crypto/store/str_lib.c

   1 /* crypto/store/str_lib.c -*- mode:C; c-file-style: "eay" -*- */
   2 /*
   3  * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
   4  * 2003.
   5  */
   6 /* ====================================================================
   7  * Copyright (c) 2003 The OpenSSL Project.  All rights reserved.
   8  *
   9  * Redistribution and use in source and binary forms, with or without
  10  * modification, are permitted provided that the following conditions
  11  * are met:
  12  *
  13  * 1. Redistributions of source code must retain the above copyright
  14  *    notice, this list of conditions and the following disclaimer.
  15  *
  16  * 2. Redistributions in binary form must reproduce the above copyright
  17  *    notice, this list of conditions and the following disclaimer in
  18  *    the documentation and/or other materials provided with the
  19  *    distribution.
  20  *
  21  * 3. All advertising materials mentioning features or use of this
  22  *    software must display the following acknowledgment:
  23  *    "This product includes software developed by the OpenSSL Project
  24  *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
  25  *
  26  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
  27  *    endorse or promote products derived from this software without
  28  *    prior written permission. For written permission, please contact
  29  *    openssl-core@openssl.org.
  30  *
  31  * 5. Products derived from this software may not be called "OpenSSL"
  32  *    nor may "OpenSSL" appear in their names without prior written
  33  *    permission of the OpenSSL Project.
  34  *
  35  * 6. Redistributions of any form whatsoever must retain the following
  36  *    acknowledgment:
  37  *    "This product includes software developed by the OpenSSL Project
  38  *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
  39  *
  40  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
  41  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  42  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  43  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
  44  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  45  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
  46  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
  47  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  48  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
  49  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  50  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
  51  * OF THE POSSIBILITY OF SUCH DAMAGE.
  52  * ====================================================================
  53  *
  54  * This product includes cryptographic software written by Eric Young
  55  * (eay@cryptsoft.com).  This product includes software written by Tim
  56  * Hudson (tjh@cryptsoft.com).
  57  *
  58  */
  59
  60 #include <string.h>
  61 #include <openssl/bn.h>
  62 #include <openssl/err.h>
  63 #ifndef OPENSSL_NO_ENGINE
  64 # include <openssl/engine.h>
  65 #endif
  66 #include <openssl/sha.h>
  67 #include <openssl/x509.h>
  68 #include "str_locl.h"
  69
  70 const char *const STORE_object_type_string[STORE_OBJECT_TYPE_NUM + 1] = {
  71     0,
  72     "X.509 Certificate",
  73     "X.509 CRL",
  74     "Private Key",
  75     "Public Key",
  76     "Number",
  77     "Arbitrary Data"
  78 };
  79
  80 const int STORE_param_sizes[STORE_PARAM_TYPE_NUM + 1] = {
  81     0,
  82     sizeof(int),                /* EVP_TYPE */
  83     sizeof(size_t),             /* BITS */
  84     -1,                         /* KEY_PARAMETERS */
  85     0                           /* KEY_NO_PARAMETERS */
  86 };
  87
  88 const int STORE_attr_sizes[STORE_ATTR_TYPE_NUM + 1] = {
  89     0,
  90     -1,                         /* FRIENDLYNAME: C string */
  91     SHA_DIGEST_LENGTH,          /* KEYID: SHA1 digest, 160 bits */
  92     SHA_DIGEST_LENGTH,          /* ISSUERKEYID: SHA1 digest, 160 bits */
  93     SHA_DIGEST_LENGTH,          /* SUBJECTKEYID: SHA1 digest, 160 bits */
  94     SHA_DIGEST_LENGTH,          /* ISSUERSERIALHASH: SHA1 digest, 160 bits */
  95     sizeof(X509_NAME *),        /* ISSUER: X509_NAME * */
  96     sizeof(BIGNUM *),           /* SERIAL: BIGNUM * */
  97     sizeof(X509_NAME *),        /* SUBJECT: X509_NAME * */
  98     SHA_DIGEST_LENGTH,          /* CERTHASH: SHA1 digest, 160 bits */
  99     -1,                         /* EMAIL: C string */
 100     -1,                         /* FILENAME: C string */
 101 };
 102
 103 STORE *STORE_new_method(const STORE_METHOD *method)
 104 {
 105     STORE *ret;
 106
 107     if (method == NULL) {
 108         STOREerr(STORE_F_STORE_NEW_METHOD, ERR_R_PASSED_NULL_PARAMETER);
 109         return NULL;
 110     }
 111
 112     ret = (STORE *)OPENSSL_malloc(sizeof(STORE));
 113     if (ret == NULL) {
 114         STOREerr(STORE_F_STORE_NEW_METHOD, ERR_R_MALLOC_FAILURE);
 115         return NULL;
 116     }
 117
 118     ret->meth = method;
 119
 120     CRYPTO_new_ex_data(CRYPTO_EX_INDEX_STORE, ret, &ret->ex_data);
 121     if (ret->meth->init && !ret->meth->init(ret)) {
 122         STORE_free(ret);
 123         ret = NULL;
 124     }
 125     return ret;
 126 }
 127
 128 STORE *STORE_new_engine(ENGINE *engine)
 129 {
 130     STORE *ret = NULL;
 131     ENGINE *e = engine;
 132     const STORE_METHOD *meth = 0;
 133
 134 #ifdef OPENSSL_NO_ENGINE
 135     e = NULL;
 136 #else
 137     if (engine) {
 138         if (!ENGINE_init(engine)) {
 139             STOREerr(STORE_F_STORE_NEW_ENGINE, ERR_R_ENGINE_LIB);
 140             return NULL;
 141         }
 142         e = engine;
 143     } else {
 144         STOREerr(STORE_F_STORE_NEW_ENGINE, ERR_R_PASSED_NULL_PARAMETER);
 145         return NULL;
 146     }
 147     if (e) {
 148         meth = ENGINE_get_STORE(e);
 149         if (!meth) {
 150             STOREerr(STORE_F_STORE_NEW_ENGINE, ERR_R_ENGINE_LIB);
 151             ENGINE_finish(e);
 152             return NULL;
 153         }
 154     }
 155 #endif
 156
 157     ret = STORE_new_method(meth);
 158     if (ret == NULL) {
 159         STOREerr(STORE_F_STORE_NEW_ENGINE, ERR_R_STORE_LIB);
 160         return NULL;
 161     }
 162
 163     ret->engine = e;
 164
 165     return (ret);
 166 }
 167
 168 void STORE_free(STORE *store)
 169 {
 170     if (store == NULL)
 171         return;
 172     if (store->meth->clean)
 173         store->meth->clean(store);
 174     CRYPTO_free_ex_data(CRYPTO_EX_INDEX_STORE, store, &store->ex_data);
 175     OPENSSL_free(store);
 176 }
 177
 178 int STORE_ctrl(STORE *store, int cmd, long i, void *p, void (*f) (void))
 179 {
 180     if (store == NULL) {
 181         STOREerr(STORE_F_STORE_CTRL, ERR_R_PASSED_NULL_PARAMETER);
 182         return 0;
 183     }
 184     if (store->meth->ctrl)
 185         return store->meth->ctrl(store, cmd, i, p, f);
 186     STOREerr(STORE_F_STORE_CTRL, STORE_R_NO_CONTROL_FUNCTION);
 187     return 0;
 188 }
 189
 190 int STORE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
 191                            CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
 192 {
 193     return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_STORE, argl, argp,
 194                                    new_func, dup_func, free_func);
 195 }
 196
 197 int STORE_set_ex_data(STORE *r, int idx, void *arg)
 198 {
 199     return (CRYPTO_set_ex_data(&r->ex_data, idx, arg));
 200 }
 201
 202 void *STORE_get_ex_data(STORE *r, int idx)
 203 {
 204     return (CRYPTO_get_ex_data(&r->ex_data, idx));
 205 }
 206
 207 const STORE_METHOD *STORE_get_method(STORE *store)
 208 {
 209     return store->meth;
 210 }
 211
 212 const STORE_METHOD *STORE_set_method(STORE *store, const STORE_METHOD *meth)
 213 {
 214     store->meth = meth;
 215     return store->meth;
 216 }
 217
 218 /* API helpers */
 219
 220 #define check_store(s,fncode,fnname,fnerrcode) \
 221         do \
 222                 { \
 223                 if ((s) == NULL || (s)->meth == NULL) \
 224                         { \
 225                         STOREerr((fncode), ERR_R_PASSED_NULL_PARAMETER); \
