1 /* crypto/store/str_lib.c -*- mode:C; c-file-style: "eay" -*- */
2 /* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
5 /* ====================================================================
6 * Copyright (c) 2003 The OpenSSL Project. All rights reserved.
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in
17 * the documentation and/or other materials provided with the
20 * 3. All advertising materials mentioning features or use of this
21 * software must display the following acknowledgment:
22 * "This product includes software developed by the OpenSSL Project
23 * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26 * endorse or promote products derived from this software without
27 * prior written permission. For written permission, please contact
28 * openssl-core@openssl.org.
30 * 5. Products derived from this software may not be called "OpenSSL"
31 * nor may "OpenSSL" appear in their names without prior written
32 * permission of the OpenSSL Project.
34 * 6. Redistributions of any form whatsoever must retain the following
36 * "This product includes software developed by the OpenSSL Project
37 * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50 * OF THE POSSIBILITY OF SUCH DAMAGE.
51 * ====================================================================
53 * This product includes cryptographic software written by Eric Young
54 * (eay@cryptsoft.com). This product includes software written by Tim
55 * Hudson (tjh@cryptsoft.com).
60 #include <openssl/bn.h>
61 #include <openssl/err.h>
62 #include <openssl/engine.h>
65 const char * const STORE_object_type_string[STORE_OBJECT_TYPE_NUM+1] =
75 const int STORE_param_sizes[STORE_PARAM_TYPE_NUM+1] =
78 sizeof(int), /* EVP_TYPE */
79 sizeof(size_t), /* BITS */
80 -1, /* KEY_PARAMETERS */
81 0 /* KEY_NO_PARAMETERS */
84 const int STORE_attr_sizes[STORE_ATTR_TYPE_NUM+1] =
87 -1, /* FRIENDLYNAME: C string */
88 SHA_DIGEST_LENGTH, /* KEYID: SHA1 digest, 160 bits */
89 SHA_DIGEST_LENGTH, /* ISSUERKEYID: SHA1 digest, 160 bits */
90 SHA_DIGEST_LENGTH, /* SUBJECTKEYID: SHA1 digest, 160 bits */
91 SHA_DIGEST_LENGTH, /* ISSUERSERIALHASH: SHA1 digest, 160 bits */
92 sizeof(X509_NAME *), /* ISSUER: X509_NAME * */
93 sizeof(BIGNUM *), /* SERIAL: BIGNUM * */
94 sizeof(X509_NAME *), /* SUBJECT: X509_NAME * */
95 SHA_DIGEST_LENGTH, /* CERTHASH: SHA1 digest, 160 bits */
96 -1, /* EMAIL: C string */
97 -1, /* FILENAME: C string */
100 STORE *STORE_new_method(const STORE_METHOD *method)
104 ret=(STORE *)OPENSSL_malloc(sizeof(STORE));
107 STOREerr(STORE_F_STORE_NEW_METHOD,ERR_R_MALLOC_FAILURE);
112 STOREerr(STORE_F_STORE_NEW_METHOD,ERR_R_PASSED_NULL_PARAMETER);
118 CRYPTO_new_ex_data(CRYPTO_EX_INDEX_STORE, ret, &ret->ex_data);
119 if (ret->meth->init && !ret->meth->init(ret))
127 STORE *STORE_new_engine(ENGINE *engine)
131 const STORE_METHOD *meth = 0;
133 #ifdef OPENSSL_NO_ENGINE
138 if (!ENGINE_init(engine))
140 STOREerr(STORE_F_STORE_NEW_ENGINE, ERR_R_ENGINE_LIB);
147 STOREerr(STORE_F_STORE_NEW_ENGINE,ERR_R_PASSED_NULL_PARAMETER);
152 meth = ENGINE_get_STORE(e);
155 STOREerr(STORE_F_STORE_NEW_ENGINE,
163 ret = STORE_new_method(meth);
166 STOREerr(STORE_F_STORE_NEW_ENGINE,ERR_R_STORE_LIB);
175 void STORE_free(STORE *store)
179 if (store->meth->clean)
180 store->meth->clean(store);
