crypto/store/str_lib.c

   1 /* crypto/store/str_lib.c -*- mode:C; c-file-style: "eay" -*- */
   2 /*
   3  * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
   4  * 2003.
   5  */
   6 /* ====================================================================
   7  * Copyright (c) 2003 The OpenSSL Project.  All rights reserved.
   8  *
   9  * Redistribution and use in source and binary forms, with or without
  10  * modification, are permitted provided that the following conditions
  11  * are met:
  12  *
  13  * 1. Redistributions of source code must retain the above copyright
  14  *    notice, this list of conditions and the following disclaimer.
  15  *
  16  * 2. Redistributions in binary form must reproduce the above copyright
  17  *    notice, this list of conditions and the following disclaimer in
  18  *    the documentation and/or other materials provided with the
  19  *    distribution.
  20  *
  21  * 3. All advertising materials mentioning features or use of this
  22  *    software must display the following acknowledgment:
  23  *    "This product includes software developed by the OpenSSL Project
  24  *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
  25  *
  26  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
  27  *    endorse or promote products derived from this software without
  28  *    prior written permission. For written permission, please contact
  29  *    openssl-core@openssl.org.
  30  *
  31  * 5. Products derived from this software may not be called "OpenSSL"
  32  *    nor may "OpenSSL" appear in their names without prior written
  33  *    permission of the OpenSSL Project.
  34  *
  35  * 6. Redistributions of any form whatsoever must retain the following
  36  *    acknowledgment:
  37  *    "This product includes software developed by the OpenSSL Project
  38  *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
  39  *
  40  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
  41  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  42  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  43  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
  44  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  45  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
  46  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
  47  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  48  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
  49  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  50  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
  51  * OF THE POSSIBILITY OF SUCH DAMAGE.
  52  * ====================================================================
  53  *
  54  * This product includes cryptographic software written by Eric Young
  55  * (eay@cryptsoft.com).  This product includes software written by Tim
  56  * Hudson (tjh@cryptsoft.com).
  57  *
  58  */
  59
  60 #include <string.h>
  61 #include <openssl/bn.h>
  62 #include <openssl/err.h>
  63 #ifndef OPENSSL_NO_ENGINE
  64 # include <openssl/engine.h>
  65 #endif
  66 #include <openssl/sha.h>
  67 #include <openssl/x509.h>
  68 #include "str_locl.h"
  69
  70 const char *const STORE_object_type_string[STORE_OBJECT_TYPE_NUM + 1] = {
  71     0,
  72     "X.509 Certificate",
  73     "X.509 CRL",
  74     "Private Key",
  75     "Public Key",
  76     "Number",
  77     "Arbitrary Data"
  78 };
  79
  80 const int STORE_param_sizes[STORE_PARAM_TYPE_NUM + 1] = {
  81     0,
  82     sizeof(int),                /* EVP_TYPE */
  83     sizeof(size_t),             /* BITS */
  84     -1,                         /* KEY_PARAMETERS */
  85     0                           /* KEY_NO_PARAMETERS */
  86 };
  87
  88 const int STORE_attr_sizes[STORE_ATTR_TYPE_NUM + 1] = {
  89     0,
  90     -1,                         /* FRIENDLYNAME: C string */
  91     SHA_DIGEST_LENGTH,          /* KEYID: SHA1 digest, 160 bits */
  92     SHA_DIGEST_LENGTH,          /* ISSUERKEYID: SHA1 digest, 160 bits */
  93     SHA_DIGEST_LENGTH,          /* SUBJECTKEYID: SHA1 digest, 160 bits */
  94     SHA_DIGEST_LENGTH,          /* ISSUERSERIALHASH: SHA1 digest, 160 bits */
  95     sizeof(X509_NAME *),        /* ISSUER: X509_NAME * */
  96     sizeof(BIGNUM *),           /* SERIAL: BIGNUM * */
  97     sizeof(X509_NAME *),        /* SUBJECT: X509_NAME * */
  98     SHA_DIGEST_LENGTH,          /* CERTHASH: SHA1 digest, 160 bits */
  99     -1,                         /* EMAIL: C string */
 100     -1,                         /* FILENAME: C string */
 101 };
 102
 103 STORE *STORE_new_method(const STORE_METHOD *method)
 104 {
 105     STORE *ret;
 106
 107     if (method == NULL) {
 108         STOREerr(STORE_F_STORE_NEW_METHOD, ERR_R_PASSED_NULL_PARAMETER);
 109         return NULL;
 110     }
 111
 112     ret = OPENSSL_malloc(sizeof(*ret));
 113     if (ret == NULL) {
 114         STOREerr(STORE_F_STORE_NEW_METHOD, ERR_R_MALLOC_FAILURE);
 115         return NULL;
 116     }
 117
 118     ret->meth = method;
 119
 120     CRYPTO_new_ex_data(CRYPTO_EX_INDEX_STORE, ret, &ret->ex_data);
 121     if (ret->meth->init && !ret->meth->init(ret)) {
 122         STORE_free(ret);
 123         ret = NULL;
 124     }
 125     return ret;
 126 }
 127
 128 STORE *STORE_new_engine(ENGINE *engine)
 129 {
 130     STORE *ret = NULL;
 131     ENGINE *e = engine;
 132     const STORE_METHOD *meth = 0;
 133
 134 #ifdef OPENSSL_NO_ENGINE
 135     e = NULL;
 136 #else
 137     if (engine) {
 138         if (!ENGINE_init(engine)) {
 139             STOREerr(STORE_F_STORE_NEW_ENGINE, ERR_R_ENGINE_LIB);
 140             return NULL;
 141         }
 142         e = engine;
 143     } else {
 144         STOREerr(STORE_F_STORE_NEW_ENGINE, ERR_R_PASSED_NULL_PARAMETER);
 145         return NULL;
 146     }
 147     if (e) {
 148         meth = ENGINE_get_STORE(e);
 149         if (!meth) {
 150             STOREerr(STORE_F_STORE_NEW_ENGINE, ERR_R_ENGINE_LIB);
 151             ENGINE_finish(e);
 152             return NULL;
 153         }
 154     }
 155 #endif
 156
 157     ret = STORE_new_method(meth);
 158     if (ret == NULL) {
 159         STOREerr(STORE_F_STORE_NEW_ENGINE, ERR_R_STORE_LIB);
 160         return NULL;
 161     }
 162
 163     ret->engine = e;
 164
 165     return (ret);
 166 }
 167
 168 void STORE_free(STORE *store)
 169 {
 170     if (store == NULL)
 171         return;
 172     if (store->meth->clean)
 173         store->meth->clean(store);
 174     CRYPTO_free_ex_data(CRYPTO_EX_INDEX_STORE, store, &store->ex_data);
 175     OPENSSL_free(store);
 176 }
 177
 178 int STORE_ctrl(STORE *store, int cmd, long i, void *p, void (*f) (void))
 179 {
 180     if (store == NULL) {
 181         STOREerr(STORE_F_STORE_CTRL, ERR_R_PASSED_NULL_PARAMETER);
 182         return 0;
 183     }
 184     if (store->meth->ctrl)
 185         return store->meth->ctrl(store, cmd, i, p, f);
 186     STOREerr(STORE_F_STORE_CTRL, STORE_R_NO_CONTROL_FUNCTION);
 187     return 0;
 188 }
 189
 190 int STORE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
 191                            CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
 192 {
 193     return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_STORE, argl, argp,
 194                                    new_func, dup_func, free_func);
 195 }
 196
 197 int STORE_set_ex_data(STORE *r, int idx, void *arg)
 198 {
 199     return (CRYPTO_set_ex_data(&r->ex_data, idx, arg));
 200 }
 201
 202 void *STORE_get_ex_data(STORE *r, int idx)
 203 {
 204     return (CRYPTO_get_ex_data(&r->ex_data, idx));
 205 }
 206
 207 const STORE_METHOD *STORE_get_method(STORE *store)
 208 {
 209     return store->meth;
 210 }
 211
 212 const STORE_METHOD *STORE_set_method(STORE *store, const STORE_METHOD *meth)
 213 {
 214     store->meth = meth;
 215     return store->meth;
 216 }
 217
 218 /* API helpers */
 219
 220 #define check_store(s,fncode,fnname,fnerrcode) \
 221         do \
 222                 { \
 223                 if ((s) == NULL || (s)->meth == NULL) \
 224                         { \