 226                         return 0; \
 227                         } \
 228                 if ((s)->meth->fnname == NULL) \
 229                         { \
 230                         STOREerr((fncode), (fnerrcode)); \
 231                         return 0; \
 232                         } \
 233                 } \
 234         while(0)
 235
 236 /* API functions */
 237
 238 X509 *STORE_get_certificate(STORE *s, OPENSSL_ITEM attributes[],
 239                             OPENSSL_ITEM parameters[])
 240 {
 241     STORE_OBJECT *object;
 242     X509 *x;
 243
 244     check_store(s, STORE_F_STORE_GET_CERTIFICATE,
 245                 get_object, STORE_R_NO_GET_OBJECT_FUNCTION);
 246
 247     object = s->meth->get_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
 248                                  attributes, parameters);
 249     if (!object || !object->data.x509.certificate) {
 250         STOREerr(STORE_F_STORE_GET_CERTIFICATE,
 251                  STORE_R_FAILED_GETTING_CERTIFICATE);
 252         return 0;
 253     }
 254     CRYPTO_add(&object->data.x509.certificate->references, 1,
 255                CRYPTO_LOCK_X509);
 256 #ifdef REF_PRINT
 257     REF_PRINT("X509", data);
 258 #endif
 259     x = object->data.x509.certificate;
 260     STORE_OBJECT_free(object);
 261     return x;
 262 }
 263
 264 int STORE_store_certificate(STORE *s, X509 *data, OPENSSL_ITEM attributes[],
 265                             OPENSSL_ITEM parameters[])
 266 {
 267     STORE_OBJECT *object;
 268     int i;
 269
 270     check_store(s, STORE_F_STORE_CERTIFICATE,
 271                 store_object, STORE_R_NO_STORE_OBJECT_FUNCTION);
 272
 273     object = STORE_OBJECT_new();
 274     if (!object) {
 275         STOREerr(STORE_F_STORE_STORE_CERTIFICATE, ERR_R_MALLOC_FAILURE);
 276         return 0;
 277     }
 278
 279     CRYPTO_add(&data->references, 1, CRYPTO_LOCK_X509);
 280 #ifdef REF_PRINT
 281     REF_PRINT("X509", data);
 282 #endif
 283     object->data.x509.certificate = data;
 284
 285     i = s->meth->store_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
 286                               object, attributes, parameters);
 287
 288     STORE_OBJECT_free(object);
 289
 290     if (!i) {
 291         STOREerr(STORE_F_STORE_STORE_CERTIFICATE,
 292                  STORE_R_FAILED_STORING_CERTIFICATE);
 293         return 0;
 294     }
 295     return 1;
 296 }
 297
 298 int STORE_modify_certificate(STORE *s, OPENSSL_ITEM search_attributes[],
 299                              OPENSSL_ITEM add_attributes[],
 300                              OPENSSL_ITEM modify_attributes[],
 301                              OPENSSL_ITEM delete_attributes[],
 302                              OPENSSL_ITEM parameters[])
 303 {
 304     check_store(s, STORE_F_STORE_MODIFY_CERTIFICATE,
 305                 modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION);
 306
 307     if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
 308                                 search_attributes, add_attributes,
 309                                 modify_attributes, delete_attributes,
 310                                 parameters)) {
 311         STOREerr(STORE_F_STORE_MODIFY_CERTIFICATE,
 312                  STORE_R_FAILED_MODIFYING_CERTIFICATE);
 313         return 0;
 314     }
 315     return 1;
 316 }
 317
 318 int STORE_revoke_certificate(STORE *s, OPENSSL_ITEM attributes[],
 319                              OPENSSL_ITEM parameters[])
 320 {
 321     check_store(s, STORE_F_STORE_REVOKE_CERTIFICATE,
 322                 revoke_object, STORE_R_NO_REVOKE_OBJECT_FUNCTION);
 323
 324     if (!s->meth->revoke_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
 325                                 attributes, parameters)) {
 326         STOREerr(STORE_F_STORE_REVOKE_CERTIFICATE,
 327                  STORE_R_FAILED_REVOKING_CERTIFICATE);
 328         return 0;
 329     }
 330     return 1;
 331 }
 332
 333 int STORE_delete_certificate(STORE *s, OPENSSL_ITEM attributes[],
 334                              OPENSSL_ITEM parameters[])
 335 {
 336     check_store(s, STORE_F_STORE_DELETE_CERTIFICATE,
 337                 delete_object, STORE_R_NO_DELETE_OBJECT_FUNCTION);
 338
 339     if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
 340                                 attributes, parameters)) {
 341         STOREerr(STORE_F_STORE_DELETE_CERTIFICATE,
 342                  STORE_R_FAILED_DELETING_CERTIFICATE);
 343         return 0;
 344     }
 345     return 1;
 346 }
 347
 348 void *STORE_list_certificate_start(STORE *s, OPENSSL_ITEM attributes[],
 349                                    OPENSSL_ITEM parameters[])
 350 {
 351     void *handle;
 352
 353     check_store(s, STORE_F_STORE_LIST_CERTIFICATE_START,
 354                 list_object_start, STORE_R_NO_LIST_OBJECT_START_FUNCTION);
 355
 356     handle = s->meth->list_object_start(s,
 357                                         STORE_OBJECT_TYPE_X509_CERTIFICATE,
 358                                         attributes, parameters);
 359     if (!handle) {
 360         STOREerr(STORE_F_STORE_LIST_CERTIFICATE_START,
 361                  STORE_R_FAILED_LISTING_CERTIFICATES);
 362         return 0;
 363     }
 364     return handle;
 365 }
 366
 367 X509 *STORE_list_certificate_next(STORE *s, void *handle)
 368 {
 369     STORE_OBJECT *object;
 370     X509 *x;
 371
 372     check_store(s, STORE_F_STORE_LIST_CERTIFICATE_NEXT,
 373                 list_object_next, STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
 374
 375     object = s->meth->list_object_next(s, handle);
 376     if (!object || !object->data.x509.certificate) {
 377         STOREerr(STORE_F_STORE_LIST_CERTIFICATE_NEXT,
 378                  STORE_R_FAILED_LISTING_CERTIFICATES);
 379         return 0;
 380     }
 381     CRYPTO_add(&object->data.x509.certificate->references, 1,
 382                CRYPTO_LOCK_X509);
 383 #ifdef REF_PRINT
 384     REF_PRINT("X509", data);
 385 #endif
 386     x = object->data.x509.certificate;
 387     STORE_OBJECT_free(object);
 388     return x;
 389 }
 390
 391 int STORE_list_certificate_end(STORE *s, void *handle)
 392 {
 393     check_store(s, STORE_F_STORE_LIST_CERTIFICATE_END,
 394                 list_object_end, STORE_R_NO_LIST_OBJECT_END_FUNCTION);
 395
 396     if (!s->meth->list_object_end(s, handle)) {
 397         STOREerr(STORE_F_STORE_LIST_CERTIFICATE_END,
 398                  STORE_R_FAILED_LISTING_CERTIFICATES);
 399         return 0;
 400     }
 401     return 1;
 402 }
 403
 404 int STORE_list_certificate_endp(STORE *s, void *handle)
 405 {
 406     check_store(s, STORE_F_STORE_LIST_CERTIFICATE_ENDP,
 407                 list_object_endp, STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
 408
 409     if (!s->meth->list_object_endp(s, handle)) {
 410         STOREerr(STORE_F_STORE_LIST_CERTIFICATE_ENDP,
 411                  STORE_R_FAILED_LISTING_CERTIFICATES);
 412         return 0;
 413     }
 414     return 1;
 415 }
 416
 417 EVP_PKEY *STORE_generate_key(STORE *s, OPENSSL_ITEM attributes[],
 418                              OPENSSL_ITEM parameters[])
 419 {
 420     STORE_OBJECT *object;
 421     EVP_PKEY *pkey;
 422
 423     check_store(s, STORE_F_STORE_GENERATE_KEY,
 424                 generate_object, STORE_R_NO_GENERATE_OBJECT_FUNCTION);
 425
 426     object = s->meth->generate_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
 427                                       attributes, parameters);
 428     if (!object || !object->data.key) {
 429         STOREerr(STORE_F_STORE_GENERATE_KEY, STORE_R_FAILED_GENERATING_KEY);
 430         return 0;
 431     }
 432     CRYPTO_add(&object->data.key->references, 1, CRYPTO_LOCK_EVP_PKEY);
 433 #ifdef REF_PRINT
 434     REF_PRINT("EVP_PKEY", data);
 435 #endif
 436     pkey = object->data.key;
 437     STORE_OBJECT_free(object);
 438     return pkey;
 439 }
 440
 441 EVP_PKEY *STORE_get_private_key(STORE *s, OPENSSL_ITEM attributes[],
 442                                 OPENSSL_ITEM parameters[])
 443 {
