crypto/store/str_lib.c

   1 /* crypto/store/str_lib.c -*- mode:C; c-file-style: "eay" -*- */
   2 /* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
   3  * project 2003.
   4  */
   5 /* ====================================================================
   6  * Copyright (c) 2003 The OpenSSL Project.  All rights reserved.
   7  *
   8  * Redistribution and use in source and binary forms, with or without
   9  * modification, are permitted provided that the following conditions
  10  * are met:
  11  *
  12  * 1. Redistributions of source code must retain the above copyright
  13  *    notice, this list of conditions and the following disclaimer.
  14  *
  15  * 2. Redistributions in binary form must reproduce the above copyright
  16  *    notice, this list of conditions and the following disclaimer in
  17  *    the documentation and/or other materials provided with the
  18  *    distribution.
  19  *
  20  * 3. All advertising materials mentioning features or use of this
  21  *    software must display the following acknowledgment:
  22  *    "This product includes software developed by the OpenSSL Project
  23  *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
  24  *
  25  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
  26  *    endorse or promote products derived from this software without
  27  *    prior written permission. For written permission, please contact
  28  *    openssl-core@openssl.org.
  29  *
  30  * 5. Products derived from this software may not be called "OpenSSL"
  31  *    nor may "OpenSSL" appear in their names without prior written
  32  *    permission of the OpenSSL Project.
  33  *
  34  * 6. Redistributions of any form whatsoever must retain the following
  35  *    acknowledgment:
  36  *    "This product includes software developed by the OpenSSL Project
  37  *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
  38  *
  39  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
  40  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  41  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  42  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
  43  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  44  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
  45  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
  46  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  47  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
  48  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  49  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
  50  * OF THE POSSIBILITY OF SUCH DAMAGE.
  51  * ====================================================================
  52  *
  53  * This product includes cryptographic software written by Eric Young
  54  * (eay@cryptsoft.com).  This product includes software written by Tim
  55  * Hudson (tjh@cryptsoft.com).
  56  *
  57  */
  58
  59 #include <string.h>
  60 #include <openssl/bn.h>
  61 #include <openssl/err.h>
  62 #include <openssl/engine.h>
  63 #include "str_locl.h"
  64
  65 const char * const STORE_object_type_string[STORE_OBJECT_TYPE_NUM+1] =
  66         {
  67         0,
  68         "X.509 Certificate",
  69         "X.509 CRL",
  70         "Private Key",
  71         "Public Key",
  72         "Number",
  73         "Arbitrary Data"
  74         };
  75
  76 const int STORE_param_sizes[STORE_PARAM_TYPE_NUM+1] =
  77         {
  78         0,
  79         sizeof(int),            /* EVP_TYPE */
  80         sizeof(size_t),         /* BITS */
  81         -1,                     /* KEY_PARAMETERS */
  82         0                       /* KEY_NO_PARAMETERS */
  83         };
  84
  85 const int STORE_attr_sizes[STORE_ATTR_TYPE_NUM+1] =
  86         {
  87         0,
  88         -1,                     /* FRIENDLYNAME:        C string */
  89         SHA_DIGEST_LENGTH,      /* KEYID:               SHA1 digest, 160 bits */
  90         SHA_DIGEST_LENGTH,      /* ISSUERKEYID:         SHA1 digest, 160 bits */
  91         SHA_DIGEST_LENGTH,      /* SUBJECTKEYID:        SHA1 digest, 160 bits */
  92         SHA_DIGEST_LENGTH,      /* ISSUERSERIALHASH:    SHA1 digest, 160 bits */
  93         sizeof(X509_NAME *),    /* ISSUER:              X509_NAME * */
  94         sizeof(BIGNUM *),       /* SERIAL:              BIGNUM * */
  95         sizeof(X509_NAME *),    /* SUBJECT:             X509_NAME * */
  96         SHA_DIGEST_LENGTH,      /* CERTHASH:            SHA1 digest, 160 bits */
  97         -1,                     /* EMAIL:               C string */
  98         -1,                     /* FILENAME:            C string */
  99         };
 100
 101 STORE *STORE_new_method(const STORE_METHOD *method)
 102         {
 103         STORE *ret;
 104
 105         if (method == NULL)
 106                 {
 107                 STOREerr(STORE_F_STORE_NEW_METHOD,ERR_R_PASSED_NULL_PARAMETER);
 108                 return NULL;
 109                 }
 110
 111         ret=(STORE *)OPENSSL_malloc(sizeof(STORE));
 112         if (ret == NULL)
 113                 {
 114                 STOREerr(STORE_F_STORE_NEW_METHOD,ERR_R_MALLOC_FAILURE);
 115                 return NULL;
 116                 }
 117
 118         ret->meth=method;
 119
 120         CRYPTO_new_ex_data(CRYPTO_EX_INDEX_STORE, ret, &ret->ex_data);
 121         if (ret->meth->init && !ret->meth->init(ret))
 122                 {
 123                 STORE_free(ret);
 124                 ret = NULL;
 125                 }
 126         return ret;
 127         }
 128
 129 STORE *STORE_new_engine(ENGINE *engine)
 130         {
 131         STORE *ret = NULL;
 132         ENGINE *e = engine;
 133         const STORE_METHOD *meth = 0;
 134
 135 #ifdef OPENSSL_NO_ENGINE
 136         e = NULL;
 137 #else
 138         if (engine)
 139                 {
 140                 if (!ENGINE_init(engine))
 141                         {
 142                         STOREerr(STORE_F_STORE_NEW_ENGINE, ERR_R_ENGINE_LIB);
 143                         return NULL;
 144                         }
 145                 e = engine;
 146                 }
 147         else
 148                 {
 149                 STOREerr(STORE_F_STORE_NEW_ENGINE,ERR_R_PASSED_NULL_PARAMETER);
 150                 return NULL;
 151                 }
 152         if(e)
 153                 {
 154                 meth = ENGINE_get_STORE(e);
 155                 if(!meth)
 156                         {
 157                         STOREerr(STORE_F_STORE_NEW_ENGINE,
 158                                 ERR_R_ENGINE_LIB);
 159                         ENGINE_finish(e);
 160                         return NULL;
 161                         }
 162                 }
 163 #endif
 164
 165         ret = STORE_new_method(meth);
 166         if (ret == NULL)
 167                 {
 168                 STOREerr(STORE_F_STORE_NEW_ENGINE,ERR_R_STORE_LIB);
 169                 return NULL;
 170                 }
 171
 172         ret->engine = e;
 173
 174         return(ret);
 175         }
 176
 177 void STORE_free(STORE *store)
 178         {
 179         if (store == NULL)
 180                 return;
 181         if (store->meth->clean)
 182                 store->meth->clean(store);
 183         CRYPTO_free_ex_data(CRYPTO_EX_INDEX_STORE, store, &store->ex_data);
 184         OPENSSL_free(store);
 185         }
 186
 187 int STORE_ctrl(STORE *store, int cmd, long i, void *p, void (*f)(void))
 188         {
 189         if (store == NULL)
 190                 {
 191                 STOREerr(STORE_F_CTRL,ERR_R_PASSED_NULL_PARAMETER);
 192                 return 0;
 193                 }
 194         if (store->meth->ctrl)
 195                 return store->meth->ctrl(store, cmd, i, p, f);
 196         STOREerr(STORE_F_STORE_CTRL,STORE_R_NO_CONTROL_FUNCTION);
 197         return 0;
 198         }
 199
 200
 201 int STORE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
 202              CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
 203         {
 204         return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_STORE, argl, argp,
 205                                 new_func, dup_func, free_func);
 206         }
 207
 208 int STORE_set_ex_data(STORE *r, int idx, void *arg)
 209         {
 210         return(CRYPTO_set_ex_data(&r->ex_data,idx,arg));
 211         }
 212
 213 void *STORE_get_ex_data(STORE *r, int idx)
 214         {
 215         return(CRYPTO_get_ex_data(&r->ex_data,idx));
 216         }
 217
 218 const STORE_METHOD *STORE_get_method(STORE *store)
 219         {
 220         return store->meth;
 221         }
 222
 223 const STORE_METHOD *STORE_set_method(STORE *store, const STORE_METHOD *meth)
 224         {
 225         store->meth=meth;
 226         return store->meth;
 227         }
 228
 229
 230 /* API helpers */
 231
 232 #define check_store(s,fncode,fnname,fnerrcode) \
 233         do \
 234                 { \
 235                 if ((s) == NULL || (s)->meth) \
 236                         { \
 237                         STOREerr((fncode), ERR_R_PASSED_NULL_PARAMETER); \
 238                         return 0; \