 225                         STOREerr((fncode), ERR_R_PASSED_NULL_PARAMETER); \
 226                         return 0; \
 227                         } \
 228                 if ((s)->meth->fnname == NULL) \
 229                         { \
 230                         STOREerr((fncode), (fnerrcode)); \
 231                         return 0; \
 232                         } \
 233                 } \
 234         while(0)
 235
 236 /* API functions */
 237
 238 X509 *STORE_get_certificate(STORE *s, OPENSSL_ITEM attributes[],
 239                             OPENSSL_ITEM parameters[])
 240 {
 241     STORE_OBJECT *object;
 242     X509 *x;
 243
 244     check_store(s, STORE_F_STORE_GET_CERTIFICATE,
 245                 get_object, STORE_R_NO_GET_OBJECT_FUNCTION);
 246
 247     object = s->meth->get_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
 248                                  attributes, parameters);
 249     if (!object || !object->data.x509.certificate) {
 250         STOREerr(STORE_F_STORE_GET_CERTIFICATE,
 251                  STORE_R_FAILED_GETTING_CERTIFICATE);
 252         return 0;
 253     }
 254     X509_up_ref(object->data.x509.certificate);
 255 #ifdef REF_PRINT
 256     REF_PRINT("X509", data);
 257 #endif
 258     x = object->data.x509.certificate;
 259     STORE_OBJECT_free(object);
 260     return x;
 261 }
 262
 263 int STORE_store_certificate(STORE *s, X509 *data, OPENSSL_ITEM attributes[],
 264                             OPENSSL_ITEM parameters[])
 265 {
 266     STORE_OBJECT *object;
 267     int i;
 268
 269     check_store(s, STORE_F_STORE_CERTIFICATE,
 270                 store_object, STORE_R_NO_STORE_OBJECT_FUNCTION);
 271
 272     object = STORE_OBJECT_new();
 273     if (!object) {
 274         STOREerr(STORE_F_STORE_STORE_CERTIFICATE, ERR_R_MALLOC_FAILURE);
 275         return 0;
 276     }
 277
 278     X509_up_ref(data);
 279 #ifdef REF_PRINT
 280     REF_PRINT("X509", data);
 281 #endif
 282     object->data.x509.certificate = data;
 283
 284     i = s->meth->store_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
 285                               object, attributes, parameters);
 286
 287     STORE_OBJECT_free(object);
 288
 289     if (!i) {
 290         STOREerr(STORE_F_STORE_STORE_CERTIFICATE,
 291                  STORE_R_FAILED_STORING_CERTIFICATE);
 292         return 0;
 293     }
 294     return 1;
 295 }
 296
 297 int STORE_modify_certificate(STORE *s, OPENSSL_ITEM search_attributes[],
 298                              OPENSSL_ITEM add_attributes[],
 299                              OPENSSL_ITEM modify_attributes[],
 300                              OPENSSL_ITEM delete_attributes[],
 301                              OPENSSL_ITEM parameters[])
 302 {
 303     check_store(s, STORE_F_STORE_MODIFY_CERTIFICATE,
 304                 modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION);
 305
 306     if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
 307                                 search_attributes, add_attributes,
 308                                 modify_attributes, delete_attributes,
 309                                 parameters)) {
 310         STOREerr(STORE_F_STORE_MODIFY_CERTIFICATE,
 311                  STORE_R_FAILED_MODIFYING_CERTIFICATE);
 312         return 0;
 313     }
 314     return 1;
 315 }
 316
 317 int STORE_revoke_certificate(STORE *s, OPENSSL_ITEM attributes[],
 318                              OPENSSL_ITEM parameters[])
 319 {
 320     check_store(s, STORE_F_STORE_REVOKE_CERTIFICATE,
 321                 revoke_object, STORE_R_NO_REVOKE_OBJECT_FUNCTION);
 322
 323     if (!s->meth->revoke_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
 324                                 attributes, parameters)) {
 325         STOREerr(STORE_F_STORE_REVOKE_CERTIFICATE,
 326                  STORE_R_FAILED_REVOKING_CERTIFICATE);
 327         return 0;
 328     }
 329     return 1;
 330 }
 331
 332 int STORE_delete_certificate(STORE *s, OPENSSL_ITEM attributes[],
 333                              OPENSSL_ITEM parameters[])
 334 {
 335     check_store(s, STORE_F_STORE_DELETE_CERTIFICATE,
 336                 delete_object, STORE_R_NO_DELETE_OBJECT_FUNCTION);
 337
 338     if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
 339                                 attributes, parameters)) {
 340         STOREerr(STORE_F_STORE_DELETE_CERTIFICATE,
 341                  STORE_R_FAILED_DELETING_CERTIFICATE);
 342         return 0;
 343     }
 344     return 1;
 345 }
 346
 347 void *STORE_list_certificate_start(STORE *s, OPENSSL_ITEM attributes[],
 348                                    OPENSSL_ITEM parameters[])
 349 {
 350     void *handle;
 351
 352     check_store(s, STORE_F_STORE_LIST_CERTIFICATE_START,
 353                 list_object_start, STORE_R_NO_LIST_OBJECT_START_FUNCTION);
 354
 355     handle = s->meth->list_object_start(s,
 356                                         STORE_OBJECT_TYPE_X509_CERTIFICATE,
 357                                         attributes, parameters);
 358     if (!handle) {
 359         STOREerr(STORE_F_STORE_LIST_CERTIFICATE_START,
 360                  STORE_R_FAILED_LISTING_CERTIFICATES);
 361         return 0;
 362     }
 363     return handle;
 364 }
 365
 366 X509 *STORE_list_certificate_next(STORE *s, void *handle)
 367 {
 368     STORE_OBJECT *object;
 369     X509 *x;
 370
 371     check_store(s, STORE_F_STORE_LIST_CERTIFICATE_NEXT,
 372                 list_object_next, STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
 373
 374     object = s->meth->list_object_next(s, handle);
 375     if (!object || !object->data.x509.certificate) {
 376         STOREerr(STORE_F_STORE_LIST_CERTIFICATE_NEXT,
 377                  STORE_R_FAILED_LISTING_CERTIFICATES);
 378         return 0;
 379     }
 380     X509_up_ref(object->data.x509.certificate);
 381 #ifdef REF_PRINT
 382     REF_PRINT("X509", data);
 383 #endif
 384     x = object->data.x509.certificate;
 385     STORE_OBJECT_free(object);
 386     return x;
 387 }
 388
 389 int STORE_list_certificate_end(STORE *s, void *handle)
 390 {
 391     check_store(s, STORE_F_STORE_LIST_CERTIFICATE_END,
 392                 list_object_end, STORE_R_NO_LIST_OBJECT_END_FUNCTION);
 393
 394     if (!s->meth->list_object_end(s, handle)) {
 395         STOREerr(STORE_F_STORE_LIST_CERTIFICATE_END,
 396                  STORE_R_FAILED_LISTING_CERTIFICATES);
 397         return 0;
 398     }
 399     return 1;
 400 }
 401
 402 int STORE_list_certificate_endp(STORE *s, void *handle)
 403 {
 404     check_store(s, STORE_F_STORE_LIST_CERTIFICATE_ENDP,
 405                 list_object_endp, STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
 406
 407     if (!s->meth->list_object_endp(s, handle)) {
 408         STOREerr(STORE_F_STORE_LIST_CERTIFICATE_ENDP,
 409                  STORE_R_FAILED_LISTING_CERTIFICATES);
 410         return 0;
 411     }
 412     return 1;
 413 }
 414
 415 EVP_PKEY *STORE_generate_key(STORE *s, OPENSSL_ITEM attributes[],
 416                              OPENSSL_ITEM parameters[])
 417 {
 418     STORE_OBJECT *object;
 419     EVP_PKEY *pkey;
 420
 421     check_store(s, STORE_F_STORE_GENERATE_KEY,
 422                 generate_object, STORE_R_NO_GENERATE_OBJECT_FUNCTION);
 423
 424     object = s->meth->generate_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
 425                                       attributes, parameters);
 426     if (!object || !object->data.key) {
 427         STOREerr(STORE_F_STORE_GENERATE_KEY, STORE_R_FAILED_GENERATING_KEY);
 428         return 0;
 429     }
 430     CRYPTO_add(&object->data.key->references, 1, CRYPTO_LOCK_EVP_PKEY);
 431 #ifdef REF_PRINT
 432     REF_PRINT("EVP_PKEY", data);
 433 #endif
 434     pkey = object->data.key;
 435     STORE_OBJECT_free(object);
 436     return pkey;
 437 }
 438
 439 EVP_PKEY *STORE_get_private_key(STORE *s, OPENSSL_ITEM attributes[],
 440                                 OPENSSL_ITEM parameters[])
 441 {
 442     STORE_OBJECT *object;
 443     EVP_PKEY *pkey;
 444