 444     STORE_OBJECT *object;
 445     EVP_PKEY *pkey;
 446
 447     check_store(s, STORE_F_STORE_GET_PRIVATE_KEY,
 448                 get_object, STORE_R_NO_GET_OBJECT_FUNCTION);
 449
 450     object = s->meth->get_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
 451                                  attributes, parameters);
 452     if (!object || !object->data.key || !object->data.key) {
 453         STOREerr(STORE_F_STORE_GET_PRIVATE_KEY, STORE_R_FAILED_GETTING_KEY);
 454         return 0;
 455     }
 456     CRYPTO_add(&object->data.key->references, 1, CRYPTO_LOCK_EVP_PKEY);
 457 #ifdef REF_PRINT
 458     REF_PRINT("EVP_PKEY", data);
 459 #endif
 460     pkey = object->data.key;
 461     STORE_OBJECT_free(object);
 462     return pkey;
 463 }
 464
 465 int STORE_store_private_key(STORE *s, EVP_PKEY *data,
 466                             OPENSSL_ITEM attributes[],
 467                             OPENSSL_ITEM parameters[])
 468 {
 469     STORE_OBJECT *object;
 470     int i;
 471
 472     check_store(s, STORE_F_STORE_STORE_PRIVATE_KEY,
 473                 store_object, STORE_R_NO_STORE_OBJECT_FUNCTION);
 474
 475     object = STORE_OBJECT_new();
 476     if (!object) {
 477         STOREerr(STORE_F_STORE_STORE_PRIVATE_KEY, ERR_R_MALLOC_FAILURE);
 478         return 0;
 479     }
 480     object->data.key = EVP_PKEY_new();
 481     if (!object->data.key) {
 482         STOREerr(STORE_F_STORE_STORE_PRIVATE_KEY, ERR_R_MALLOC_FAILURE);
 483         return 0;
 484     }
 485
 486     CRYPTO_add(&data->references, 1, CRYPTO_LOCK_EVP_PKEY);
 487 #ifdef REF_PRINT
 488     REF_PRINT("EVP_PKEY", data);
 489 #endif
 490     object->data.key = data;
 491
 492     i = s->meth->store_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY, object,
 493                               attributes, parameters);
 494
 495     STORE_OBJECT_free(object);
 496
 497     if (!i) {
 498         STOREerr(STORE_F_STORE_STORE_PRIVATE_KEY, STORE_R_FAILED_STORING_KEY);
 499         return 0;
 500     }
 501     return i;
 502 }
 503
 504 int STORE_modify_private_key(STORE *s, OPENSSL_ITEM search_attributes[],
 505                              OPENSSL_ITEM add_attributes[],
 506                              OPENSSL_ITEM modify_attributes[],
 507                              OPENSSL_ITEM delete_attributes[],
 508                              OPENSSL_ITEM parameters[])
 509 {
 510     check_store(s, STORE_F_STORE_MODIFY_PRIVATE_KEY,
 511                 modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION);
 512
 513     if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
 514                                 search_attributes, add_attributes,
 515                                 modify_attributes, delete_attributes,
 516                                 parameters)) {
 517         STOREerr(STORE_F_STORE_MODIFY_PRIVATE_KEY,
 518                  STORE_R_FAILED_MODIFYING_PRIVATE_KEY);
 519         return 0;
 520     }
 521     return 1;
 522 }
 523
 524 int STORE_revoke_private_key(STORE *s, OPENSSL_ITEM attributes[],
 525                              OPENSSL_ITEM parameters[])
 526 {
 527     int i;
 528
 529     check_store(s, STORE_F_STORE_REVOKE_PRIVATE_KEY,
 530                 revoke_object, STORE_R_NO_REVOKE_OBJECT_FUNCTION);
 531
 532     i = s->meth->revoke_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
 533                                attributes, parameters);
 534
 535     if (!i) {
 536         STOREerr(STORE_F_STORE_REVOKE_PRIVATE_KEY,
 537                  STORE_R_FAILED_REVOKING_KEY);
 538         return 0;
 539     }
 540     return i;
 541 }
 542
 543 int STORE_delete_private_key(STORE *s, OPENSSL_ITEM attributes[],
 544                              OPENSSL_ITEM parameters[])
 545 {
 546     check_store(s, STORE_F_STORE_DELETE_PRIVATE_KEY,
 547                 delete_object, STORE_R_NO_DELETE_OBJECT_FUNCTION);
 548
 549     if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
 550                                 attributes, parameters)) {
 551         STOREerr(STORE_F_STORE_DELETE_PRIVATE_KEY,
 552                  STORE_R_FAILED_DELETING_KEY);
 553         return 0;
 554     }
 555     return 1;
 556 }
 557
 558 void *STORE_list_private_key_start(STORE *s, OPENSSL_ITEM attributes[],
 559                                    OPENSSL_ITEM parameters[])
 560 {
 561     void *handle;
 562
 563     check_store(s, STORE_F_STORE_LIST_PRIVATE_KEY_START,
 564                 list_object_start, STORE_R_NO_LIST_OBJECT_START_FUNCTION);
 565
 566     handle = s->meth->list_object_start(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
 567                                         attributes, parameters);
 568     if (!handle) {
 569         STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_START,
 570                  STORE_R_FAILED_LISTING_KEYS);
 571         return 0;
 572     }
 573     return handle;
 574 }
 575
 576 EVP_PKEY *STORE_list_private_key_next(STORE *s, void *handle)
 577 {
 578     STORE_OBJECT *object;
 579     EVP_PKEY *pkey;
 580
 581     check_store(s, STORE_F_STORE_LIST_PRIVATE_KEY_NEXT,
 582                 list_object_next, STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
 583
 584     object = s->meth->list_object_next(s, handle);
 585     if (!object || !object->data.key || !object->data.key) {
 586         STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_NEXT,
 587                  STORE_R_FAILED_LISTING_KEYS);
 588         return 0;
 589     }
 590     CRYPTO_add(&object->data.key->references, 1, CRYPTO_LOCK_EVP_PKEY);
 591 #ifdef REF_PRINT
 592     REF_PRINT("EVP_PKEY", data);
 593 #endif
 594     pkey = object->data.key;
 595     STORE_OBJECT_free(object);
 596     return pkey;
 597 }
 598
 599 int STORE_list_private_key_end(STORE *s, void *handle)
 600 {
 601     check_store(s, STORE_F_STORE_LIST_PRIVATE_KEY_END,
 602                 list_object_end, STORE_R_NO_LIST_OBJECT_END_FUNCTION);
 603
 604     if (!s->meth->list_object_end(s, handle)) {
 605         STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_END,
 606                  STORE_R_FAILED_LISTING_KEYS);
 607         return 0;
 608     }
 609     return 1;
 610 }
 611
 612 int STORE_list_private_key_endp(STORE *s, void *handle)
 613 {
 614     check_store(s, STORE_F_STORE_LIST_PRIVATE_KEY_ENDP,
 615                 list_object_endp, STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
 616
 617     if (!s->meth->list_object_endp(s, handle)) {
 618         STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_ENDP,
 619                  STORE_R_FAILED_LISTING_KEYS);
 620         return 0;
 621     }
 622     return 1;
 623 }
 624
 625 EVP_PKEY *STORE_get_public_key(STORE *s, OPENSSL_ITEM attributes[],
 626                                OPENSSL_ITEM parameters[])
 627 {
 628     STORE_OBJECT *object;
 629     EVP_PKEY *pkey;
 630
 631     check_store(s, STORE_F_STORE_GET_PUBLIC_KEY,
 632                 get_object, STORE_R_NO_GET_OBJECT_FUNCTION);
 633
 634     object = s->meth->get_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
 635                                  attributes, parameters);
 636     if (!object || !object->data.key || !object->data.key) {
 637         STOREerr(STORE_F_STORE_GET_PUBLIC_KEY, STORE_R_FAILED_GETTING_KEY);
 638         return 0;
 639     }
 640     CRYPTO_add(&object->data.key->references, 1, CRYPTO_LOCK_EVP_PKEY);
 641 #ifdef REF_PRINT
 642     REF_PRINT("EVP_PKEY", data);
 643 #endif
 644     pkey = object->data.key;
 645     STORE_OBJECT_free(object);
 646     return pkey;
 647 }
 648
 649 int STORE_store_public_key(STORE *s, EVP_PKEY *data,
 650                            OPENSSL_ITEM attributes[],
 651                            OPENSSL_ITEM parameters[])
 652 {
 653     STORE_OBJECT *object;
 654     int i;
 655
 656     check_store(s, STORE_F_STORE_STORE_PUBLIC_KEY,
 657                 store_object, STORE_R_NO_STORE_OBJECT_FUNCTION);
 658
 659     object = STORE_OBJECT_new();
 660     if (!object) {
 661         STOREerr(STORE_F_STORE_STORE_PUBLIC_KEY, ERR_R_MALLOC_FAILURE);
 662         return 0;
 663     }