 239                         } \
 240                 if ((s)->meth->fnname == NULL) \
 241                         { \
 242                         STOREerr((fncode), (fnerrcode)); \
 243                         return 0; \
 244                         } \
 245                 } \
 246         while(0)
 247
 248 /* API functions */
 249
 250 X509 *STORE_get_certificate(STORE *s, OPENSSL_ITEM attributes[],
 251         OPENSSL_ITEM parameters[])
 252         {
 253         STORE_OBJECT *object;
 254         X509 *x;
 255
 256         check_store(s,STORE_F_STORE_GET_CERTIFICATE,
 257                 get_object,STORE_R_NO_GET_OBJECT_FUNCTION);
 258
 259         object = s->meth->get_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
 260                 attributes, parameters);
 261         if (!object || !object->data.x509.certificate)
 262                 {
 263                 STOREerr(STORE_F_STORE_GET_CERTIFICATE,
 264                         STORE_R_FAILED_GETTING_CERTIFICATE);
 265                 return 0;
 266                 }
 267         CRYPTO_add(&object->data.x509.certificate->references,1,CRYPTO_LOCK_X509);
 268 #ifdef REF_PRINT
 269         REF_PRINT("X509",data);
 270 #endif
 271         x = object->data.x509.certificate;
 272         STORE_OBJECT_free(object);
 273         return x;
 274         }
 275
 276 int STORE_store_certificate(STORE *s, X509 *data, OPENSSL_ITEM attributes[],
 277         OPENSSL_ITEM parameters[])
 278         {
 279         STORE_OBJECT *object;
 280         int i;
 281
 282         check_store(s,STORE_F_STORE_CERTIFICATE,
 283                 store_object,STORE_R_NO_STORE_OBJECT_FUNCTION);
 284
 285         object = STORE_OBJECT_new();
 286         if (!object)
 287                 {
 288                 STOREerr(STORE_F_STORE_CERTIFICATE,
 289                         ERR_R_MALLOC_FAILURE);
 290                 return 0;
 291                 }
 292
 293         CRYPTO_add(&data->references,1,CRYPTO_LOCK_X509);
 294 #ifdef REF_PRINT
 295         REF_PRINT("X509",data);
 296 #endif
 297         object->data.x509.certificate = data;
 298
 299         i = s->meth->store_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
 300                 object, attributes, parameters);
 301
 302         STORE_OBJECT_free(object);
 303
 304         if (!i)
 305                 {
 306                 STOREerr(STORE_F_STORE_CERTIFICATE,
 307                         STORE_R_FAILED_STORING_CERTIFICATE);
 308                 return 0;
 309                 }
 310         return 1;
 311         }
 312
 313 int STORE_modify_certificate(STORE *s, OPENSSL_ITEM search_attributes[],
 314         OPENSSL_ITEM add_attributes[], OPENSSL_ITEM modify_attributes[],
 315         OPENSSL_ITEM delete_attributes[], OPENSSL_ITEM parameters[])
 316         {
 317         check_store(s,STORE_F_STORE_MODIFY_CERTIFICATE,
 318                 modify_object,STORE_R_NO_MODIFY_OBJECT_FUNCTION);
 319
 320         if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
 321                     search_attributes, add_attributes, modify_attributes,
 322                     delete_attributes, parameters))
 323                 {
 324                 STOREerr(STORE_F_STORE_MODIFY_CERTIFICATE,
 325                         STORE_R_FAILED_MODIFYING_CERTIFICATE);
 326                 return 0;
 327                 }
 328         return 1;
 329         }
 330
 331 int STORE_revoke_certificate(STORE *s, OPENSSL_ITEM attributes[],
 332         OPENSSL_ITEM parameters[])
 333         {
 334         check_store(s,STORE_F_STORE_REVOKE_CERTIFICATE,
 335                 revoke_object,STORE_R_NO_REVOKE_OBJECT_FUNCTION);
 336
 337         if (!s->meth->revoke_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
 338                     attributes, parameters))
 339                 {
 340                 STOREerr(STORE_F_STORE_REVOKE_CERTIFICATE,
 341                         STORE_R_FAILED_REVOKING_CERTIFICATE);
 342                 return 0;
 343                 }
 344         return 1;
 345         }
 346
 347 int STORE_delete_certificate(STORE *s, OPENSSL_ITEM attributes[],
 348         OPENSSL_ITEM parameters[])
 349         {
 350         check_store(s,STORE_F_STORE_DELETE_CERTIFICATE,
 351                 delete_object,STORE_R_NO_DELETE_OBJECT_FUNCTION);
 352
 353         if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
 354                     attributes, parameters))
 355                 {
 356                 STOREerr(STORE_F_STORE_DELETE_CERTIFICATE,
 357                         STORE_R_FAILED_DELETING_CERTIFICATE);
 358                 return 0;
 359                 }
 360         return 1;
 361         }
 362
 363 void *STORE_list_certificate_start(STORE *s, OPENSSL_ITEM attributes[],
 364         OPENSSL_ITEM parameters[])
 365         {
 366         void *handle;
 367
 368         check_store(s,STORE_F_STORE_LIST_CERTIFICATE_START,
 369                 list_object_start,STORE_R_NO_LIST_OBJECT_START_FUNCTION);
 370
 371         handle = s->meth->list_object_start(s,
 372                 STORE_OBJECT_TYPE_X509_CERTIFICATE, attributes, parameters);
 373         if (!handle)
 374                 {
 375                 STOREerr(STORE_F_STORE_LIST_CERTIFICATE_START,
 376                         STORE_R_FAILED_LISTING_CERTIFICATES);
 377                 return 0;
 378                 }
 379         return handle;
 380         }
 381
 382 X509 *STORE_list_certificate_next(STORE *s, void *handle)
 383         {
 384         STORE_OBJECT *object;
 385         X509 *x;
 386
 387         check_store(s,STORE_F_STORE_LIST_CERTIFICATE_NEXT,
 388                 list_object_next,STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
 389
 390         object = s->meth->list_object_next(s, handle);
 391         if (!object || !object->data.x509.certificate)
 392                 {
 393                 STOREerr(STORE_F_STORE_LIST_CERTIFICATE_NEXT,
 394                         STORE_R_FAILED_LISTING_CERTIFICATES);
 395                 return 0;
 396                 }
 397         CRYPTO_add(&object->data.x509.certificate->references,1,CRYPTO_LOCK_X509);
 398 #ifdef REF_PRINT
 399         REF_PRINT("X509",data);
 400 #endif
 401         x = object->data.x509.certificate;
 402         STORE_OBJECT_free(object);
 403         return x;
 404         }
 405
 406 int STORE_list_certificate_end(STORE *s, void *handle)
 407         {
 408         check_store(s,STORE_F_STORE_LIST_CERTIFICATE_END,
 409                 list_object_end,STORE_R_NO_LIST_OBJECT_END_FUNCTION);
 410
 411         if (!s->meth->list_object_end(s, handle))
 412                 {
 413                 STOREerr(STORE_F_STORE_LIST_CERTIFICATE_END,
 414                         STORE_R_FAILED_LISTING_CERTIFICATES);
 415                 return 0;
 416                 }
 417         return 1;
 418         }
 419
 420 int STORE_list_certificate_endp(STORE *s, void *handle)
 421         {
 422         check_store(s,STORE_F_STORE_LIST_CERTIFICATE_ENDP,
 423                 list_object_endp,STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
 424
 425         if (!s->meth->list_object_endp(s, handle))
 426                 {
 427                 STOREerr(STORE_F_STORE_LIST_CERTIFICATE_ENDP,
 428                         STORE_R_FAILED_LISTING_CERTIFICATES);
 429                 return 0;
 430                 }
 431         return 1;
 432         }
 433
 434 EVP_PKEY *STORE_generate_key(STORE *s, OPENSSL_ITEM attributes[],
 435         OPENSSL_ITEM parameters[])
 436         {
 437         STORE_OBJECT *object;
 438         EVP_PKEY *pkey;
 439
 440         check_store(s,STORE_F_STORE_GENERATE_KEY,
 441                 generate_object,STORE_R_NO_GENERATE_OBJECT_FUNCTION);
 442
 443         object = s->meth->generate_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
 444                 attributes, parameters);
 445         if (!object || !object->data.key)
 446                 {
 447                 STOREerr(STORE_F_STORE_GENERATE_KEY,
 448                         STORE_R_FAILED_GENERATING_KEY);
 449                 return 0;
 450                 }
 451         CRYPTO_add(&object->data.key->references,1,CRYPTO_LOCK_EVP_PKEY);
 452 #ifdef REF_PRINT
 453         REF_PRINT("EVP_PKEY",data);
 454 #endif
 455         pkey = object->data.key;
 456         STORE_OBJECT_free(object);
 457         return pkey;
 458         }
 459
 460 EVP_PKEY *STORE_get_private_key(STORE *s, OPENSSL_ITEM attributes[],
 461         OPENSSL_ITEM parameters[])
 462         {
 463         STORE_OBJECT *object;
 464         EVP_PKEY *pkey;
 465
 466         check_store(s,STORE_F_STORE_GET_PRIVATE_KEY,
 467                 get_object,STORE_R_NO_GET_OBJECT_FUNCTION);
 468
 469         object = s->meth->get_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
 470                 attributes, parameters);
 471         if (!object || !object->data.key || !object->data.key)
 472                 {
 473                 STOREerr(STORE_F_STORE_GET_PRIVATE_KEY,
 474                         STORE_R_FAILED_GETTING_KEY);
 475                 return 0;
 476                 }
