+const EVP_MD *OSSL_STORE_SEARCH_get0_digest(const OSSL_STORE_SEARCH *criterion)
+{
+ return criterion->digest;
+}
+
/* Internal functions */
OSSL_STORE_INFO *ossl_store_info_new_EMBEDDED(const char *new_pem_name,
BUF_MEM *embedded)
BUF_MEM *ossl_store_info_get0_EMBEDDED_buffer(OSSL_STORE_INFO *info);
char *ossl_store_info_get0_EMBEDDED_pem_name(OSSL_STORE_INFO *info);
+/*-
+ * OSSL_STORE_SEARCH stuff
+ * -----------------------
+ */
+
+struct ossl_store_search_st {
+ int search_type;
+
+ /*
+ * Used by OSSL_STORE_SEARCH_BY_NAME and
+ * OSSL_STORE_SEARCH_BY_ISSUER_SERIAL
+ */
+ X509_NAME *name;
+
+ /* Used by OSSL_STORE_SEARCH_BY_ISSUER_SERIAL */
+ const ASN1_INTEGER *serial;
+
+ /* Used by OSSL_STORE_SEARCH_BY_KEY_FINGERPRINT */
+ const EVP_MD *digest;
+
+ /*
+ * Used by OSSL_STORE_SEARCH_BY_KEY_FINGERPRINT and
+ * OSSL_STORE_SEARCH_BY_ALIAS
+ */
+ const unsigned char *string;
+ size_t stringlength;
+};
+
/*-
* OSSL_STORE_LOADER stuff
* -----------------------
OSSL_STORE_open_fn open;
OSSL_STORE_ctrl_fn ctrl;
OSSL_STORE_expect_fn expect;
+ OSSL_STORE_find_fn find;
OSSL_STORE_load_fn load;
OSSL_STORE_eof_fn eof;
OSSL_STORE_error_fn error;
return 1;
}
+int OSSL_STORE_LOADER_set_find(OSSL_STORE_LOADER *loader,
+ OSSL_STORE_find_fn find_function)
+{
+ loader->find = find_function;
+ return 1;
+}
+
int OSSL_STORE_LOADER_set_load(OSSL_STORE_LOADER *loader,
OSSL_STORE_load_fn load_function)
{
typedef struct ct_policy_eval_ctx_st CT_POLICY_EVAL_CTX;
typedef struct ossl_store_info_st OSSL_STORE_INFO;
+typedef struct ossl_store_search_st OSSL_STORE_SEARCH;
#if defined(__STDC_VERSION__) && __STDC_VERSION__ >= 199901L && \
defined(INTMAX_MAX) && defined(UINTMAX_MAX)
*/
void OSSL_STORE_INFO_free(OSSL_STORE_INFO *info);
+
+/*-
+ * Functions to construct a search URI from a base URI and search criteria
+ * -----------------------------------------------------------------------
+ */
+
+/* OSSL_STORE search types */
+# define OSSL_STORE_SEARCH_BY_NAME 1 /* subject in certs, issuer in CRLs */
+# define OSSL_STORE_SEARCH_BY_ISSUER_SERIAL 2
+# define OSSL_STORE_SEARCH_BY_KEY_FINGERPRINT 3
+# define OSSL_STORE_SEARCH_BY_ALIAS 4
+
+/* To check what search types the scheme handler supports */
+int OSSL_STORE_supports_search(OSSL_STORE_CTX *ctx, int search_type);
+
+/* Search term constructors */
+/*
+ * The input is considered to be owned by the caller, and must therefore
+ * remain present throughout the lifetime of the returned OSSL_STORE_SEARCH
+ */
+OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_name(X509_NAME *name);
+OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_issuer_serial(X509_NAME *name,
+ const ASN1_INTEGER
+ *serial);
+OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_key_fingerprint(const EVP_MD *digest,
+ const unsigned char
+ *bytes, size_t len);
+OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_alias(const char *alias);
+
+/* Search term destructor */
+void OSSL_STORE_SEARCH_free(OSSL_STORE_SEARCH *search);
+
+/* Search term accessors */
+int OSSL_STORE_SEARCH_get_type(const OSSL_STORE_SEARCH *criterion);
+X509_NAME *OSSL_STORE_SEARCH_get0_name(OSSL_STORE_SEARCH *criterion);
+const ASN1_INTEGER *OSSL_STORE_SEARCH_get0_serial(const OSSL_STORE_SEARCH
+ *criterion);
+const unsigned char *OSSL_STORE_SEARCH_get0_bytes(const OSSL_STORE_SEARCH
+ *criterion, size_t *length);
+const char *OSSL_STORE_SEARCH_get0_string(const OSSL_STORE_SEARCH *criterion);
+const EVP_MD *OSSL_STORE_SEARCH_get0_digest(const OSSL_STORE_SEARCH *criterion);
+
/*
- * Add expected return type (which can be unspecified) to the loading channel.
- * This MUST happen before the first STORE_load().
+ * Add search criterion and expected return type (which can be unspecified)
+ * to the loading channel. This MUST happen before the first OSSL_STORE_load().