 664     object->data.key = EVP_PKEY_new();
 665     if (!object->data.key) {
 666         STOREerr(STORE_F_STORE_STORE_PUBLIC_KEY, ERR_R_MALLOC_FAILURE);
 667         return 0;
 668     }
 669
 670     CRYPTO_add(&data->references, 1, CRYPTO_LOCK_EVP_PKEY);
 671 #ifdef REF_PRINT
 672     REF_PRINT("EVP_PKEY", data);
 673 #endif
 674     object->data.key = data;
 675
 676     i = s->meth->store_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY, object,
 677                               attributes, parameters);
 678
 679     STORE_OBJECT_free(object);
 680
 681     if (!i) {
 682         STOREerr(STORE_F_STORE_STORE_PUBLIC_KEY, STORE_R_FAILED_STORING_KEY);
 683         return 0;
 684     }
 685     return i;
 686 }
 687
 688 int STORE_modify_public_key(STORE *s, OPENSSL_ITEM search_attributes[],
 689                             OPENSSL_ITEM add_attributes[],
 690                             OPENSSL_ITEM modify_attributes[],
 691                             OPENSSL_ITEM delete_attributes[],
 692                             OPENSSL_ITEM parameters[])
 693 {
 694     check_store(s, STORE_F_STORE_MODIFY_PUBLIC_KEY,
 695                 modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION);
 696
 697     if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
 698                                 search_attributes, add_attributes,
 699                                 modify_attributes, delete_attributes,
 700                                 parameters)) {
 701         STOREerr(STORE_F_STORE_MODIFY_PUBLIC_KEY,
 702                  STORE_R_FAILED_MODIFYING_PUBLIC_KEY);
 703         return 0;
 704     }
 705     return 1;
 706 }
 707
 708 int STORE_revoke_public_key(STORE *s, OPENSSL_ITEM attributes[],
 709                             OPENSSL_ITEM parameters[])
 710 {
 711     int i;
 712
 713     check_store(s, STORE_F_STORE_REVOKE_PUBLIC_KEY,
 714                 revoke_object, STORE_R_NO_REVOKE_OBJECT_FUNCTION);
 715
 716     i = s->meth->revoke_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
 717                                attributes, parameters);
 718
 719     if (!i) {
 720         STOREerr(STORE_F_STORE_REVOKE_PUBLIC_KEY,
 721                  STORE_R_FAILED_REVOKING_KEY);
 722         return 0;
 723     }
 724     return i;
 725 }
 726
 727 int STORE_delete_public_key(STORE *s, OPENSSL_ITEM attributes[],
 728                             OPENSSL_ITEM parameters[])
 729 {
 730     check_store(s, STORE_F_STORE_DELETE_PUBLIC_KEY,
 731                 delete_object, STORE_R_NO_DELETE_OBJECT_FUNCTION);
 732
 733     if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
 734                                 attributes, parameters)) {
 735         STOREerr(STORE_F_STORE_DELETE_PUBLIC_KEY,
 736                  STORE_R_FAILED_DELETING_KEY);
 737         return 0;
 738     }
 739     return 1;
 740 }
 741
 742 void *STORE_list_public_key_start(STORE *s, OPENSSL_ITEM attributes[],
 743                                   OPENSSL_ITEM parameters[])
 744 {
 745     void *handle;
 746
 747     check_store(s, STORE_F_STORE_LIST_PUBLIC_KEY_START,
 748                 list_object_start, STORE_R_NO_LIST_OBJECT_START_FUNCTION);
 749
 750     handle = s->meth->list_object_start(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
 751                                         attributes, parameters);
 752     if (!handle) {
 753         STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_START,
 754                  STORE_R_FAILED_LISTING_KEYS);
 755         return 0;
 756     }
 757     return handle;
 758 }
 759
 760 EVP_PKEY *STORE_list_public_key_next(STORE *s, void *handle)
 761 {
 762     STORE_OBJECT *object;
 763     EVP_PKEY *pkey;
 764
 765     check_store(s, STORE_F_STORE_LIST_PUBLIC_KEY_NEXT,
 766                 list_object_next, STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
 767
 768     object = s->meth->list_object_next(s, handle);
 769     if (!object || !object->data.key || !object->data.key) {
 770         STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_NEXT,
 771                  STORE_R_FAILED_LISTING_KEYS);
 772         return 0;
 773     }
 774     CRYPTO_add(&object->data.key->references, 1, CRYPTO_LOCK_EVP_PKEY);
 775 #ifdef REF_PRINT
 776     REF_PRINT("EVP_PKEY", data);
 777 #endif
 778     pkey = object->data.key;
 779     STORE_OBJECT_free(object);
 780     return pkey;
 781 }
 782
 783 int STORE_list_public_key_end(STORE *s, void *handle)
 784 {
 785     check_store(s, STORE_F_STORE_LIST_PUBLIC_KEY_END,
 786                 list_object_end, STORE_R_NO_LIST_OBJECT_END_FUNCTION);
 787
 788     if (!s->meth->list_object_end(s, handle)) {
 789         STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_END,
 790                  STORE_R_FAILED_LISTING_KEYS);
 791         return 0;
 792     }
 793     return 1;
 794 }
 795
 796 int STORE_list_public_key_endp(STORE *s, void *handle)
 797 {
 798     check_store(s, STORE_F_STORE_LIST_PUBLIC_KEY_ENDP,
 799                 list_object_endp, STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
 800
 801     if (!s->meth->list_object_endp(s, handle)) {
 802         STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_ENDP,
 803                  STORE_R_FAILED_LISTING_KEYS);
 804         return 0;
 805     }
 806     return 1;
 807 }
 808
 809 X509_CRL *STORE_generate_crl(STORE *s, OPENSSL_ITEM attributes[],
 810                              OPENSSL_ITEM parameters[])
 811 {
 812     STORE_OBJECT *object;
 813     X509_CRL *crl;
 814
 815     check_store(s, STORE_F_STORE_GENERATE_CRL,
 816                 generate_object, STORE_R_NO_GENERATE_CRL_FUNCTION);
 817
 818     object = s->meth->generate_object(s, STORE_OBJECT_TYPE_X509_CRL,
 819                                       attributes, parameters);
 820     if (!object || !object->data.crl) {
 821         STOREerr(STORE_F_STORE_GENERATE_CRL, STORE_R_FAILED_GENERATING_CRL);
 822         return 0;
 823     }
 824     CRYPTO_add(&object->data.crl->references, 1, CRYPTO_LOCK_X509_CRL);
 825 #ifdef REF_PRINT
 826     REF_PRINT("X509_CRL", data);
 827 #endif
 828     crl = object->data.crl;
 829     STORE_OBJECT_free(object);
 830     return crl;
 831 }
 832
 833 X509_CRL *STORE_get_crl(STORE *s, OPENSSL_ITEM attributes[],
 834                         OPENSSL_ITEM parameters[])
 835 {
 836     STORE_OBJECT *object;
 837     X509_CRL *crl;
 838
 839     check_store(s, STORE_F_STORE_GET_CRL,
 840                 get_object, STORE_R_NO_GET_OBJECT_FUNCTION);
 841
 842     object = s->meth->get_object(s, STORE_OBJECT_TYPE_X509_CRL,
 843                                  attributes, parameters);
 844     if (!object || !object->data.crl) {
 845         STOREerr(STORE_F_STORE_GET_CRL, STORE_R_FAILED_GETTING_KEY);
 846         return 0;
 847     }
 848     CRYPTO_add(&object->data.crl->references, 1, CRYPTO_LOCK_X509_CRL);
 849 #ifdef REF_PRINT
 850     REF_PRINT("X509_CRL", data);
 851 #endif
 852     crl = object->data.crl;
 853     STORE_OBJECT_free(object);
 854     return crl;
 855 }
 856
 857 int STORE_store_crl(STORE *s, X509_CRL *data, OPENSSL_ITEM attributes[],
 858                     OPENSSL_ITEM parameters[])
 859 {
 860     STORE_OBJECT *object;
 861     int i;
 862
 863     check_store(s, STORE_F_STORE_STORE_CRL,
 864                 store_object, STORE_R_NO_STORE_OBJECT_FUNCTION);
 865
 866     object = STORE_OBJECT_new();
 867     if (!object) {
 868         STOREerr(STORE_F_STORE_STORE_CRL, ERR_R_MALLOC_FAILURE);
 869         return 0;
 870     }
 871
 872     CRYPTO_add(&data->references, 1, CRYPTO_LOCK_X509_CRL);
 873 #ifdef REF_PRINT
 874     REF_PRINT("X509_CRL", data);
 875 #endif
 876     object->data.crl = data;
 877
 878     i = s->meth->store_object(s, STORE_OBJECT_TYPE_X509_CRL, object,
 879                               attributes, parameters);
 880
 881     STORE_OBJECT_free(object);
 882
 883     if (!i) {
 884         STOREerr(STORE_F_STORE_STORE_CRL, STORE_R_FAILED_STORING_KEY);
 885         return 0;
 886     }
 887     return i;
 888 }
 889
 890 int STORE_modify_crl(STORE *s, OPENSSL_ITEM search_attributes[],
