5e6e424ba34aac6438ca0cd261022041afc8b841
[openssl.git] / crypto / store / str_lib.c
1 /* crypto/store/str_lib.c -*- mode:C; c-file-style: "eay" -*- */
2 /* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
3  * project 2003.
4  */
5 /* ====================================================================
6  * Copyright (c) 2003 The OpenSSL Project.  All rights reserved.
7  *
8  * Redistribution and use in source and binary forms, with or without
9  * modification, are permitted provided that the following conditions
10  * are met:
11  *
12  * 1. Redistributions of source code must retain the above copyright
13  *    notice, this list of conditions and the following disclaimer. 
14  *
15  * 2. Redistributions in binary form must reproduce the above copyright
16  *    notice, this list of conditions and the following disclaimer in
17  *    the documentation and/or other materials provided with the
18  *    distribution.
19  *
20  * 3. All advertising materials mentioning features or use of this
21  *    software must display the following acknowledgment:
22  *    "This product includes software developed by the OpenSSL Project
23  *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
24  *
25  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26  *    endorse or promote products derived from this software without
27  *    prior written permission. For written permission, please contact
28  *    openssl-core@openssl.org.
29  *
30  * 5. Products derived from this software may not be called "OpenSSL"
31  *    nor may "OpenSSL" appear in their names without prior written
32  *    permission of the OpenSSL Project.
33  *
34  * 6. Redistributions of any form whatsoever must retain the following
35  *    acknowledgment:
36  *    "This product includes software developed by the OpenSSL Project
37  *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
38  *
39  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
43  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50  * OF THE POSSIBILITY OF SUCH DAMAGE.
51  * ====================================================================
52  *
53  * This product includes cryptographic software written by Eric Young
54  * (eay@cryptsoft.com).  This product includes software written by Tim
55  * Hudson (tjh@cryptsoft.com).
56  *
57  */
58
59 #include <string.h>
60 #include <openssl/bn.h>
61 #include <openssl/err.h>
62 #include <openssl/engine.h>
63 #include "str_locl.h"
64
65 const char * const STORE_object_type_string[STORE_OBJECT_TYPE_NUM+1] =
66         {
67         0,
68         "X.509 Certificate",
69         "X.509 CRL",
70         "Private Key",
71         "Public Key",
72         "Number",
73         "Arbitrary Data"
74         };
75
76 const int STORE_param_sizes[STORE_PARAM_TYPE_NUM+1] =
77         {
78         0,
79         sizeof(int),            /* EVP_TYPE */
80         sizeof(size_t),         /* BITS */
81         -1,                     /* KEY_PARAMETERS */
82         0                       /* KEY_NO_PARAMETERS */
83         };      
84
85 const int STORE_attr_sizes[STORE_ATTR_TYPE_NUM+1] =
86         {
87         0,
88         -1,                     /* FRIENDLYNAME:        C string */
89         SHA_DIGEST_LENGTH,      /* KEYID:               SHA1 digest, 160 bits */
90         SHA_DIGEST_LENGTH,      /* ISSUERKEYID:         SHA1 digest, 160 bits */
91         SHA_DIGEST_LENGTH,      /* SUBJECTKEYID:        SHA1 digest, 160 bits */
92         SHA_DIGEST_LENGTH,      /* ISSUERSERIALHASH:    SHA1 digest, 160 bits */
93         sizeof(X509_NAME *),    /* ISSUER:              X509_NAME * */
94         sizeof(BIGNUM *),       /* SERIAL:              BIGNUM * */
95         sizeof(X509_NAME *),    /* SUBJECT:             X509_NAME * */
96         SHA_DIGEST_LENGTH,      /* CERTHASH:            SHA1 digest, 160 bits */
97         -1,                     /* EMAIL:               C string */
98         -1,                     /* FILENAME:            C string */
99         };      
100
101 STORE *STORE_new_method(const STORE_METHOD *method)
102         {
103         STORE *ret;
104
105         if (method == NULL)
106                 {
107                 STOREerr(STORE_F_STORE_NEW_METHOD,ERR_R_PASSED_NULL_PARAMETER);
108                 return NULL;
109                 }
110
111         ret=(STORE *)OPENSSL_malloc(sizeof(STORE));
112         if (ret == NULL)
113                 {
114                 STOREerr(STORE_F_STORE_NEW_METHOD,ERR_R_MALLOC_FAILURE);
115                 return NULL;
116                 }
117
118         ret->meth=method;
119
120         CRYPTO_new_ex_data(CRYPTO_EX_INDEX_STORE, ret, &ret->ex_data);
121         if (ret->meth->init && !ret->meth->init(ret))
122                 {
123                 STORE_free(ret);
124                 ret = NULL;
125                 }
126         return ret;
127         }
128
129 STORE *STORE_new_engine(ENGINE *engine)
130         {
131         STORE *ret = NULL;
132         ENGINE *e = engine;
133         const STORE_METHOD *meth = 0;
134
135 #ifdef OPENSSL_NO_ENGINE
136         e = NULL;
137 #else
138         if (engine)
139                 {
140                 if (!ENGINE_init(engine))
141                         {
142                         STOREerr(STORE_F_STORE_NEW_ENGINE, ERR_R_ENGINE_LIB);
143                         return NULL;
144                         }
145                 e = engine;
146                 }
147         else
148                 {
149                 STOREerr(STORE_F_STORE_NEW_ENGINE,ERR_R_PASSED_NULL_PARAMETER);
150                 return NULL;
151                 }
152         if(e)
153                 {
154                 meth = ENGINE_get_STORE(e);
155                 if(!meth)
156                         {
157                         STOREerr(STORE_F_STORE_NEW_ENGINE,
158                                 ERR_R_ENGINE_LIB);
159                         ENGINE_finish(e);
160                         return NULL;
161                         }
162                 }
163 #endif
164
165         ret = STORE_new_method(meth);
166         if (ret == NULL)
167                 {
168                 STOREerr(STORE_F_STORE_NEW_ENGINE,ERR_R_STORE_LIB);
169                 return NULL;
170                 }
171
172         ret->engine = e;
173
174         return(ret);
175         }
176
177 void STORE_free(STORE *store)
178         {
179         if (store == NULL)
180                 return;
181         if (store->meth->clean)
182                 store->meth->clean(store);
183         CRYPTO_free_ex_data(CRYPTO_EX_INDEX_STORE, store, &store->ex_data);
184         OPENSSL_free(store);
185         }
186
187
188 int STORE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
189              CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
190         {
191         return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_STORE, argl, argp,
192                                 new_func, dup_func, free_func);
193         }
194
195 int STORE_set_ex_data(STORE *r, int idx, void *arg)
196         {
197         return(CRYPTO_set_ex_data(&r->ex_data,idx,arg));
198         }
199
200 void *STORE_get_ex_data(STORE *r, int idx)
201         {
202         return(CRYPTO_get_ex_data(&r->ex_data,idx));
203         }
204
205 const STORE_METHOD *STORE_get_method(STORE *store)
206         {
207         return store->meth;
208         }
209
210 const STORE_METHOD *STORE_set_method(STORE *store, const STORE_METHOD *meth)
211         {
212         store->meth=meth;
213         return store->meth;
214         }
215
216
217 /* API helpers */
218
219 #define check_store(s,fncode,fnname,fnerrcode) \
220         do \
221                 { \
222                 if ((s) == NULL || (s)->meth) \
223                         { \
224                         STOREerr((fncode), ERR_R_PASSED_NULL_PARAMETER); \
225                         return 0; \
226                         } \
227                 if ((s)->meth->fnname == NULL) \
228                         { \
229                         STOREerr((fncode), (fnerrcode)); \
230                         return 0; \
231                         } \
232                 } \
233         while(0)
234
235 /* API functions */
236
237 X509 *STORE_get_certificate(STORE *s, OPENSSL_ITEM attributes[],
