crypto/store/str_lib.c

   1 /* crypto/store/str_lib.c -*- mode:C; c-file-style: "eay" -*- */
   2 /* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
   3  * project 2003.
   4  */
   5 /* ====================================================================
   6  * Copyright (c) 2003 The OpenSSL Project.  All rights reserved.
   7  *
   8  * Redistribution and use in source and binary forms, with or without
   9  * modification, are permitted provided that the following conditions
  10  * are met:
  11  *
  12  * 1. Redistributions of source code must retain the above copyright
  13  *    notice, this list of conditions and the following disclaimer.
  14  *
  15  * 2. Redistributions in binary form must reproduce the above copyright
  16  *    notice, this list of conditions and the following disclaimer in
  17  *    the documentation and/or other materials provided with the
  18  *    distribution.
  19  *
  20  * 3. All advertising materials mentioning features or use of this
  21  *    software must display the following acknowledgment:
  22  *    "This product includes software developed by the OpenSSL Project
  23  *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
  24  *
  25  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
  26  *    endorse or promote products derived from this software without
  27  *    prior written permission. For written permission, please contact
  28  *    openssl-core@openssl.org.
  29  *
  30  * 5. Products derived from this software may not be called "OpenSSL"
  31  *    nor may "OpenSSL" appear in their names without prior written
  32  *    permission of the OpenSSL Project.
  33  *
  34  * 6. Redistributions of any form whatsoever must retain the following
  35  *    acknowledgment:
  36  *    "This product includes software developed by the OpenSSL Project
  37  *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
  38  *
  39  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
  40  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  41  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  42  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
  43  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  44  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
  45  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
  46  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  47  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
  48  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  49  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
  50  * OF THE POSSIBILITY OF SUCH DAMAGE.
  51  * ====================================================================
  52  *
  53  * This product includes cryptographic software written by Eric Young
  54  * (eay@cryptsoft.com).  This product includes software written by Tim
  55  * Hudson (tjh@cryptsoft.com).
  56  *
  57  */
  58
  59 #include <string.h>
  60 #include <openssl/bn.h>
  61 #include <openssl/err.h>
  62 #include <openssl/engine.h>
  63 #include "str_locl.h"
  64
  65 const char * const STORE_object_type_string[STORE_OBJECT_TYPE_NUM+1] =
  66         {
  67         0,
  68         "X.509 Certificate",
  69         "X.509 CRL",
  70         "Private Key",
  71         "Public Key",
  72         "Number"
  73         };
  74
  75 const int STORE_param_sizes[STORE_PARAM_TYPE_NUM+1] =
  76         {
  77         0,
  78         sizeof(int),            /* EVP_TYPE */
  79         sizeof(size_t),         /* BITS */
  80         -1,                     /* KEY_PARAMETERS */
  81         0                       /* KEY_NO_PARAMETERS */
  82         };
  83
  84 const int STORE_attr_sizes[STORE_ATTR_TYPE_NUM+1] =
  85         {
  86         0,
  87         -1,                     /* FRIENDLYNAME:                C string */
  88         SHA_DIGEST_LENGTH,      /* KEYID:               SHA1 digest, 160 bits */
  89         SHA_DIGEST_LENGTH,      /* ISSUERKEYID:         SHA1 digest, 160 bits */
  90         SHA_DIGEST_LENGTH,      /* SUBJECTKEYID:                SHA1 digest, 160 bits */
  91         SHA_DIGEST_LENGTH,      /* ISSUERSERIALHASH:    SHA1 digest, 160 bits */
  92         sizeof(X509_NAME *),    /* ISSUER:              X509_NAME * */
  93         sizeof(BIGNUM *),       /* SERIAL:              BIGNUM * */
  94         sizeof(X509_NAME *),    /* SUBJECT:             X509_NAME * */
  95         SHA_DIGEST_LENGTH,      /* CERTHASH:            SHA1 digest, 160 bits */
  96         -1,                     /* EMAIL:               C string */
  97         -1,                     /* FILENAME:            C string */
  98         };
  99
 100 STORE *STORE_new_method(const STORE_METHOD *method)
 101         {
 102         STORE *ret;
 103
 104         ret=(STORE *)OPENSSL_malloc(sizeof(STORE));
 105         if (ret == NULL)
 106                 {
 107                 STOREerr(STORE_F_STORE_NEW_METHOD,ERR_R_MALLOC_FAILURE);
 108                 return NULL;
 109                 }
 110         if (method == NULL)
 111                 {
 112                 STOREerr(STORE_F_STORE_NEW_METHOD,ERR_R_PASSED_NULL_PARAMETER);
 113                 return NULL;
 114                 }
 115         else
 116                 ret->meth=method;
 117
 118         CRYPTO_new_ex_data(CRYPTO_EX_INDEX_STORE, ret, &ret->ex_data);
 119         if (ret->meth->init && !ret->meth->init(ret))
 120                 {
 121                 STORE_free(ret);
 122                 ret = NULL;
 123                 }
 124         return ret;
 125         }
 126
 127 STORE *STORE_new_engine(ENGINE *engine)
 128         {
 129         STORE *ret = NULL;
 130         ENGINE *e = engine;
 131         const STORE_METHOD *meth = 0;
 132
 133 #ifdef OPENSSL_NO_ENGINE
 134         e = NULL;
 135 #else
 136         if (engine)
 137                 {
 138                 if (!ENGINE_init(engine))
 139                         {
 140                         STOREerr(STORE_F_STORE_NEW_ENGINE, ERR_R_ENGINE_LIB);
 141                         return NULL;
 142                         }
 143                 e = engine;
 144                 }
 145         else
 146                 {
 147                 STOREerr(STORE_F_STORE_NEW_ENGINE,ERR_R_PASSED_NULL_PARAMETER);
 148                 return NULL;
 149                 }
 150         if(e)
 151                 {
 152                 meth = ENGINE_get_STORE(e);
 153                 if(!meth)
 154                         {
 155                         STOREerr(STORE_F_STORE_NEW_ENGINE,
 156                                 ERR_R_ENGINE_LIB);
 157                         ENGINE_finish(e);
 158                         return NULL;
 159                         }
 160                 }
 161 #endif
 162
 163         ret = STORE_new_method(meth);
 164         if (ret == NULL)
 165                 {
 166                 STOREerr(STORE_F_STORE_NEW_ENGINE,ERR_R_STORE_LIB);
 167                 return NULL;
 168                 }
 169
 170         ret->engine = e;
 171
 172         return(ret);
 173         }
 174
 175 void STORE_free(STORE *store)
 176         {
 177         if (store == NULL)
 178                 return;
 179         if (store->meth->clean)
 180                 store->meth->clean(store);
 181         CRYPTO_free_ex_data(CRYPTO_EX_INDEX_STORE, store, &store->ex_data);
 182         OPENSSL_free(store);
 183         }
 184
 185
 186 int STORE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
 187              CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
 188         {
 189         return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_STORE, argl, argp,
 190                                 new_func, dup_func, free_func);
 191         }
 192
 193 int STORE_set_ex_data(STORE *r, int idx, void *arg)
 194         {
 195         return(CRYPTO_set_ex_data(&r->ex_data,idx,arg));
 196         }
 197
 198 void *STORE_get_ex_data(STORE *r, int idx)
 199         {