 891                      OPENSSL_ITEM add_attributes[],
 892                      OPENSSL_ITEM modify_attributes[],
 893                      OPENSSL_ITEM delete_attributes[],
 894                      OPENSSL_ITEM parameters[])
 895 {
 896     check_store(s, STORE_F_STORE_MODIFY_CRL,
 897                 modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION);
 898
 899     if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_X509_CRL,
 900                                 search_attributes, add_attributes,
 901                                 modify_attributes, delete_attributes,
 902                                 parameters)) {
 903         STOREerr(STORE_F_STORE_MODIFY_CRL, STORE_R_FAILED_MODIFYING_CRL);
 904         return 0;
 905     }
 906     return 1;
 907 }
 908
 909 int STORE_delete_crl(STORE *s, OPENSSL_ITEM attributes[],
 910                      OPENSSL_ITEM parameters[])
 911 {
 912     check_store(s, STORE_F_STORE_DELETE_CRL,
 913                 delete_object, STORE_R_NO_DELETE_OBJECT_FUNCTION);
 914
 915     if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_X509_CRL,
 916                                 attributes, parameters)) {
 917         STOREerr(STORE_F_STORE_DELETE_CRL, STORE_R_FAILED_DELETING_KEY);
 918         return 0;
 919     }
 920     return 1;
 921 }
 922
 923 void *STORE_list_crl_start(STORE *s, OPENSSL_ITEM attributes[],
 924                            OPENSSL_ITEM parameters[])
 925 {
 926     void *handle;
 927
 928     check_store(s, STORE_F_STORE_LIST_CRL_START,
 929                 list_object_start, STORE_R_NO_LIST_OBJECT_START_FUNCTION);
 930
 931     handle = s->meth->list_object_start(s, STORE_OBJECT_TYPE_X509_CRL,
 932                                         attributes, parameters);
 933     if (!handle) {
 934         STOREerr(STORE_F_STORE_LIST_CRL_START, STORE_R_FAILED_LISTING_KEYS);
 935         return 0;
 936     }
 937     return handle;
 938 }
 939
 940 X509_CRL *STORE_list_crl_next(STORE *s, void *handle)
 941 {
 942     STORE_OBJECT *object;
 943     X509_CRL *crl;
 944
 945     check_store(s, STORE_F_STORE_LIST_CRL_NEXT,
 946                 list_object_next, STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
 947
 948     object = s->meth->list_object_next(s, handle);
 949     if (!object || !object->data.crl) {
 950         STOREerr(STORE_F_STORE_LIST_CRL_NEXT, STORE_R_FAILED_LISTING_KEYS);
 951         return 0;
 952     }
 953     CRYPTO_add(&object->data.crl->references, 1, CRYPTO_LOCK_X509_CRL);
 954 #ifdef REF_PRINT
 955     REF_PRINT("X509_CRL", data);
 956 #endif
 957     crl = object->data.crl;
 958     STORE_OBJECT_free(object);
 959     return crl;
 960 }
 961
 962 int STORE_list_crl_end(STORE *s, void *handle)
 963 {
 964     check_store(s, STORE_F_STORE_LIST_CRL_END,
 965                 list_object_end, STORE_R_NO_LIST_OBJECT_END_FUNCTION);
 966
 967     if (!s->meth->list_object_end(s, handle)) {
 968         STOREerr(STORE_F_STORE_LIST_CRL_END, STORE_R_FAILED_LISTING_KEYS);
 969         return 0;
 970     }
 971     return 1;
 972 }
 973
 974 int STORE_list_crl_endp(STORE *s, void *handle)
 975 {
 976     check_store(s, STORE_F_STORE_LIST_CRL_ENDP,
 977                 list_object_endp, STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
 978
 979     if (!s->meth->list_object_endp(s, handle)) {
 980         STOREerr(STORE_F_STORE_LIST_CRL_ENDP, STORE_R_FAILED_LISTING_KEYS);
 981         return 0;
 982     }
 983     return 1;
 984 }
 985
 986 int STORE_store_number(STORE *s, BIGNUM *data, OPENSSL_ITEM attributes[],
 987                        OPENSSL_ITEM parameters[])
 988 {
 989     STORE_OBJECT *object;
 990     int i;
 991
 992     check_store(s, STORE_F_STORE_STORE_NUMBER,
 993                 store_object, STORE_R_NO_STORE_OBJECT_NUMBER_FUNCTION);
 994
 995     object = STORE_OBJECT_new();
 996     if (!object) {
 997         STOREerr(STORE_F_STORE_STORE_NUMBER, ERR_R_MALLOC_FAILURE);
 998         return 0;
 999     }
1000
1001     object->data.number = data;
1002
1003     i = s->meth->store_object(s, STORE_OBJECT_TYPE_NUMBER, object,
1004                               attributes, parameters);
1005
1006     STORE_OBJECT_free(object);
1007
1008     if (!i) {
1009         STOREerr(STORE_F_STORE_STORE_NUMBER, STORE_R_FAILED_STORING_NUMBER);
1010         return 0;
1011     }
1012     return 1;
1013 }
1014
1015 int STORE_modify_number(STORE *s, OPENSSL_ITEM search_attributes[],
1016                         OPENSSL_ITEM add_attributes[],
1017                         OPENSSL_ITEM modify_attributes[],
1018                         OPENSSL_ITEM delete_attributes[],
1019                         OPENSSL_ITEM parameters[])
1020 {
1021     check_store(s, STORE_F_STORE_MODIFY_NUMBER,
1022                 modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION);
1023
1024     if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_NUMBER,
1025                                 search_attributes, add_attributes,
1026                                 modify_attributes, delete_attributes,
1027                                 parameters)) {
1028         STOREerr(STORE_F_STORE_MODIFY_NUMBER,
1029                  STORE_R_FAILED_MODIFYING_NUMBER);
1030         return 0;
1031     }
1032     return 1;
1033 }
1034
1035 BIGNUM *STORE_get_number(STORE *s, OPENSSL_ITEM attributes[],
1036                          OPENSSL_ITEM parameters[])
1037 {
1038     STORE_OBJECT *object;
1039     BIGNUM *n;
1040
1041     check_store(s, STORE_F_STORE_GET_NUMBER,
1042                 get_object, STORE_R_NO_GET_OBJECT_NUMBER_FUNCTION);
1043
1044     object = s->meth->get_object(s, STORE_OBJECT_TYPE_NUMBER, attributes,
1045                                  parameters);
1046     if (!object || !object->data.number) {
1047         STOREerr(STORE_F_STORE_GET_NUMBER, STORE_R_FAILED_GETTING_NUMBER);
1048         return 0;
1049     }
1050     n = object->data.number;
1051     object->data.number = NULL;
1052     STORE_OBJECT_free(object);
1053     return n;
1054 }
1055
1056 int STORE_delete_number(STORE *s, OPENSSL_ITEM attributes[],
1057                         OPENSSL_ITEM parameters[])
1058 {
1059     check_store(s, STORE_F_STORE_DELETE_NUMBER,
1060                 delete_object, STORE_R_NO_DELETE_NUMBER_FUNCTION);
1061
1062     if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_NUMBER, attributes,
1063                                 parameters)) {
1064         STOREerr(STORE_F_STORE_DELETE_NUMBER, STORE_R_FAILED_DELETING_NUMBER);
1065         return 0;
1066     }
1067     return 1;
1068 }
1069
1070 int STORE_store_arbitrary(STORE *s, BUF_MEM *data, OPENSSL_ITEM attributes[],
1071                           OPENSSL_ITEM parameters[])
1072 {
1073     STORE_OBJECT *object;
1074     int i;
1075
1076     check_store(s, STORE_F_STORE_STORE_ARBITRARY,
1077                 store_object, STORE_R_NO_STORE_OBJECT_ARBITRARY_FUNCTION);
1078
1079     object = STORE_OBJECT_new();
1080     if (!object) {
1081         STOREerr(STORE_F_STORE_STORE_ARBITRARY, ERR_R_MALLOC_FAILURE);
1082         return 0;
1083     }
1084
1085     object->data.arbitrary = data;
1086
1087     i = s->meth->store_object(s, STORE_OBJECT_TYPE_ARBITRARY, object,
1088                               attributes, parameters);
1089
1090     STORE_OBJECT_free(object);
1091
1092     if (!i) {
1093         STOREerr(STORE_F_STORE_STORE_ARBITRARY,
1094                  STORE_R_FAILED_STORING_ARBITRARY);
1095         return 0;
1096     }
1097     return 1;
1098 }
1099
1100 int STORE_modify_arbitrary(STORE *s, OPENSSL_ITEM search_attributes[],
1101                            OPENSSL_ITEM add_attributes[],
1102                            OPENSSL_ITEM modify_attributes[],
1103                            OPENSSL_ITEM delete_attributes[],
1104                            OPENSSL_ITEM parameters[])
1105 {
1106     check_store(s, STORE_F_STORE_MODIFY_ARBITRARY,
1107                 modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION);
1108
1109     if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_ARBITRARY,
1110                                 search_attributes, add_attributes,