238         OPENSSL_ITEM parameters[])
239         {
240         STORE_OBJECT *object;
241         X509 *x;
242
243         check_store(s,STORE_F_STORE_GET_CERTIFICATE,
244                 get_object,STORE_R_NO_GET_OBJECT_FUNCTION);
245
246         object = s->meth->get_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
247                 attributes, parameters);
248         if (!object || !object->data.x509.certificate)
249                 {
250                 STOREerr(STORE_F_STORE_GET_CERTIFICATE,
251                         STORE_R_FAILED_GETTING_CERTIFICATE);
252                 return 0;
253                 }
254         CRYPTO_add(&object->data.x509.certificate->references,1,CRYPTO_LOCK_X509);
255 #ifdef REF_PRINT
256         REF_PRINT("X509",data);
257 #endif
258         x = object->data.x509.certificate;
259         STORE_OBJECT_free(object);
260         return x;
261         }
262
263 int STORE_store_certificate(STORE *s, X509 *data, OPENSSL_ITEM attributes[],
264         OPENSSL_ITEM parameters[])
265         {
266         STORE_OBJECT *object;
267         int i;
268
269         check_store(s,STORE_F_STORE_CERTIFICATE,
270                 store_object,STORE_R_NO_STORE_OBJECT_FUNCTION);
271
272         object = STORE_OBJECT_new();
273         if (!object)
274                 {
275                 STOREerr(STORE_F_STORE_CERTIFICATE,
276                         ERR_R_MALLOC_FAILURE);
277                 return 0;
278                 }
279         
280         CRYPTO_add(&data->references,1,CRYPTO_LOCK_X509);
281 #ifdef REF_PRINT
282         REF_PRINT("X509",data);
283 #endif
284         object->data.x509.certificate = data;
285
286         i = s->meth->store_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
287                 object, attributes, parameters);
288
289         STORE_OBJECT_free(object);
290
291         if (!i)
292                 {
293                 STOREerr(STORE_F_STORE_CERTIFICATE,
294                         STORE_R_FAILED_STORING_CERTIFICATE);
295                 return 0;
296                 }
297         return 1;
298         }
299
300 int STORE_revoke_certificate(STORE *s, OPENSSL_ITEM attributes[],
301         OPENSSL_ITEM parameters[])
302         {
303         check_store(s,STORE_F_STORE_REVOKE_CERTIFICATE,
304                 revoke_object,STORE_R_NO_REVOKE_OBJECT_FUNCTION);
305
306         if (!s->meth->revoke_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
307                     attributes, parameters))
308                 {
309                 STOREerr(STORE_F_STORE_REVOKE_CERTIFICATE,
310                         STORE_R_FAILED_REVOKING_CERTIFICATE);
311                 return 0;
312                 }
313         return 1;
314         }
315
316 int STORE_delete_certificate(STORE *s, OPENSSL_ITEM attributes[],
317         OPENSSL_ITEM parameters[])
318         {
319         check_store(s,STORE_F_STORE_DELETE_CERTIFICATE,
320                 delete_object,STORE_R_NO_DELETE_OBJECT_FUNCTION);
321
322         if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
323                     attributes, parameters))
324                 {
325                 STOREerr(STORE_F_STORE_DELETE_CERTIFICATE,
326                         STORE_R_FAILED_DELETING_CERTIFICATE);
327                 return 0;
328                 }
329         return 1;
330         }
331
332 void *STORE_list_certificate_start(STORE *s, OPENSSL_ITEM attributes[],
333         OPENSSL_ITEM parameters[])
334         {
335         void *handle;
336
337         check_store(s,STORE_F_STORE_LIST_CERTIFICATE_START,
338                 list_object_start,STORE_R_NO_LIST_OBJECT_START_FUNCTION);
339
340         handle = s->meth->list_object_start(s,
341                 STORE_OBJECT_TYPE_X509_CERTIFICATE, attributes, parameters);
342         if (!handle)
343                 {
344                 STOREerr(STORE_F_STORE_LIST_CERTIFICATE_START,
345                         STORE_R_FAILED_LISTING_CERTIFICATES);
346                 return 0;
347                 }
348         return handle;
349         }
350
351 X509 *STORE_list_certificate_next(STORE *s, void *handle)
352         {
353         STORE_OBJECT *object;
354         X509 *x;
355
356         check_store(s,STORE_F_STORE_LIST_CERTIFICATE_NEXT,
357                 list_object_next,STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
358
359         object = s->meth->list_object_next(s, handle);
360         if (!object || !object->data.x509.certificate)
361                 {
362                 STOREerr(STORE_F_STORE_LIST_CERTIFICATE_NEXT,
363                         STORE_R_FAILED_LISTING_CERTIFICATES);
364                 return 0;
365                 }
366         CRYPTO_add(&object->data.x509.certificate->references,1,CRYPTO_LOCK_X509);
367 #ifdef REF_PRINT
368         REF_PRINT("X509",data);
369 #endif
370         x = object->data.x509.certificate;
371         STORE_OBJECT_free(object);
372         return x;
373         }
374
375 int STORE_list_certificate_end(STORE *s, void *handle)
376         {
377         check_store(s,STORE_F_STORE_LIST_CERTIFICATE_END,
378                 list_object_end,STORE_R_NO_LIST_OBJECT_END_FUNCTION);
379
380         if (!s->meth->list_object_end(s, handle))
381                 {
382                 STOREerr(STORE_F_STORE_LIST_CERTIFICATE_END,
383                         STORE_R_FAILED_LISTING_CERTIFICATES);
384                 return 0;
385                 }
386         return 1;
387         }
388
389 int STORE_list_certificate_endp(STORE *s, void *handle)
390         {
391         check_store(s,STORE_F_STORE_LIST_CERTIFICATE_ENDP,
392                 list_object_endp,STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
393
394         if (!s->meth->list_object_endp(s, handle))
395                 {
396                 STOREerr(STORE_F_STORE_LIST_CERTIFICATE_ENDP,
397                         STORE_R_FAILED_LISTING_CERTIFICATES);
398                 return 0;
399                 }
400         return 1;
401         }
402
403 EVP_PKEY *STORE_generate_key(STORE *s, OPENSSL_ITEM attributes[],
404         OPENSSL_ITEM parameters[])
405         {
406         STORE_OBJECT *object;
407         EVP_PKEY *pkey;
408
409         check_store(s,STORE_F_STORE_GENERATE_KEY,
410                 generate_object,STORE_R_NO_GENERATE_OBJECT_FUNCTION);
411
412         object = s->meth->generate_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
413                 attributes, parameters);
414         if (!object || !object->data.key)
415                 {
416                 STOREerr(STORE_F_STORE_GENERATE_KEY,
417                         STORE_R_FAILED_GENERATING_KEY);
418                 return 0;
419                 }
420         CRYPTO_add(&object->data.key->references,1,CRYPTO_LOCK_EVP_PKEY);
421 #ifdef REF_PRINT
422         REF_PRINT("EVP_PKEY",data);
423 #endif
424         pkey = object->data.key;
425         STORE_OBJECT_free(object);
426         return pkey;
427         }
428
429 EVP_PKEY *STORE_get_private_key(STORE *s, OPENSSL_ITEM attributes[],
430         OPENSSL_ITEM parameters[])
431         {
432         STORE_OBJECT *object;
433         EVP_PKEY *pkey;
434
435         check_store(s,STORE_F_STORE_GET_PRIVATE_KEY,
436                 get_object,STORE_R_NO_GET_OBJECT_FUNCTION);
437
438         object = s->meth->get_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
439                 attributes, parameters);
440         if (!object || !object->data.key || !object->data.key)
441                 {
442                 STOREerr(STORE_F_STORE_GET_PRIVATE_KEY,
443                         STORE_R_FAILED_GETTING_KEY);
444                 return 0;
445                 }
446         CRYPTO_add(&object->data.key->references,1,CRYPTO_LOCK_EVP_PKEY);
447 #ifdef REF_PRINT
448         REF_PRINT("EVP_PKEY",data);
449 #endif
450         pkey = object->data.key;
451         STORE_OBJECT_free(object);
452         return pkey;
453         }
454
455 int STORE_store_private_key(STORE *s, EVP_PKEY *data, OPENSSL_ITEM attributes[],
456         OPENSSL_ITEM parameters[])
457         {
458         STORE_OBJECT *object;
459         int i;
460
461         check_store(s,STORE_F_STORE_PRIVATE_KEY,
462                 store_object,STORE_R_NO_STORE_OBJECT_FUNCTION);