 445     check_store(s, STORE_F_STORE_GET_PRIVATE_KEY,
 446                 get_object, STORE_R_NO_GET_OBJECT_FUNCTION);
 447
 448     object = s->meth->get_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
 449                                  attributes, parameters);
 450     if (!object || !object->data.key || !object->data.key) {
 451         STOREerr(STORE_F_STORE_GET_PRIVATE_KEY, STORE_R_FAILED_GETTING_KEY);
 452         return 0;
 453     }
 454     CRYPTO_add(&object->data.key->references, 1, CRYPTO_LOCK_EVP_PKEY);
 455 #ifdef REF_PRINT
 456     REF_PRINT("EVP_PKEY", data);
 457 #endif
 458     pkey = object->data.key;
 459     STORE_OBJECT_free(object);
 460     return pkey;
 461 }
 462
 463 int STORE_store_private_key(STORE *s, EVP_PKEY *data,
 464                             OPENSSL_ITEM attributes[],
 465                             OPENSSL_ITEM parameters[])
 466 {
 467     STORE_OBJECT *object;
 468     int i;
 469
 470     check_store(s, STORE_F_STORE_STORE_PRIVATE_KEY,
 471                 store_object, STORE_R_NO_STORE_OBJECT_FUNCTION);
 472
 473     object = STORE_OBJECT_new();
 474     if (!object) {
 475         STOREerr(STORE_F_STORE_STORE_PRIVATE_KEY, ERR_R_MALLOC_FAILURE);
 476         return 0;
 477     }
 478     object->data.key = EVP_PKEY_new();
 479     if (!object->data.key) {
 480         STOREerr(STORE_F_STORE_STORE_PRIVATE_KEY, ERR_R_MALLOC_FAILURE);
 481         return 0;
 482     }
 483
 484     CRYPTO_add(&data->references, 1, CRYPTO_LOCK_EVP_PKEY);
 485 #ifdef REF_PRINT
 486     REF_PRINT("EVP_PKEY", data);
 487 #endif
 488     object->data.key = data;
 489
 490     i = s->meth->store_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY, object,
 491                               attributes, parameters);
 492
 493     STORE_OBJECT_free(object);
 494
 495     if (!i) {
 496         STOREerr(STORE_F_STORE_STORE_PRIVATE_KEY, STORE_R_FAILED_STORING_KEY);
 497         return 0;
 498     }
 499     return i;
 500 }
 501
 502 int STORE_modify_private_key(STORE *s, OPENSSL_ITEM search_attributes[],
 503                              OPENSSL_ITEM add_attributes[],
 504                              OPENSSL_ITEM modify_attributes[],
 505                              OPENSSL_ITEM delete_attributes[],
 506                              OPENSSL_ITEM parameters[])
 507 {
 508     check_store(s, STORE_F_STORE_MODIFY_PRIVATE_KEY,
 509                 modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION);
 510
 511     if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
 512                                 search_attributes, add_attributes,
 513                                 modify_attributes, delete_attributes,
 514                                 parameters)) {
 515         STOREerr(STORE_F_STORE_MODIFY_PRIVATE_KEY,
 516                  STORE_R_FAILED_MODIFYING_PRIVATE_KEY);
 517         return 0;
 518     }
 519     return 1;
 520 }
 521
 522 int STORE_revoke_private_key(STORE *s, OPENSSL_ITEM attributes[],
 523                              OPENSSL_ITEM parameters[])
 524 {
 525     int i;
 526
 527     check_store(s, STORE_F_STORE_REVOKE_PRIVATE_KEY,
 528                 revoke_object, STORE_R_NO_REVOKE_OBJECT_FUNCTION);
 529
 530     i = s->meth->revoke_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
 531                                attributes, parameters);
 532
 533     if (!i) {
 534         STOREerr(STORE_F_STORE_REVOKE_PRIVATE_KEY,
 535                  STORE_R_FAILED_REVOKING_KEY);
 536         return 0;
 537     }
 538     return i;
 539 }
 540
 541 int STORE_delete_private_key(STORE *s, OPENSSL_ITEM attributes[],
 542                              OPENSSL_ITEM parameters[])
 543 {
 544     check_store(s, STORE_F_STORE_DELETE_PRIVATE_KEY,
 545                 delete_object, STORE_R_NO_DELETE_OBJECT_FUNCTION);
 546
 547     if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
 548                                 attributes, parameters)) {
 549         STOREerr(STORE_F_STORE_DELETE_PRIVATE_KEY,
 550                  STORE_R_FAILED_DELETING_KEY);
 551         return 0;
 552     }
 553     return 1;
 554 }
 555
 556 void *STORE_list_private_key_start(STORE *s, OPENSSL_ITEM attributes[],
 557                                    OPENSSL_ITEM parameters[])
 558 {
 559     void *handle;
 560
 561     check_store(s, STORE_F_STORE_LIST_PRIVATE_KEY_START,
 562                 list_object_start, STORE_R_NO_LIST_OBJECT_START_FUNCTION);
 563
 564     handle = s->meth->list_object_start(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
 565                                         attributes, parameters);
 566     if (!handle) {
 567         STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_START,
 568                  STORE_R_FAILED_LISTING_KEYS);
 569         return 0;
 570     }
 571     return handle;
 572 }
 573
 574 EVP_PKEY *STORE_list_private_key_next(STORE *s, void *handle)
 575 {
 576     STORE_OBJECT *object;
 577     EVP_PKEY *pkey;
 578
 579     check_store(s, STORE_F_STORE_LIST_PRIVATE_KEY_NEXT,
 580                 list_object_next, STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
 581
 582     object = s->meth->list_object_next(s, handle);
 583     if (!object || !object->data.key || !object->data.key) {
 584         STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_NEXT,
 585                  STORE_R_FAILED_LISTING_KEYS);
 586         return 0;
 587     }
 588     CRYPTO_add(&object->data.key->references, 1, CRYPTO_LOCK_EVP_PKEY);
 589 #ifdef REF_PRINT
 590     REF_PRINT("EVP_PKEY", data);
 591 #endif
 592     pkey = object->data.key;
 593     STORE_OBJECT_free(object);
 594     return pkey;
 595 }
 596
 597 int STORE_list_private_key_end(STORE *s, void *handle)
 598 {
 599     check_store(s, STORE_F_STORE_LIST_PRIVATE_KEY_END,
 600                 list_object_end, STORE_R_NO_LIST_OBJECT_END_FUNCTION);
 601
 602     if (!s->meth->list_object_end(s, handle)) {
 603         STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_END,
 604                  STORE_R_FAILED_LISTING_KEYS);
 605         return 0;
 606     }
 607     return 1;
 608 }
 609
 610 int STORE_list_private_key_endp(STORE *s, void *handle)
 611 {
 612     check_store(s, STORE_F_STORE_LIST_PRIVATE_KEY_ENDP,
 613                 list_object_endp, STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
 614
 615     if (!s->meth->list_object_endp(s, handle)) {
 616         STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_ENDP,
 617                  STORE_R_FAILED_LISTING_KEYS);
 618         return 0;
 619     }
 620     return 1;
 621 }
 622
 623 EVP_PKEY *STORE_get_public_key(STORE *s, OPENSSL_ITEM attributes[],
 624                                OPENSSL_ITEM parameters[])
 625 {
 626     STORE_OBJECT *object;
 627     EVP_PKEY *pkey;
 628
 629     check_store(s, STORE_F_STORE_GET_PUBLIC_KEY,
 630                 get_object, STORE_R_NO_GET_OBJECT_FUNCTION);
 631
 632     object = s->meth->get_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
 633                                  attributes, parameters);
 634     if (!object || !object->data.key || !object->data.key) {
 635         STOREerr(STORE_F_STORE_GET_PUBLIC_KEY, STORE_R_FAILED_GETTING_KEY);
 636         return 0;
 637     }
 638     CRYPTO_add(&object->data.key->references, 1, CRYPTO_LOCK_EVP_PKEY);
 639 #ifdef REF_PRINT
 640     REF_PRINT("EVP_PKEY", data);
 641 #endif
 642     pkey = object->data.key;
 643     STORE_OBJECT_free(object);
 644     return pkey;
 645 }
 646
 647 int STORE_store_public_key(STORE *s, EVP_PKEY *data,
 648                            OPENSSL_ITEM attributes[],
 649                            OPENSSL_ITEM parameters[])
 650 {
 651     STORE_OBJECT *object;
 652     int i;
 653
 654     check_store(s, STORE_F_STORE_STORE_PUBLIC_KEY,
 655                 store_object, STORE_R_NO_STORE_OBJECT_FUNCTION);
 656
 657     object = STORE_OBJECT_new();
 658     if (!object) {
 659         STOREerr(STORE_F_STORE_STORE_PUBLIC_KEY, ERR_R_MALLOC_FAILURE);
 660         return 0;
 661     }
 662     object->data.key = EVP_PKEY_new();