 477         CRYPTO_add(&object->data.key->references,1,CRYPTO_LOCK_EVP_PKEY);
 478 #ifdef REF_PRINT
 479         REF_PRINT("EVP_PKEY",data);
 480 #endif
 481         pkey = object->data.key;
 482         STORE_OBJECT_free(object);
 483         return pkey;
 484         }
 485
 486 int STORE_store_private_key(STORE *s, EVP_PKEY *data, OPENSSL_ITEM attributes[],
 487         OPENSSL_ITEM parameters[])
 488         {
 489         STORE_OBJECT *object;
 490         int i;
 491
 492         check_store(s,STORE_F_STORE_PRIVATE_KEY,
 493                 store_object,STORE_R_NO_STORE_OBJECT_FUNCTION);
 494
 495         object = STORE_OBJECT_new();
 496         if (!object)
 497                 {
 498                 STOREerr(STORE_F_STORE_PRIVATE_KEY,
 499                         ERR_R_MALLOC_FAILURE);
 500                 return 0;
 501                 }
 502         object->data.key = EVP_PKEY_new();
 503         if (!object->data.key)
 504                 {
 505                 STOREerr(STORE_F_STORE_PRIVATE_KEY,
 506                         ERR_R_MALLOC_FAILURE);
 507                 return 0;
 508                 }
 509
 510         CRYPTO_add(&data->references,1,CRYPTO_LOCK_EVP_PKEY);
 511 #ifdef REF_PRINT
 512         REF_PRINT("EVP_PKEY",data);
 513 #endif
 514         object->data.key = data;
 515
 516         i = s->meth->store_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY, object,
 517                 attributes, parameters);
 518
 519         STORE_OBJECT_free(object);
 520
 521         if (!i)
 522                 {
 523                 STOREerr(STORE_F_STORE_PRIVATE_KEY,
 524                         STORE_R_FAILED_STORING_KEY);
 525                 return 0;
 526                 }
 527         return i;
 528         }
 529
 530 int STORE_modify_private_key(STORE *s, OPENSSL_ITEM search_attributes[],
 531         OPENSSL_ITEM add_attributes[], OPENSSL_ITEM modify_attributes[],
 532         OPENSSL_ITEM delete_attributes[], OPENSSL_ITEM parameters[])
 533         {
 534         check_store(s,STORE_F_STORE_MODIFY_PRIVATE_KEY,
 535                 modify_object,STORE_R_NO_MODIFY_OBJECT_FUNCTION);
 536
 537         if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
 538                     search_attributes, add_attributes, modify_attributes,
 539                     delete_attributes, parameters))
 540                 {
 541                 STOREerr(STORE_F_STORE_MODIFY_PRIVATE_KEY,
 542                         STORE_R_FAILED_MODIFYING_PRIVATE_KEY);
 543                 return 0;
 544                 }
 545         return 1;
 546         }
 547
 548 int STORE_revoke_private_key(STORE *s, OPENSSL_ITEM attributes[],
 549         OPENSSL_ITEM parameters[])
 550         {
 551         int i;
 552
 553         check_store(s,STORE_F_STORE_REVOKE_PRIVATE_KEY,
 554                 revoke_object,STORE_R_NO_REVOKE_OBJECT_FUNCTION);
 555
 556         i = s->meth->revoke_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
 557                 attributes, parameters);
 558
 559         if (!i)
 560                 {
 561                 STOREerr(STORE_F_STORE_REVOKE_PRIVATE_KEY,
 562                         STORE_R_FAILED_REVOKING_KEY);
 563                 return 0;
 564                 }
 565         return i;
 566         }
 567
 568 int STORE_delete_private_key(STORE *s, OPENSSL_ITEM attributes[],
 569         OPENSSL_ITEM parameters[])
 570         {
 571         check_store(s,STORE_F_STORE_DELETE_PRIVATE_KEY,
 572                 delete_object,STORE_R_NO_DELETE_OBJECT_FUNCTION);
 573
 574         if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
 575                     attributes, parameters))
 576                 {
 577                 STOREerr(STORE_F_STORE_DELETE_PRIVATE_KEY,
 578                         STORE_R_FAILED_DELETING_KEY);
 579                 return 0;
 580                 }
 581         return 1;
 582         }
 583
 584 void *STORE_list_private_key_start(STORE *s, OPENSSL_ITEM attributes[],
 585         OPENSSL_ITEM parameters[])
 586         {
 587         void *handle;
 588
 589         check_store(s,STORE_F_STORE_LIST_PRIVATE_KEY_START,
 590                 list_object_start,STORE_R_NO_LIST_OBJECT_START_FUNCTION);
 591
 592         handle = s->meth->list_object_start(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
 593                 attributes, parameters);
 594         if (!handle)
 595                 {
 596                 STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_START,
 597                         STORE_R_FAILED_LISTING_KEYS);
 598                 return 0;
 599                 }
 600         return handle;
 601         }
 602
 603 EVP_PKEY *STORE_list_private_key_next(STORE *s, void *handle)
 604         {
 605         STORE_OBJECT *object;
 606         EVP_PKEY *pkey;
 607
 608         check_store(s,STORE_F_STORE_LIST_PRIVATE_KEY_NEXT,
 609                 list_object_next,STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
 610
 611         object = s->meth->list_object_next(s, handle);
 612         if (!object || !object->data.key || !object->data.key)
 613                 {
 614                 STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_NEXT,
 615                         STORE_R_FAILED_LISTING_KEYS);
 616                 return 0;
 617                 }
 618         CRYPTO_add(&object->data.key->references,1,CRYPTO_LOCK_EVP_PKEY);
 619 #ifdef REF_PRINT
 620         REF_PRINT("EVP_PKEY",data);
 621 #endif
 622         pkey = object->data.key;
 623         STORE_OBJECT_free(object);
 624         return pkey;
 625         }
 626
 627 int STORE_list_private_key_end(STORE *s, void *handle)
 628         {
 629         check_store(s,STORE_F_STORE_LIST_PRIVATE_KEY_END,
 630                 list_object_end,STORE_R_NO_LIST_OBJECT_END_FUNCTION);
 631
 632         if (!s->meth->list_object_end(s, handle))
 633                 {
 634                 STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_END,
 635                         STORE_R_FAILED_LISTING_KEYS);
 636                 return 0;
 637                 }
 638         return 1;
 639         }
 640
 641 int STORE_list_private_key_endp(STORE *s, void *handle)
 642         {
 643         check_store(s,STORE_F_STORE_LIST_PRIVATE_KEY_ENDP,
 644                 list_object_endp,STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
 645
 646         if (!s->meth->list_object_endp(s, handle))
 647                 {
 648                 STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_ENDP,
 649                         STORE_R_FAILED_LISTING_KEYS);
 650                 return 0;
 651                 }
 652         return 1;
 653         }
 654
 655 EVP_PKEY *STORE_get_public_key(STORE *s, OPENSSL_ITEM attributes[],
 656         OPENSSL_ITEM parameters[])
 657         {
 658         STORE_OBJECT *object;
 659         EVP_PKEY *pkey;
 660
 661         check_store(s,STORE_F_STORE_GET_PUBLIC_KEY,
 662                 get_object,STORE_R_NO_GET_OBJECT_FUNCTION);
 663
 664         object = s->meth->get_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
 665                 attributes, parameters);
 666         if (!object || !object->data.key || !object->data.key)
 667                 {
 668                 STOREerr(STORE_F_STORE_GET_PUBLIC_KEY,
 669                         STORE_R_FAILED_GETTING_KEY);
 670                 return 0;
 671                 }
 672         CRYPTO_add(&object->data.key->references,1,CRYPTO_LOCK_EVP_PKEY);
 673 #ifdef REF_PRINT
 674         REF_PRINT("EVP_PKEY",data);
 675 #endif
 676         pkey = object->data.key;
 677         STORE_OBJECT_free(object);
 678         return pkey;
 679         }
 680
 681 int STORE_store_public_key(STORE *s, EVP_PKEY *data, OPENSSL_ITEM attributes[],
 682         OPENSSL_ITEM parameters[])
 683         {
 684         STORE_OBJECT *object;
 685         int i;
 686
 687         check_store(s,STORE_F_STORE_PUBLIC_KEY,
 688                 store_object,STORE_R_NO_STORE_OBJECT_FUNCTION);
 689
 690         object = STORE_OBJECT_new();
 691         if (!object)
 692                 {
 693                 STOREerr(STORE_F_STORE_PUBLIC_KEY,
 694                         ERR_R_MALLOC_FAILURE);
 695                 return 0;
 696                 }
 697         object->data.key = EVP_PKEY_new();
 698         if (!object->data.key)
 699                 {
 700                 STOREerr(STORE_F_STORE_PUBLIC_KEY,
 701                         ERR_R_MALLOC_FAILURE);
 702                 return 0;
 703                 }
 704
 705         CRYPTO_add(&data->references,1,CRYPTO_LOCK_EVP_PKEY);
 706 #ifdef REF_PRINT
 707         REF_PRINT("EVP_PKEY",data);
 708 #endif
 709         object->data.key = data;
 710
 711         i = s->meth->store_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY, object,
 712                 attributes, parameters);
 713
 714         STORE_OBJECT_free(object);
 715
 716         if (!i)
 717                 {
 718                 STOREerr(STORE_F_STORE_PUBLIC_KEY,
 719                         STORE_R_FAILED_STORING_KEY);
 720                 return 0;