463
464         object = STORE_OBJECT_new();
465         if (!object)
466                 {
467                 STOREerr(STORE_F_STORE_PRIVATE_KEY,
468                         ERR_R_MALLOC_FAILURE);
469                 return 0;
470                 }
471         object->data.key = EVP_PKEY_new();
472         if (!object->data.key)
473                 {
474                 STOREerr(STORE_F_STORE_PRIVATE_KEY,
475                         ERR_R_MALLOC_FAILURE);
476                 return 0;
477                 }
478         
479         CRYPTO_add(&data->references,1,CRYPTO_LOCK_EVP_PKEY);
480 #ifdef REF_PRINT
481         REF_PRINT("EVP_PKEY",data);
482 #endif
483         object->data.key = data;
484
485         i = s->meth->store_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY, object,
486                 attributes, parameters);
487
488         STORE_OBJECT_free(object);
489
490         if (!i)
491                 {
492                 STOREerr(STORE_F_STORE_PRIVATE_KEY,
493                         STORE_R_FAILED_STORING_KEY);
494                 return 0;
495                 }
496         return i;
497         }
498
499 int STORE_revoke_private_key(STORE *s, OPENSSL_ITEM attributes[],
500         OPENSSL_ITEM parameters[])
501         {
502         int i;
503
504         check_store(s,STORE_F_STORE_REVOKE_PRIVATE_KEY,
505                 revoke_object,STORE_R_NO_REVOKE_OBJECT_FUNCTION);
506
507         i = s->meth->revoke_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
508                 attributes, parameters);
509
510         if (!i)
511                 {
512                 STOREerr(STORE_F_STORE_REVOKE_PRIVATE_KEY,
513                         STORE_R_FAILED_REVOKING_KEY);
514                 return 0;
515                 }
516         return i;
517         }
518
519 int STORE_delete_private_key(STORE *s, OPENSSL_ITEM attributes[],
520         OPENSSL_ITEM parameters[])
521         {
522         check_store(s,STORE_F_STORE_DELETE_PRIVATE_KEY,
523                 delete_object,STORE_R_NO_DELETE_OBJECT_FUNCTION);
524         
525         if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
526                     attributes, parameters))
527                 {
528                 STOREerr(STORE_F_STORE_DELETE_PRIVATE_KEY,
529                         STORE_R_FAILED_DELETING_KEY);
530                 return 0;
531                 }
532         return 1;
533         }
534
535 void *STORE_list_private_key_start(STORE *s, OPENSSL_ITEM attributes[],
536         OPENSSL_ITEM parameters[])
537         {
538         void *handle;
539
540         check_store(s,STORE_F_STORE_LIST_PRIVATE_KEY_START,
541                 list_object_start,STORE_R_NO_LIST_OBJECT_START_FUNCTION);
542
543         handle = s->meth->list_object_start(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
544                 attributes, parameters);
545         if (!handle)
546                 {
547                 STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_START,
548                         STORE_R_FAILED_LISTING_KEYS);
549                 return 0;
550                 }
551         return handle;
552         }
553
554 EVP_PKEY *STORE_list_private_key_next(STORE *s, void *handle)
555         {
556         STORE_OBJECT *object;
557         EVP_PKEY *pkey;
558
559         check_store(s,STORE_F_STORE_LIST_PRIVATE_KEY_NEXT,
560                 list_object_next,STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
561
562         object = s->meth->list_object_next(s, handle);
563         if (!object || !object->data.key || !object->data.key)
564                 {
565                 STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_NEXT,
566                         STORE_R_FAILED_LISTING_KEYS);
567                 return 0;
568                 }
569         CRYPTO_add(&object->data.key->references,1,CRYPTO_LOCK_EVP_PKEY);
570 #ifdef REF_PRINT
571         REF_PRINT("EVP_PKEY",data);
572 #endif
573         pkey = object->data.key;
574         STORE_OBJECT_free(object);
575         return pkey;
576         }
577
578 int STORE_list_private_key_end(STORE *s, void *handle)
579         {
580         check_store(s,STORE_F_STORE_LIST_PRIVATE_KEY_END,
581                 list_object_end,STORE_R_NO_LIST_OBJECT_END_FUNCTION);
582
583         if (!s->meth->list_object_end(s, handle))
584                 {
585                 STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_END,
586                         STORE_R_FAILED_LISTING_KEYS);
587                 return 0;
588                 }
589         return 1;
590         }
591
592 int STORE_list_private_key_endp(STORE *s, void *handle)
593         {
594         check_store(s,STORE_F_STORE_LIST_PRIVATE_KEY_ENDP,
595                 list_object_endp,STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
596
597         if (!s->meth->list_object_endp(s, handle))
598                 {
599                 STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_ENDP,
600                         STORE_R_FAILED_LISTING_KEYS);
601                 return 0;
602                 }
603         return 1;
604         }
605
606 EVP_PKEY *STORE_get_public_key(STORE *s, OPENSSL_ITEM attributes[],
607         OPENSSL_ITEM parameters[])
608         {
609         STORE_OBJECT *object;
610         EVP_PKEY *pkey;
611
612         check_store(s,STORE_F_STORE_GET_PUBLIC_KEY,
613                 get_object,STORE_R_NO_GET_OBJECT_FUNCTION);
614
615         object = s->meth->get_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
616                 attributes, parameters);
617         if (!object || !object->data.key || !object->data.key)
618                 {
619                 STOREerr(STORE_F_STORE_GET_PUBLIC_KEY,
620                         STORE_R_FAILED_GETTING_KEY);
621                 return 0;
622                 }
623         CRYPTO_add(&object->data.key->references,1,CRYPTO_LOCK_EVP_PKEY);
624 #ifdef REF_PRINT
625         REF_PRINT("EVP_PKEY",data);
626 #endif
627         pkey = object->data.key;
628         STORE_OBJECT_free(object);
629         return pkey;
630         }
631
632 int STORE_store_public_key(STORE *s, EVP_PKEY *data, OPENSSL_ITEM attributes[],
633         OPENSSL_ITEM parameters[])
634         {
635         STORE_OBJECT *object;
636         int i;
637
638         check_store(s,STORE_F_STORE_PUBLIC_KEY,
639                 store_object,STORE_R_NO_STORE_OBJECT_FUNCTION);
640
641         object = STORE_OBJECT_new();
642         if (!object)
643                 {
644                 STOREerr(STORE_F_STORE_PUBLIC_KEY,
645                         ERR_R_MALLOC_FAILURE);
646                 return 0;
647                 }
648         object->data.key = EVP_PKEY_new();
649         if (!object->data.key)
650                 {
651                 STOREerr(STORE_F_STORE_PUBLIC_KEY,
652                         ERR_R_MALLOC_FAILURE);
653                 return 0;
654                 }
655         
656         CRYPTO_add(&data->references,1,CRYPTO_LOCK_EVP_PKEY);
657 #ifdef REF_PRINT
658         REF_PRINT("EVP_PKEY",data);
659 #endif
660         object->data.key = data;
661
662         i = s->meth->store_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY, object,
663                 attributes, parameters);
664
665         STORE_OBJECT_free(object);
666
667         if (!i)
668                 {
669                 STOREerr(STORE_F_STORE_PUBLIC_KEY,
670                         STORE_R_FAILED_STORING_KEY);
671                 return 0;
672                 }
673         return i;
674         }
675
676 int STORE_revoke_public_key(STORE *s, OPENSSL_ITEM attributes[],
677         OPENSSL_ITEM parameters[])
678         {
679         int i;
680
681         check_store(s,STORE_F_STORE_REVOKE_PUBLIC_KEY,
682                 revoke_object,STORE_R_NO_REVOKE_OBJECT_FUNCTION);
683
684         i = s->meth->revoke_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
685                 attributes, parameters);
686
687         if (!i)
688                 {
689                 STOREerr(STORE_F_STORE_REVOKE_PUBLIC_KEY,
690                         STORE_R_FAILED_REVOKING_KEY);
691                 return 0;
692                 }
693         return i;
694         }
695