 200         return(CRYPTO_get_ex_data(&r->ex_data,idx));
 201         }
 202
 203 const STORE_METHOD *STORE_get_method(STORE *store)
 204         {
 205         return store->meth;
 206         }
 207
 208 const STORE_METHOD *STORE_set_method(STORE *store, const STORE_METHOD *meth)
 209         {
 210         store->meth=meth;
 211         return store->meth;
 212         }
 213
 214
 215 /* API helpers */
 216
 217 #define check_store(s,fncode,fnname,fnerrcode) \
 218         do \
 219                 { \
 220                 if ((s) == NULL || (s)->meth) \
 221                         { \
 222                         STOREerr((fncode), ERR_R_PASSED_NULL_PARAMETER); \
 223                         return 0; \
 224                         } \
 225                 if ((s)->meth->fnname == NULL) \
 226                         { \
 227                         STOREerr((fncode), (fnerrcode)); \
 228                         return 0; \
 229                         } \
 230                 } \
 231         while(0)
 232
 233 /* API functions */
 234
 235 X509 *STORE_get_certificate(STORE *s, OPENSSL_ITEM attributes[],
 236         OPENSSL_ITEM parameters[])
 237         {
 238         STORE_OBJECT *object;
 239         X509 *x;
 240
 241         check_store(s,STORE_F_STORE_GET_CERTIFICATE,
 242                 get_object,STORE_R_NO_GET_OBJECT_FUNCTION);
 243
 244         object = s->meth->get_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
 245                 attributes, parameters);
 246         if (!object || !object->data.x509.certificate)
 247                 {
 248                 STOREerr(STORE_F_STORE_GET_CERTIFICATE,
 249                         STORE_R_FAILED_GETTING_CERTIFICATE);
 250                 return 0;
 251                 }
 252         CRYPTO_add(&object->data.x509.certificate->references,1,CRYPTO_LOCK_X509);
 253 #ifdef REF_PRINT
 254         REF_PRINT("X509",data);
 255 #endif
 256         x = object->data.x509.certificate;
 257         STORE_OBJECT_free(object);
 258         return x;
 259         }
 260
 261 int STORE_store_certificate(STORE *s, X509 *data, OPENSSL_ITEM attributes[],
 262         OPENSSL_ITEM parameters[])
 263         {
 264         STORE_OBJECT *object = STORE_OBJECT_new();
 265         int i;
 266
 267         check_store(s,STORE_F_STORE_CERTIFICATE,
 268                 store_object,STORE_R_NO_STORE_OBJECT_FUNCTION);
 269
 270         if (!object)
 271                 {
 272                 STOREerr(STORE_F_STORE_CERTIFICATE,
 273                         ERR_R_MALLOC_FAILURE);
 274                 return 0;
 275                 }
 276
 277         CRYPTO_add(&data->references,1,CRYPTO_LOCK_X509);
 278 #ifdef REF_PRINT
 279         REF_PRINT("X509",data);
 280 #endif
 281         object->data.x509.certificate = data;
 282
 283         i = s->meth->store_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
 284                 object, attributes, parameters);
 285
 286         STORE_OBJECT_free(object);
 287
 288         if (!i)
 289                 {
 290                 STOREerr(STORE_F_STORE_CERTIFICATE,
 291                         STORE_R_FAILED_STORING_CERTIFICATE);
 292                 return 0;
 293                 }
 294         return 1;
 295         }
 296
 297 int STORE_revoke_certificate(STORE *s, OPENSSL_ITEM attributes[],
 298         OPENSSL_ITEM parameters[])
 299         {
 300         check_store(s,STORE_F_STORE_REVOKE_CERTIFICATE,
 301                 revoke_object,STORE_R_NO_REVOKE_OBJECT_FUNCTION);
 302
 303         if (!s->meth->revoke_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
 304                     attributes, parameters))
 305                 {
 306                 STOREerr(STORE_F_STORE_REVOKE_CERTIFICATE,
 307                         STORE_R_FAILED_REVOKING_CERTIFICATE);
 308                 return 0;
 309                 }
 310         return 1;
 311         }
 312
 313 int STORE_delete_certificate(STORE *s, OPENSSL_ITEM attributes[],
 314         OPENSSL_ITEM parameters[])
 315         {
 316         check_store(s,STORE_F_STORE_DELETE_CERTIFICATE,
 317                 delete_object,STORE_R_NO_DELETE_OBJECT_FUNCTION);
 318
 319         if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
 320                     attributes, parameters))
 321                 {
 322                 STOREerr(STORE_F_STORE_DELETE_CERTIFICATE,
 323                         STORE_R_FAILED_DELETING_CERTIFICATE);
 324                 return 0;
 325                 }
 326         return 1;
 327         }
 328
 329 void *STORE_list_certificate_start(STORE *s, OPENSSL_ITEM attributes[],
 330         OPENSSL_ITEM parameters[])
 331         {
 332         void *handle;
 333
 334         check_store(s,STORE_F_STORE_LIST_CERTIFICATE_START,
 335                 list_object_start,STORE_R_NO_LIST_OBJECT_START_FUNCTION);
 336
 337         handle = s->meth->list_object_start(s,
 338                 STORE_OBJECT_TYPE_X509_CERTIFICATE, attributes, parameters);
 339         if (!handle)
 340                 {
 341                 STOREerr(STORE_F_STORE_LIST_CERTIFICATE_START,
 342                         STORE_R_FAILED_LISTING_CERTIFICATES);
 343                 return 0;
 344                 }
 345         return handle;
 346         }
 347
 348 X509 *STORE_list_certificate_next(STORE *s, void *handle)
 349         {
 350         STORE_OBJECT *object;
 351         X509 *x;
 352
 353         check_store(s,STORE_F_STORE_LIST_CERTIFICATE_NEXT,
 354                 list_object_next,STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
 355
 356         object = s->meth->list_object_next(s, handle);
 357         if (!object || !object->data.x509.certificate)
 358                 {
 359                 STOREerr(STORE_F_STORE_LIST_CERTIFICATE_NEXT,
 360                         STORE_R_FAILED_LISTING_CERTIFICATES);
 361                 return 0;
 362                 }
 363         CRYPTO_add(&object->data.x509.certificate->references,1,CRYPTO_LOCK_X509);
 364 #ifdef REF_PRINT
 365         REF_PRINT("X509",data);
 366 #endif
 367         x = object->data.x509.certificate;
 368         STORE_OBJECT_free(object);
 369         return x;
 370         }
 371
 372 int STORE_list_certificate_end(STORE *s, void *handle)
 373         {
 374         check_store(s,STORE_F_STORE_LIST_CERTIFICATE_END,
 375                 list_object_end,STORE_R_NO_LIST_OBJECT_END_FUNCTION);
 376
 377         if (!s->meth->list_object_end(s, handle))
 378                 {
 379                 STOREerr(STORE_F_STORE_LIST_CERTIFICATE_END,
 380                         STORE_R_FAILED_LISTING_CERTIFICATES);
 381                 return 0;
 382                 }
 383         return 1;
 384         }
 385
 386 int STORE_list_certificate_endp(STORE *s, void *handle)
 387         {
 388         check_store(s,STORE_F_STORE_LIST_CERTIFICATE_ENDP,
 389                 list_object_endp,STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
 390
 391         if (!s->meth->list_object_endp(s, handle))
 392                 {
 393                 STOREerr(STORE_F_STORE_LIST_CERTIFICATE_ENDP,
 394                         STORE_R_FAILED_LISTING_CERTIFICATES);
 395                 return 0;
 396                 }
 397         return 1;
 398         }
 399
 400 EVP_PKEY *STORE_generate_key(STORE *s, OPENSSL_ITEM attributes[],
 401         OPENSSL_ITEM parameters[])
 402         {
 403         STORE_OBJECT *object;
 404         EVP_PKEY *pkey;
 405
 406         check_store(s,STORE_F_STORE_GENERATE_KEY,
 407                 generate_object,STORE_R_NO_GENERATE_OBJECT_FUNCTION);
 408
 409         object = s->meth->generate_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
 410                 attributes, parameters);
 411         if (!object || !object->data.key)
 412                 {
 413                 STOREerr(STORE_F_STORE_GENERATE_KEY,
 414                         STORE_R_FAILED_GENERATING_KEY);
 415                 return 0;
 416                 }