 721                 }
 722         return i;
 723         }
 724
 725 int STORE_modify_public_key(STORE *s, OPENSSL_ITEM search_attributes[],
 726         OPENSSL_ITEM add_attributes[], OPENSSL_ITEM modify_attributes[],
 727         OPENSSL_ITEM delete_attributes[], OPENSSL_ITEM parameters[])
 728         {
 729         check_store(s,STORE_F_STORE_MODIFY_PUBLIC_KEY,
 730                 modify_object,STORE_R_NO_MODIFY_OBJECT_FUNCTION);
 731
 732         if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
 733                     search_attributes, add_attributes, modify_attributes,
 734                     delete_attributes, parameters))
 735                 {
 736                 STOREerr(STORE_F_STORE_MODIFY_PUBLIC_KEY,
 737                         STORE_R_FAILED_MODIFYING_PUBLIC_KEY);
 738                 return 0;
 739                 }
 740         return 1;
 741         }
 742
 743 int STORE_revoke_public_key(STORE *s, OPENSSL_ITEM attributes[],
 744         OPENSSL_ITEM parameters[])
 745         {
 746         int i;
 747
 748         check_store(s,STORE_F_STORE_REVOKE_PUBLIC_KEY,
 749                 revoke_object,STORE_R_NO_REVOKE_OBJECT_FUNCTION);
 750
 751         i = s->meth->revoke_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
 752                 attributes, parameters);
 753
 754         if (!i)
 755                 {
 756                 STOREerr(STORE_F_STORE_REVOKE_PUBLIC_KEY,
 757                         STORE_R_FAILED_REVOKING_KEY);
 758                 return 0;
 759                 }
 760         return i;
 761         }
 762
 763 int STORE_delete_public_key(STORE *s, OPENSSL_ITEM attributes[],
 764         OPENSSL_ITEM parameters[])
 765         {
 766         check_store(s,STORE_F_STORE_DELETE_PUBLIC_KEY,
 767                 delete_object,STORE_R_NO_DELETE_OBJECT_FUNCTION);
 768
 769         if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
 770                     attributes, parameters))
 771                 {
 772                 STOREerr(STORE_F_STORE_DELETE_PUBLIC_KEY,
 773                         STORE_R_FAILED_DELETING_KEY);
 774                 return 0;
 775                 }
 776         return 1;
 777         }
 778
 779 void *STORE_list_public_key_start(STORE *s, OPENSSL_ITEM attributes[],
 780         OPENSSL_ITEM parameters[])
 781         {
 782         void *handle;
 783
 784         check_store(s,STORE_F_STORE_LIST_PUBLIC_KEY_START,
 785                 list_object_start,STORE_R_NO_LIST_OBJECT_START_FUNCTION);
 786
 787         handle = s->meth->list_object_start(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
 788                 attributes, parameters);
 789         if (!handle)
 790                 {
 791                 STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_START,
 792                         STORE_R_FAILED_LISTING_KEYS);
 793                 return 0;
 794                 }
 795         return handle;
 796         }
 797
 798 EVP_PKEY *STORE_list_public_key_next(STORE *s, void *handle)
 799         {
 800         STORE_OBJECT *object;
 801         EVP_PKEY *pkey;
 802
 803         check_store(s,STORE_F_STORE_LIST_PUBLIC_KEY_NEXT,
 804                 list_object_next,STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
 805
 806         object = s->meth->list_object_next(s, handle);
 807         if (!object || !object->data.key || !object->data.key)
 808                 {
 809                 STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_NEXT,
 810                         STORE_R_FAILED_LISTING_KEYS);
 811                 return 0;
 812                 }
 813         CRYPTO_add(&object->data.key->references,1,CRYPTO_LOCK_EVP_PKEY);
 814 #ifdef REF_PRINT
 815         REF_PRINT("EVP_PKEY",data);
 816 #endif
 817         pkey = object->data.key;
 818         STORE_OBJECT_free(object);
 819         return pkey;
 820         }
 821
 822 int STORE_list_public_key_end(STORE *s, void *handle)
 823         {
 824         check_store(s,STORE_F_STORE_LIST_PUBLIC_KEY_END,
 825                 list_object_end,STORE_R_NO_LIST_OBJECT_END_FUNCTION);
 826
 827         if (!s->meth->list_object_end(s, handle))
 828                 {
 829                 STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_END,
 830                         STORE_R_FAILED_LISTING_KEYS);
 831                 return 0;
 832                 }
 833         return 1;
 834         }
 835
 836 int STORE_list_public_key_endp(STORE *s, void *handle)
 837         {
 838         check_store(s,STORE_F_STORE_LIST_PUBLIC_KEY_ENDP,
 839                 list_object_endp,STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
 840
 841         if (!s->meth->list_object_endp(s, handle))
 842                 {
 843                 STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_ENDP,
 844                         STORE_R_FAILED_LISTING_KEYS);
 845                 return 0;
 846                 }
 847         return 1;
 848         }
 849
 850 X509_CRL *STORE_generate_crl(STORE *s, OPENSSL_ITEM attributes[],
 851         OPENSSL_ITEM parameters[])
 852         {
 853         STORE_OBJECT *object;
 854         X509_CRL *crl;
 855
 856         check_store(s,STORE_F_STORE_GENERATE_CRL,
 857                 generate_object,STORE_R_NO_GENERATE_CRL_FUNCTION);
 858
 859         object = s->meth->generate_object(s, STORE_OBJECT_TYPE_X509_CRL,
 860                 attributes, parameters);
 861         if (!object || !object->data.crl)
 862                 {
 863                 STOREerr(STORE_F_STORE_GENERATE_CRL,
 864                         STORE_R_FAILED_GENERATING_CRL);
 865                 return 0;
 866                 }
 867         CRYPTO_add(&object->data.crl->references,1,CRYPTO_LOCK_X509_CRL);
 868 #ifdef REF_PRINT
 869         REF_PRINT("X509_CRL",data);
 870 #endif
 871         crl = object->data.crl;
 872         STORE_OBJECT_free(object);
 873         return crl;
 874         }
 875
 876 X509_CRL *STORE_get_crl(STORE *s, OPENSSL_ITEM attributes[],
 877         OPENSSL_ITEM parameters[])
 878         {
 879         STORE_OBJECT *object;
 880         X509_CRL *crl;
 881
 882         check_store(s,STORE_F_STORE_GET_CRL,
 883                 get_object,STORE_R_NO_GET_OBJECT_FUNCTION);
 884
 885         object = s->meth->get_object(s, STORE_OBJECT_TYPE_X509_CRL,
 886                 attributes, parameters);
 887         if (!object || !object->data.crl)
 888                 {
 889                 STOREerr(STORE_F_STORE_GET_CRL,
 890                         STORE_R_FAILED_GETTING_KEY);
 891                 return 0;
 892                 }
 893         CRYPTO_add(&object->data.crl->references,1,CRYPTO_LOCK_X509_CRL);
 894 #ifdef REF_PRINT
 895         REF_PRINT("X509_CRL",data);
 896 #endif
 897         crl = object->data.crl;
 898         STORE_OBJECT_free(object);
 899         return crl;
 900         }
 901
 902 int STORE_store_crl(STORE *s, X509_CRL *data, OPENSSL_ITEM attributes[],
 903         OPENSSL_ITEM parameters[])
 904         {
 905         STORE_OBJECT *object;
 906         int i;
 907
 908         check_store(s,STORE_F_STORE_CRL,
 909                 store_object,STORE_R_NO_STORE_OBJECT_FUNCTION);
 910
 911         object = STORE_OBJECT_new();
 912         if (!object)
 913                 {
 914                 STOREerr(STORE_F_STORE_CRL,
 915                         ERR_R_MALLOC_FAILURE);
 916                 return 0;
 917                 }
 918
 919         CRYPTO_add(&data->references,1,CRYPTO_LOCK_X509_CRL);
 920 #ifdef REF_PRINT
 921         REF_PRINT("X509_CRL",data);
 922 #endif
 923         object->data.crl = data;
 924
 925         i = s->meth->store_object(s, STORE_OBJECT_TYPE_X509_CRL, object,
 926                 attributes, parameters);
 927
 928         STORE_OBJECT_free(object);
 929
 930         if (!i)
 931                 {
 932                 STOREerr(STORE_F_STORE_CRL,
 933                         STORE_R_FAILED_STORING_KEY);
 934                 return 0;
 935                 }
 936         return i;
 937         }
 938
 939 int STORE_modify_crl(STORE *s, OPENSSL_ITEM search_attributes[],
 940         OPENSSL_ITEM add_attributes[], OPENSSL_ITEM modify_attributes[],
 941         OPENSSL_ITEM delete_attributes[], OPENSSL_ITEM parameters[])
 942         {
 943         check_store(s,STORE_F_STORE_MODIFY_CRL,
 944                 modify_object,STORE_R_NO_MODIFY_OBJECT_FUNCTION);
 945
 946         if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_X509_CRL,
 947                     search_attributes, add_attributes, modify_attributes,
 948                     delete_attributes, parameters))
 949                 {
 950                 STOREerr(STORE_F_STORE_MODIFY_CRL,
 951                         STORE_R_FAILED_MODIFYING_CRL);
 952                 return 0;
 953                 }
 954         return 1;
 955         }
 956
 957 int STORE_delete_crl(STORE *s, OPENSSL_ITEM attributes[],
 958         OPENSSL_ITEM parameters[])
 959         {
 960         check_store(s,STORE_F_STORE_DELETE_CRL,
 961                 delete_object,STORE_R_NO_DELETE_OBJECT_FUNCTION);
 962