696 int STORE_delete_public_key(STORE *s, OPENSSL_ITEM attributes[],
697         OPENSSL_ITEM parameters[])
698         {
699         check_store(s,STORE_F_STORE_DELETE_PUBLIC_KEY,
700                 delete_object,STORE_R_NO_DELETE_OBJECT_FUNCTION);
701         
702         if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
703                     attributes, parameters))
704                 {
705                 STOREerr(STORE_F_STORE_DELETE_PUBLIC_KEY,
706                         STORE_R_FAILED_DELETING_KEY);
707                 return 0;
708                 }
709         return 1;
710         }
711
712 void *STORE_list_public_key_start(STORE *s, OPENSSL_ITEM attributes[],
713         OPENSSL_ITEM parameters[])
714         {
715         void *handle;
716
717         check_store(s,STORE_F_STORE_LIST_PUBLIC_KEY_START,
718                 list_object_start,STORE_R_NO_LIST_OBJECT_START_FUNCTION);
719
720         handle = s->meth->list_object_start(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
721                 attributes, parameters);
722         if (!handle)
723                 {
724                 STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_START,
725                         STORE_R_FAILED_LISTING_KEYS);
726                 return 0;
727                 }
728         return handle;
729         }
730
731 EVP_PKEY *STORE_list_public_key_next(STORE *s, void *handle)
732         {
733         STORE_OBJECT *object;
734         EVP_PKEY *pkey;
735
736         check_store(s,STORE_F_STORE_LIST_PUBLIC_KEY_NEXT,
737                 list_object_next,STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
738
739         object = s->meth->list_object_next(s, handle);
740         if (!object || !object->data.key || !object->data.key)
741                 {
742                 STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_NEXT,
743                         STORE_R_FAILED_LISTING_KEYS);
744                 return 0;
745                 }
746         CRYPTO_add(&object->data.key->references,1,CRYPTO_LOCK_EVP_PKEY);
747 #ifdef REF_PRINT
748         REF_PRINT("EVP_PKEY",data);
749 #endif
750         pkey = object->data.key;
751         STORE_OBJECT_free(object);
752         return pkey;
753         }
754
755 int STORE_list_public_key_end(STORE *s, void *handle)
756         {
757         check_store(s,STORE_F_STORE_LIST_PUBLIC_KEY_END,
758                 list_object_end,STORE_R_NO_LIST_OBJECT_END_FUNCTION);
759
760         if (!s->meth->list_object_end(s, handle))
761                 {
762                 STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_END,
763                         STORE_R_FAILED_LISTING_KEYS);
764                 return 0;
765                 }
766         return 1;
767         }
768
769 int STORE_list_public_key_endp(STORE *s, void *handle)
770         {
771         check_store(s,STORE_F_STORE_LIST_PUBLIC_KEY_ENDP,
772                 list_object_endp,STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
773
774         if (!s->meth->list_object_endp(s, handle))
775                 {
776                 STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_ENDP,
777                         STORE_R_FAILED_LISTING_KEYS);
778                 return 0;
779                 }
780         return 1;
781         }
782
783 X509_CRL *STORE_generate_crl(STORE *s, OPENSSL_ITEM attributes[],
784         OPENSSL_ITEM parameters[])
785         {
786         STORE_OBJECT *object;
787         X509_CRL *crl;
788
789         check_store(s,STORE_F_STORE_GENERATE_CRL,
790                 generate_object,STORE_R_NO_GENERATE_CRL_FUNCTION);
791
792         object = s->meth->generate_object(s, STORE_OBJECT_TYPE_X509_CRL,
793                 attributes, parameters);
794         if (!object || !object->data.crl)
795                 {
796                 STOREerr(STORE_F_STORE_GENERATE_CRL,
797                         STORE_R_FAILED_GENERATING_CRL);
798                 return 0;
799                 }
800         CRYPTO_add(&object->data.crl->references,1,CRYPTO_LOCK_X509_CRL);
801 #ifdef REF_PRINT
802         REF_PRINT("X509_CRL",data);
803 #endif
804         crl = object->data.crl;
805         STORE_OBJECT_free(object);
806         return crl;
807         }
808
809 X509_CRL *STORE_get_crl(STORE *s, OPENSSL_ITEM attributes[],
810         OPENSSL_ITEM parameters[])
811         {
812         STORE_OBJECT *object;
813         X509_CRL *crl;
814
815         check_store(s,STORE_F_STORE_GET_CRL,
816                 get_object,STORE_R_NO_GET_OBJECT_FUNCTION);
817
818         object = s->meth->get_object(s, STORE_OBJECT_TYPE_X509_CRL,
819                 attributes, parameters);
820         if (!object || !object->data.crl)
821                 {
822                 STOREerr(STORE_F_STORE_GET_CRL,
823                         STORE_R_FAILED_GETTING_KEY);
824                 return 0;
825                 }
826         CRYPTO_add(&object->data.crl->references,1,CRYPTO_LOCK_X509_CRL);
827 #ifdef REF_PRINT
828         REF_PRINT("X509_CRL",data);
829 #endif
830         crl = object->data.crl;
831         STORE_OBJECT_free(object);
832         return crl;
833         }
834
835 int STORE_store_crl(STORE *s, X509_CRL *data, OPENSSL_ITEM attributes[],
836         OPENSSL_ITEM parameters[])
837         {
838         STORE_OBJECT *object;
839         int i;
840
841         check_store(s,STORE_F_STORE_CRL,
842                 store_object,STORE_R_NO_STORE_OBJECT_FUNCTION);
843
844         object = STORE_OBJECT_new();
845         if (!object)
846                 {
847                 STOREerr(STORE_F_STORE_CRL,
848                         ERR_R_MALLOC_FAILURE);
849                 return 0;
850                 }
851         
852         CRYPTO_add(&data->references,1,CRYPTO_LOCK_X509_CRL);
853 #ifdef REF_PRINT
854         REF_PRINT("X509_CRL",data);
855 #endif
856         object->data.crl = data;
857
858         i = s->meth->store_object(s, STORE_OBJECT_TYPE_X509_CRL, object,
859                 attributes, parameters);
860
861         STORE_OBJECT_free(object);
862
863         if (!i)
864                 {
865                 STOREerr(STORE_F_STORE_CRL,
866                         STORE_R_FAILED_STORING_KEY);
867                 return 0;
868                 }
869         return i;
870         }
871
872 int STORE_delete_crl(STORE *s, OPENSSL_ITEM attributes[],
873         OPENSSL_ITEM parameters[])
874         {
875         check_store(s,STORE_F_STORE_DELETE_CRL,
876                 delete_object,STORE_R_NO_DELETE_OBJECT_FUNCTION);
877         
878         if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_X509_CRL,
879                     attributes, parameters))
880                 {
881                 STOREerr(STORE_F_STORE_DELETE_CRL,
882                         STORE_R_FAILED_DELETING_KEY);
883                 return 0;
884                 }
885         return 1;
886         }
887
888 void *STORE_list_crl_start(STORE *s, OPENSSL_ITEM attributes[],
889         OPENSSL_ITEM parameters[])
890         {
891         void *handle;
892
893         check_store(s,STORE_F_STORE_LIST_CRL_START,
894                 list_object_start,STORE_R_NO_LIST_OBJECT_START_FUNCTION);
895
896         handle = s->meth->list_object_start(s, STORE_OBJECT_TYPE_X509_CRL,
897                 attributes, parameters);
898         if (!handle)
899                 {
900                 STOREerr(STORE_F_STORE_LIST_CRL_START,
901                         STORE_R_FAILED_LISTING_KEYS);
902                 return 0;
903                 }
904         return handle;
905         }
906
907 X509_CRL *STORE_list_crl_next(STORE *s, void *handle)
908         {
909         STORE_OBJECT *object;
910         X509_CRL *crl;
911
912         check_store(s,STORE_F_STORE_LIST_CRL_NEXT,
913                 list_object_next,STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
914
915         object = s->meth->list_object_next(s, handle);
916         if (!object || !object->data.crl)
917                 {
918                 STOREerr(STORE_F_STORE_LIST_CRL_NEXT,
919                         STORE_R_FAILED_LISTING_KEYS);
920                 return 0;
921                 }
922         CRYPTO_add(&object->data.crl->references,1,CRYPTO_LOCK_X509_CRL);
923 #ifdef REF_PRINT