 663     if (!object->data.key) {
 664         STOREerr(STORE_F_STORE_STORE_PUBLIC_KEY, ERR_R_MALLOC_FAILURE);
 665         return 0;
 666     }
 667
 668     CRYPTO_add(&data->references, 1, CRYPTO_LOCK_EVP_PKEY);
 669 #ifdef REF_PRINT
 670     REF_PRINT("EVP_PKEY", data);
 671 #endif
 672     object->data.key = data;
 673
 674     i = s->meth->store_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY, object,
 675                               attributes, parameters);
 676
 677     STORE_OBJECT_free(object);
 678
 679     if (!i) {
 680         STOREerr(STORE_F_STORE_STORE_PUBLIC_KEY, STORE_R_FAILED_STORING_KEY);
 681         return 0;
 682     }
 683     return i;
 684 }
 685
 686 int STORE_modify_public_key(STORE *s, OPENSSL_ITEM search_attributes[],
 687                             OPENSSL_ITEM add_attributes[],
 688                             OPENSSL_ITEM modify_attributes[],
 689                             OPENSSL_ITEM delete_attributes[],
 690                             OPENSSL_ITEM parameters[])
 691 {
 692     check_store(s, STORE_F_STORE_MODIFY_PUBLIC_KEY,
 693                 modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION);
 694
 695     if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
 696                                 search_attributes, add_attributes,
 697                                 modify_attributes, delete_attributes,
 698                                 parameters)) {
 699         STOREerr(STORE_F_STORE_MODIFY_PUBLIC_KEY,
 700                  STORE_R_FAILED_MODIFYING_PUBLIC_KEY);
 701         return 0;
 702     }
 703     return 1;
 704 }
 705
 706 int STORE_revoke_public_key(STORE *s, OPENSSL_ITEM attributes[],
 707                             OPENSSL_ITEM parameters[])
 708 {
 709     int i;
 710
 711     check_store(s, STORE_F_STORE_REVOKE_PUBLIC_KEY,
 712                 revoke_object, STORE_R_NO_REVOKE_OBJECT_FUNCTION);
 713
 714     i = s->meth->revoke_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
 715                                attributes, parameters);
 716
 717     if (!i) {
 718         STOREerr(STORE_F_STORE_REVOKE_PUBLIC_KEY,
 719                  STORE_R_FAILED_REVOKING_KEY);
 720         return 0;
 721     }
 722     return i;
 723 }
 724
 725 int STORE_delete_public_key(STORE *s, OPENSSL_ITEM attributes[],
 726                             OPENSSL_ITEM parameters[])
 727 {
 728     check_store(s, STORE_F_STORE_DELETE_PUBLIC_KEY,
 729                 delete_object, STORE_R_NO_DELETE_OBJECT_FUNCTION);
 730
 731     if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
 732                                 attributes, parameters)) {
 733         STOREerr(STORE_F_STORE_DELETE_PUBLIC_KEY,
 734                  STORE_R_FAILED_DELETING_KEY);
 735         return 0;
 736     }
 737     return 1;
 738 }
 739
 740 void *STORE_list_public_key_start(STORE *s, OPENSSL_ITEM attributes[],
 741                                   OPENSSL_ITEM parameters[])
 742 {
 743     void *handle;
 744
 745     check_store(s, STORE_F_STORE_LIST_PUBLIC_KEY_START,
 746                 list_object_start, STORE_R_NO_LIST_OBJECT_START_FUNCTION);
 747
 748     handle = s->meth->list_object_start(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
 749                                         attributes, parameters);
 750     if (!handle) {
 751         STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_START,
 752                  STORE_R_FAILED_LISTING_KEYS);
 753         return 0;
 754     }
 755     return handle;
 756 }
 757
 758 EVP_PKEY *STORE_list_public_key_next(STORE *s, void *handle)
 759 {
 760     STORE_OBJECT *object;
 761     EVP_PKEY *pkey;
 762
 763     check_store(s, STORE_F_STORE_LIST_PUBLIC_KEY_NEXT,
 764                 list_object_next, STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
 765
 766     object = s->meth->list_object_next(s, handle);
 767     if (!object || !object->data.key || !object->data.key) {
 768         STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_NEXT,
 769                  STORE_R_FAILED_LISTING_KEYS);
 770         return 0;
 771     }
 772     CRYPTO_add(&object->data.key->references, 1, CRYPTO_LOCK_EVP_PKEY);
 773 #ifdef REF_PRINT
 774     REF_PRINT("EVP_PKEY", data);
 775 #endif
 776     pkey = object->data.key;
 777     STORE_OBJECT_free(object);
 778     return pkey;
 779 }
 780
 781 int STORE_list_public_key_end(STORE *s, void *handle)
 782 {
 783     check_store(s, STORE_F_STORE_LIST_PUBLIC_KEY_END,
 784                 list_object_end, STORE_R_NO_LIST_OBJECT_END_FUNCTION);
 785
 786     if (!s->meth->list_object_end(s, handle)) {
 787         STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_END,
 788                  STORE_R_FAILED_LISTING_KEYS);
 789         return 0;
 790     }
 791     return 1;
 792 }
 793
 794 int STORE_list_public_key_endp(STORE *s, void *handle)
 795 {
 796     check_store(s, STORE_F_STORE_LIST_PUBLIC_KEY_ENDP,
 797                 list_object_endp, STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
 798
 799     if (!s->meth->list_object_endp(s, handle)) {
 800         STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_ENDP,
 801                  STORE_R_FAILED_LISTING_KEYS);
 802         return 0;
 803     }
 804     return 1;
 805 }
 806
 807 X509_CRL *STORE_generate_crl(STORE *s, OPENSSL_ITEM attributes[],
 808                              OPENSSL_ITEM parameters[])
 809 {
 810     STORE_OBJECT *object;
 811     X509_CRL *crl;
 812
 813     check_store(s, STORE_F_STORE_GENERATE_CRL,
 814                 generate_object, STORE_R_NO_GENERATE_CRL_FUNCTION);
 815
 816     object = s->meth->generate_object(s, STORE_OBJECT_TYPE_X509_CRL,
 817                                       attributes, parameters);
 818     if (!object || !object->data.crl) {
 819         STOREerr(STORE_F_STORE_GENERATE_CRL, STORE_R_FAILED_GENERATING_CRL);
 820         return 0;
 821     }
 822     X509_CRL_up_ref(object->data.crl);
 823 #ifdef REF_PRINT
 824     REF_PRINT("X509_CRL", data);
 825 #endif
 826     crl = object->data.crl;
 827     STORE_OBJECT_free(object);
 828     return crl;
 829 }
 830
 831 X509_CRL *STORE_get_crl(STORE *s, OPENSSL_ITEM attributes[],
 832                         OPENSSL_ITEM parameters[])
 833 {
 834     STORE_OBJECT *object;
 835     X509_CRL *crl;
 836
 837     check_store(s, STORE_F_STORE_GET_CRL,
 838                 get_object, STORE_R_NO_GET_OBJECT_FUNCTION);
 839
 840     object = s->meth->get_object(s, STORE_OBJECT_TYPE_X509_CRL,
 841                                  attributes, parameters);
 842     if (!object || !object->data.crl) {
 843         STOREerr(STORE_F_STORE_GET_CRL, STORE_R_FAILED_GETTING_KEY);
 844         return 0;
 845     }
 846     X509_CRL_up_ref(object->data.crl);
 847 #ifdef REF_PRINT
 848     REF_PRINT("X509_CRL", data);
 849 #endif
 850     crl = object->data.crl;
 851     STORE_OBJECT_free(object);
 852     return crl;
 853 }
 854
 855 int STORE_store_crl(STORE *s, X509_CRL *data, OPENSSL_ITEM attributes[],
 856                     OPENSSL_ITEM parameters[])
 857 {
 858     STORE_OBJECT *object;
 859     int i;
 860
 861     check_store(s, STORE_F_STORE_STORE_CRL,
 862                 store_object, STORE_R_NO_STORE_OBJECT_FUNCTION);
 863
 864     object = STORE_OBJECT_new();
 865     if (!object) {
 866         STOREerr(STORE_F_STORE_STORE_CRL, ERR_R_MALLOC_FAILURE);
 867         return 0;
 868     }
 869
 870     X509_CRL_up_ref(data);
 871 #ifdef REF_PRINT
 872     REF_PRINT("X509_CRL", data);
 873 #endif
 874     object->data.crl = data;
 875
 876     i = s->meth->store_object(s, STORE_OBJECT_TYPE_X509_CRL, object,
 877                               attributes, parameters);
 878
 879     STORE_OBJECT_free(object);
 880
 881     if (!i) {
 882         STOREerr(STORE_F_STORE_STORE_CRL, STORE_R_FAILED_STORING_KEY);
 883         return 0;
 884     }
 885     return i;
 886 }
 887
 888 int STORE_modify_crl(STORE *s, OPENSSL_ITEM search_attributes[],
 889                      OPENSSL_ITEM add_attributes[],