 963         if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_X509_CRL,
 964                     attributes, parameters))
 965                 {
 966                 STOREerr(STORE_F_STORE_DELETE_CRL,
 967                         STORE_R_FAILED_DELETING_KEY);
 968                 return 0;
 969                 }
 970         return 1;
 971         }
 972
 973 void *STORE_list_crl_start(STORE *s, OPENSSL_ITEM attributes[],
 974         OPENSSL_ITEM parameters[])
 975         {
 976         void *handle;
 977
 978         check_store(s,STORE_F_STORE_LIST_CRL_START,
 979                 list_object_start,STORE_R_NO_LIST_OBJECT_START_FUNCTION);
 980
 981         handle = s->meth->list_object_start(s, STORE_OBJECT_TYPE_X509_CRL,
 982                 attributes, parameters);
 983         if (!handle)
 984                 {
 985                 STOREerr(STORE_F_STORE_LIST_CRL_START,
 986                         STORE_R_FAILED_LISTING_KEYS);
 987                 return 0;
 988                 }
 989         return handle;
 990         }
 991
 992 X509_CRL *STORE_list_crl_next(STORE *s, void *handle)
 993         {
 994         STORE_OBJECT *object;
 995         X509_CRL *crl;
 996
 997         check_store(s,STORE_F_STORE_LIST_CRL_NEXT,
 998                 list_object_next,STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
 999
1000         object = s->meth->list_object_next(s, handle);
1001         if (!object || !object->data.crl)
1002                 {
1003                 STOREerr(STORE_F_STORE_LIST_CRL_NEXT,
1004                         STORE_R_FAILED_LISTING_KEYS);
1005                 return 0;
1006                 }
1007         CRYPTO_add(&object->data.crl->references,1,CRYPTO_LOCK_X509_CRL);
1008 #ifdef REF_PRINT
1009         REF_PRINT("X509_CRL",data);
1010 #endif
1011         crl = object->data.crl;
1012         STORE_OBJECT_free(object);
1013         return crl;
1014         }
1015
1016 int STORE_list_crl_end(STORE *s, void *handle)
1017         {
1018         check_store(s,STORE_F_STORE_LIST_CRL_END,
1019                 list_object_end,STORE_R_NO_LIST_OBJECT_END_FUNCTION);
1020
1021         if (!s->meth->list_object_end(s, handle))
1022                 {
1023                 STOREerr(STORE_F_STORE_LIST_CRL_END,
1024                         STORE_R_FAILED_LISTING_KEYS);
1025                 return 0;
1026                 }
1027         return 1;
1028         }
1029
1030 int STORE_list_crl_endp(STORE *s, void *handle)
1031         {
1032         check_store(s,STORE_F_STORE_LIST_CRL_ENDP,
1033                 list_object_endp,STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
1034
1035         if (!s->meth->list_object_endp(s, handle))
1036                 {
1037                 STOREerr(STORE_F_STORE_LIST_CRL_ENDP,
1038                         STORE_R_FAILED_LISTING_KEYS);
1039                 return 0;
1040                 }
1041         return 1;
1042         }
1043
1044 int STORE_store_number(STORE *s, BIGNUM *data, OPENSSL_ITEM attributes[],
1045         OPENSSL_ITEM parameters[])
1046         {
1047         STORE_OBJECT *object;
1048         int i;
1049
1050         check_store(s,STORE_F_STORE_NUMBER,
1051                 store_object,STORE_R_NO_STORE_OBJECT_NUMBER_FUNCTION);
1052
1053         object = STORE_OBJECT_new();
1054         if (!object)
1055                 {
1056                 STOREerr(STORE_F_STORE_NUMBER,
1057                         ERR_R_MALLOC_FAILURE);
1058                 return 0;
1059                 }
1060
1061         object->data.number = data;
1062
1063         i = s->meth->store_object(s, STORE_OBJECT_TYPE_NUMBER, object,
1064                 attributes, parameters);
1065
1066         STORE_OBJECT_free(object);
1067
1068         if (!i)
1069                 {
1070                 STOREerr(STORE_F_STORE_NUMBER,
1071                         STORE_R_FAILED_STORING_NUMBER);
1072                 return 0;
1073                 }
1074         return 1;
1075         }
1076
1077 int STORE_modify_number(STORE *s, OPENSSL_ITEM search_attributes[],
1078         OPENSSL_ITEM add_attributes[], OPENSSL_ITEM modify_attributes[],
1079         OPENSSL_ITEM delete_attributes[], OPENSSL_ITEM parameters[])
1080         {
1081         check_store(s,STORE_F_STORE_MODIFY_NUMBER,
1082                 modify_object,STORE_R_NO_MODIFY_OBJECT_FUNCTION);
1083
1084         if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_NUMBER,
1085                     search_attributes, add_attributes, modify_attributes,
1086                     delete_attributes, parameters))
1087                 {
1088                 STOREerr(STORE_F_STORE_MODIFY_NUMBER,
1089                         STORE_R_FAILED_MODIFYING_NUMBER);
1090                 return 0;
1091                 }
1092         return 1;
1093         }
1094
1095 BIGNUM *STORE_get_number(STORE *s, OPENSSL_ITEM attributes[],
1096         OPENSSL_ITEM parameters[])
1097         {
1098         STORE_OBJECT *object;
1099         BIGNUM *n;
1100
1101         check_store(s,STORE_F_STORE_GET_NUMBER,
1102                 get_object,STORE_R_NO_GET_OBJECT_NUMBER_FUNCTION);
1103
1104         object = s->meth->get_object(s, STORE_OBJECT_TYPE_NUMBER, attributes,
1105                 parameters);
1106         if (!object || !object->data.number)
1107                 {
1108                 STOREerr(STORE_F_STORE_GET_NUMBER,
1109                         STORE_R_FAILED_GETTING_NUMBER);
1110                 return 0;
1111                 }
1112         n = object->data.number;
1113         object->data.number = NULL;
1114         STORE_OBJECT_free(object);
1115         return n;
1116         }
1117
1118 int STORE_delete_number(STORE *s, OPENSSL_ITEM attributes[],
1119         OPENSSL_ITEM parameters[])
1120         {
1121         check_store(s,STORE_F_STORE_DELETE_NUMBER,
1122                 delete_object,STORE_R_NO_DELETE_NUMBER_FUNCTION);
1123
1124         if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_NUMBER, attributes,
1125                     parameters))
1126                 {
1127                 STOREerr(STORE_F_STORE_DELETE_NUMBER,
1128                         STORE_R_FAILED_DELETING_NUMBER);
1129                 return 0;
1130                 }
1131         return 1;
1132         }
1133
1134 int STORE_store_arbitrary(STORE *s, BUF_MEM *data, OPENSSL_ITEM attributes[],
1135         OPENSSL_ITEM parameters[])
1136         {
1137         STORE_OBJECT *object;
1138         int i;
1139
1140         check_store(s,STORE_F_STORE_ARBITRARY,
1141                 store_object,STORE_R_NO_STORE_OBJECT_ARBITRARY_FUNCTION);
1142
1143         object = STORE_OBJECT_new();
1144         if (!object)
1145                 {
1146                 STOREerr(STORE_F_STORE_ARBITRARY,
1147                         ERR_R_MALLOC_FAILURE);
1148                 return 0;
1149                 }
1150
1151         object->data.arbitrary = data;
1152
1153         i = s->meth->store_object(s, STORE_OBJECT_TYPE_ARBITRARY, object,
1154                 attributes, parameters);
1155
1156         STORE_OBJECT_free(object);
1157
1158         if (!i)
1159                 {
1160                 STOREerr(STORE_F_STORE_ARBITRARY,
1161                         STORE_R_FAILED_STORING_ARBITRARY);
1162                 return 0;
1163                 }
1164         return 1;
1165         }
1166
1167 int STORE_modify_arbitrary(STORE *s, OPENSSL_ITEM search_attributes[],
1168         OPENSSL_ITEM add_attributes[], OPENSSL_ITEM modify_attributes[],
1169         OPENSSL_ITEM delete_attributes[], OPENSSL_ITEM parameters[])
1170         {
1171         check_store(s,STORE_F_STORE_MODIFY_ARBITRARY,
1172                 modify_object,STORE_R_NO_MODIFY_OBJECT_FUNCTION);
1173
1174         if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_ARBITRARY,
1175                     search_attributes, add_attributes, modify_attributes,
1176                     delete_attributes, parameters))
1177                 {
1178                 STOREerr(STORE_F_STORE_MODIFY_ARBITRARY,
1179                         STORE_R_FAILED_MODIFYING_ARBITRARY);
1180                 return 0;
1181                 }
1182         return 1;
1183         }
1184
1185 BUF_MEM *STORE_get_arbitrary(STORE *s, OPENSSL_ITEM attributes[],
1186         OPENSSL_ITEM parameters[])
1187         {
1188         STORE_OBJECT *object;
1189         BUF_MEM *b;
1190
1191         check_store(s,STORE_F_STORE_GET_ARBITRARY,
1192                 get_object,STORE_R_NO_GET_OBJECT_ARBITRARY_FUNCTION);
1193
1194         object = s->meth->get_object(s, STORE_OBJECT_TYPE_ARBITRARY,
1195                 attributes, parameters);
1196         if (!object || !object->data.arbitrary)
1197                 {
1198                 STOREerr(STORE_F_STORE_GET_ARBITRARY,
1199                         STORE_R_FAILED_GETTING_ARBITRARY);
1200                 return 0;
1201                 }
1202         b = object->data.arbitrary;
1203         object->data.arbitrary = NULL;
1204         STORE_OBJECT_free(object);
1205         return b;
1206         }
1207
1208 int STORE_delete_arbitrary(STORE *s, OPENSSL_ITEM attributes[],
1209         OPENSSL_ITEM parameters[])