 417         CRYPTO_add(&object->data.key->references,1,CRYPTO_LOCK_EVP_PKEY);
 418 #ifdef REF_PRINT
 419         REF_PRINT("EVP_PKEY",data);
 420 #endif
 421         pkey = object->data.key;
 422         STORE_OBJECT_free(object);
 423         return pkey;
 424         }
 425
 426 EVP_PKEY *STORE_get_private_key(STORE *s, OPENSSL_ITEM attributes[],
 427         OPENSSL_ITEM parameters[])
 428         {
 429         STORE_OBJECT *object;
 430         EVP_PKEY *pkey;
 431
 432         check_store(s,STORE_F_STORE_GET_PRIVATE_KEY,
 433                 get_object,STORE_R_NO_GET_OBJECT_FUNCTION);
 434
 435         object = s->meth->get_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
 436                 attributes, parameters);
 437         if (!object || !object->data.key || !object->data.key)
 438                 {
 439                 STOREerr(STORE_F_STORE_GET_PRIVATE_KEY,
 440                         STORE_R_FAILED_GETTING_KEY);
 441                 return 0;
 442                 }
 443         CRYPTO_add(&object->data.key->references,1,CRYPTO_LOCK_EVP_PKEY);
 444 #ifdef REF_PRINT
 445         REF_PRINT("EVP_PKEY",data);
 446 #endif
 447         pkey = object->data.key;
 448         STORE_OBJECT_free(object);TORE *s, EVP_PKEY *data, OPENSSL_ITEM attributes[],
 449         OPENSSL_ITEM parameters[])
 450         {
 451         STORE_OBJECT *object = STORE_OBJECT_new();
 452         int i;
 453
 454         check_store(s,STORE_F_STORE_PRIVATE_KEY,
 455                 store_object,STORE_R_NO_STORE_OBJECT_FUNCTION);
 456
 457         if (!object)
 458                 {
 459                 STOREerr(STORE_F_STORE_PRIVATE_KEY,
 460                         ERR_R_MALLOC_FAILURE);
 461                 return 0;
 462                 }
 463         object->data.key = EVP_PKEY_new();
 464         if (!object->data.key)
 465                 {
 466                 STOREerr(STORE_F_STORE_PRIVATE_KEY,
 467                         ERR_R_MALLOC_FAILURE);
 468                 return 0;
 469                 }
 470
 471         CRYPTO_add(&data->references,1,CRYPTO_LOCK_EVP_PKEY);
 472 #ifdef REF_PRINT
 473         REF_PRINT("EVP_PKEY",data);
 474 #endif
 475         object->data.key = data;
 476
 477         i = s->meth->store_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY, object,
 478                 attributes, parameters);
 479
 480         STORE_OBJECT_free(object);
 481
 482         if (!i)
 483                 {
 484                 STOREerr(STORE_F_STORE_PRIVATE_KEY,
 485                         STORE_R_FAILED_STORING_KEY);
 486                 return 0;
 487                 }
 488         return i;
 489         }
 490
 491 int STORE_revoke_private_key(STORE *s, OPENSSL_ITEM attributes[],
 492         OPENSSL_ITEM parameters[])
 493         {
 494         int i;
 495
 496         check_store(s,STORE_F_STORE_REVOKE_PRIVATE_KEY,
 497                 revoke_object,STORE_R_NO_REVOKE_OBJECT_FUNCTION);
 498
 499         i = s->meth->revoke_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
 500                 attributes, parameters);
 501
 502         if (!i)
 503                 {
 504                 STOREerr(STORE_F_STORE_REVOKE_PRIVATE_KEY,
 505                         STORE_R_FAILED_REVOKING_KEY);
 506                 return 0;
 507                 }
 508         return i;
 509         }
 510
 511 int STORE_delete_private_key(STORE *s, OPENSSL_ITEM attributes[],
 512         OPENSSL_ITEM parameters[])
 513         {
 514         check_store(s,STORE_F_STORE_DELETE_PRIVATE_KEY,
 515                 delete_object,STORE_R_NO_DELETE_OBJECT_FUNCTION);
 516
 517         if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
 518                     attributes, parameters))
 519                 {
 520                 STOREerr(STORE_F_STORE_DELETE_PRIVATE_KEY,
 521                         STORE_R_FAILED_DELETING_KEY);
 522                 return 0;
 523                 }
 524         return 1;
 525         }
 526
 527 void *STORE_list_private_key_start(STORE *s, OPENSSL_ITEM attributes[],
 528         OPENSSL_ITEM parameters[])
 529         {
 530         void *handle;
 531
 532         check_store(s,STORE_F_STORE_LIST_PRIVATE_KEY_START,
 533                 list_object_start,STORE_R_NO_LIST_OBJECT_START_FUNCTION);
 534
 535         handle = s->meth->list_object_start(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
 536                 attributes, parameters);
 537         if (!handle)
 538                 {
 539                 STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_START,
 540                         STORE_R_FAILED_LISTING_KEYS);
 541                 return 0;
 542                 }
 543         return handle;
 544         }
 545
 546 EVP_PKEY *STORE_list_private_key_next(STORE *s, void *handle)
 547         {
 548         STORE_OBJECT *object;
 549         EVP_PKEY *pkey;
 550
 551         check_store(s,STORE_F_STORE_LIST_PRIVATE_KEY_NEXT,
 552                 list_object_next,STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
 553
 554         object = s->meth->list_object_next(s, handle);
 555         if (!object || !object->data.key || !object->data.key)
 556                 {
 557                 STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_NEXT,
 558                         STORE_R_FAILED_LISTING_KEYS);
 559                 return 0;
 560                 }
 561         CRYPTO_add(&object->data.key->references,1,CRYPTO_LOCK_EVP_PKEY);
 562 #ifdef REF_PRINT
 563         REF_PRINT("EVP_PKEY",data);
 564 #endif
 565         pkey = object->data.key;
 566         STORE_OBJECT_free(object);
 567         return pkey;
 568         }
 569
 570 int STORE_list_private_key_end(STORE *s, void *handle)
 571         {
 572         check_store(s,STORE_F_STORE_LIST_PRIVATE_KEY_END,
 573                 list_object_end,STORE_R_NO_LIST_OBJECT_END_FUNCTION);
 574
 575         if (!s->meth->list_object_end(s, handle))
 576                 {
 577                 STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_END,
 578                         STORE_R_FAILED_LISTING_KEYS);
 579                 return 0;
 580                 }
 581         return 1;
 582         }
 583
 584 int STORE_list_private_key_endp(STORE *s, void *handle)
 585         {
 586         check_store(s,STORE_F_STORE_LIST_PRIVATE_KEY_ENDP,
 587                 list_object_endp,STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
 588
 589         if (!s->meth->list_object_endp(s, handle))
 590                 {
 591                 STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_ENDP,
 592                         STORE_R_FAILED_LISTING_KEYS);
 593                 return 0;
 594                 }
 595         return 1;
 596         }
 597
 598 EVP_PKEY *STORE_get_public_key(STORE *s, OPENSSL_ITEM attributes[],
 599         OPENSSL_ITEM parameters[])
 600         {
 601         STORE_OBJECT *object;
 602         EVP_PKEY *pkey;
 603
 604         check_store(s,STORE_F_STORE_GET_PUBLIC_KEY,
 605                 get_object,STORE_R_NO_GET_OBJECT_FUNCTION);
 606
 607         object = s->meth->get_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
 608                 attributes, parameters);
 609         if (!object || !object->data.key || !object->data.key)
 610                 {
 611                 STOREerr(STORE_F_STORE_GET_PUBLIC_KEY,
 612                         STORE_R_FAILED_GETTING_KEY);
 613                 return 0;
 614                 }
 615         CRYPTO_add(&object->data.key->references,1,CRYPTO_LOCK_EVP_PKEY);
 616 #ifdef REF_PRINT
 617         REF_PRINT("EVP_PKEY",data);
 618 #endif
 619         pkey = object->data.key;
 620         STORE_OBJECT_free(object);
 621         return pkey;
 622         }
 623
 624 int STORE_store_public_key(STORE *s, EVP_PKEY *data, OPENSSL_ITEM attributes[],
 625         OPENSSL_ITEM parameters[])
 626         {
 627         STORE_OBJECT *object = STORE_OBJECT_new();