 890                      OPENSSL_ITEM modify_attributes[],
 891                      OPENSSL_ITEM delete_attributes[],
 892                      OPENSSL_ITEM parameters[])
 893 {
 894     check_store(s, STORE_F_STORE_MODIFY_CRL,
 895                 modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION);
 896
 897     if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_X509_CRL,
 898                                 search_attributes, add_attributes,
 899                                 modify_attributes, delete_attributes,
 900                                 parameters)) {
 901         STOREerr(STORE_F_STORE_MODIFY_CRL, STORE_R_FAILED_MODIFYING_CRL);
 902         return 0;
 903     }
 904     return 1;
 905 }
 906
 907 int STORE_delete_crl(STORE *s, OPENSSL_ITEM attributes[],
 908                      OPENSSL_ITEM parameters[])
 909 {
 910     check_store(s, STORE_F_STORE_DELETE_CRL,
 911                 delete_object, STORE_R_NO_DELETE_OBJECT_FUNCTION);
 912
 913     if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_X509_CRL,
 914                                 attributes, parameters)) {
 915         STOREerr(STORE_F_STORE_DELETE_CRL, STORE_R_FAILED_DELETING_KEY);
 916         return 0;
 917     }
 918     return 1;
 919 }
 920
 921 void *STORE_list_crl_start(STORE *s, OPENSSL_ITEM attributes[],
 922                            OPENSSL_ITEM parameters[])
 923 {
 924     void *handle;
 925
 926     check_store(s, STORE_F_STORE_LIST_CRL_START,
 927                 list_object_start, STORE_R_NO_LIST_OBJECT_START_FUNCTION);
 928
 929     handle = s->meth->list_object_start(s, STORE_OBJECT_TYPE_X509_CRL,
 930                                         attributes, parameters);
 931     if (!handle) {
 932         STOREerr(STORE_F_STORE_LIST_CRL_START, STORE_R_FAILED_LISTING_KEYS);
 933         return 0;
 934     }
 935     return handle;
 936 }
 937
 938 X509_CRL *STORE_list_crl_next(STORE *s, void *handle)
 939 {
 940     STORE_OBJECT *object;
 941     X509_CRL *crl;
 942
 943     check_store(s, STORE_F_STORE_LIST_CRL_NEXT,
 944                 list_object_next, STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
 945
 946     object = s->meth->list_object_next(s, handle);
 947     if (!object || !object->data.crl) {
 948         STOREerr(STORE_F_STORE_LIST_CRL_NEXT, STORE_R_FAILED_LISTING_KEYS);
 949         return 0;
 950     }
 951     X509_CRL_up_ref(object->data.crl);
 952 #ifdef REF_PRINT
 953     REF_PRINT("X509_CRL", data);
 954 #endif
 955     crl = object->data.crl;
 956     STORE_OBJECT_free(object);
 957     return crl;
 958 }
 959
 960 int STORE_list_crl_end(STORE *s, void *handle)
 961 {
 962     check_store(s, STORE_F_STORE_LIST_CRL_END,
 963                 list_object_end, STORE_R_NO_LIST_OBJECT_END_FUNCTION);
 964
 965     if (!s->meth->list_object_end(s, handle)) {
 966         STOREerr(STORE_F_STORE_LIST_CRL_END, STORE_R_FAILED_LISTING_KEYS);
 967         return 0;
 968     }
 969     return 1;
 970 }
 971
 972 int STORE_list_crl_endp(STORE *s, void *handle)
 973 {
 974     check_store(s, STORE_F_STORE_LIST_CRL_ENDP,
 975                 list_object_endp, STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
 976
 977     if (!s->meth->list_object_endp(s, handle)) {
 978         STOREerr(STORE_F_STORE_LIST_CRL_ENDP, STORE_R_FAILED_LISTING_KEYS);
 979         return 0;
 980     }
 981     return 1;
 982 }
 983
 984 int STORE_store_number(STORE *s, BIGNUM *data, OPENSSL_ITEM attributes[],
 985                        OPENSSL_ITEM parameters[])
 986 {
 987     STORE_OBJECT *object;
 988     int i;
 989
 990     check_store(s, STORE_F_STORE_STORE_NUMBER,
 991                 store_object, STORE_R_NO_STORE_OBJECT_NUMBER_FUNCTION);
 992
 993     object = STORE_OBJECT_new();
 994     if (!object) {
 995         STOREerr(STORE_F_STORE_STORE_NUMBER, ERR_R_MALLOC_FAILURE);
 996         return 0;
 997     }
 998
 999     object->data.number = data;
1000
1001     i = s->meth->store_object(s, STORE_OBJECT_TYPE_NUMBER, object,
1002                               attributes, parameters);
1003
1004     STORE_OBJECT_free(object);
1005
1006     if (!i) {
1007         STOREerr(STORE_F_STORE_STORE_NUMBER, STORE_R_FAILED_STORING_NUMBER);
1008         return 0;
1009     }
1010     return 1;
1011 }
1012
1013 int STORE_modify_number(STORE *s, OPENSSL_ITEM search_attributes[],
1014                         OPENSSL_ITEM add_attributes[],
1015                         OPENSSL_ITEM modify_attributes[],
1016                         OPENSSL_ITEM delete_attributes[],
1017                         OPENSSL_ITEM parameters[])
1018 {
1019     check_store(s, STORE_F_STORE_MODIFY_NUMBER,
1020                 modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION);
1021
1022     if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_NUMBER,
1023                                 search_attributes, add_attributes,
1024                                 modify_attributes, delete_attributes,
1025                                 parameters)) {
1026         STOREerr(STORE_F_STORE_MODIFY_NUMBER,
1027                  STORE_R_FAILED_MODIFYING_NUMBER);
1028         return 0;
1029     }
1030     return 1;
1031 }
1032
1033 BIGNUM *STORE_get_number(STORE *s, OPENSSL_ITEM attributes[],
1034                          OPENSSL_ITEM parameters[])
1035 {
1036     STORE_OBJECT *object;
1037     BIGNUM *n;
1038
1039     check_store(s, STORE_F_STORE_GET_NUMBER,
1040                 get_object, STORE_R_NO_GET_OBJECT_NUMBER_FUNCTION);
1041
1042     object = s->meth->get_object(s, STORE_OBJECT_TYPE_NUMBER, attributes,
1043                                  parameters);
1044     if (!object || !object->data.number) {
1045         STOREerr(STORE_F_STORE_GET_NUMBER, STORE_R_FAILED_GETTING_NUMBER);
1046         return 0;
1047     }
1048     n = object->data.number;
1049     object->data.number = NULL;
1050     STORE_OBJECT_free(object);
1051     return n;
1052 }
1053
1054 int STORE_delete_number(STORE *s, OPENSSL_ITEM attributes[],
1055                         OPENSSL_ITEM parameters[])
1056 {
1057     check_store(s, STORE_F_STORE_DELETE_NUMBER,
1058                 delete_object, STORE_R_NO_DELETE_NUMBER_FUNCTION);
1059
1060     if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_NUMBER, attributes,
1061                                 parameters)) {
1062         STOREerr(STORE_F_STORE_DELETE_NUMBER, STORE_R_FAILED_DELETING_NUMBER);
1063         return 0;
1064     }
1065     return 1;
1066 }
1067
1068 int STORE_store_arbitrary(STORE *s, BUF_MEM *data, OPENSSL_ITEM attributes[],
1069                           OPENSSL_ITEM parameters[])
1070 {
1071     STORE_OBJECT *object;
1072     int i;
1073
1074     check_store(s, STORE_F_STORE_STORE_ARBITRARY,
1075                 store_object, STORE_R_NO_STORE_OBJECT_ARBITRARY_FUNCTION);
1076
1077     object = STORE_OBJECT_new();
1078     if (!object) {
1079         STOREerr(STORE_F_STORE_STORE_ARBITRARY, ERR_R_MALLOC_FAILURE);
1080         return 0;
1081     }
1082
1083     object->data.arbitrary = data;
1084
1085     i = s->meth->store_object(s, STORE_OBJECT_TYPE_ARBITRARY, object,
1086                               attributes, parameters);
1087
1088     STORE_OBJECT_free(object);
1089
1090     if (!i) {
1091         STOREerr(STORE_F_STORE_STORE_ARBITRARY,
1092                  STORE_R_FAILED_STORING_ARBITRARY);
1093         return 0;
1094     }
1095     return 1;
1096 }
1097
1098 int STORE_modify_arbitrary(STORE *s, OPENSSL_ITEM search_attributes[],
1099                            OPENSSL_ITEM add_attributes[],
1100                            OPENSSL_ITEM modify_attributes[],
1101                            OPENSSL_ITEM delete_attributes[],
1102                            OPENSSL_ITEM parameters[])
1103 {
1104     check_store(s, STORE_F_STORE_MODIFY_ARBITRARY,
1105                 modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION);
1106
1107     if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_ARBITRARY,
1108                                 search_attributes, add_attributes,
1109                                 modify_attributes, delete_attributes,