1111                                 modify_attributes, delete_attributes,
1112                                 parameters)) {
1113         STOREerr(STORE_F_STORE_MODIFY_ARBITRARY,
1114                  STORE_R_FAILED_MODIFYING_ARBITRARY);
1115         return 0;
1116     }
1117     return 1;
1118 }
1119
1120 BUF_MEM *STORE_get_arbitrary(STORE *s, OPENSSL_ITEM attributes[],
1121                              OPENSSL_ITEM parameters[])
1122 {
1123     STORE_OBJECT *object;
1124     BUF_MEM *b;
1125
1126     check_store(s, STORE_F_STORE_GET_ARBITRARY,
1127                 get_object, STORE_R_NO_GET_OBJECT_ARBITRARY_FUNCTION);
1128
1129     object = s->meth->get_object(s, STORE_OBJECT_TYPE_ARBITRARY,
1130                                  attributes, parameters);
1131     if (!object || !object->data.arbitrary) {
1132         STOREerr(STORE_F_STORE_GET_ARBITRARY,
1133                  STORE_R_FAILED_GETTING_ARBITRARY);
1134         return 0;
1135     }
1136     b = object->data.arbitrary;
1137     object->data.arbitrary = NULL;
1138     STORE_OBJECT_free(object);
1139     return b;
1140 }
1141
1142 int STORE_delete_arbitrary(STORE *s, OPENSSL_ITEM attributes[],
1143                            OPENSSL_ITEM parameters[])
1144 {
1145     check_store(s, STORE_F_STORE_DELETE_ARBITRARY,
1146                 delete_object, STORE_R_NO_DELETE_ARBITRARY_FUNCTION);
1147
1148     if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_ARBITRARY, attributes,
1149                                 parameters)) {
1150         STOREerr(STORE_F_STORE_DELETE_ARBITRARY,
1151                  STORE_R_FAILED_DELETING_ARBITRARY);
1152         return 0;
1153     }
1154     return 1;
1155 }
1156
1157 STORE_OBJECT *STORE_OBJECT_new(void)
1158 {
1159     STORE_OBJECT *object = OPENSSL_malloc(sizeof(STORE_OBJECT));
1160     if (object)
1161         memset(object, 0, sizeof(STORE_OBJECT));
1162     return object;
1163 }
1164
1165 void STORE_OBJECT_free(STORE_OBJECT *data)
1166 {
1167     if (!data)
1168         return;
1169     switch (data->type) {
1170     case STORE_OBJECT_TYPE_X509_CERTIFICATE:
1171         X509_free(data->data.x509.certificate);
1172         break;
1173     case STORE_OBJECT_TYPE_X509_CRL:
1174         X509_CRL_free(data->data.crl);
1175         break;
1176     case STORE_OBJECT_TYPE_PRIVATE_KEY:
1177     case STORE_OBJECT_TYPE_PUBLIC_KEY:
1178         EVP_PKEY_free(data->data.key);
1179         break;
1180     case STORE_OBJECT_TYPE_NUMBER:
1181         BN_free(data->data.number);
1182         break;
1183     case STORE_OBJECT_TYPE_ARBITRARY:
1184         BUF_MEM_free(data->data.arbitrary);
1185         break;
1186     }
1187     OPENSSL_free(data);
1188 }
1189
1190 struct STORE_attr_info_st {
1191     unsigned char set[(STORE_ATTR_TYPE_NUM + 8) / 8];
1192     union {
1193         char *cstring;
1194         unsigned char *sha1string;
1195         X509_NAME *dn;
1196         BIGNUM *number;
1197         void *any;
1198     } values[STORE_ATTR_TYPE_NUM + 1];
1199     size_t value_sizes[STORE_ATTR_TYPE_NUM + 1];
1200 };
1201
1202 #define ATTR_IS_SET(a,i)        ((i) > 0 && (i) < STORE_ATTR_TYPE_NUM \
1203                                 && ((a)->set[(i) / 8] & (1 << ((i) % 8))))
1204 #define SET_ATTRBIT(a,i)        ((a)->set[(i) / 8] |= (1 << ((i) % 8)))
1205 #define CLEAR_ATTRBIT(a,i)      ((a)->set[(i) / 8] &= ~(1 << ((i) % 8)))
1206
1207 STORE_ATTR_INFO *STORE_ATTR_INFO_new(void)
1208 {
1209     return (STORE_ATTR_INFO *)OPENSSL_malloc(sizeof(STORE_ATTR_INFO));
1210 }
1211
1212 static void STORE_ATTR_INFO_attr_free(STORE_ATTR_INFO *attrs,
1213                                       STORE_ATTR_TYPES code)
1214 {
1215     if (ATTR_IS_SET(attrs, code)) {
1216         switch (code) {
1217         case STORE_ATTR_FRIENDLYNAME:
1218         case STORE_ATTR_EMAIL:
1219         case STORE_ATTR_FILENAME:
1220             STORE_ATTR_INFO_modify_cstr(attrs, code, NULL, 0);
1221             break;
1222         case STORE_ATTR_KEYID:
1223         case STORE_ATTR_ISSUERKEYID:
1224         case STORE_ATTR_SUBJECTKEYID:
1225         case STORE_ATTR_ISSUERSERIALHASH:
1226         case STORE_ATTR_CERTHASH:
1227             STORE_ATTR_INFO_modify_sha1str(attrs, code, NULL, 0);
1228             break;
1229         case STORE_ATTR_ISSUER:
1230         case STORE_ATTR_SUBJECT:
1231             STORE_ATTR_INFO_modify_dn(attrs, code, NULL);
1232             break;
1233         case STORE_ATTR_SERIAL:
1234             STORE_ATTR_INFO_modify_number(attrs, code, NULL);
1235             break;
1236         default:
1237             break;
1238         }
1239     }
1240 }
1241
1242 int STORE_ATTR_INFO_free(STORE_ATTR_INFO *attrs)
1243 {
1244     if (attrs) {
1245         STORE_ATTR_TYPES i;
1246         for (i = 0; i++ < STORE_ATTR_TYPE_NUM;)
1247             STORE_ATTR_INFO_attr_free(attrs, i);
1248         OPENSSL_free(attrs);
1249     }
1250     return 1;
1251 }
1252
1253 char *STORE_ATTR_INFO_get0_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code)
1254 {
1255     if (!attrs) {
1256         STOREerr(STORE_F_STORE_ATTR_INFO_GET0_CSTR,
1257                  ERR_R_PASSED_NULL_PARAMETER);
1258         return NULL;
1259     }
1260     if (ATTR_IS_SET(attrs, code))
1261         return attrs->values[code].cstring;
1262     STOREerr(STORE_F_STORE_ATTR_INFO_GET0_CSTR, STORE_R_NO_VALUE);
1263     return NULL;
1264 }
1265
1266 unsigned char *STORE_ATTR_INFO_get0_sha1str(STORE_ATTR_INFO *attrs,
1267                                             STORE_ATTR_TYPES code)
1268 {
1269     if (!attrs) {
1270         STOREerr(STORE_F_STORE_ATTR_INFO_GET0_SHA1STR,
1271                  ERR_R_PASSED_NULL_PARAMETER);
1272         return NULL;
1273     }
1274     if (ATTR_IS_SET(attrs, code))
1275         return attrs->values[code].sha1string;
1276     STOREerr(STORE_F_STORE_ATTR_INFO_GET0_SHA1STR, STORE_R_NO_VALUE);
1277     return NULL;
1278 }
1279
1280 X509_NAME *STORE_ATTR_INFO_get0_dn(STORE_ATTR_INFO *attrs,
1281                                    STORE_ATTR_TYPES code)
1282 {
1283     if (!attrs) {
1284         STOREerr(STORE_F_STORE_ATTR_INFO_GET0_DN,
1285                  ERR_R_PASSED_NULL_PARAMETER);
1286         return NULL;
1287     }
1288     if (ATTR_IS_SET(attrs, code))
1289         return attrs->values[code].dn;
1290     STOREerr(STORE_F_STORE_ATTR_INFO_GET0_DN, STORE_R_NO_VALUE);
1291     return NULL;
1292 }
1293
1294 BIGNUM *STORE_ATTR_INFO_get0_number(STORE_ATTR_INFO *attrs,
1295                                     STORE_ATTR_TYPES code)
1296 {
1297     if (!attrs) {
1298         STOREerr(STORE_F_STORE_ATTR_INFO_GET0_NUMBER,
1299                  ERR_R_PASSED_NULL_PARAMETER);
1300         return NULL;
1301     }
1302     if (ATTR_IS_SET(attrs, code))
1303         return attrs->values[code].number;
1304     STOREerr(STORE_F_STORE_ATTR_INFO_GET0_NUMBER, STORE_R_NO_VALUE);
1305     return NULL;
1306 }
1307
1308 int STORE_ATTR_INFO_set_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1309                              char *cstr, size_t cstr_size)
1310 {
1311     if (!attrs) {
1312         STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR,
1313                  ERR_R_PASSED_NULL_PARAMETER);
1314         return 0;
1315     }
1316     if (!ATTR_IS_SET(attrs, code)) {
1317         if ((attrs->values[code].cstring = BUF_strndup(cstr, cstr_size)))
1318             return 1;
1319         STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR, ERR_R_MALLOC_FAILURE);
1320         return 0;
1321     }
1322     STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR, STORE_R_ALREADY_HAS_A_VALUE);
1323     return 0;
1324 }
1325
1326 int STORE_ATTR_INFO_set_sha1str(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1327                                 unsigned char *sha1str, size_t sha1str_size)
1328 {
1329     if (!attrs) {
1330         STOREerr(STORE_F_STORE_ATTR_INFO_SET_SHA1STR,
1331                  ERR_R_PASSED_NULL_PARAMETER);
1332         return 0;
1333     }
1334     if (!ATTR_IS_SET(attrs, code)) {
1335         if ((attrs->values[code].sha1string =