 628         int i;
 629
 630         check_store(s,STORE_F_STORE_PUBLIC_KEY,
 631                 store_object,STORE_R_NO_STORE_OBJECT_FUNCTION);
 632
 633         if (!object)
 634                 {
 635                 STOREerr(STORE_F_STORE_PUBLIC_KEY,
 636                         ERR_R_MALLOC_FAILURE);
 637                 return 0;
 638                 }
 639         object->data.key = EVP_PKEY_new();
 640         if (!object->data.key)
 641                 {
 642                 STOREerr(STORE_F_STORE_PUBLIC_KEY,
 643                         ERR_R_MALLOC_FAILURE);
 644                 return 0;
 645                 }
 646
 647         CRYPTO_add(&data->references,1,CRYPTO_LOCK_EVP_PKEY);
 648 #ifdef REF_PRINT
 649         REF_PRINT("EVP_PKEY",data);
 650 #endif
 651         object->data.key = data;
 652
 653         i = s->meth->store_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY, object,
 654                 attributes, parameters);
 655
 656         STORE_OBJECT_free(object);
 657
 658         if (!i)
 659                 {
 660                 STOREerr(STORE_F_STORE_PUBLIC_KEY,
 661                         STORE_R_FAILED_STORING_KEY);
 662                 return 0;
 663                 }
 664         return i;
 665         }
 666
 667 int STORE_revoke_public_key(STORE *s, OPENSSL_ITEM attributes[],
 668         OPENSSL_ITEM parameters[])
 669         {
 670         int i;
 671
 672         check_store(s,STORE_F_STORE_REVOKE_PUBLIC_KEY,
 673                 revoke_object,STORE_R_NO_REVOKE_OBJECT_FUNCTION);
 674
 675         i = s->meth->revoke_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
 676                 attributes, parameters);
 677
 678         if (!i)
 679                 {
 680                 STOREerr(STORE_F_STORE_REVOKE_PUBLIC_KEY,
 681                         STORE_R_FAILED_REVOKING_KEY);
 682                 return 0;
 683                 }
 684         return i;
 685         }
 686
 687 int STORE_delete_public_key(STORE *s, OPENSSL_ITEM attributes[],
 688         OPENSSL_ITEM parameters[])
 689         {
 690         check_store(s,STORE_F_STORE_DELETE_PUBLIC_KEY,
 691                 delete_object,STORE_R_NO_DELETE_OBJECT_FUNCTION);
 692
 693         if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
 694                     attributes, parameters))
 695                 {
 696                 STOREerr(STORE_F_STORE_DELETE_PUBLIC_KEY,
 697                         STORE_R_FAILED_DELETING_KEY);
 698                 return 0;
 699                 }
 700         return 1;
 701         }
 702
 703 void *STORE_list_public_key_start(STORE *s, OPENSSL_ITEM attributes[],
 704         OPENSSL_ITEM parameters[])
 705         {
 706         void *handle;
 707
 708         check_store(s,STORE_F_STORE_LIST_PUBLIC_KEY_START,
 709                 list_object_start,STORE_R_NO_LIST_OBJECT_START_FUNCTION);
 710
 711         handle = s->meth->list_object_start(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
 712                 attributes, parameters);
 713         if (!handle)
 714                 {
 715                 STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_START,
 716                         STORE_R_FAILED_LISTING_KEYS);
 717                 return 0;
 718                 }
 719         return handle;
 720         }
 721
 722 EVP_PKEY *STORE_list_public_key_next(STORE *s, void *handle)
 723         {
 724         STORE_OBJECT *object;
 725         EVP_PKEY *pkey;
 726
 727         check_store(s,STORE_F_STORE_LIST_PUBLIC_KEY_NEXT,
 728                 list_object_next,STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
 729
 730         object = s->meth->list_object_next(s, handle);
 731         if (!object || !object->data.key || !object->data.key)
 732                 {
 733                 STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_NEXT,
 734                         STORE_R_FAILED_LISTING_KEYS);
 735                 return 0;
 736                 }
 737         CRYPTO_add(&object->data.key->references,1,CRYPTO_LOCK_EVP_PKEY);
 738 #ifdef REF_PRINT
 739         REF_PRINT("EVP_PKEY",data);
 740 #endif
 741         pkey = object->data.key;
 742         STORE_OBJECT_free(object);
 743         return pkey;
 744         }
 745
 746 int STORE_list_public_key_end(STORE *s, void *handle)
 747         {
 748         check_store(s,STORE_F_STORE_LIST_PUBLIC_KEY_END,
 749                 list_object_end,STORE_R_NO_LIST_OBJECT_END_FUNCTION);
 750
 751         if (!s->meth->list_object_end(s, handle))
 752                 {
 753                 STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_END,
 754                         STORE_R_FAILED_LISTING_KEYS);
 755                 return 0;
 756                 }
 757         return 1;
 758         }
 759
 760 int STORE_list_public_key_endp(STORE *s, void *handle)
 761         {
 762         check_store(s,STORE_F_STORE_LIST_PUBLIC_KEY_ENDP,
 763                 list_object_endp,STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
 764
 765         if (!s->meth->list_object_endp(s, handle))
 766                 {
 767                 STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_ENDP,
 768                         STORE_R_FAILED_LISTING_KEYS);
 769                 return 0;
 770                 }
 771         return 1;
 772         }
 773
 774 X509_CRL *STORE_generate_crl(STORE *s, OPENSSL_ITEM attributes[],
 775         OPENSSL_ITEM parameters[])
 776         {
 777         STORE_OBJECT *object;
 778         X509_CRL *crl;
 779
 780         check_store(s,STORE_F_STORE_GENERATE_CRL,
 781                 generate_object,STORE_R_NO_GENERATE_CRL_FUNCTION);
 782
 783         object = s->meth->generate_object(s, STORE_OBJECT_TYPE_X509_CRL,
 784                 attributes, parameters);
 785         if (!object || !object->data.crl)
 786                 {
 787                 STOREerr(STORE_F_STORE_GENERATE_CRL,
 788                         STORE_R_FAILED_GENERATING_CRL);
 789                 return 0;
 790                 }
 791         CRYPTO_add(&object->data.crl->references,1,CRYPTO_LOCK_X509_CRL);
 792 #ifdef REF_PRINT
 793         REF_PRINT("X509_CRL",data);
 794 #endif
 795         crl = object->data.crl;
 796         STORE_OBJECT_free(object);
 797         return crl;
 798         }
 799
 800 X509_CRL *STORE_get_crl(STORE *s, OPENSSL_ITEM attributes[],
 801         OPENSSL_ITEM parameters[])
 802         {
 803         STORE_OBJECT *object;
 804         X509_CRL *crl;
 805
 806         check_store(s,STORE_F_STORE_GET_CRL,
 807                 get_object,STORE_R_NO_GET_OBJECT_FUNCTION);
 808
 809         object = s->meth->get_object(s, STORE_OBJECT_TYPE_X509_CRL,
 810                 attributes, parameters);
 811         if (!object || !object->data.crl)
 812                 {
 813                 STOREerr(STORE_F_STORE_GET_CRL,
 814                         STORE_R_FAILED_GETTING_KEY);
 815                 return 0;
 816                 }
 817         CRYPTO_add(&object->data.crl->references,1,CRYPTO_LOCK_X509_CRL);
 818 #ifdef REF_PRINT
 819         REF_PRINT("X509_CRL",data);
 820 #endif
 821         crl = object->data.crl;
 822         STORE_OBJECT_free(object);
 823         return crl;
 824         }
 825
 826 int STORE_store_crl(STORE *s, X509_CRL *data, OPENSSL_ITEM attributes[],
 827         OPENSSL_ITEM parameters[])
 828         {
 829         STORE_OBJECT *object = STORE_OBJECT_new();
 830         int i;
 831
 832         check_store(s,STORE_F_STORE_CRL,
 833                 store_object,STORE_R_NO_STORE_OBJECT_FUNCTION);
 834
 835         if (!object)
 836                 {
 837                 STOREerr(STORE_F_STORE_CRL,
 838                         ERR_R_MALLOC_FAILURE);
 839                 return 0;
 840                 }
 841
 842         CRYPTO_add(&data->references,1,CRYPTO_LOCK_X509_CRL);
 843 #ifdef REF_PRINT
 844         REF_PRINT("X509_CRL",data);
 845 #endif
 846         object->data.crl = data;