1110                                 parameters)) {
1111         STOREerr(STORE_F_STORE_MODIFY_ARBITRARY,
1112                  STORE_R_FAILED_MODIFYING_ARBITRARY);
1113         return 0;
1114     }
1115     return 1;
1116 }
1117
1118 BUF_MEM *STORE_get_arbitrary(STORE *s, OPENSSL_ITEM attributes[],
1119                              OPENSSL_ITEM parameters[])
1120 {
1121     STORE_OBJECT *object;
1122     BUF_MEM *b;
1123
1124     check_store(s, STORE_F_STORE_GET_ARBITRARY,
1125                 get_object, STORE_R_NO_GET_OBJECT_ARBITRARY_FUNCTION);
1126
1127     object = s->meth->get_object(s, STORE_OBJECT_TYPE_ARBITRARY,
1128                                  attributes, parameters);
1129     if (!object || !object->data.arbitrary) {
1130         STOREerr(STORE_F_STORE_GET_ARBITRARY,
1131                  STORE_R_FAILED_GETTING_ARBITRARY);
1132         return 0;
1133     }
1134     b = object->data.arbitrary;
1135     object->data.arbitrary = NULL;
1136     STORE_OBJECT_free(object);
1137     return b;
1138 }
1139
1140 int STORE_delete_arbitrary(STORE *s, OPENSSL_ITEM attributes[],
1141                            OPENSSL_ITEM parameters[])
1142 {
1143     check_store(s, STORE_F_STORE_DELETE_ARBITRARY,
1144                 delete_object, STORE_R_NO_DELETE_ARBITRARY_FUNCTION);
1145
1146     if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_ARBITRARY, attributes,
1147                                 parameters)) {
1148         STOREerr(STORE_F_STORE_DELETE_ARBITRARY,
1149                  STORE_R_FAILED_DELETING_ARBITRARY);
1150         return 0;
1151     }
1152     return 1;
1153 }
1154
1155 STORE_OBJECT *STORE_OBJECT_new(void)
1156 {
1157     STORE_OBJECT *object = OPENSSL_malloc(sizeof(*object));
1158     if (object)
1159         memset(object, 0, sizeof(*object));
1160     return object;
1161 }
1162
1163 void STORE_OBJECT_free(STORE_OBJECT *data)
1164 {
1165     if (!data)
1166         return;
1167     switch (data->type) {
1168     case STORE_OBJECT_TYPE_X509_CERTIFICATE:
1169         X509_free(data->data.x509.certificate);
1170         break;
1171     case STORE_OBJECT_TYPE_X509_CRL:
1172         X509_CRL_free(data->data.crl);
1173         break;
1174     case STORE_OBJECT_TYPE_PRIVATE_KEY:
1175     case STORE_OBJECT_TYPE_PUBLIC_KEY:
1176         EVP_PKEY_free(data->data.key);
1177         break;
1178     case STORE_OBJECT_TYPE_NUMBER:
1179         BN_free(data->data.number);
1180         break;
1181     case STORE_OBJECT_TYPE_ARBITRARY:
1182         BUF_MEM_free(data->data.arbitrary);
1183         break;
1184     }
1185     OPENSSL_free(data);
1186 }
1187
1188 struct STORE_attr_info_st {
1189     unsigned char set[(STORE_ATTR_TYPE_NUM + 8) / 8];
1190     union {
1191         char *cstring;
1192         unsigned char *sha1string;
1193         X509_NAME *dn;
1194         BIGNUM *number;
1195         void *any;
1196     } values[STORE_ATTR_TYPE_NUM + 1];
1197     size_t value_sizes[STORE_ATTR_TYPE_NUM + 1];
1198 };
1199
1200 #define ATTR_IS_SET(a,i)        ((i) > 0 && (i) < STORE_ATTR_TYPE_NUM \
1201                                 && ((a)->set[(i) / 8] & (1 << ((i) % 8))))
1202 #define SET_ATTRBIT(a,i)        ((a)->set[(i) / 8] |= (1 << ((i) % 8)))
1203 #define CLEAR_ATTRBIT(a,i)      ((a)->set[(i) / 8] &= ~(1 << ((i) % 8)))
1204
1205 STORE_ATTR_INFO *STORE_ATTR_INFO_new(void)
1206 {
1207     STORE_ATTR_INFO *p = OPENSSL_malloc(sizeof(*p));
1208
1209     return p;
1210 }
1211
1212 static void STORE_ATTR_INFO_attr_free(STORE_ATTR_INFO *attrs,
1213                                       STORE_ATTR_TYPES code)
1214 {
1215     if (ATTR_IS_SET(attrs, code)) {
1216         switch (code) {
1217         case STORE_ATTR_FRIENDLYNAME:
1218         case STORE_ATTR_EMAIL:
1219         case STORE_ATTR_FILENAME:
1220             STORE_ATTR_INFO_modify_cstr(attrs, code, NULL, 0);
1221             break;
1222         case STORE_ATTR_KEYID:
1223         case STORE_ATTR_ISSUERKEYID:
1224         case STORE_ATTR_SUBJECTKEYID:
1225         case STORE_ATTR_ISSUERSERIALHASH:
1226         case STORE_ATTR_CERTHASH:
1227             STORE_ATTR_INFO_modify_sha1str(attrs, code, NULL, 0);
1228             break;
1229         case STORE_ATTR_ISSUER:
1230         case STORE_ATTR_SUBJECT:
1231             STORE_ATTR_INFO_modify_dn(attrs, code, NULL);
1232             break;
1233         case STORE_ATTR_SERIAL:
1234             STORE_ATTR_INFO_modify_number(attrs, code, NULL);
1235             break;
1236         default:
1237             break;
1238         }
1239     }
1240 }
1241
1242 int STORE_ATTR_INFO_free(STORE_ATTR_INFO *attrs)
1243 {
1244     if (attrs) {
1245         STORE_ATTR_TYPES i;
1246         for (i = 0; i++ < STORE_ATTR_TYPE_NUM;)
1247             STORE_ATTR_INFO_attr_free(attrs, i);
1248         OPENSSL_free(attrs);
1249     }
1250     return 1;
1251 }
1252
1253 char *STORE_ATTR_INFO_get0_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code)
1254 {
1255     if (!attrs) {
1256         STOREerr(STORE_F_STORE_ATTR_INFO_GET0_CSTR,
1257                  ERR_R_PASSED_NULL_PARAMETER);
1258         return NULL;
1259     }
1260     if (ATTR_IS_SET(attrs, code))
1261         return attrs->values[code].cstring;
1262     STOREerr(STORE_F_STORE_ATTR_INFO_GET0_CSTR, STORE_R_NO_VALUE);
1263     return NULL;
1264 }
1265
1266 unsigned char *STORE_ATTR_INFO_get0_sha1str(STORE_ATTR_INFO *attrs,
1267                                             STORE_ATTR_TYPES code)
1268 {
1269     if (!attrs) {
1270         STOREerr(STORE_F_STORE_ATTR_INFO_GET0_SHA1STR,
1271                  ERR_R_PASSED_NULL_PARAMETER);
1272         return NULL;
1273     }
1274     if (ATTR_IS_SET(attrs, code))
1275         return attrs->values[code].sha1string;
1276     STOREerr(STORE_F_STORE_ATTR_INFO_GET0_SHA1STR, STORE_R_NO_VALUE);
1277     return NULL;
1278 }
1279
1280 X509_NAME *STORE_ATTR_INFO_get0_dn(STORE_ATTR_INFO *attrs,
1281                                    STORE_ATTR_TYPES code)
1282 {
1283     if (!attrs) {
1284         STOREerr(STORE_F_STORE_ATTR_INFO_GET0_DN,
1285                  ERR_R_PASSED_NULL_PARAMETER);
1286         return NULL;
1287     }
1288     if (ATTR_IS_SET(attrs, code))
1289         return attrs->values[code].dn;
1290     STOREerr(STORE_F_STORE_ATTR_INFO_GET0_DN, STORE_R_NO_VALUE);
1291     return NULL;
1292 }
1293
1294 BIGNUM *STORE_ATTR_INFO_get0_number(STORE_ATTR_INFO *attrs,
1295                                     STORE_ATTR_TYPES code)
1296 {
1297     if (!attrs) {
1298         STOREerr(STORE_F_STORE_ATTR_INFO_GET0_NUMBER,
1299                  ERR_R_PASSED_NULL_PARAMETER);
1300         return NULL;
1301     }
1302     if (ATTR_IS_SET(attrs, code))
1303         return attrs->values[code].number;
1304     STOREerr(STORE_F_STORE_ATTR_INFO_GET0_NUMBER, STORE_R_NO_VALUE);
1305     return NULL;
1306 }
1307
1308 int STORE_ATTR_INFO_set_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1309                              char *cstr, size_t cstr_size)
1310 {
1311     if (!attrs) {
1312         STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR,
1313                  ERR_R_PASSED_NULL_PARAMETER);
1314         return 0;
1315     }
1316     if (!ATTR_IS_SET(attrs, code)) {
1317         if ((attrs->values[code].cstring = BUF_strndup(cstr, cstr_size)))
1318             return 1;
1319         STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR, ERR_R_MALLOC_FAILURE);
1320         return 0;
1321     }
1322     STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR, STORE_R_ALREADY_HAS_A_VALUE);
1323     return 0;
1324 }
1325
1326 int STORE_ATTR_INFO_set_sha1str(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1327                                 unsigned char *sha1str, size_t sha1str_size)
1328 {
1329     if (!attrs) {
1330         STOREerr(STORE_F_STORE_ATTR_INFO_SET_SHA1STR,
1331                  ERR_R_PASSED_NULL_PARAMETER);
1332         return 0;
1333     }
1334     if (!ATTR_IS_SET(attrs, code)) {
1335         if ((attrs->values[code].sha1string =
1336              (unsigned char *)BUF_memdup(sha1str, sha1str_size)))