924         REF_PRINT("X509_CRL",data);
925 #endif
926         crl = object->data.crl;
927         STORE_OBJECT_free(object);
928         return crl;
929         }
930
931 int STORE_list_crl_end(STORE *s, void *handle)
932         {
933         check_store(s,STORE_F_STORE_LIST_CRL_END,
934                 list_object_end,STORE_R_NO_LIST_OBJECT_END_FUNCTION);
935
936         if (!s->meth->list_object_end(s, handle))
937                 {
938                 STOREerr(STORE_F_STORE_LIST_CRL_END,
939                         STORE_R_FAILED_LISTING_KEYS);
940                 return 0;
941                 }
942         return 1;
943         }
944
945 int STORE_list_crl_endp(STORE *s, void *handle)
946         {
947         check_store(s,STORE_F_STORE_LIST_CRL_ENDP,
948                 list_object_endp,STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
949
950         if (!s->meth->list_object_endp(s, handle))
951                 {
952                 STOREerr(STORE_F_STORE_LIST_CRL_ENDP,
953                         STORE_R_FAILED_LISTING_KEYS);
954                 return 0;
955                 }
956         return 1;
957         }
958
959 int STORE_store_number(STORE *s, BIGNUM *data, OPENSSL_ITEM attributes[],
960         OPENSSL_ITEM parameters[])
961         {
962         STORE_OBJECT *object;
963         int i;
964
965         check_store(s,STORE_F_STORE_NUMBER,
966                 store_object,STORE_R_NO_STORE_OBJECT_NUMBER_FUNCTION);
967
968         object = STORE_OBJECT_new();
969         if (!object)
970                 {
971                 STOREerr(STORE_F_STORE_NUMBER,
972                         ERR_R_MALLOC_FAILURE);
973                 return 0;
974                 }
975         
976         object->data.number = data;
977
978         i = s->meth->store_object(s, STORE_OBJECT_TYPE_NUMBER, object,
979                 attributes, parameters);
980
981         STORE_OBJECT_free(object);
982
983         if (!i)
984                 {
985                 STOREerr(STORE_F_STORE_NUMBER,
986                         STORE_R_FAILED_STORING_NUMBER);
987                 return 0;
988                 }
989         return 1;
990         }
991
992 BIGNUM *STORE_get_number(STORE *s, OPENSSL_ITEM attributes[],
993         OPENSSL_ITEM parameters[])
994         {
995         STORE_OBJECT *object;
996         BIGNUM *n;
997
998         check_store(s,STORE_F_STORE_GET_NUMBER,
999                 get_object,STORE_R_NO_GET_OBJECT_NUMBER_FUNCTION);
1000
1001         object = s->meth->get_object(s, STORE_OBJECT_TYPE_NUMBER, attributes,
1002                 parameters);
1003         if (!object || !object->data.number)
1004                 {
1005                 STOREerr(STORE_F_STORE_GET_NUMBER,
1006                         STORE_R_FAILED_GETTING_NUMBER);
1007                 return 0;
1008                 }
1009         n = object->data.number;
1010         object->data.number = NULL;
1011         STORE_OBJECT_free(object);
1012         return n;
1013         }
1014
1015 int STORE_delete_number(STORE *s, OPENSSL_ITEM attributes[],
1016         OPENSSL_ITEM parameters[])
1017         {
1018         check_store(s,STORE_F_STORE_DELETE_NUMBER,
1019                 delete_object,STORE_R_NO_DELETE_NUMBER_FUNCTION);
1020
1021         if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_NUMBER, attributes,
1022                     parameters))
1023                 {
1024                 STOREerr(STORE_F_STORE_DELETE_NUMBER,
1025                         STORE_R_FAILED_DELETING_NUMBER);
1026                 return 0;
1027                 }
1028         return 1;
1029         }
1030
1031 int STORE_store_arbitrary(STORE *s, BUF_MEM *data, OPENSSL_ITEM attributes[],
1032         OPENSSL_ITEM parameters[])
1033         {
1034         STORE_OBJECT *object;
1035         int i;
1036
1037         check_store(s,STORE_F_STORE_ARBITRARY,
1038                 store_object,STORE_R_NO_STORE_OBJECT_ARBITRARY_FUNCTION);
1039
1040         object = STORE_OBJECT_new();
1041         if (!object)
1042                 {
1043                 STOREerr(STORE_F_STORE_ARBITRARY,
1044                         ERR_R_MALLOC_FAILURE);
1045                 return 0;
1046                 }
1047         
1048         object->data.arbitrary = data;
1049
1050         i = s->meth->store_object(s, STORE_OBJECT_TYPE_ARBITRARY, object,
1051                 attributes, parameters);
1052
1053         STORE_OBJECT_free(object);
1054
1055         if (!i)
1056                 {
1057                 STOREerr(STORE_F_STORE_ARBITRARY,
1058                         STORE_R_FAILED_STORING_ARBITRARY);
1059                 return 0;
1060                 }
1061         return 1;
1062         }
1063
1064 BUF_MEM *STORE_get_arbitrary(STORE *s, OPENSSL_ITEM attributes[],
1065         OPENSSL_ITEM parameters[])
1066         {
1067         STORE_OBJECT *object;
1068         BUF_MEM *b;
1069
1070         check_store(s,STORE_F_STORE_GET_ARBITRARY,
1071                 get_object,STORE_R_NO_GET_OBJECT_ARBITRARY_FUNCTION);
1072
1073         object = s->meth->get_object(s, STORE_OBJECT_TYPE_ARBITRARY,
1074                 attributes, parameters);
1075         if (!object || !object->data.arbitrary)
1076                 {
1077                 STOREerr(STORE_F_STORE_GET_ARBITRARY,
1078                         STORE_R_FAILED_GETTING_ARBITRARY);
1079                 return 0;
1080                 }
1081         b = object->data.arbitrary;
1082         object->data.arbitrary = NULL;
1083         STORE_OBJECT_free(object);
1084         return b;
1085         }
1086
1087 int STORE_delete_arbitrary(STORE *s, OPENSSL_ITEM attributes[],
1088         OPENSSL_ITEM parameters[])
1089         {
1090         check_store(s,STORE_F_STORE_DELETE_ARBITRARY,
1091                 delete_object,STORE_R_NO_DELETE_ARBITRARY_FUNCTION);
1092
1093         if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_ARBITRARY, attributes,
1094                     parameters))
1095                 {
1096                 STOREerr(STORE_F_STORE_DELETE_ARBITRARY,
1097                         STORE_R_FAILED_DELETING_ARBITRARY);
1098                 return 0;
1099                 }
1100         return 1;
1101         }
1102
1103 STORE_OBJECT *STORE_OBJECT_new(void)
1104         {
1105         STORE_OBJECT *object = OPENSSL_malloc(sizeof(STORE_OBJECT));
1106         if (object) memset(object, 0, sizeof(STORE_OBJECT));
1107         return object;
1108         }
1109 void STORE_OBJECT_free(STORE_OBJECT *data)
1110         {
1111         if (!data) return;
1112         switch (data->type)
1113                 {
1114         case STORE_OBJECT_TYPE_X509_CERTIFICATE:
1115                 X509_free(data->data.x509.certificate);
1116                 break;
1117         case STORE_OBJECT_TYPE_X509_CRL:
1118                 X509_CRL_free(data->data.crl);
1119                 break;
1120         case STORE_OBJECT_TYPE_PRIVATE_KEY:
1121         case STORE_OBJECT_TYPE_PUBLIC_KEY:
1122                 EVP_PKEY_free(data->data.key);
1123                 break;
1124         case STORE_OBJECT_TYPE_NUMBER:
1125                 BN_free(data->data.number);
1126                 break;
1127         case STORE_OBJECT_TYPE_ARBITRARY:
1128                 BUF_MEM_free(data->data.arbitrary);
1129                 break;
1130                 }
1131         OPENSSL_free(data);
1132         }
1133
1134 IMPLEMENT_STACK_OF(STORE_OBJECT*)
1135
1136
1137 struct STORE_attr_info_st
1138         {
1139         unsigned char set[(STORE_ATTR_TYPE_NUM + 8) / 8];
1140         union
1141                 {
1142                 char *cstring;
1143                 unsigned char *sha1string;
1144                 X509_NAME *dn;
1145                 BIGNUM *number;
1146                 void *any;
1147                 } values[STORE_ATTR_TYPE_NUM+1];
1148         size_t value_sizes[STORE_ATTR_TYPE_NUM+1];
1149         };
1150
1151 #define ATTR_IS_SET(a,i)        ((i) > 0 && (i) < STORE_ATTR_TYPE_NUM \
1152                                 && ((a)->set[(i) / 8] & (1 << ((i) % 8))))
1153 #define SET_ATTRBIT(a,i)        ((a)->set[(i) / 8] |= (1 << ((i) % 8)))
1154 #define CLEAR_ATTRBIT(a,i)      ((a)->set[(i) / 8] &= ~(1 << ((i) % 8)))
1155
1156 STORE_ATTR_INFO *STORE_ATTR_INFO_new(void)
1157         {