1336              (unsigned char *)BUF_memdup(sha1str, sha1str_size)))
1337             return 1;
1338         STOREerr(STORE_F_STORE_ATTR_INFO_SET_SHA1STR, ERR_R_MALLOC_FAILURE);
1339         return 0;
1340     }
1341     STOREerr(STORE_F_STORE_ATTR_INFO_SET_SHA1STR,
1342              STORE_R_ALREADY_HAS_A_VALUE);
1343     return 0;
1344 }
1345
1346 int STORE_ATTR_INFO_set_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1347                            X509_NAME *dn)
1348 {
1349     if (!attrs) {
1350         STOREerr(STORE_F_STORE_ATTR_INFO_SET_DN, ERR_R_PASSED_NULL_PARAMETER);
1351         return 0;
1352     }
1353     if (!ATTR_IS_SET(attrs, code)) {
1354         if ((attrs->values[code].dn = X509_NAME_dup(dn)))
1355             return 1;
1356         STOREerr(STORE_F_STORE_ATTR_INFO_SET_DN, ERR_R_MALLOC_FAILURE);
1357         return 0;
1358     }
1359     STOREerr(STORE_F_STORE_ATTR_INFO_SET_DN, STORE_R_ALREADY_HAS_A_VALUE);
1360     return 0;
1361 }
1362
1363 int STORE_ATTR_INFO_set_number(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1364                                BIGNUM *number)
1365 {
1366     if (!attrs) {
1367         STOREerr(STORE_F_STORE_ATTR_INFO_SET_NUMBER,
1368                  ERR_R_PASSED_NULL_PARAMETER);
1369         return 0;
1370     }
1371     if (!ATTR_IS_SET(attrs, code)) {
1372         if ((attrs->values[code].number = BN_dup(number)))
1373             return 1;
1374         STOREerr(STORE_F_STORE_ATTR_INFO_SET_NUMBER, ERR_R_MALLOC_FAILURE);
1375         return 0;
1376     }
1377     STOREerr(STORE_F_STORE_ATTR_INFO_SET_NUMBER, STORE_R_ALREADY_HAS_A_VALUE);
1378     return 0;
1379 }
1380
1381 int STORE_ATTR_INFO_modify_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1382                                 char *cstr, size_t cstr_size)
1383 {
1384     if (!attrs) {
1385         STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_CSTR,
1386                  ERR_R_PASSED_NULL_PARAMETER);
1387         return 0;
1388     }
1389     if (ATTR_IS_SET(attrs, code)) {
1390         OPENSSL_free(attrs->values[code].cstring);
1391         attrs->values[code].cstring = NULL;
1392         CLEAR_ATTRBIT(attrs, code);
1393     }
1394     return STORE_ATTR_INFO_set_cstr(attrs, code, cstr, cstr_size);
1395 }
1396
1397 int STORE_ATTR_INFO_modify_sha1str(STORE_ATTR_INFO *attrs,
1398                                    STORE_ATTR_TYPES code,
1399                                    unsigned char *sha1str,
1400                                    size_t sha1str_size)
1401 {
1402     if (!attrs) {
1403         STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_SHA1STR,
1404                  ERR_R_PASSED_NULL_PARAMETER);
1405         return 0;
1406     }
1407     if (ATTR_IS_SET(attrs, code)) {
1408         OPENSSL_free(attrs->values[code].sha1string);
1409         attrs->values[code].sha1string = NULL;
1410         CLEAR_ATTRBIT(attrs, code);
1411     }
1412     return STORE_ATTR_INFO_set_sha1str(attrs, code, sha1str, sha1str_size);
1413 }
1414
1415 int STORE_ATTR_INFO_modify_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1416                               X509_NAME *dn)
1417 {
1418     if (!attrs) {
1419         STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_DN,
1420                  ERR_R_PASSED_NULL_PARAMETER);
1421         return 0;
1422     }
1423     if (ATTR_IS_SET(attrs, code)) {
1424         OPENSSL_free(attrs->values[code].dn);
1425         attrs->values[code].dn = NULL;
1426         CLEAR_ATTRBIT(attrs, code);
1427     }
1428     return STORE_ATTR_INFO_set_dn(attrs, code, dn);
1429 }
1430
1431 int STORE_ATTR_INFO_modify_number(STORE_ATTR_INFO *attrs,
1432                                   STORE_ATTR_TYPES code, BIGNUM *number)
1433 {
1434     if (!attrs) {
1435         STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_NUMBER,
1436                  ERR_R_PASSED_NULL_PARAMETER);
1437         return 0;
1438     }
1439     if (ATTR_IS_SET(attrs, code)) {
1440         OPENSSL_free(attrs->values[code].number);
1441         attrs->values[code].number = NULL;
1442         CLEAR_ATTRBIT(attrs, code);
1443     }
1444     return STORE_ATTR_INFO_set_number(attrs, code, number);
1445 }
1446
1447 struct attr_list_ctx_st {
1448     OPENSSL_ITEM *attributes;
1449 };
1450 void *STORE_parse_attrs_start(OPENSSL_ITEM *attributes)
1451 {
1452     if (attributes) {
1453         struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)
1454             OPENSSL_malloc(sizeof(struct attr_list_ctx_st));
1455         if (context)
1456             context->attributes = attributes;
1457         else
1458             STOREerr(STORE_F_STORE_PARSE_ATTRS_START, ERR_R_MALLOC_FAILURE);
1459         return context;
1460     }
1461     STOREerr(STORE_F_STORE_PARSE_ATTRS_START, ERR_R_PASSED_NULL_PARAMETER);
1462     return 0;
1463 }
1464
1465 STORE_ATTR_INFO *STORE_parse_attrs_next(void *handle)
1466 {
1467     struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)handle;
1468
1469     if (context && context->attributes) {
1470         STORE_ATTR_INFO *attrs = NULL;
1471
1472         while (context->attributes
1473                && context->attributes->code != STORE_ATTR_OR
1474                && context->attributes->code != STORE_ATTR_END) {
1475             switch (context->attributes->code) {
1476             case STORE_ATTR_FRIENDLYNAME:
1477             case STORE_ATTR_EMAIL:
1478             case STORE_ATTR_FILENAME:
1479                 if (!attrs)
1480                     attrs = STORE_ATTR_INFO_new();
1481                 if (attrs == NULL) {
1482                     STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
1483                              ERR_R_MALLOC_FAILURE);
1484                     goto err;
1485                 }
1486                 STORE_ATTR_INFO_set_cstr(attrs,
1487                                          context->attributes->code,
1488                                          context->attributes->value,
1489                                          context->attributes->value_size);
1490                 break;
1491             case STORE_ATTR_KEYID:
1492             case STORE_ATTR_ISSUERKEYID:
1493             case STORE_ATTR_SUBJECTKEYID:
1494             case STORE_ATTR_ISSUERSERIALHASH:
1495             case STORE_ATTR_CERTHASH:
1496                 if (!attrs)
1497                     attrs = STORE_ATTR_INFO_new();
1498                 if (attrs == NULL) {
1499                     STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
1500                              ERR_R_MALLOC_FAILURE);
1501                     goto err;
1502                 }
1503                 STORE_ATTR_INFO_set_sha1str(attrs,
1504                                             context->attributes->code,
1505                                             context->attributes->value,
1506                                             context->attributes->value_size);
1507                 break;
1508             case STORE_ATTR_ISSUER:
1509             case STORE_ATTR_SUBJECT:
1510                 if (!attrs)
1511                     attrs = STORE_ATTR_INFO_new();
1512                 if (attrs == NULL) {
1513                     STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
1514                              ERR_R_MALLOC_FAILURE);
1515                     goto err;
1516                 }
1517                 STORE_ATTR_INFO_modify_dn(attrs,
1518                                           context->attributes->code,
1519                                           context->attributes->value);
1520                 break;
1521             case STORE_ATTR_SERIAL:
1522                 if (!attrs)
1523                     attrs = STORE_ATTR_INFO_new();
1524                 if (attrs == NULL) {
1525                     STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
1526                              ERR_R_MALLOC_FAILURE);
1527                     goto err;
1528                 }
1529                 STORE_ATTR_INFO_modify_number(attrs,
1530                                               context->attributes->code,
1531                                               context->attributes->value);