 847
 848         i = s->meth->store_object(s, STORE_OBJECT_TYPE_X509_CRL, object,
 849                 attributes, parameters);
 850
 851         STORE_OBJECT_free(object);
 852
 853         if (!i)
 854                 {
 855                 STOREerr(STORE_F_STORE_CRL,
 856                         STORE_R_FAILED_STORING_KEY);
 857                 return 0;
 858                 }
 859         return i;
 860         }
 861
 862 int STORE_delete_crl(STORE *s, OPENSSL_ITEM attributes[],
 863         OPENSSL_ITEM parameters[])
 864         {
 865         check_store(s,STORE_F_STORE_DELETE_CRL,
 866                 delete_object,STORE_R_NO_DELETE_OBJECT_FUNCTION);
 867
 868         if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_X509_CRL,
 869                     attributes, parameters))
 870                 {
 871                 STOREerr(STORE_F_STORE_DELETE_CRL,
 872                         STORE_R_FAILED_DELETING_KEY);
 873                 return 0;
 874                 }
 875         return 1;
 876         }
 877
 878 void *STORE_list_crl_start(STORE *s, OPENSSL_ITEM attributes[],
 879         OPENSSL_ITEM parameters[])
 880         {
 881         void *handle;
 882
 883         check_store(s,STORE_F_STORE_LIST_CRL_START,
 884                 list_object_start,STORE_R_NO_LIST_OBJECT_START_FUNCTION);
 885
 886         handle = s->meth->list_object_start(s, STORE_OBJECT_TYPE_X509_CRL,
 887                 attributes, parameters);
 888         if (!handle)
 889                 {
 890                 STOREerr(STORE_F_STORE_LIST_CRL_START,
 891                         STORE_R_FAILED_LISTING_KEYS);
 892                 return 0;
 893                 }
 894         return handle;
 895         }
 896
 897 X509_CRL *STORE_list_crl_next(STORE *s, void *handle)
 898         {
 899         STORE_OBJECT *object;
 900         X509_CRL *crl;
 901
 902         check_store(s,STORE_F_STORE_LIST_CRL_NEXT,
 903                 list_object_next,STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
 904
 905         object = s->meth->list_object_next(s, handle);
 906         if (!object || !object->data.crl)
 907                 {
 908                 STOREerr(STORE_F_STORE_LIST_CRL_NEXT,
 909                         STORE_R_FAILED_LISTING_KEYS);
 910                 return 0;
 911                 }
 912         CRYPTO_add(&object->data.crl->references,1,CRYPTO_LOCK_X509_CRL);
 913 #ifdef REF_PRINT
 914         REF_PRINT("X509_CRL",data);
 915 #endif
 916         crl = object->data.crl;
 917         STORE_OBJECT_free(object);
 918         return crl;
 919         }
 920
 921 int STORE_list_crl_end(STORE *s, void *handle)
 922         {
 923         check_store(s,STORE_F_STORE_LIST_CRL_END,
 924                 list_object_end,STORE_R_NO_LIST_OBJECT_END_FUNCTION);
 925
 926         if (!s->meth->list_object_end(s, handle))
 927                 {
 928                 STOREerr(STORE_F_STORE_LIST_CRL_END,
 929                         STORE_R_FAILED_LISTING_KEYS);
 930                 return 0;
 931                 }
 932         return 1;
 933         }
 934
 935 int STORE_list_crl_endp(STORE *s, void *handle)
 936         {
 937         check_store(s,STORE_F_STORE_LIST_CRL_ENDP,
 938                 list_object_endp,STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
 939
 940         if (!s->meth->list_object_endp(s, handle))
 941                 {
 942                 STOREerr(STORE_F_STORE_LIST_CRL_ENDP,
 943                         STORE_R_FAILED_LISTING_KEYS);
 944                 return 0;
 945                 }
 946         return 1;
 947         }
 948
 949 int STORE_store_number(STORE *s, BIGNUM *data, OPENSSL_ITEM attributes[],
 950         OPENSSL_ITEM parameters[])
 951         {
 952         STORE_OBJECT *object = STORE_OBJECT_new();
 953         int i;
 954
 955         check_store(s,STORE_F_STORE_NUMBER,
 956                 store_object,STORE_R_NO_STORE_OBJECT_NUMBER_FUNCTION);
 957
 958         if (!object)
 959                 {
 960                 STOREerr(STORE_F_STORE_NUMBER,
 961                         ERR_R_MALLOC_FAILURE);
 962                 return 0;
 963                 }
 964
 965         object->data.number = data;
 966
 967         i = s->meth->store_object(s, STORE_OBJECT_TYPE_NUMBER, object,
 968                 attributes, parameters);
 969
 970         STORE_OBJECT_free(object);
 971
 972         if (!i)
 973                 {
 974                 STOREerr(STORE_F_STORE_NUMBER,
 975                         STORE_R_FAILED_STORING_NUMBER);
 976                 return 0;
 977                 }
 978         return 1;
 979         }
 980
 981 BIGNUM *STORE_get_number(STORE *s, OPENSSL_ITEM attributes[],
 982         OPENSSL_ITEM parameters[])
 983         {
 984         STORE_OBJECT *object;
 985         BIGNUM *n;
 986
 987         check_store(s,STORE_F_STORE_GET_NUMBER,
 988                 get_object,STORE_R_NO_GET_OBJECT_NUMBER_FUNCTION);
 989
 990         object = s->meth->get_object(s, STORE_OBJECT_TYPE_NUMBER, attributes,
 991                 parameters);
 992         if (!object || !object->data.number)
 993                 {
 994                 STOREerr(STORE_F_STORE_GET_NUMBER,
 995                         STORE_R_FAILED_GETTING_NUMBER);
 996                 return 0;
 997                 }
 998         n = object->data.number;
 999         object->data.number = NULL;
1000         STORE_OBJECT_free(object);
1001         return n;
1002         }
1003
1004 int STORE_delete_number(STORE *s, OPENSSL_ITEM attributes[],
1005         OPENSSL_ITEM parameters[])
1006         {
1007         check_store(s,STORE_F_STORE_DELETE_NUMBER,
1008                 delete_object,STORE_R_NO_DELETE_NUMBER_FUNCTION);
1009
1010         if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_NUMBER, attributes,
1011                     parameters))
1012                 {
1013                 STOREerr(STORE_F_STORE_DELETE_NUMBER,
1014                         STORE_R_FAILED_DELETING_NUMBER);
1015                 return 0;
1016                 }
1017         return 1;
1018         }
1019
1020 int STORE_store_arbitrary(STORE *s, BUF_MEM *data, OPENSSL_ITEM attributes[],
1021         OPENSSL_ITEM parameters[])
1022         {
1023         STORE_OBJECT *object = STORE_OBJECT_new();
1024         int i;
1025
1026         check_store(s,STORE_F_STORE_ARBITRARY,
1027                 store_object,STORE_R_NO_STORE_OBJECT_ARBITRARY_FUNCTION);
1028
1029         if (!object)
1030                 {
1031                 STOREerr(STORE_F_STORE_ARBITRARY,
1032                         ERR_R_MALLOC_FAILURE);
1033                 return 0;
1034                 }
1035
1036         object->data.arbitrary = data;
1037
1038         i = s->meth->store_object(s, STORE_OBJECT_TYPE_ARBITRARY, object,
1039                 attributes, parameters);
1040
1041         STORE_OBJECT_free(object);
1042
1043         if (!i)
1044                 {
1045                 STOREerr(STORE_F_STORE_ARBITRARY,
1046                         STORE_R_FAILED_STORING_ARBITRARY);
1047                 return 0;
1048                 }
1049         return 1;
1050         }
1051
1052 BUF_MEM *STORE_get_arbitrary(STORE *s, OPENSSL_ITEM attributes[],
1053         OPENSSL_ITEM parameters[])
1054         {
1055         STORE_OBJECT *object;
1056         BUF_MEM *b;
1057
1058         check_store(s,STORE_F_STORE_GET_ARBITRARY,
1059                 get_object,STORE_R_NO_GET_OBJECT_ARBITRARY_FUNCTION);
1060
1061         object = s->meth->get_object(s, STORE_OBJECT_TYPE_ARBITRARY,
1062                 attributes, parameters);
1063         if (!object || !object->data.arbitrary)
1064                 {
1065                 STOREerr(STORE_F_STORE_GET_ARBITRARY,
1066                         STORE_R_FAILED_GETTING_ARBITRARY);
1067                 return 0;
1068                 }
1069         b = object->data.arbitrary;
1070         object->data.arbitrary = NULL;