1210         {
1211         check_store(s,STORE_F_STORE_DELETE_ARBITRARY,
1212                 delete_object,STORE_R_NO_DELETE_ARBITRARY_FUNCTION);
1213
1214         if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_ARBITRARY, attributes,
1215                     parameters))
1216                 {
1217                 STOREerr(STORE_F_STORE_DELETE_ARBITRARY,
1218                         STORE_R_FAILED_DELETING_ARBITRARY);
1219                 return 0;
1220                 }
1221         return 1;
1222         }
1223
1224 STORE_OBJECT *STORE_OBJECT_new(void)
1225         {
1226         STORE_OBJECT *object = OPENSSL_malloc(sizeof(STORE_OBJECT));
1227         if (object) memset(object, 0, sizeof(STORE_OBJECT));
1228         return object;
1229         }
1230 void STORE_OBJECT_free(STORE_OBJECT *data)
1231         {
1232         if (!data) return;
1233         switch (data->type)
1234                 {
1235         case STORE_OBJECT_TYPE_X509_CERTIFICATE:
1236                 X509_free(data->data.x509.certificate);
1237                 break;
1238         case STORE_OBJECT_TYPE_X509_CRL:
1239                 X509_CRL_free(data->data.crl);
1240                 break;
1241         case STORE_OBJECT_TYPE_PRIVATE_KEY:
1242         case STORE_OBJECT_TYPE_PUBLIC_KEY:
1243                 EVP_PKEY_free(data->data.key);
1244                 break;
1245         case STORE_OBJECT_TYPE_NUMBER:
1246                 BN_free(data->data.number);
1247                 break;
1248         case STORE_OBJECT_TYPE_ARBITRARY:
1249                 BUF_MEM_free(data->data.arbitrary);
1250                 break;
1251                 }
1252         OPENSSL_free(data);
1253         }
1254
1255 IMPLEMENT_STACK_OF(STORE_OBJECT*)
1256
1257
1258 struct STORE_attr_info_st
1259         {
1260         unsigned char set[(STORE_ATTR_TYPE_NUM + 8) / 8];
1261         union
1262                 {
1263                 char *cstring;
1264                 unsigned char *sha1string;
1265                 X509_NAME *dn;
1266                 BIGNUM *number;
1267                 void *any;
1268                 } values[STORE_ATTR_TYPE_NUM+1];
1269         size_t value_sizes[STORE_ATTR_TYPE_NUM+1];
1270         };
1271
1272 #define ATTR_IS_SET(a,i)        ((i) > 0 && (i) < STORE_ATTR_TYPE_NUM \
1273                                 && ((a)->set[(i) / 8] & (1 << ((i) % 8))))
1274 #define SET_ATTRBIT(a,i)        ((a)->set[(i) / 8] |= (1 << ((i) % 8)))
1275 #define CLEAR_ATTRBIT(a,i)      ((a)->set[(i) / 8] &= ~(1 << ((i) % 8)))
1276
1277 STORE_ATTR_INFO *STORE_ATTR_INFO_new(void)
1278         {
1279         return (STORE_ATTR_INFO *)OPENSSL_malloc(sizeof(STORE_ATTR_INFO));
1280         }
1281 static void STORE_ATTR_INFO_attr_free(STORE_ATTR_INFO *attrs,
1282         STORE_ATTR_TYPES code)
1283         {
1284         if (ATTR_IS_SET(attrs,code))
1285                 {
1286                 switch(code)
1287                         {
1288                 case STORE_ATTR_FRIENDLYNAME:
1289                 case STORE_ATTR_EMAIL:
1290                 case STORE_ATTR_FILENAME:
1291                         STORE_ATTR_INFO_modify_cstr(attrs, code, NULL, 0);
1292                         break;
1293                 case STORE_ATTR_KEYID:
1294                 case STORE_ATTR_ISSUERKEYID:
1295                 case STORE_ATTR_SUBJECTKEYID:
1296                 case STORE_ATTR_ISSUERSERIALHASH:
1297                 case STORE_ATTR_CERTHASH:
1298                         STORE_ATTR_INFO_modify_sha1str(attrs, code, NULL, 0);
1299                         break;
1300                 case STORE_ATTR_ISSUER:
1301                 case STORE_ATTR_SUBJECT:
1302                         STORE_ATTR_INFO_modify_dn(attrs, code, NULL);
1303                         break;
1304                 case STORE_ATTR_SERIAL:
1305                         STORE_ATTR_INFO_modify_number(attrs, code, NULL);
1306                         break;
1307                 default:
1308                         break;
1309                         }
1310                 }
1311         }
1312 int STORE_ATTR_INFO_free(STORE_ATTR_INFO *attrs)
1313         {
1314         if (attrs)
1315                 {
1316                 STORE_ATTR_TYPES i;
1317                 for(i = 0; i++ < STORE_ATTR_TYPE_NUM;)
1318                         STORE_ATTR_INFO_attr_free(attrs, i);
1319                 OPENSSL_free(attrs);
1320                 }
1321         return 1;
1322         }
1323 char *STORE_ATTR_INFO_get0_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code)
1324         {
1325         if (!attrs)
1326                 {
1327                 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_CSTR,
1328                         ERR_R_PASSED_NULL_PARAMETER);
1329                 return NULL;
1330                 }
1331         if (ATTR_IS_SET(attrs,code))
1332                 return attrs->values[code].cstring;
1333         STOREerr(STORE_F_STORE_ATTR_INFO_GET0_CSTR,
1334                 STORE_R_NO_VALUE);
1335         return NULL;
1336         }
1337 unsigned char *STORE_ATTR_INFO_get0_sha1str(STORE_ATTR_INFO *attrs,
1338         STORE_ATTR_TYPES code)
1339         {
1340         if (!attrs)
1341                 {
1342                 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_SHA1STR,
1343                         ERR_R_PASSED_NULL_PARAMETER);
1344                 return NULL;
1345                 }
1346         if (ATTR_IS_SET(attrs,code))
1347                 return attrs->values[code].sha1string;
1348         STOREerr(STORE_F_STORE_ATTR_INFO_GET0_SHA1STR,
1349                 STORE_R_NO_VALUE);
1350         return NULL;
1351         }
1352 X509_NAME *STORE_ATTR_INFO_get0_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code)
1353         {
1354         if (!attrs)
1355                 {
1356                 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_DN,
1357                         ERR_R_PASSED_NULL_PARAMETER);
1358                 return NULL;
1359                 }
1360         if (ATTR_IS_SET(attrs,code))
1361                 return attrs->values[code].dn;
1362         STOREerr(STORE_F_STORE_ATTR_INFO_GET0_DN,
1363                 STORE_R_NO_VALUE);
1364         return NULL;
1365         }
1366 BIGNUM *STORE_ATTR_INFO_get0_number(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code)
1367         {
1368         if (!attrs)
1369                 {
1370                 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_NUMBER,
1371                         ERR_R_PASSED_NULL_PARAMETER);
1372                 return NULL;
1373                 }
1374         if (ATTR_IS_SET(attrs,code))
1375                 return attrs->values[code].number;
1376         STOREerr(STORE_F_STORE_ATTR_INFO_GET0_NUMBER,
1377                 STORE_R_NO_VALUE);
1378         return NULL;
1379         }
1380 int STORE_ATTR_INFO_set_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1381         char *cstr, size_t cstr_size)
1382         {
1383         if (!attrs)
1384                 {
1385                 STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR,
1386                         ERR_R_PASSED_NULL_PARAMETER);
1387                 return 0;
1388                 }
1389         if (!ATTR_IS_SET(attrs,code))
1390                 {
1391                 if ((attrs->values[code].cstring = BUF_strndup(cstr, cstr_size)))
1392                         return 1;
1393                 STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR,
1394                         ERR_R_MALLOC_FAILURE);
1395                 return 0;
1396                 }
1397         STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR, STORE_R_ALREADY_HAS_A_VALUE);
1398         return 0;
1399         }
1400 int STORE_ATTR_INFO_set_sha1str(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1401         unsigned char *sha1str, size_t sha1str_size)
1402         {
1403         if (!attrs)
1404                 {
1405                 STOREerr(STORE_F_STORE_ATTR_INFO_SET_SHA1STR,
1406                         ERR_R_PASSED_NULL_PARAMETER);
1407                 return 0;
1408                 }
1409         if (!ATTR_IS_SET(attrs,code))
1410                 {
1411                 if ((attrs->values[code].sha1string =
1412                             (unsigned char *)BUF_memdup(sha1str,
1413                                     sha1str_size)))
1414                         return 1;
1415                 STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR,
1416                         ERR_R_MALLOC_FAILURE);
1417                 return 0;
1418                 }
1419         STOREerr(STORE_F_STORE_ATTR_INFO_SET_SHA1STR, STORE_R_ALREADY_HAS_A_VALUE);
1420         return 0;
1421         }
1422 int STORE_ATTR_INFO_set_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1423         X509_NAME *dn)
1424         {
1425         if (!attrs)
1426                 {
1427                 STOREerr(STORE_F_STORE_ATTR_INFO_SET_DN,
1428                         ERR_R_PASSED_NULL_PARAMETER);
1429                 return 0;
1430                 }
1431         if (!ATTR_IS_SET(attrs,code))
1432                 {