1532                 break;
1533             }
1534             context->attributes++;
1535         }
1536         if (context->attributes->code == STORE_ATTR_OR)
1537             context->attributes++;
1538         return attrs;
1539  err:
1540         while (context->attributes
1541                && context->attributes->code != STORE_ATTR_OR
1542                && context->attributes->code != STORE_ATTR_END)
1543             context->attributes++;
1544         if (context->attributes->code == STORE_ATTR_OR)
1545             context->attributes++;
1546         return NULL;
1547     }
1548     STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT, ERR_R_PASSED_NULL_PARAMETER);
1549     return NULL;
1550 }
1551
1552 int STORE_parse_attrs_end(void *handle)
1553 {
1554     struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)handle;
1555
1556     if (context && context->attributes) {
1557 #if 0
1558         OPENSSL_ITEM *attributes = context->attributes;
1559 #endif
1560         OPENSSL_free(context);
1561         return 1;
1562     }
1563     STOREerr(STORE_F_STORE_PARSE_ATTRS_END, ERR_R_PASSED_NULL_PARAMETER);
1564     return 0;
1565 }
1566
1567 int STORE_parse_attrs_endp(void *handle)
1568 {
1569     struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)handle;
1570
1571     if (context && context->attributes) {
1572         return context->attributes->code == STORE_ATTR_END;
1573     }
1574     STOREerr(STORE_F_STORE_PARSE_ATTRS_ENDP, ERR_R_PASSED_NULL_PARAMETER);
1575     return 0;
1576 }
1577
1578 static int attr_info_compare_compute_range(const unsigned char *abits,
1579                                            const unsigned char *bbits,
1580                                            unsigned int *alowp,
1581                                            unsigned int *ahighp,
1582                                            unsigned int *blowp,
1583                                            unsigned int *bhighp)
1584 {
1585     unsigned int alow = (unsigned int)-1, ahigh = 0;
1586     unsigned int blow = (unsigned int)-1, bhigh = 0;
1587     int i, res = 0;
1588
1589     for (i = 0; i < (STORE_ATTR_TYPE_NUM + 8) / 8; i++, abits++, bbits++) {
1590         if (res == 0) {
1591             if (*abits < *bbits)
1592                 res = -1;
1593             if (*abits > *bbits)
1594                 res = 1;
1595         }
1596         if (*abits) {
1597             if (alow == (unsigned int)-1) {
1598                 alow = i * 8;
1599                 if (!(*abits & 0x01))
1600                     alow++;
1601                 if (!(*abits & 0x02))
1602                     alow++;
1603                 if (!(*abits & 0x04))
1604                     alow++;
1605                 if (!(*abits & 0x08))
1606                     alow++;
1607                 if (!(*abits & 0x10))
1608                     alow++;
1609                 if (!(*abits & 0x20))
1610                     alow++;
1611                 if (!(*abits & 0x40))
1612                     alow++;
1613             }
1614             ahigh = i * 8 + 7;
1615             if (!(*abits & 0x80))
1616                 ahigh++;
1617             if (!(*abits & 0x40))
1618                 ahigh++;
1619             if (!(*abits & 0x20))
1620                 ahigh++;
1621             if (!(*abits & 0x10))
1622                 ahigh++;
1623             if (!(*abits & 0x08))
1624                 ahigh++;
1625             if (!(*abits & 0x04))
1626                 ahigh++;
1627             if (!(*abits & 0x02))
1628                 ahigh++;
1629         }
1630         if (*bbits) {
1631             if (blow == (unsigned int)-1) {
1632                 blow = i * 8;
1633                 if (!(*bbits & 0x01))
1634                     blow++;
1635                 if (!(*bbits & 0x02))
1636                     blow++;
1637                 if (!(*bbits & 0x04))
1638                     blow++;
1639                 if (!(*bbits & 0x08))
1640                     blow++;
1641                 if (!(*bbits & 0x10))
1642                     blow++;
1643                 if (!(*bbits & 0x20))
1644                     blow++;
1645                 if (!(*bbits & 0x40))
1646                     blow++;
1647             }
1648             bhigh = i * 8 + 7;
1649             if (!(*bbits & 0x80))
1650                 bhigh++;
1651             if (!(*bbits & 0x40))
1652                 bhigh++;
1653             if (!(*bbits & 0x20))
1654                 bhigh++;
1655             if (!(*bbits & 0x10))
1656                 bhigh++;
1657             if (!(*bbits & 0x08))
1658                 bhigh++;
1659             if (!(*bbits & 0x04))
1660                 bhigh++;
1661             if (!(*bbits & 0x02))
1662                 bhigh++;
1663         }
1664     }
1665     if (ahigh + alow < bhigh + blow)
1666         res = -1;
1667     if (ahigh + alow > bhigh + blow)
1668         res = 1;
1669     if (alowp)
1670         *alowp = alow;
1671     if (ahighp)
1672         *ahighp = ahigh;
1673     if (blowp)
1674         *blowp = blow;
1675     if (bhighp)
1676         *bhighp = bhigh;
1677     return res;
1678 }
1679
1680 int STORE_ATTR_INFO_compare(const STORE_ATTR_INFO *const *a,
1681                             const STORE_ATTR_INFO *const *b)
1682 {
1683     if (a == b)
1684         return 0;
1685     if (!a)
1686         return -1;
1687     if (!b)
1688         return 1;
1689     return attr_info_compare_compute_range((*a)->set, (*b)->set, 0, 0, 0, 0);
1690 }
1691
1692 int STORE_ATTR_INFO_in_range(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
1693 {
1694     unsigned int alow, ahigh, blow, bhigh;
1695
1696     if (a == b)
1697         return 1;
1698     if (!a)
1699         return 0;
1700     if (!b)
1701         return 0;
1702     attr_info_compare_compute_range(a->set, b->set,
1703                                     &alow, &ahigh, &blow, &bhigh);
1704     if (alow >= blow && ahigh <= bhigh)
1705         return 1;
1706     return 0;
1707 }
1708
1709 int STORE_ATTR_INFO_in(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
1710 {
1711     unsigned char *abits, *bbits;
1712     int i;
1713
1714     if (a == b)
1715         return 1;
1716     if (!a)
1717         return 0;
1718     if (!b)
1719         return 0;
1720     abits = a->set;
1721     bbits = b->set;
1722     for (i = 0; i < (STORE_ATTR_TYPE_NUM + 8) / 8; i++, abits++, bbits++) {
1723         if (*abits && (*bbits & *abits) != *abits)
1724             return 0;
1725     }
1726     return 1;
1727 }
1728
1729 int STORE_ATTR_INFO_in_ex(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
1730 {
1731     STORE_ATTR_TYPES i;
1732
1733     if (a == b)
1734         return 1;
1735     if (!STORE_ATTR_INFO_in(a, b))
1736         return 0;
1737     for (i = 1; i < STORE_ATTR_TYPE_NUM; i++)
1738         if (ATTR_IS_SET(a, i)) {
1739             switch (i) {
1740             case STORE_ATTR_FRIENDLYNAME:
1741             case STORE_ATTR_EMAIL:
1742             case STORE_ATTR_FILENAME:
1743                 if (strcmp(a->values[i].cstring, b->values[i].cstring))
1744                     return 0;
1745                 break;
1746             case STORE_ATTR_KEYID:
1747             case STORE_ATTR_ISSUERKEYID:
1748             case STORE_ATTR_SUBJECTKEYID:
1749             case STORE_ATTR_ISSUERSERIALHASH:
1750             case STORE_ATTR_CERTHASH:
1751                 if (memcmp(a->values[i].sha1string,
1752                            b->values[i].sha1string, a->value_sizes[i]))
1753                     return 0;
1754                 break;
1755             case STORE_ATTR_ISSUER:
1756             case STORE_ATTR_SUBJECT:
1757                 if (X509_NAME_cmp(a->values[i].dn, b->values[i].dn))
1758                     return 0;
1759                 break;
1760             case STORE_ATTR_SERIAL:
1761                 if (BN_cmp(a->values[i].number, b->values[i].number))
1762                     return 0;
1763                 break;
1764             default:
1765                 break;
1766             }
1767         }
1768
1769     return 1;
1770 }