1071         STORE_OBJECT_free(object);
1072         return b;
1073         }
1074
1075 int STORE_delete_arbitrary(STORE *s, OPENSSL_ITEM attributes[],
1076         OPENSSL_ITEM parameters[])
1077         {
1078         check_store(s,STORE_F_STORE_DELETE_ARBITRARY,
1079                 delete_object,STORE_R_NO_DELETE_ARBITRARY_FUNCTION);
1080
1081         if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_ARBITRARY, attributes,
1082                     parameters))
1083                 {
1084                 STOREerr(STORE_F_STORE_DELETE_ARBITRARY,
1085                         STORE_R_FAILED_DELETING_ARBITRARY);
1086                 return 0;
1087                 }
1088         return 1;
1089         }
1090
1091 STORE_OBJECT *STORE_OBJECT_new(void)
1092         {
1093         STORE_OBJECT *object = OPENSSL_malloc(sizeof(STORE_OBJECT));
1094         if (object) memset(object, 0, sizeof(STORE_OBJECT));
1095         return object;
1096         }
1097 void STORE_OBJECT_free(STORE_OBJECT *data)
1098         {
1099         if (!data) return;
1100         switch (data->type)
1101                 {
1102         case STORE_OBJECT_TYPE_X509_CERTIFICATE:
1103                 X509_free(data->data.x509.certificate);
1104                 break;
1105         case STORE_OBJECT_TYPE_X509_CRL:
1106                 X509_CRL_free(data->data.crl);
1107                 break;
1108         case STORE_OBJECT_TYPE_PRIVATE_KEY:
1109         case STORE_OBJECT_TYPE_PUBLIC_KEY:
1110                 EVP_PKEY_free(data->data.key);
1111                 break;
1112         case STORE_OBJECT_TYPE_NUMBER:
1113                 BN_free(data->data.number);
1114                 break;
1115         case STORE_OBJECT_TYPE_ARBITRARY:
1116                 BUF_MEM_free(data->data.arbitrary);
1117                 break;
1118                 }
1119         OPENSSL_free(data);
1120         }
1121
1122 IMPLEMENT_STACK_OF(STORE_OBJECT*);
1123
1124
1125 struct STORE_attr_info_st
1126         {
1127         unsigned char set[(STORE_ATTR_TYPE_NUM + 8) / 8];
1128         union
1129                 {
1130                 char *cstring;
1131                 unsigned char *sha1string;
1132                 X509_NAME *dn;
1133                 BIGNUM *number;
1134                 void *any;
1135                 } values[STORE_ATTR_TYPE_NUM+1];
1136         size_t value_sizes[STORE_ATTR_TYPE_NUM+1];
1137         };
1138
1139 #define ATTR_IS_SET(a,i)        ((i) > 0 && (i) < STORE_ATTR_TYPE_NUM \
1140                                 && ((a)->set[(i) / 8] & (1 << ((i) % 8))))
1141 #define SET_ATTRBIT(a,i)        ((a)->set[(i) / 8] |= (1 << ((i) % 8)))
1142 #define CLEAR_ATTRBIT(a,i)      ((a)->set[(i) / 8] &= ~(1 << ((i) % 8)))
1143
1144 STORE_ATTR_INFO *STORE_ATTR_INFO_new(void)
1145         {
1146         return (STORE_ATTR_INFO *)OPENSSL_malloc(sizeof(STORE_ATTR_INFO));
1147         }
1148 static void STORE_ATTR_INFO_attr_free(STORE_ATTR_INFO *attrs,
1149         STORE_ATTR_TYPES code)
1150         {
1151         if (ATTR_IS_SET(attrs,code))
1152                 {
1153                 switch(code)
1154                         {
1155                 case STORE_ATTR_FRIENDLYNAME:
1156                 case STORE_ATTR_EMAIL:
1157                 case STORE_ATTR_FILENAME:
1158                         STORE_ATTR_INFO_modify_cstr(attrs, code, NULL, 0);
1159                         break;
1160                 case STORE_ATTR_KEYID:
1161                 case STORE_ATTR_ISSUERKEYID:
1162                 case STORE_ATTR_SUBJECTKEYID:
1163                 case STORE_ATTR_ISSUERSERIALHASH:
1164                 case STORE_ATTR_CERTHASH:
1165                         STORE_ATTR_INFO_modify_sha1str(attrs, code, NULL, 0);
1166                         break;
1167                 case STORE_ATTR_ISSUER:
1168                 case STORE_ATTR_SUBJECT:
1169                         STORE_ATTR_INFO_modify_dn(attrs, code, NULL);
1170                         break;
1171                 case STORE_ATTR_SERIAL:
1172                         STORE_ATTR_INFO_modify_number(attrs, code, NULL);
1173                         break;
1174                 default:
1175                         break;
1176                         }
1177                 }
1178         }
1179 int STORE_ATTR_INFO_free(STORE_ATTR_INFO *attrs)
1180         {
1181         if (attrs)
1182                 {
1183                 STORE_ATTR_TYPES i;
1184                 for(i = 0; i++ < STORE_ATTR_TYPE_NUM;)
1185                         STORE_ATTR_INFO_attr_free(attrs, i);
1186                 OPENSSL_free(attrs);
1187                 }
1188         return 1;
1189         }
1190 char *STORE_ATTR_INFO_get0_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code)
1191         {
1192         if (!attrs)
1193                 {
1194                 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_CSTR,
1195                         ERR_R_PASSED_NULL_PARAMETER);
1196                 return NULL;
1197                 }
1198         if (ATTR_IS_SET(attrs,code))
1199                 return attrs->values[code].cstring;
1200         STOREerr(STORE_F_STORE_ATTR_INFO_GET0_CSTR,
1201                 STORE_R_NO_VALUE);
1202         return NULL;
1203         }
1204 unsigned char *STORE_ATTR_INFO_get0_sha1str(STORE_ATTR_INFO *attrs,
1205         STORE_ATTR_TYPES code)
1206         {
1207         if (!attrs)
1208                 {
1209                 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_SHA1STR,
1210                         ERR_R_PASSED_NULL_PARAMETER);
1211                 return NULL;
1212                 }
1213         if (ATTR_IS_SET(attrs,code))
1214                 return attrs->values[code].sha1string;
1215         STOREerr(STORE_F_STORE_ATTR_INFO_GET0_SHA1STR,
1216                 STORE_R_NO_VALUE);
1217         return NULL;
1218         }
1219 X509_NAME *STORE_ATTR_INFO_get0_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code)
1220         {
1221         if (!attrs)
1222                 {
1223                 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_DN,
1224                         ERR_R_PASSED_NULL_PARAMETER);
1225                 return NULL;
1226                 }
1227         if (ATTR_IS_SET(attrs,code))
1228                 return attrs->values[code].dn;
1229         STOREerr(STORE_F_STORE_ATTR_INFO_GET0_DN,
1230                 STORE_R_NO_VALUE);
1231         return NULL;
1232         }
1233 BIGNUM *STORE_ATTR_INFO_get0_number(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code)
1234         {
1235         if (!attrs)
1236                 {
1237                 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_NUMBER,
1238                         ERR_R_PASSED_NULL_PARAMETER);
1239                 return NULL;
1240                 }
1241         if (ATTR_IS_SET(attrs,code))
1242                 return attrs->values[code].number;
1243         STOREerr(STORE_F_STORE_ATTR_INFO_GET0_NUMBER,
1244                 STORE_R_NO_VALUE);
1245         return NULL;
1246         }
1247 int STORE_ATTR_INFO_set_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1248         char *cstr, size_t cstr_size)
1249         {
1250         if (!attrs)
1251                 {
1252                 STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR,
1253                         ERR_R_PASSED_NULL_PARAMETER);
1254                 return 0;
1255                 }
1256         if (!ATTR_IS_SET(attrs,code))
1257                 {
1258                 if ((attrs->values[code].cstring = BUF_strndup(cstr, cstr_size)))
1259                         return 1;
1260                 STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR,
1261                         ERR_R_MALLOC_FAILURE);
1262                 return 0;
1263                 }
1264         STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR, STORE_R_ALREADY_HAS_A_VALUE);
1265         return 0;
1266         }