181 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_STORE, store, &store->ex_data);
186 int STORE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
187 CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
189 return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_STORE, argl, argp,
190 new_func, dup_func, free_func);
193 int STORE_set_ex_data(STORE *r, int idx, void *arg)
195 return(CRYPTO_set_ex_data(&r->ex_data,idx,arg));
198 void *STORE_get_ex_data(STORE *r, int idx)
200 return(CRYPTO_get_ex_data(&r->ex_data,idx));
203 const STORE_METHOD *STORE_get_method(STORE *store)
208 const STORE_METHOD *STORE_set_method(STORE *store, const STORE_METHOD *meth)
217 #define check_store(s,fncode,fnname,fnerrcode) \
220 if ((s) == NULL || (s)->meth) \
222 STOREerr((fncode), ERR_R_PASSED_NULL_PARAMETER); \
225 if ((s)->meth->fnname == NULL) \
227 STOREerr((fncode), (fnerrcode)); \
235 X509 *STORE_get_certificate(STORE *s, OPENSSL_ITEM attributes[])
237 STORE_OBJECT *object;
240 check_store(s,STORE_F_STORE_GET_CERTIFICATE,
241 get_object,STORE_R_NO_GET_OBJECT_FUNCTION);
243 object = s->meth->get_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE, attributes);
244 if (!object || !object->data.x509.certificate)
246 STOREerr(STORE_F_STORE_GET_CERTIFICATE,
247 STORE_R_FAILED_GETTING_CERTIFICATE);
250 CRYPTO_add(&object->data.x509.certificate->references,1,CRYPTO_LOCK_X509);
252 REF_PRINT("X509",data);
254 x = object->data.x509.certificate;
255 STORE_OBJECT_free(object);
259 int store_certificate(STORE *s, X509 *data, OPENSSL_ITEM attributes[])
261 STORE_OBJECT *object = STORE_OBJECT_new();
264 check_store(s,STORE_F_STORE_CERTIFICATE,
265 store_object,STORE_R_NO_STORE_OBJECT_FUNCTION);
269 STOREerr(STORE_F_STORE_CERTIFICATE,
270 ERR_R_MALLOC_FAILURE);
274 CRYPTO_add(&data->references,1,CRYPTO_LOCK_X509);
276 REF_PRINT("X509",data);
278 object->data.x509.certificate = data;
280 i = s->meth->store_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE, object, attributes);
282 STORE_OBJECT_free(object);
286 STOREerr(STORE_F_STORE_CERTIFICATE,
287 STORE_R_FAILED_STORING_CERTIFICATE);
293 int STORE_revoke_certificate(STORE *s, OPENSSL_ITEM attributes[])
295 check_store(s,STORE_F_STORE_REVOKE_CERTIFICATE,
296 revoke_object,STORE_R_NO_REVOKE_OBJECT_FUNCTION);
298 if (!s->meth->revoke_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE, attributes))
300 STOREerr(STORE_F_STORE_REVOKE_CERTIFICATE,
301 STORE_R_FAILED_REVOKING_CERTIFICATE);
307 int STORE_delete_certificate(STORE *s, OPENSSL_ITEM attributes[])
309 check_store(s,STORE_F_STORE_DELETE_CERTIFICATE,
310 delete_object,STORE_R_NO_DELETE_OBJECT_FUNCTION);
312 if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE, attributes))
314 STOREerr(STORE_F_STORE_DELETE_CERTIFICATE,
315 STORE_R_FAILED_DELETING_CERTIFICATE);
321 void *STORE_list_certificate_start(STORE *s, OPENSSL_ITEM attributes[])
325 check_store(s,STORE_F_STORE_LIST_CERTIFICATE_START,
326 list_object_start,STORE_R_NO_LIST_OBJECT_START_FUNCTION);
328 handle = s->meth->list_object_start(s, STORE_OBJECT_TYPE_X509_CERTIFICATE, attributes);
331 STOREerr(STORE_F_STORE_LIST_CERTIFICATE_START,
332 STORE_R_FAILED_LISTING_CERTIFICATES);
338 X509 *STORE_list_certificate_next(STORE *s, void *handle)
340 STORE_OBJECT *object;