1158         return (STORE_ATTR_INFO *)OPENSSL_malloc(sizeof(STORE_ATTR_INFO));
1159         }
1160 static void STORE_ATTR_INFO_attr_free(STORE_ATTR_INFO *attrs,
1161         STORE_ATTR_TYPES code)
1162         {
1163         if (ATTR_IS_SET(attrs,code))
1164                 {
1165                 switch(code)
1166                         {
1167                 case STORE_ATTR_FRIENDLYNAME:
1168                 case STORE_ATTR_EMAIL:
1169                 case STORE_ATTR_FILENAME:
1170                         STORE_ATTR_INFO_modify_cstr(attrs, code, NULL, 0);
1171                         break;
1172                 case STORE_ATTR_KEYID:
1173                 case STORE_ATTR_ISSUERKEYID:
1174                 case STORE_ATTR_SUBJECTKEYID:
1175                 case STORE_ATTR_ISSUERSERIALHASH:
1176                 case STORE_ATTR_CERTHASH:
1177                         STORE_ATTR_INFO_modify_sha1str(attrs, code, NULL, 0);
1178                         break;
1179                 case STORE_ATTR_ISSUER:
1180                 case STORE_ATTR_SUBJECT:
1181                         STORE_ATTR_INFO_modify_dn(attrs, code, NULL);
1182                         break;
1183                 case STORE_ATTR_SERIAL:
1184                         STORE_ATTR_INFO_modify_number(attrs, code, NULL);
1185                         break;
1186                 default:
1187                         break;
1188                         }
1189                 }
1190         }
1191 int STORE_ATTR_INFO_free(STORE_ATTR_INFO *attrs)
1192         {
1193         if (attrs)
1194                 {
1195                 STORE_ATTR_TYPES i;
1196                 for(i = 0; i++ < STORE_ATTR_TYPE_NUM;)
1197                         STORE_ATTR_INFO_attr_free(attrs, i);
1198                 OPENSSL_free(attrs);
1199                 }
1200         return 1;
1201         }
1202 char *STORE_ATTR_INFO_get0_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code)
1203         {
1204         if (!attrs)
1205                 {
1206                 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_CSTR,
1207                         ERR_R_PASSED_NULL_PARAMETER);
1208                 return NULL;
1209                 }
1210         if (ATTR_IS_SET(attrs,code))
1211                 return attrs->values[code].cstring;
1212         STOREerr(STORE_F_STORE_ATTR_INFO_GET0_CSTR,
1213                 STORE_R_NO_VALUE);
1214         return NULL;
1215         }
1216 unsigned char *STORE_ATTR_INFO_get0_sha1str(STORE_ATTR_INFO *attrs,
1217         STORE_ATTR_TYPES code)
1218         {
1219         if (!attrs)
1220                 {
1221                 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_SHA1STR,
1222                         ERR_R_PASSED_NULL_PARAMETER);
1223                 return NULL;
1224                 }
1225         if (ATTR_IS_SET(attrs,code))
1226                 return attrs->values[code].sha1string;
1227         STOREerr(STORE_F_STORE_ATTR_INFO_GET0_SHA1STR,
1228                 STORE_R_NO_VALUE);
1229         return NULL;
1230         }
1231 X509_NAME *STORE_ATTR_INFO_get0_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code)
1232         {
1233         if (!attrs)
1234                 {
1235                 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_DN,
1236                         ERR_R_PASSED_NULL_PARAMETER);
1237                 return NULL;
1238                 }
1239         if (ATTR_IS_SET(attrs,code))
1240                 return attrs->values[code].dn;
1241         STOREerr(STORE_F_STORE_ATTR_INFO_GET0_DN,
1242                 STORE_R_NO_VALUE);
1243         return NULL;
1244         }
1245 BIGNUM *STORE_ATTR_INFO_get0_number(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code)
1246         {
1247         if (!attrs)
1248                 {
1249                 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_NUMBER,
1250                         ERR_R_PASSED_NULL_PARAMETER);
1251                 return NULL;
1252                 }
1253         if (ATTR_IS_SET(attrs,code))
1254                 return attrs->values[code].number;
1255         STOREerr(STORE_F_STORE_ATTR_INFO_GET0_NUMBER,
1256                 STORE_R_NO_VALUE);
1257         return NULL;
1258         }
1259 int STORE_ATTR_INFO_set_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1260         char *cstr, size_t cstr_size)
1261         {
1262         if (!attrs)
1263                 {
1264                 STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR,
1265                         ERR_R_PASSED_NULL_PARAMETER);
1266                 return 0;
1267                 }
1268         if (!ATTR_IS_SET(attrs,code))
1269                 {
1270                 if ((attrs->values[code].cstring = BUF_strndup(cstr, cstr_size)))
1271                         return 1;
1272                 STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR,
1273                         ERR_R_MALLOC_FAILURE);
1274                 return 0;
1275                 }
1276         STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR, STORE_R_ALREADY_HAS_A_VALUE);
1277         return 0;
1278         }
1279 int STORE_ATTR_INFO_set_sha1str(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1280         unsigned char *sha1str, size_t sha1str_size)
1281         {
1282         if (!attrs)
1283                 {
1284                 STOREerr(STORE_F_STORE_ATTR_INFO_SET_SHA1STR,
1285                         ERR_R_PASSED_NULL_PARAMETER);
1286                 return 0;
1287                 }
1288         if (!ATTR_IS_SET(attrs,code))
1289                 {
1290                 if ((attrs->values[code].sha1string =
1291                             (unsigned char *)BUF_memdup(sha1str,
1292                                     sha1str_size)))
1293                         return 1;
1294                 STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR,
1295                         ERR_R_MALLOC_FAILURE);
1296                 return 0;
1297                 }
1298         STOREerr(STORE_F_STORE_ATTR_INFO_SET_SHA1STR, STORE_R_ALREADY_HAS_A_VALUE);
1299         return 0;
1300         }
1301 int STORE_ATTR_INFO_set_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1302         X509_NAME *dn)
1303         {
1304         if (!attrs)
1305                 {
1306                 STOREerr(STORE_F_STORE_ATTR_INFO_SET_DN,
1307                         ERR_R_PASSED_NULL_PARAMETER);
1308                 return 0;
1309                 }
1310         if (!ATTR_IS_SET(attrs,code))
1311                 {
1312                 if ((attrs->values[code].dn = X509_NAME_dup(dn)))
1313                         return 1;
1314                 STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR,
1315                         ERR_R_MALLOC_FAILURE);
1316                 return 0;
1317                 }
1318         STOREerr(STORE_F_STORE_ATTR_INFO_SET_DN, STORE_R_ALREADY_HAS_A_VALUE);
1319         return 0;
1320         }
1321 int STORE_ATTR_INFO_set_number(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1322         BIGNUM *number)
1323         {
1324         if (!attrs)
1325                 {
1326                 STOREerr(STORE_F_STORE_ATTR_INFO_SET_NUMBER,
1327                         ERR_R_PASSED_NULL_PARAMETER);
1328                 return 0;
1329                 }
1330         if (!ATTR_IS_SET(attrs,code))
1331                 {
1332                 if ((attrs->values[code].number = BN_dup(number)))
1333                         return 1;
1334                 STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR,
1335                         ERR_R_MALLOC_FAILURE);
1336                 return 0;
1337                 }
1338         STOREerr(STORE_F_STORE_ATTR_INFO_SET_NUMBER, STORE_R_ALREADY_HAS_A_VALUE);
1339         return 0;
1340         }
1341 int STORE_ATTR_INFO_modify_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1342         char *cstr, size_t cstr_size)
1343         {
1344         if (!attrs)
1345                 {
1346                 STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_CSTR,
1347                         ERR_R_PASSED_NULL_PARAMETER);
1348                 return 0;
1349                 }
1350         if (ATTR_IS_SET(attrs,code))
1351                 {