1267 int STORE_ATTR_INFO_set_sha1str(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1268         unsigned char *sha1str, size_t sha1str_size)
1269         {
1270         if (!attrs)
1271                 {
1272                 STOREerr(STORE_F_STORE_ATTR_INFO_SET_SHA1STR,
1273                         ERR_R_PASSED_NULL_PARAMETER);
1274                 return 0;
1275                 }
1276         if (!ATTR_IS_SET(attrs,code))
1277                 {
1278                 if ((attrs->values[code].sha1string =
1279                             (unsigned char *)BUF_memdup(sha1str,
1280                                     sha1str_size)))
1281                         return 1;
1282                 STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR,
1283                         ERR_R_MALLOC_FAILURE);
1284                 return 0;
1285                 }
1286         STOREerr(STORE_F_STORE_ATTR_INFO_SET_SHA1STR, STORE_R_ALREADY_HAS_A_VALUE);
1287         return 0;
1288         }
1289 int STORE_ATTR_INFO_set_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1290         X509_NAME *dn)
1291         {
1292         if (!attrs)
1293                 {
1294                 STOREerr(STORE_F_STORE_ATTR_INFO_SET_DN,
1295                         ERR_R_PASSED_NULL_PARAMETER);
1296                 return 0;
1297                 }
1298         if (!ATTR_IS_SET(attrs,code))
1299                 {
1300                 if ((attrs->values[code].dn = X509_NAME_dup(dn)))
1301                         return 1;
1302                 STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR,
1303                         ERR_R_MALLOC_FAILURE);
1304                 return 0;
1305                 }
1306         STOREerr(STORE_F_STORE_ATTR_INFO_SET_DN, STORE_R_ALREADY_HAS_A_VALUE);
1307         return 0;
1308         }
1309 int STORE_ATTR_INFO_set_number(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1310         BIGNUM *number)
1311         {
1312         if (!attrs)
1313                 {
1314                 STOREerr(STORE_F_STORE_ATTR_INFO_SET_NUMBER,
1315                         ERR_R_PASSED_NULL_PARAMETER);
1316                 return 0;
1317                 }
1318         if (!ATTR_IS_SET(attrs,code))
1319                 {
1320                 if ((attrs->values[code].number = BN_dup(number)))
1321                         return 1;
1322                 STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR,
1323                         ERR_R_MALLOC_FAILURE);
1324                 return 0;
1325                 }
1326         STOREerr(STORE_F_STORE_ATTR_INFO_SET_NUMBER, STORE_R_ALREADY_HAS_A_VALUE);
1327         return 0;
1328         }
1329 int STORE_ATTR_INFO_modify_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1330         char *cstr, size_t cstr_size)
1331         {
1332         if (!attrs)
1333                 {
1334                 STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_CSTR,
1335                         ERR_R_PASSED_NULL_PARAMETER);
1336                 return 0;
1337                 }
1338         if (ATTR_IS_SET(attrs,code))
1339                 {
1340                 OPENSSL_free(attrs->values[code].cstring);
1341                 attrs->values[code].cstring = NULL;
1342                 CLEAR_ATTRBIT(attrs, code);
1343                 }
1344         return STORE_ATTR_INFO_set_cstr(attrs, code, cstr, cstr_size);
1345         }
1346 int STORE_ATTR_INFO_modify_sha1str(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1347         unsigned char *sha1str, size_t sha1str_size)
1348         {
1349         if (!attrs)
1350                 {
1351                 STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_SHA1STR,
1352                         ERR_R_PASSED_NULL_PARAMETER);
1353                 return 0;
1354                 }
1355         if (ATTR_IS_SET(attrs,code))
1356                 {
1357                 OPENSSL_free(attrs->values[code].sha1string);
1358                 attrs->values[code].sha1string = NULL;
1359                 CLEAR_ATTRBIT(attrs, code);
1360                 }
1361         return STORE_ATTR_INFO_set_sha1str(attrs, code, sha1str, sha1str_size);
1362         }
1363 int STORE_ATTR_INFO_modify_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1364         X509_NAME *dn)
1365         {
1366         if (!attrs)
1367                 {
1368                 STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_DN,
1369                         ERR_R_PASSED_NULL_PARAMETER);
1370                 return 0;
1371                 }
1372         if (ATTR_IS_SET(attrs,code))
1373                 {
1374                 OPENSSL_free(attrs->values[code].dn);
1375                 attrs->values[code].dn = NULL;
1376                 CLEAR_ATTRBIT(attrs, code);
1377                 }
1378         return STORE_ATTR_INFO_set_dn(attrs, code, dn);
1379         }
1380 int STORE_ATTR_INFO_modify_number(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1381         BIGNUM *number)
1382         {
1383         if (!attrs)
1384                 {
1385                 STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_NUMBER,
1386                         ERR_R_PASSED_NULL_PARAMETER);
1387                 return 0;
1388                 }
1389         if (ATTR_IS_SET(attrs,code))
1390                 {
1391                 OPENSSL_free(attrs->values[code].number);
1392                 attrs->values[code].number = NULL;
1393                 CLEAR_ATTRBIT(attrs, code);
1394                 }
1395         return STORE_ATTR_INFO_set_number(attrs, code, number);
1396         }
1397
1398 struct attr_list_ctx_st
1399         {
1400         OPENSSL_ITEM *attributes;
1401         };
1402 void *STORE_parse_attrs_start(OPENSSL_ITEM *attributes)
1403         {
1404         if (attributes)
1405                 {
1406                 struct attr_list_ctx_st *context =
1407                         (struct attr_list_ctx_st *)OPENSSL_malloc(sizeof(struct attr_list_ctx_st));
1408                 if (context)
1409                         context->attributes = attributes;
1410                 else
1411                         STOREerr(STORE_F_STORE_PARSE_ATTRS_END,
1412                                 ERR_R_MALLOC_FAILURE);
1413                 return context;
1414                 }
1415         STOREerr(STORE_F_STORE_PARSE_ATTRS_END, ERR_R_PASSED_NULL_PARAMETER);
1416         return 0;
1417         }
1418 STORE_ATTR_INFO *STORE_parse_attrs_next(void *handle)
1419         {
1420         struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)handle;
1421
1422         if (context && context->attributes)
1423                 {
1424                 STORE_ATTR_INFO *attrs = NULL;
1425
1426                 while(context->attributes
1427                         && context->attributes->code != STORE_ATTR_OR
1428                         && context->attributes->code != STORE_ATTR_END)
1429                         {
1430                         switch(context->attributes->code)
1431                                 {
1432                         case STORE_ATTR_FRIENDLYNAME:
1433                         case STORE_ATTR_EMAIL:
1434                         case STORE_ATTR_FILENAME:
1435                                 if (!attrs) attrs = STORE_ATTR_INFO_new();
1436                                 if (attrs == NULL)
1437                                         {
1438                                         STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
1439                                                 ERR_R_MALLOC_FAILURE);
1440                                         goto err;
1441                                         }
1442                                 STORE_ATTR_INFO_set_cstr(attrs,
1443                                         context->attributes->code,
1444                                         context->attributes->value,
1445                                         context->attributes->value_size);
1446                                 break;