1337             return 1;
1338         STOREerr(STORE_F_STORE_ATTR_INFO_SET_SHA1STR, ERR_R_MALLOC_FAILURE);
1339         return 0;
1340     }
1341     STOREerr(STORE_F_STORE_ATTR_INFO_SET_SHA1STR,
1342              STORE_R_ALREADY_HAS_A_VALUE);
1343     return 0;
1344 }
1345
1346 int STORE_ATTR_INFO_set_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1347                            X509_NAME *dn)
1348 {
1349     if (!attrs) {
1350         STOREerr(STORE_F_STORE_ATTR_INFO_SET_DN, ERR_R_PASSED_NULL_PARAMETER);
1351         return 0;
1352     }
1353     if (!ATTR_IS_SET(attrs, code)) {
1354         if ((attrs->values[code].dn = X509_NAME_dup(dn)))
1355             return 1;
1356         STOREerr(STORE_F_STORE_ATTR_INFO_SET_DN, ERR_R_MALLOC_FAILURE);
1357         return 0;
1358     }
1359     STOREerr(STORE_F_STORE_ATTR_INFO_SET_DN, STORE_R_ALREADY_HAS_A_VALUE);
1360     return 0;
1361 }
1362
1363 int STORE_ATTR_INFO_set_number(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1364                                BIGNUM *number)
1365 {
1366     if (!attrs) {
1367         STOREerr(STORE_F_STORE_ATTR_INFO_SET_NUMBER,
1368                  ERR_R_PASSED_NULL_PARAMETER);
1369         return 0;
1370     }
1371     if (!ATTR_IS_SET(attrs, code)) {
1372         if ((attrs->values[code].number = BN_dup(number)))
1373             return 1;
1374         STOREerr(STORE_F_STORE_ATTR_INFO_SET_NUMBER, ERR_R_MALLOC_FAILURE);
1375         return 0;
1376     }
1377     STOREerr(STORE_F_STORE_ATTR_INFO_SET_NUMBER, STORE_R_ALREADY_HAS_A_VALUE);
1378     return 0;
1379 }
1380
1381 int STORE_ATTR_INFO_modify_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1382                                 char *cstr, size_t cstr_size)
1383 {
1384     if (!attrs) {
1385         STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_CSTR,
1386                  ERR_R_PASSED_NULL_PARAMETER);
1387         return 0;
1388     }
1389     if (ATTR_IS_SET(attrs, code)) {
1390         OPENSSL_free(attrs->values[code].cstring);
1391         attrs->values[code].cstring = NULL;
1392         CLEAR_ATTRBIT(attrs, code);
1393     }
1394     return STORE_ATTR_INFO_set_cstr(attrs, code, cstr, cstr_size);
1395 }
1396
1397 int STORE_ATTR_INFO_modify_sha1str(STORE_ATTR_INFO *attrs,
1398                                    STORE_ATTR_TYPES code,
1399                                    unsigned char *sha1str,
1400                                    size_t sha1str_size)
1401 {
1402     if (!attrs) {
1403         STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_SHA1STR,
1404                  ERR_R_PASSED_NULL_PARAMETER);
1405         return 0;
1406     }
1407     if (ATTR_IS_SET(attrs, code)) {
1408         OPENSSL_free(attrs->values[code].sha1string);
1409         attrs->values[code].sha1string = NULL;
1410         CLEAR_ATTRBIT(attrs, code);
1411     }
1412     return STORE_ATTR_INFO_set_sha1str(attrs, code, sha1str, sha1str_size);
1413 }
1414
1415 int STORE_ATTR_INFO_modify_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1416                               X509_NAME *dn)
1417 {
1418     if (!attrs) {
1419         STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_DN,
1420                  ERR_R_PASSED_NULL_PARAMETER);
1421         return 0;
1422     }
1423     if (ATTR_IS_SET(attrs, code)) {
1424         OPENSSL_free(attrs->values[code].dn);
1425         attrs->values[code].dn = NULL;
1426         CLEAR_ATTRBIT(attrs, code);
1427     }
1428     return STORE_ATTR_INFO_set_dn(attrs, code, dn);
1429 }
1430
1431 int STORE_ATTR_INFO_modify_number(STORE_ATTR_INFO *attrs,
1432                                   STORE_ATTR_TYPES code, BIGNUM *number)
1433 {
1434     if (!attrs) {
1435         STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_NUMBER,
1436                  ERR_R_PASSED_NULL_PARAMETER);
1437         return 0;
1438     }
1439     if (ATTR_IS_SET(attrs, code)) {
1440         OPENSSL_free(attrs->values[code].number);
1441         attrs->values[code].number = NULL;
1442         CLEAR_ATTRBIT(attrs, code);
1443     }
1444     return STORE_ATTR_INFO_set_number(attrs, code, number);
1445 }
1446
1447 struct attr_list_ctx_st {
1448     OPENSSL_ITEM *attributes;
1449 };
1450 void *STORE_parse_attrs_start(OPENSSL_ITEM *attributes)
1451 {
1452     if (attributes) {
1453         struct attr_list_ctx_st *context = OPENSSL_malloc(sizeof(*context));
1454         if (context)
1455             context->attributes = attributes;
1456         else
1457             STOREerr(STORE_F_STORE_PARSE_ATTRS_START, ERR_R_MALLOC_FAILURE);
1458         return context;
1459     }
1460     STOREerr(STORE_F_STORE_PARSE_ATTRS_START, ERR_R_PASSED_NULL_PARAMETER);
1461     return 0;
1462 }
1463
1464 STORE_ATTR_INFO *STORE_parse_attrs_next(void *handle)
1465 {
1466     struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)handle;
1467
1468     if (context && context->attributes) {
1469         STORE_ATTR_INFO *attrs = NULL;
1470
1471         while (context->attributes
1472                && context->attributes->code != STORE_ATTR_OR
1473                && context->attributes->code != STORE_ATTR_END) {
1474             switch (context->attributes->code) {
1475             case STORE_ATTR_FRIENDLYNAME:
1476             case STORE_ATTR_EMAIL:
1477             case STORE_ATTR_FILENAME:
1478                 if (!attrs)
1479                     attrs = STORE_ATTR_INFO_new();
1480                 if (attrs == NULL) {
1481                     STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
1482                              ERR_R_MALLOC_FAILURE);
1483                     goto err;
1484                 }
1485                 STORE_ATTR_INFO_set_cstr(attrs,
1486                                          context->attributes->code,
1487                                          context->attributes->value,
1488                                          context->attributes->value_size);
1489                 break;
1490             case STORE_ATTR_KEYID:
1491             case STORE_ATTR_ISSUERKEYID:
1492             case STORE_ATTR_SUBJECTKEYID:
1493             case STORE_ATTR_ISSUERSERIALHASH:
1494             case STORE_ATTR_CERTHASH:
1495                 if (!attrs)
1496                     attrs = STORE_ATTR_INFO_new();
1497                 if (attrs == NULL) {
1498                     STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
1499                              ERR_R_MALLOC_FAILURE);
1500                     goto err;
1501                 }
1502                 STORE_ATTR_INFO_set_sha1str(attrs,
1503                                             context->attributes->code,
1504                                             context->attributes->value,
1505                                             context->attributes->value_size);
1506                 break;
1507             case STORE_ATTR_ISSUER:
1508             case STORE_ATTR_SUBJECT:
1509                 if (!attrs)
1510                     attrs = STORE_ATTR_INFO_new();
1511                 if (attrs == NULL) {
1512                     STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
1513                              ERR_R_MALLOC_FAILURE);
1514                     goto err;
1515                 }
1516                 STORE_ATTR_INFO_modify_dn(attrs,
1517                                           context->attributes->code,
1518                                           context->attributes->value);
1519                 break;
1520             case STORE_ATTR_SERIAL:
1521                 if (!attrs)
1522                     attrs = STORE_ATTR_INFO_new();
1523                 if (attrs == NULL) {
1524                     STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
1525                              ERR_R_MALLOC_FAILURE);
1526                     goto err;
1527                 }
1528                 STORE_ATTR_INFO_modify_number(attrs,
1529                                               context->attributes->code,
1530                                               context->attributes->value);