1352                 OPENSSL_free(attrs->values[code].cstring);
1353                 attrs->values[code].cstring = NULL;
1354                 CLEAR_ATTRBIT(attrs, code);
1355                 }
1356         return STORE_ATTR_INFO_set_cstr(attrs, code, cstr, cstr_size);
1357         }
1358 int STORE_ATTR_INFO_modify_sha1str(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1359         unsigned char *sha1str, size_t sha1str_size)
1360         {
1361         if (!attrs)
1362                 {
1363                 STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_SHA1STR,
1364                         ERR_R_PASSED_NULL_PARAMETER);
1365                 return 0;
1366                 }
1367         if (ATTR_IS_SET(attrs,code))
1368                 {
1369                 OPENSSL_free(attrs->values[code].sha1string);
1370                 attrs->values[code].sha1string = NULL;
1371                 CLEAR_ATTRBIT(attrs, code);
1372                 }
1373         return STORE_ATTR_INFO_set_sha1str(attrs, code, sha1str, sha1str_size);
1374         }
1375 int STORE_ATTR_INFO_modify_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1376         X509_NAME *dn)
1377         {
1378         if (!attrs)
1379                 {
1380                 STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_DN,
1381                         ERR_R_PASSED_NULL_PARAMETER);
1382                 return 0;
1383                 }
1384         if (ATTR_IS_SET(attrs,code))
1385                 {
1386                 OPENSSL_free(attrs->values[code].dn);
1387                 attrs->values[code].dn = NULL;
1388                 CLEAR_ATTRBIT(attrs, code);
1389                 }
1390         return STORE_ATTR_INFO_set_dn(attrs, code, dn);
1391         }
1392 int STORE_ATTR_INFO_modify_number(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1393         BIGNUM *number)
1394         {
1395         if (!attrs)
1396                 {
1397                 STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_NUMBER,
1398                         ERR_R_PASSED_NULL_PARAMETER);
1399                 return 0;
1400                 }
1401         if (ATTR_IS_SET(attrs,code))
1402                 {
1403                 OPENSSL_free(attrs->values[code].number);
1404                 attrs->values[code].number = NULL;
1405                 CLEAR_ATTRBIT(attrs, code);
1406                 }
1407         return STORE_ATTR_INFO_set_number(attrs, code, number);
1408         }
1409
1410 struct attr_list_ctx_st
1411         {
1412         OPENSSL_ITEM *attributes;
1413         };
1414 void *STORE_parse_attrs_start(OPENSSL_ITEM *attributes)
1415         {
1416         if (attributes)
1417                 {
1418                 struct attr_list_ctx_st *context =
1419                         (struct attr_list_ctx_st *)OPENSSL_malloc(sizeof(struct attr_list_ctx_st));
1420                 if (context)
1421                         context->attributes = attributes;
1422                 else
1423                         STOREerr(STORE_F_STORE_PARSE_ATTRS_END,
1424                                 ERR_R_MALLOC_FAILURE);
1425                 return context;
1426                 }
1427         STOREerr(STORE_F_STORE_PARSE_ATTRS_END, ERR_R_PASSED_NULL_PARAMETER);
1428         return 0;
1429         }
1430 STORE_ATTR_INFO *STORE_parse_attrs_next(void *handle)
1431         {
1432         struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)handle;
1433
1434         if (context && context->attributes)
1435                 {
1436                 STORE_ATTR_INFO *attrs = NULL;
1437
1438                 while(context->attributes
1439                         && context->attributes->code != STORE_ATTR_OR
1440                         && context->attributes->code != STORE_ATTR_END)
1441                         {
1442                         switch(context->attributes->code)
1443                                 {
1444                         case STORE_ATTR_FRIENDLYNAME:
1445                         case STORE_ATTR_EMAIL:
1446                         case STORE_ATTR_FILENAME:
1447                                 if (!attrs) attrs = STORE_ATTR_INFO_new();
1448                                 if (attrs == NULL)
1449                                         {
1450                                         STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
1451                                                 ERR_R_MALLOC_FAILURE);
1452                                         goto err;
1453                                         }
1454                                 STORE_ATTR_INFO_set_cstr(attrs,
1455                                         context->attributes->code,
1456                                         context->attributes->value,
1457                                         context->attributes->value_size);
1458                                 break;
1459                         case STORE_ATTR_KEYID:
1460                         case STORE_ATTR_ISSUERKEYID:
1461                         case STORE_ATTR_SUBJECTKEYID:
1462                         case STORE_ATTR_ISSUERSERIALHASH:
1463                         case STORE_ATTR_CERTHASH:
1464                                 if (!attrs) attrs = STORE_ATTR_INFO_new();
1465                                 if (attrs == NULL)
1466                                         {
1467                                         STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
1468                                                 ERR_R_MALLOC_FAILURE);
1469                                         goto err;
1470                                         }
1471                                 STORE_ATTR_INFO_set_sha1str(attrs,
1472                                         context->attributes->code,
1473                                         context->attributes->value,
1474                                         context->attributes->value_size);
1475                                 break;
1476                         case STORE_ATTR_ISSUER:
1477                         case STORE_ATTR_SUBJECT:
1478                                 if (!attrs) attrs = STORE_ATTR_INFO_new();
1479                                 if (attrs == NULL)
1480                                         {
1481                                         STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
1482                                                 ERR_R_MALLOC_FAILURE);
1483                                         goto err;
1484                                         }
1485                                 STORE_ATTR_INFO_modify_dn(attrs,
1486                                         context->attributes->code,
1487                                         context->attributes->value);
1488                                 break;
1489                         case STORE_ATTR_SERIAL:
1490                                 if (!attrs) attrs = STORE_ATTR_INFO_new();
1491                                 if (attrs == NULL)
1492                                         {
1493                                         STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
1494                                                 ERR_R_MALLOC_FAILURE);
1495                                         goto err;
1496                                         }
1497                                 STORE_ATTR_INFO_modify_number(attrs,
1498                                         context->attributes->code,
1499                                         context->attributes->value);
1500                                 break;
1501                                 }
1502                         context->attributes++;
1503                         }
1504                 if (context->attributes->code == STORE_ATTR_OR)
1505                         context->attributes++;
1506                 return attrs;
1507         err:
1508                 while(context->attributes
1509                         && context->attributes->code != STORE_ATTR_OR
1510                         && context->attributes->code != STORE_ATTR_END)
1511                         context->attributes++;
1512                 if (context->attributes->code == STORE_ATTR_OR)
1513                         context->attributes++;
1514                 return NULL;