1433                 if ((attrs->values[code].dn = X509_NAME_dup(dn)))
1434                         return 1;
1435                 STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR,
1436                         ERR_R_MALLOC_FAILURE);
1437                 return 0;
1438                 }
1439         STOREerr(STORE_F_STORE_ATTR_INFO_SET_DN, STORE_R_ALREADY_HAS_A_VALUE);
1440         return 0;
1441         }
1442 int STORE_ATTR_INFO_set_number(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1443         BIGNUM *number)
1444         {
1445         if (!attrs)
1446                 {
1447                 STOREerr(STORE_F_STORE_ATTR_INFO_SET_NUMBER,
1448                         ERR_R_PASSED_NULL_PARAMETER);
1449                 return 0;
1450                 }
1451         if (!ATTR_IS_SET(attrs,code))
1452                 {
1453                 if ((attrs->values[code].number = BN_dup(number)))
1454                         return 1;
1455                 STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR,
1456                         ERR_R_MALLOC_FAILURE);
1457                 return 0;
1458                 }
1459         STOREerr(STORE_F_STORE_ATTR_INFO_SET_NUMBER, STORE_R_ALREADY_HAS_A_VALUE);
1460         return 0;
1461         }
1462 int STORE_ATTR_INFO_modify_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1463         char *cstr, size_t cstr_size)
1464         {
1465         if (!attrs)
1466                 {
1467                 STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_CSTR,
1468                         ERR_R_PASSED_NULL_PARAMETER);
1469                 return 0;
1470                 }
1471         if (ATTR_IS_SET(attrs,code))
1472                 {
1473                 OPENSSL_free(attrs->values[code].cstring);
1474                 attrs->values[code].cstring = NULL;
1475                 CLEAR_ATTRBIT(attrs, code);
1476                 }
1477         return STORE_ATTR_INFO_set_cstr(attrs, code, cstr, cstr_size);
1478         }
1479 int STORE_ATTR_INFO_modify_sha1str(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1480         unsigned char *sha1str, size_t sha1str_size)
1481         {
1482         if (!attrs)
1483                 {
1484                 STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_SHA1STR,
1485                         ERR_R_PASSED_NULL_PARAMETER);
1486                 return 0;
1487                 }
1488         if (ATTR_IS_SET(attrs,code))
1489                 {
1490                 OPENSSL_free(attrs->values[code].sha1string);
1491                 attrs->values[code].sha1string = NULL;
1492                 CLEAR_ATTRBIT(attrs, code);
1493                 }
1494         return STORE_ATTR_INFO_set_sha1str(attrs, code, sha1str, sha1str_size);
1495         }
1496 int STORE_ATTR_INFO_modify_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1497         X509_NAME *dn)
1498         {
1499         if (!attrs)
1500                 {
1501                 STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_DN,
1502                         ERR_R_PASSED_NULL_PARAMETER);
1503                 return 0;
1504                 }
1505         if (ATTR_IS_SET(attrs,code))
1506                 {
1507                 OPENSSL_free(attrs->values[code].dn);
1508                 attrs->values[code].dn = NULL;
1509                 CLEAR_ATTRBIT(attrs, code);
1510                 }
1511         return STORE_ATTR_INFO_set_dn(attrs, code, dn);
1512         }
1513 int STORE_ATTR_INFO_modify_number(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1514         BIGNUM *number)
1515         {
1516         if (!attrs)
1517                 {
1518                 STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_NUMBER,
1519                         ERR_R_PASSED_NULL_PARAMETER);
1520                 return 0;
1521                 }
1522         if (ATTR_IS_SET(attrs,code))
1523                 {
1524                 OPENSSL_free(attrs->values[code].number);
1525                 attrs->values[code].number = NULL;
1526                 CLEAR_ATTRBIT(attrs, code);
1527                 }
1528         return STORE_ATTR_INFO_set_number(attrs, code, number);
1529         }
1530
1531 struct attr_list_ctx_st
1532         {
1533         OPENSSL_ITEM *attributes;
1534         };
1535 void *STORE_parse_attrs_start(OPENSSL_ITEM *attributes)
1536         {
1537         if (attributes)
1538                 {
1539                 struct attr_list_ctx_st *context =
1540                         (struct attr_list_ctx_st *)OPENSSL_malloc(sizeof(struct attr_list_ctx_st));
1541                 if (context)
1542                         context->attributes = attributes;
1543                 else
1544                         STOREerr(STORE_F_STORE_PARSE_ATTRS_END,
1545                                 ERR_R_MALLOC_FAILURE);
1546                 return context;
1547                 }
1548         STOREerr(STORE_F_STORE_PARSE_ATTRS_END, ERR_R_PASSED_NULL_PARAMETER);
1549         return 0;
1550         }
1551 STORE_ATTR_INFO *STORE_parse_attrs_next(void *handle)
1552         {
1553         struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)handle;
1554
1555         if (context && context->attributes)
1556                 {
1557                 STORE_ATTR_INFO *attrs = NULL;
1558
1559                 while(context->attributes
1560                         && context->attributes->code != STORE_ATTR_OR
1561                         && context->attributes->code != STORE_ATTR_END)
1562                         {
1563                         switch(context->attributes->code)
1564                                 {
1565                         case STORE_ATTR_FRIENDLYNAME:
1566                         case STORE_ATTR_EMAIL:
1567                         case STORE_ATTR_FILENAME:
1568                                 if (!attrs) attrs = STORE_ATTR_INFO_new();
1569                                 if (attrs == NULL)
1570                                         {
1571                                         STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
1572                                                 ERR_R_MALLOC_FAILURE);
1573                                         goto err;
1574                                         }
1575                                 STORE_ATTR_INFO_set_cstr(attrs,
1576                                         context->attributes->code,
1577                                         context->attributes->value,
1578                                         context->attributes->value_size);
1579                                 break;
1580                         case STORE_ATTR_KEYID:
1581                         case STORE_ATTR_ISSUERKEYID:
1582                         case STORE_ATTR_SUBJECTKEYID:
1583                         case STORE_ATTR_ISSUERSERIALHASH:
1584                         case STORE_ATTR_CERTHASH:
1585                                 if (!attrs) attrs = STORE_ATTR_INFO_new();
1586                                 if (attrs == NULL)
1587                                         {
1588                                         STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
1589                                                 ERR_R_MALLOC_FAILURE);
1590                                         goto err;
1591                                         }
1592                                 STORE_ATTR_INFO_set_sha1str(attrs,
1593                                         context->attributes->code,
1594                                         context->attributes->value,
1595                                         context->attributes->value_size);
1596                                 break;
1597                         case STORE_ATTR_ISSUER:
1598                         case STORE_ATTR_SUBJECT:
1599                                 if (!attrs) attrs = STORE_ATTR_INFO_new();
1600                                 if (attrs == NULL)
1601                                         {
1602                                         STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
1603                                                 ERR_R_MALLOC_FAILURE);
1604                                         goto err;
1605                                         }
1606                                 STORE_ATTR_INFO_modify_dn(attrs,
1607                                         context->attributes->code,
1608                                         context->attributes->value);
1609                                 break;
1610                         case STORE_ATTR_SERIAL:
1611                                 if (!attrs) attrs = STORE_ATTR_INFO_new();
1612                                 if (attrs == NULL)
1613                                         {
1614                                         STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
1615                                                 ERR_R_MALLOC_FAILURE);
1616                                         goto err;
1617                                         }
1618                                 STORE_ATTR_INFO_modify_number(attrs,