1531                 break;
1532             }
1533             context->attributes++;
1534         }
1535         if (context->attributes->code == STORE_ATTR_OR)
1536             context->attributes++;
1537         return attrs;
1538  err:
1539         while (context->attributes
1540                && context->attributes->code != STORE_ATTR_OR
1541                && context->attributes->code != STORE_ATTR_END)
1542             context->attributes++;
1543         if (context->attributes->code == STORE_ATTR_OR)
1544             context->attributes++;
1545         return NULL;
1546     }
1547     STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT, ERR_R_PASSED_NULL_PARAMETER);
1548     return NULL;
1549 }
1550
1551 int STORE_parse_attrs_end(void *handle)
1552 {
1553     struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)handle;
1554
1555     if (context && context->attributes) {
1556 #if 0
1557         OPENSSL_ITEM *attributes = context->attributes;
1558 #endif
1559         OPENSSL_free(context);
1560         return 1;
1561     }
1562     STOREerr(STORE_F_STORE_PARSE_ATTRS_END, ERR_R_PASSED_NULL_PARAMETER);
1563     return 0;
1564 }
1565
1566 int STORE_parse_attrs_endp(void *handle)
1567 {
1568     struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)handle;
1569
1570     if (context && context->attributes) {
1571         return context->attributes->code == STORE_ATTR_END;
1572     }
1573     STOREerr(STORE_F_STORE_PARSE_ATTRS_ENDP, ERR_R_PASSED_NULL_PARAMETER);
1574     return 0;
1575 }
1576
1577 static int attr_info_compare_compute_range(const unsigned char *abits,
1578                                            const unsigned char *bbits,
1579                                            unsigned int *alowp,
1580                                            unsigned int *ahighp,
1581                                            unsigned int *blowp,
1582                                            unsigned int *bhighp)
1583 {
1584     unsigned int alow = (unsigned int)-1, ahigh = 0;
1585     unsigned int blow = (unsigned int)-1, bhigh = 0;
1586     int i, res = 0;
1587
1588     for (i = 0; i < (STORE_ATTR_TYPE_NUM + 8) / 8; i++, abits++, bbits++) {
1589         if (res == 0) {
1590             if (*abits < *bbits)
1591                 res = -1;
1592             if (*abits > *bbits)
1593                 res = 1;
1594         }
1595         if (*abits) {
1596             if (alow == (unsigned int)-1) {
1597                 alow = i * 8;
1598                 if (!(*abits & 0x01))
1599                     alow++;
1600                 if (!(*abits & 0x02))
1601                     alow++;
1602                 if (!(*abits & 0x04))
1603                     alow++;
1604                 if (!(*abits & 0x08))
1605                     alow++;
1606                 if (!(*abits & 0x10))
1607                     alow++;
1608                 if (!(*abits & 0x20))
1609                     alow++;
1610                 if (!(*abits & 0x40))
1611                     alow++;
1612             }
1613             ahigh = i * 8 + 7;
1614             if (!(*abits & 0x80))
1615                 ahigh++;
1616             if (!(*abits & 0x40))
1617                 ahigh++;
1618             if (!(*abits & 0x20))
1619                 ahigh++;
1620             if (!(*abits & 0x10))
1621                 ahigh++;
1622             if (!(*abits & 0x08))
1623                 ahigh++;
1624             if (!(*abits & 0x04))
1625                 ahigh++;
1626             if (!(*abits & 0x02))
1627                 ahigh++;
1628         }
1629         if (*bbits) {
1630             if (blow == (unsigned int)-1) {
1631                 blow = i * 8;
1632                 if (!(*bbits & 0x01))
1633                     blow++;
1634                 if (!(*bbits & 0x02))
1635                     blow++;
1636                 if (!(*bbits & 0x04))
1637                     blow++;
1638                 if (!(*bbits & 0x08))
1639                     blow++;
1640                 if (!(*bbits & 0x10))
1641                     blow++;
1642                 if (!(*bbits & 0x20))
1643                     blow++;
1644                 if (!(*bbits & 0x40))
1645                     blow++;
1646             }
1647             bhigh = i * 8 + 7;
1648             if (!(*bbits & 0x80))
1649                 bhigh++;
1650             if (!(*bbits & 0x40))
1651                 bhigh++;
1652             if (!(*bbits & 0x20))
1653                 bhigh++;
1654             if (!(*bbits & 0x10))
1655                 bhigh++;
1656             if (!(*bbits & 0x08))
1657                 bhigh++;
1658             if (!(*bbits & 0x04))
1659                 bhigh++;
1660             if (!(*bbits & 0x02))
1661                 bhigh++;
1662         }
1663     }
1664     if (ahigh + alow < bhigh + blow)
1665         res = -1;
1666     if (ahigh + alow > bhigh + blow)
1667         res = 1;
1668     if (alowp)
1669         *alowp = alow;
1670     if (ahighp)
1671         *ahighp = ahigh;
1672     if (blowp)
1673         *blowp = blow;
1674     if (bhighp)
1675         *bhighp = bhigh;
1676     return res;
1677 }
1678
1679 int STORE_ATTR_INFO_compare(const STORE_ATTR_INFO *const *a,
1680                             const STORE_ATTR_INFO *const *b)
1681 {
1682     if (a == b)
1683         return 0;
1684     if (!a)
1685         return -1;
1686     if (!b)
1687         return 1;
1688     return attr_info_compare_compute_range((*a)->set, (*b)->set, 0, 0, 0, 0);
1689 }
1690
1691 int STORE_ATTR_INFO_in_range(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
1692 {
1693     unsigned int alow, ahigh, blow, bhigh;
1694
1695     if (a == b)
1696         return 1;
1697     if (!a)
1698         return 0;
1699     if (!b)
1700         return 0;
1701     attr_info_compare_compute_range(a->set, b->set,
1702                                     &alow, &ahigh, &blow, &bhigh);
1703     if (alow >= blow && ahigh <= bhigh)
1704         return 1;
1705     return 0;
1706 }
1707
1708 int STORE_ATTR_INFO_in(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
1709 {
1710     unsigned char *abits, *bbits;
1711     int i;
1712
1713     if (a == b)
1714         return 1;
1715     if (!a)
1716         return 0;
1717     if (!b)
1718         return 0;
1719     abits = a->set;
1720     bbits = b->set;
1721     for (i = 0; i < (STORE_ATTR_TYPE_NUM + 8) / 8; i++, abits++, bbits++) {
1722         if (*abits && (*bbits & *abits) != *abits)
1723             return 0;
1724     }
1725     return 1;
1726 }
1727
1728 int STORE_ATTR_INFO_in_ex(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
1729 {
1730     STORE_ATTR_TYPES i;
1731
1732     if (a == b)
1733         return 1;
1734     if (!STORE_ATTR_INFO_in(a, b))
1735         return 0;
1736     for (i = 1; i < STORE_ATTR_TYPE_NUM; i++)
1737         if (ATTR_IS_SET(a, i)) {
1738             switch (i) {
1739             case STORE_ATTR_FRIENDLYNAME:
1740             case STORE_ATTR_EMAIL:
1741             case STORE_ATTR_FILENAME:
1742                 if (strcmp(a->values[i].cstring, b->values[i].cstring))
1743                     return 0;
1744                 break;
1745             case STORE_ATTR_KEYID:
1746             case STORE_ATTR_ISSUERKEYID:
1747             case STORE_ATTR_SUBJECTKEYID:
1748             case STORE_ATTR_ISSUERSERIALHASH:
1749             case STORE_ATTR_CERTHASH:
1750                 if (memcmp(a->values[i].sha1string,
1751                            b->values[i].sha1string, a->value_sizes[i]))
1752                     return 0;
1753                 break;
1754             case STORE_ATTR_ISSUER:
1755             case STORE_ATTR_SUBJECT:
1756                 if (X509_NAME_cmp(a->values[i].dn, b->values[i].dn))
1757                     return 0;
1758                 break;
1759             case STORE_ATTR_SERIAL:
1760                 if (BN_cmp(a->values[i].number, b->values[i].number))
1761                     return 0;
1762                 break;
1763             default:
1764                 break;
1765             }
1766         }
1767
1768     return 1;
1769 }