1515                 }
1516         STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT, ERR_R_PASSED_NULL_PARAMETER);
1517         return NULL;
1518         }
1519 int STORE_parse_attrs_end(void *handle)
1520         {
1521         struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)handle;
1522
1523         if (context && context->attributes)
1524                 {
1525 #if 0
1526                 OPENSSL_ITEM *attributes = context->attributes;
1527 #endif
1528                 OPENSSL_free(context);
1529                 return 1;
1530                 }
1531         STOREerr(STORE_F_STORE_PARSE_ATTRS_END, ERR_R_PASSED_NULL_PARAMETER);
1532         return 0;
1533         }
1534
1535 int STORE_parse_attrs_endp(void *handle)
1536         {
1537         struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)handle;
1538
1539         if (context && context->attributes)
1540                 {
1541                 return context->attributes->code == STORE_ATTR_END;
1542                 }
1543         STOREerr(STORE_F_STORE_PARSE_ATTRS_END, ERR_R_PASSED_NULL_PARAMETER);
1544         return 0;
1545         }
1546
1547 static int attr_info_compare_compute_range(
1548         unsigned char *abits, unsigned char *bbits,
1549         unsigned int *alowp, unsigned int *ahighp,
1550         unsigned int *blowp, unsigned int *bhighp)
1551         {
1552         unsigned int alow = (unsigned int)-1, ahigh = 0;
1553         unsigned int blow = (unsigned int)-1, bhigh = 0;
1554         int i, res = 0;
1555
1556         for (i = 0; i < (STORE_ATTR_TYPE_NUM + 8) / 8; i++, abits++, bbits++)
1557                 {
1558                 if (res == 0)
1559                         {
1560                         if (*abits < *bbits) res = -1;
1561                         if (*abits > *bbits) res = 1;
1562                         }
1563                 if (*abits)
1564                         {
1565                         if (alow == (unsigned int)-1)
1566                                 {
1567                                 alow = i * 8;
1568                                 if (!(*abits & 0x01)) alow++;
1569                                 if (!(*abits & 0x02)) alow++;
1570                                 if (!(*abits & 0x04)) alow++;
1571                                 if (!(*abits & 0x08)) alow++;
1572                                 if (!(*abits & 0x10)) alow++;
1573                                 if (!(*abits & 0x20)) alow++;
1574                                 if (!(*abits & 0x40)) alow++;
1575                                 }
1576                         ahigh = i * 8 + 7;
1577                         if (!(*abits & 0x80)) ahigh++;
1578                         if (!(*abits & 0x40)) ahigh++;
1579                         if (!(*abits & 0x20)) ahigh++;
1580                         if (!(*abits & 0x10)) ahigh++;
1581                         if (!(*abits & 0x08)) ahigh++;
1582                         if (!(*abits & 0x04)) ahigh++;
1583                         if (!(*abits & 0x02)) ahigh++;
1584                         }
1585                 if (*bbits)
1586                         {
1587                         if (blow == (unsigned int)-1)
1588                                 {
1589                                 blow = i * 8;
1590                                 if (!(*bbits & 0x01)) blow++;
1591                                 if (!(*bbits & 0x02)) blow++;
1592                                 if (!(*bbits & 0x04)) blow++;
1593                                 if (!(*bbits & 0x08)) blow++;
1594                                 if (!(*bbits & 0x10)) blow++;
1595                                 if (!(*bbits & 0x20)) blow++;
1596                                 if (!(*bbits & 0x40)) blow++;
1597                                 }
1598                         bhigh = i * 8 + 7;
1599                         if (!(*bbits & 0x80)) bhigh++;
1600                         if (!(*bbits & 0x40)) bhigh++;
1601                         if (!(*bbits & 0x20)) bhigh++;
1602                         if (!(*bbits & 0x10)) bhigh++;
1603                         if (!(*bbits & 0x08)) bhigh++;
1604                         if (!(*bbits & 0x04)) bhigh++;
1605                         if (!(*bbits & 0x02)) bhigh++;
1606                         }
1607                 }
1608         if (ahigh + alow < bhigh + blow) res = -1;
1609         if (ahigh + alow > bhigh + blow) res = 1;
1610         if (alowp) *alowp = alow;
1611         if (ahighp) *ahighp = ahigh;
1612         if (blowp) *blowp = blow;
1613         if (bhighp) *bhighp = bhigh;
1614         return res;
1615         }
1616
1617 int STORE_ATTR_INFO_compare(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
1618         {
1619         if (a == b) return 0;
1620         if (!a) return -1;
1621         if (!b) return 1;
1622         return attr_info_compare_compute_range(a->set, b->set, 0, 0, 0, 0);
1623         }
1624 int STORE_ATTR_INFO_in_range(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
1625         {
1626         unsigned int alow, ahigh, blow, bhigh;
1627
1628         if (a == b) return 1;
1629         if (!a) return 0;
1630         if (!b) return 0;
1631         attr_info_compare_compute_range(a->set, b->set,
1632                 &alow, &ahigh, &blow, &bhigh);
1633         if (alow >= blow && ahigh <= bhigh)
1634                 return 1;
1635         return 0;
1636         }
1637 int STORE_ATTR_INFO_in(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
1638         {
1639         unsigned char *abits, *bbits;
1640         int i;
1641
1642         if (a == b) return 1;
1643         if (!a) return 0;
1644         if (!b) return 0;
1645         abits = a->set;
1646         bbits = b->set;
1647         for (i = 0; i < (STORE_ATTR_TYPE_NUM + 8) / 8; i++, abits++, bbits++)
1648                 {
1649                 if (*abits && (*bbits & *abits) != *abits)
1650                         return 0;
1651                 }
1652         return 1;
1653         }
1654 int STORE_ATTR_INFO_in_ex(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
1655         {
1656         STORE_ATTR_TYPES i;
1657
1658         if (a == b) return 1;
1659         if (!STORE_ATTR_INFO_in(a, b)) return 0;
1660         for (i = 1; i < STORE_ATTR_TYPE_NUM; i++)
1661                 if (ATTR_IS_SET(a, i))
1662                         {
1663                         switch(i)
1664                                 {
1665                         case STORE_ATTR_FRIENDLYNAME:
1666                         case STORE_ATTR_EMAIL:
1667                         case STORE_ATTR_FILENAME:
1668                                 if (strcmp(a->values[i].cstring,
1669                                             b->values[i].cstring))
1670                                         return 0;
1671                                 break;
1672                         case STORE_ATTR_KEYID:
1673                         case STORE_ATTR_ISSUERKEYID:
1674                         case STORE_ATTR_SUBJECTKEYID:
1675                         case STORE_ATTR_ISSUERSERIALHASH:
1676                         case STORE_ATTR_CERTHASH:
1677                                 if (memcmp(a->values[i].sha1string,
1678                                             b->values[i].sha1string,
1679                                             a->value_sizes[i]))
1680                                         return 0;
1681                                 break;
1682                         case STORE_ATTR_ISSUER:
1683                         case STORE_ATTR_SUBJECT:
1684                                 if (X509_NAME_cmp(a->values[i].dn,
1685                                             b->values[i].dn))
1686                                         return 0;
1687                                 break;
1688                         case STORE_ATTR_SERIAL:
1689                                 if (BN_cmp(a->values[i].number,
1690                                             b->values[i].number))
1691                                         return 0;
1692                                 break;
1693                         default:
1694                                 break;
1695                                 }
1696                         }
1697
1698         return 1;
1699         }