1619                                         context->attributes->code,
1620                                         context->attributes->value);
1621                                 break;
1622                                 }
1623                         context->attributes++;
1624                         }
1625                 if (context->attributes->code == STORE_ATTR_OR)
1626                         context->attributes++;
1627                 return attrs;
1628         err:
1629                 while(context->attributes
1630                         && context->attributes->code != STORE_ATTR_OR
1631                         && context->attributes->code != STORE_ATTR_END)
1632                         context->attributes++;
1633                 if (context->attributes->code == STORE_ATTR_OR)
1634                         context->attributes++;
1635                 return NULL;
1636                 }
1637         STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT, ERR_R_PASSED_NULL_PARAMETER);
1638         return NULL;
1639         }
1640 int STORE_parse_attrs_end(void *handle)
1641         {
1642         struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)handle;
1643
1644         if (context && context->attributes)
1645                 {
1646 #if 0
1647                 OPENSSL_ITEM *attributes = context->attributes;
1648 #endif
1649                 OPENSSL_free(context);
1650                 return 1;
1651                 }
1652         STOREerr(STORE_F_STORE_PARSE_ATTRS_END, ERR_R_PASSED_NULL_PARAMETER);
1653         return 0;
1654         }
1655
1656 int STORE_parse_attrs_endp(void *handle)
1657         {
1658         struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)handle;
1659
1660         if (context && context->attributes)
1661                 {
1662                 return context->attributes->code == STORE_ATTR_END;
1663                 }
1664         STOREerr(STORE_F_STORE_PARSE_ATTRS_END, ERR_R_PASSED_NULL_PARAMETER);
1665         return 0;
1666         }
1667
1668 static int attr_info_compare_compute_range(
1669         unsigned char *abits, unsigned char *bbits,
1670         unsigned int *alowp, unsigned int *ahighp,
1671         unsigned int *blowp, unsigned int *bhighp)
1672         {
1673         unsigned int alow = (unsigned int)-1, ahigh = 0;
1674         unsigned int blow = (unsigned int)-1, bhigh = 0;
1675         int i, res = 0;
1676
1677         for (i = 0; i < (STORE_ATTR_TYPE_NUM + 8) / 8; i++, abits++, bbits++)
1678                 {
1679                 if (res == 0)
1680                         {
1681                         if (*abits < *bbits) res = -1;
1682                         if (*abits > *bbits) res = 1;
1683                         }
1684                 if (*abits)
1685                         {
1686                         if (alow == (unsigned int)-1)
1687                                 {
1688                                 alow = i * 8;
1689                                 if (!(*abits & 0x01)) alow++;
1690                                 if (!(*abits & 0x02)) alow++;
1691                                 if (!(*abits & 0x04)) alow++;
1692                                 if (!(*abits & 0x08)) alow++;
1693                                 if (!(*abits & 0x10)) alow++;
1694                                 if (!(*abits & 0x20)) alow++;
1695                                 if (!(*abits & 0x40)) alow++;
1696                                 }
1697                         ahigh = i * 8 + 7;
1698                         if (!(*abits & 0x80)) ahigh++;
1699                         if (!(*abits & 0x40)) ahigh++;
1700                         if (!(*abits & 0x20)) ahigh++;
1701                         if (!(*abits & 0x10)) ahigh++;
1702                         if (!(*abits & 0x08)) ahigh++;
1703                         if (!(*abits & 0x04)) ahigh++;
1704                         if (!(*abits & 0x02)) ahigh++;
1705                         }
1706                 if (*bbits)
1707                         {
1708                         if (blow == (unsigned int)-1)
1709                                 {
1710                                 blow = i * 8;
1711                                 if (!(*bbits & 0x01)) blow++;
1712                                 if (!(*bbits & 0x02)) blow++;
1713                                 if (!(*bbits & 0x04)) blow++;
1714                                 if (!(*bbits & 0x08)) blow++;
1715                                 if (!(*bbits & 0x10)) blow++;
1716                                 if (!(*bbits & 0x20)) blow++;
1717                                 if (!(*bbits & 0x40)) blow++;
1718                                 }
1719                         bhigh = i * 8 + 7;
1720                         if (!(*bbits & 0x80)) bhigh++;
1721                         if (!(*bbits & 0x40)) bhigh++;
1722                         if (!(*bbits & 0x20)) bhigh++;
1723                         if (!(*bbits & 0x10)) bhigh++;
1724                         if (!(*bbits & 0x08)) bhigh++;
1725                         if (!(*bbits & 0x04)) bhigh++;
1726                         if (!(*bbits & 0x02)) bhigh++;
1727                         }
1728                 }
1729         if (ahigh + alow < bhigh + blow) res = -1;
1730         if (ahigh + alow > bhigh + blow) res = 1;
1731         if (alowp) *alowp = alow;
1732         if (ahighp) *ahighp = ahigh;
1733         if (blowp) *blowp = blow;
1734         if (bhighp) *bhighp = bhigh;
1735         return res;
1736         }
1737
1738 int STORE_ATTR_INFO_compare(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
1739         {
1740         if (a == b) return 0;
1741         if (!a) return -1;
1742         if (!b) return 1;
1743         return attr_info_compare_compute_range(a->set, b->set, 0, 0, 0, 0);
1744         }
1745 int STORE_ATTR_INFO_in_range(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
1746         {
1747         unsigned int alow, ahigh, blow, bhigh;
1748
1749         if (a == b) return 1;
1750         if (!a) return 0;
1751         if (!b) return 0;
1752         attr_info_compare_compute_range(a->set, b->set,
1753                 &alow, &ahigh, &blow, &bhigh);
1754         if (alow >= blow && ahigh <= bhigh)
1755                 return 1;
1756         return 0;
1757         }
1758 int STORE_ATTR_INFO_in(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
1759         {
1760         unsigned char *abits, *bbits;
1761         int i;
1762
1763         if (a == b) return 1;
1764         if (!a) return 0;
1765         if (!b) return 0;
1766         abits = a->set;
1767         bbits = b->set;
1768         for (i = 0; i < (STORE_ATTR_TYPE_NUM + 8) / 8; i++, abits++, bbits++)
1769                 {
1770                 if (*abits && (*bbits & *abits) != *abits)
1771                         return 0;
1772                 }
1773         return 1;
1774         }
1775 int STORE_ATTR_INFO_in_ex(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
1776         {
1777         STORE_ATTR_TYPES i;
1778
1779         if (a == b) return 1;
1780         if (!STORE_ATTR_INFO_in(a, b)) return 0;
1781         for (i = 1; i < STORE_ATTR_TYPE_NUM; i++)
1782                 if (ATTR_IS_SET(a, i))
1783                         {
1784                         switch(i)
1785                                 {
1786                         case STORE_ATTR_FRIENDLYNAME:
1787                         case STORE_ATTR_EMAIL:
1788                         case STORE_ATTR_FILENAME:
1789                                 if (strcmp(a->values[i].cstring,
1790                                             b->values[i].cstring))
1791                                         return 0;
1792                                 break;
1793                         case STORE_ATTR_KEYID:
1794                         case STORE_ATTR_ISSUERKEYID:
1795                         case STORE_ATTR_SUBJECTKEYID:
1796                         case STORE_ATTR_ISSUERSERIALHASH:
1797                         case STORE_ATTR_CERTHASH:
1798                                 if (memcmp(a->values[i].sha1string,
1799                                             b->values[i].sha1string,
1800                                             a->value_sizes[i]))
1801                                         return 0;
1802                                 break;
1803                         case STORE_ATTR_ISSUER:
1804                         case STORE_ATTR_SUBJECT:
1805                                 if (X509_NAME_cmp(a->values[i].dn,
1806                                             b->values[i].dn))
1807                                         return 0;
1808                                 break;
1809                         case STORE_ATTR_SERIAL:
1810                                 if (BN_cmp(a->values[i].number,
1811                                             b->values[i].number))
1812                                         return 0;
1813                                 break;
1814                         default:
1815                                 break;
1816                                 }
1817                         }
1818
1819         return 1;
1820         }