*/
int OSSL_STORE_expect(OSSL_STORE_CTX *ctx, int expected_type);
+int OSSL_STORE_find(OSSL_STORE_CTX *ctx, OSSL_STORE_SEARCH *search);
/*-
typedef int (*OSSL_STORE_expect_fn)(OSSL_STORE_LOADER_CTX *ctx, int expected);
int OSSL_STORE_LOADER_set_expect(OSSL_STORE_LOADER *loader,
OSSL_STORE_expect_fn expect_function);
+typedef int (*OSSL_STORE_find_fn)(OSSL_STORE_LOADER_CTX *ctx,
+ OSSL_STORE_SEARCH *criteria);
+int OSSL_STORE_LOADER_set_find(OSSL_STORE_LOADER *loader,
+ OSSL_STORE_find_fn find_function);
typedef OSSL_STORE_INFO *(*OSSL_STORE_load_fn)(OSSL_STORE_LOADER_CTX *ctx,
const UI_METHOD *ui_method,
void *ui_data);
# define OSSL_STORE_F_OSSL_STORE_ATTACH_PEM_BIO 127
# define OSSL_STORE_F_OSSL_STORE_EXPECT 130
# define OSSL_STORE_F_OSSL_STORE_FILE_ATTACH_PEM_BIO_INT 128
+# define OSSL_STORE_F_OSSL_STORE_FIND 131
# define OSSL_STORE_F_OSSL_STORE_GET0_LOADER_INT 100
# define OSSL_STORE_F_OSSL_STORE_INFO_GET1_CERT 101
# define OSSL_STORE_F_OSSL_STORE_INFO_GET1_CRL 102
# define OSSL_STORE_F_OSSL_STORE_OPEN 114
# define OSSL_STORE_F_OSSL_STORE_OPEN_INT 115
# define OSSL_STORE_F_OSSL_STORE_REGISTER_LOADER_INT 117
+# define OSSL_STORE_F_OSSL_STORE_SEARCH_BY_ALIAS 132
+# define OSSL_STORE_F_OSSL_STORE_SEARCH_BY_ISSUER_SERIAL 133
+# define OSSL_STORE_F_OSSL_STORE_SEARCH_BY_KEY_FINGERPRINT 136
+# define OSSL_STORE_F_OSSL_STORE_SEARCH_BY_NAME 137
# define OSSL_STORE_F_OSSL_STORE_UNREGISTER_LOADER_INT 116
# define OSSL_STORE_F_TRY_DECODE_PARAMS 121
# define OSSL_STORE_F_TRY_DECODE_PKCS12 122
# define OSSL_STORE_R_AMBIGUOUS_CONTENT_TYPE 107
# define OSSL_STORE_R_BAD_PASSWORD_READ 115
# define OSSL_STORE_R_ERROR_VERIFYING_PKCS12_MAC 113
+# define OSSL_STORE_R_FINGERPRINT_SIZE_DOES_NOT_MATCH_DIGEST 121
# define OSSL_STORE_R_INVALID_SCHEME 106
# define OSSL_STORE_R_IS_NOT_A 112
# define OSSL_STORE_R_LOADER_INCOMPLETE 116
# define OSSL_STORE_R_UI_PROCESS_INTERRUPTED_OR_CANCELLED 109
# define OSSL_STORE_R_UNREGISTERED_SCHEME 105
# define OSSL_STORE_R_UNSUPPORTED_CONTENT_TYPE 110
+# define OSSL_STORE_R_UNSUPPORTED_OPERATION 118
# define OSSL_STORE_R_URI_AUTHORITY_UNSUPPORTED 111
#endif
BIO_bind 4449 1_1_1 EXIST::FUNCTION:SOCK
OSSL_STORE_LOADER_set_expect 4450 1_1_1 EXIST::FUNCTION:
OSSL_STORE_expect 4451 1_1_1 EXIST::FUNCTION:
+OSSL_STORE_SEARCH_by_key_fingerprint 4452 1_1_1 EXIST::FUNCTION:
+OSSL_STORE_SEARCH_get0_serial 4453 1_1_1 EXIST::FUNCTION:
+OSSL_STORE_SEARCH_by_name 4454 1_1_1 EXIST::FUNCTION:
+OSSL_STORE_supports_search 4455 1_1_1 EXIST::FUNCTION:
+OSSL_STORE_find 4456 1_1_1 EXIST::FUNCTION:
+OSSL_STORE_SEARCH_get_type 4457 1_1_1 EXIST::FUNCTION:
+OSSL_STORE_SEARCH_get0_bytes 4458 1_1_1 EXIST::FUNCTION:
+OSSL_STORE_SEARCH_get0_string 4459 1_1_1 EXIST::FUNCTION:
+OSSL_STORE_SEARCH_by_issuer_serial 4460 1_1_1 EXIST::FUNCTION:
+OSSL_STORE_SEARCH_get0_name 4461 1_1_1 EXIST::FUNCTION:
+OSSL_STORE_SEARCH_by_alias 4462 1_1_1 EXIST::FUNCTION:
+OSSL_STORE_LOADER_set_find 4463 1_1_1 EXIST::FUNCTION:
+OSSL_STORE_SEARCH_free 4464 1_1_1 EXIST::FUNCTION:
+OSSL_STORE_SEARCH_get0_digest 4465 1_1_1 EXIST::FUNCTION:
projects / openssl.git / commitdiff