1447                         case STORE_ATTR_KEYID:
1448                         case STORE_ATTR_ISSUERKEYID:
1449                         case STORE_ATTR_SUBJECTKEYID:
1450                         case STORE_ATTR_ISSUERSERIALHASH:
1451                         case STORE_ATTR_CERTHASH:
1452                                 if (!attrs) attrs = STORE_ATTR_INFO_new();
1453                                 if (attrs == NULL)
1454                                         {
1455                                         STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
1456                                                 ERR_R_MALLOC_FAILURE);
1457                                         goto err;
1458                                         }
1459                                 STORE_ATTR_INFO_set_sha1str(attrs,
1460                                         context->attributes->code,
1461                                         context->attributes->value,
1462                                         context->attributes->value_size);
1463                                 break;
1464                         case STORE_ATTR_ISSUER:
1465                         case STORE_ATTR_SUBJECT:
1466                                 if (!attrs) attrs = STORE_ATTR_INFO_new();
1467                                 if (attrs == NULL)
1468                                         {
1469                                         STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
1470                                                 ERR_R_MALLOC_FAILURE);
1471                                         goto err;
1472                                         }
1473                                 STORE_ATTR_INFO_modify_dn(attrs,
1474                                         context->attributes->code,
1475                                         context->attributes->value);
1476                                 break;
1477                         case STORE_ATTR_SERIAL:
1478                                 if (!attrs) attrs = STORE_ATTR_INFO_new();
1479                                 if (attrs == NULL)
1480                                         {
1481                                         STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
1482                                                 ERR_R_MALLOC_FAILURE);
1483                                         goto err;
1484                                         }
1485                                 STORE_ATTR_INFO_modify_number(attrs,
1486                                         context->attributes->code,
1487                                         context->attributes->value);
1488                                 break;
1489                                 }
1490                         context->attributes++;
1491                         }
1492                 if (context->attributes->code == STORE_ATTR_OR)
1493                         context->attributes++;
1494                 return attrs;
1495         err:
1496                 while(context->attributes
1497                         && context->attributes->code != STORE_ATTR_OR
1498                         && context->attributes->code != STORE_ATTR_END)
1499                         context->attributes++;
1500                 if (context->attributes->code == STORE_ATTR_OR)
1501                         context->attributes++;
1502                 return NULL;
1503                 }
1504         STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT, ERR_R_PASSED_NULL_PARAMETER);
1505         return NULL;
1506         }
1507 int STORE_parse_attrs_end(void *handle)
1508         {
1509         struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)handle;
1510
1511         if (context && context->attributes)
1512                 {
1513 #if 0
1514                 OPENSSL_ITEM *attributes = context->attributes;
1515 #endif
1516                 OPENSSL_free(context);
1517                 return 1;
1518                 }
1519         STOREerr(STORE_F_STORE_PARSE_ATTRS_END, ERR_R_PASSED_NULL_PARAMETER);
1520         return 0;
1521         }
1522
1523 int STORE_parse_attrs_endp(void *handle)
1524         {
1525         struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)handle;
1526
1527         if (context && context->attributes)
1528                 {
1529                 return context->attributes->code == STORE_ATTR_END;
1530                 }
1531         STOREerr(STORE_F_STORE_PARSE_ATTRS_END, ERR_R_PASSED_NULL_PARAMETER);
1532         return 0;
1533         }
1534
1535 int STORE_ATTR_INFO_compare(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
1536         {
1537         unsigned char *abits, *bbits;
1538         int i;
1539
1540         if (a == b) return 0;
1541         if (!a) return -1;
1542         if (!b) return 1;
1543         abits = a->set;
1544         bbits = b->set;
1545         for (i = 0; i < (STORE_ATTR_TYPE_NUM + 8) / 8; i++, abits++, bbits++)
1546                 {
1547                 if (*abits < *bbits) return -1;
1548                 if (*abits > *bbits) return 1;
1549                 }
1550         return 0;
1551         }
1552 int STORE_ATTR_INFO_in(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
1553         {
1554         unsigned char *abits, *bbits;
1555         int i;
1556
1557         if (a == b) return 1;
1558         if (!a) return 0;
1559         if (!b) return 0;
1560         abits = a->set;
1561         bbits = b->set;
1562         for (i = 0; i < (STORE_ATTR_TYPE_NUM + 8) / 8; i++, abits++, bbits++)
1563                 {
1564                 if (*abits && *bbits != *abits)
1565                         return 0;
1566                 }
1567         return 1;
1568         }
1569 int STORE_ATTR_INFO_in_ex(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
1570         {
1571         STORE_ATTR_TYPES i;
1572
1573         if (a == b) return 1;
1574         if (!STORE_ATTR_INFO_in(a, b)) return 0;
1575         for (i = 1; i < STORE_ATTR_TYPE_NUM; i++)
1576                 if (ATTR_IS_SET(a, i))
1577                         {
1578                         switch(i)
1579                                 {
1580                         case STORE_ATTR_FRIENDLYNAME:
1581                         case STORE_ATTR_EMAIL:
1582                         case STORE_ATTR_FILENAME:
1583                                 if (strcmp(a->values[i].cstring,
1584                                             b->values[i].cstring))
1585                                         return 0;
1586                                 break;
1587                         case STORE_ATTR_KEYID:
1588                         case STORE_ATTR_ISSUERKEYID:
1589                         case STORE_ATTR_SUBJECTKEYID:
1590                         case STORE_ATTR_ISSUERSERIALHASH:
1591                         case STORE_ATTR_CERTHASH:
1592                                 if (memcmp(a->values[i].sha1string,
1593                                             b->values[i].sha1string,
1594                                             a->value_sizes[i]))
1595                                         return 0;
1596                                 break;
1597                         case STORE_ATTR_ISSUER:
1598                         case STORE_ATTR_SUBJECT:
1599                                 if (X509_NAME_cmp(a->values[i].dn,
1600                                             b->values[i].dn))
1601                                         return 0;
1602                                 break;
1603                         case STORE_ATTR_SERIAL:
1604                                 if (BN_cmp(a->values[i].number,
1605                                             b->values[i].number))
1606                                         return 0;
1607                                 break;
1608                         default:
1609                                 break;
1610                                 }
1611                         }
1612
1613         return 1;
1614         }