343 check_store(s,STORE_F_STORE_LIST_CERTIFICATE_NEXT,
344 list_object_next,STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
346 object = s->meth->list_object_next(s, handle);
347 if (!object || !object->data.x509.certificate)
349 STOREerr(STORE_F_STORE_LIST_CERTIFICATE_NEXT,
350 STORE_R_FAILED_LISTING_CERTIFICATES);
353 CRYPTO_add(&object->data.x509.certificate->references,1,CRYPTO_LOCK_X509);
355 REF_PRINT("X509",data);
357 x = object->data.x509.certificate;
358 STORE_OBJECT_free(object);
362 int STORE_list_certificate_end(STORE *s, void *handle)
364 check_store(s,STORE_F_STORE_LIST_CERTIFICATE_END,
365 list_object_end,STORE_R_NO_LIST_OBJECT_END_FUNCTION);
367 if (!s->meth->list_object_end(s, handle))
369 STOREerr(STORE_F_STORE_LIST_CERTIFICATE_END,
370 STORE_R_FAILED_LISTING_CERTIFICATES);
376 int STORE_list_certificate_endp(STORE *s, void *handle)
378 check_store(s,STORE_F_STORE_LIST_CERTIFICATE_ENDP,
379 list_object_endp,STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
381 if (!s->meth->list_object_endp(s, handle))
383 STOREerr(STORE_F_STORE_LIST_CERTIFICATE_ENDP,
384 STORE_R_FAILED_LISTING_CERTIFICATES);
390 EVP_PKEY *STORE_generate_key(STORE *s,
391 int evp_type, size_t bits, OPENSSL_ITEM attributes[])
393 STORE_OBJECT *object;
395 OPENSSL_ITEM params[3];
397 params[0].code = STORE_PARAM_EVP_TYPE;
398 params[0].value = &evp_type;
399 params[0].value_size = sizeof(evp_type);
400 params[1].code = STORE_PARAM_BITS;
401 params[1].value = &bits;
402 params[1].value_size = sizeof(bits);
405 check_store(s,STORE_F_STORE_GENERATE_KEY,
406 generate_object,STORE_R_NO_GENERATE_OBJECT_FUNCTION);
408 object = s->meth->generate_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
410 if (!object || !object->data.key)
412 STOREerr(STORE_F_STORE_GENERATE_KEY,
413 STORE_R_FAILED_GENERATING_KEY);
416 CRYPTO_add(&object->data.key->references,1,CRYPTO_LOCK_EVP_PKEY);
418 REF_PRINT("EVP_PKEY",data);
420 pkey = object->data.key;
421 STORE_OBJECT_free(object);
425 EVP_PKEY *STORE_get_private_key(STORE *s, OPENSSL_ITEM attributes[])
427 STORE_OBJECT *object;
430 check_store(s,STORE_F_STORE_GET_PRIVATE_KEY,
431 get_object,STORE_R_NO_GET_OBJECT_FUNCTION);
433 object = s->meth->get_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY, attributes);
434 if (!object || !object->data.key || !object->data.key)
436 STOREerr(STORE_F_STORE_GET_PRIVATE_KEY,
437 STORE_R_FAILED_GETTING_KEY);
440 CRYPTO_add(&object->data.key->references,1,CRYPTO_LOCK_EVP_PKEY);
442 REF_PRINT("EVP_PKEY",data);
444 pkey = object->data.key;
445 STORE_OBJECT_free(object);
449 int store_private_key(STORE *s, EVP_PKEY *data, OPENSSL_ITEM attributes[])
451 STORE_OBJECT *object = STORE_OBJECT_new();
454 check_store(s,STORE_F_STORE_PRIVATE_KEY,
455 store_object,STORE_R_NO_STORE_OBJECT_FUNCTION);
459 STOREerr(STORE_F_STORE_PRIVATE_KEY,
460 ERR_R_MALLOC_FAILURE);
463 object->data.key = EVP_PKEY_new();
464 if (!object->data.key)
466 STOREerr(STORE_F_STORE_PRIVATE_KEY,
467 ERR_R_MALLOC_FAILURE);
471 CRYPTO_add(&data->references,1,CRYPTO_LOCK_EVP_PKEY);
473 REF_PRINT("EVP_PKEY",data);
475 object->data.key = data;
477 i = s->meth->store_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY, object, attributes);
479 STORE_OBJECT_free(object);
483 STOREerr(STORE_F_STORE_PRIVATE_KEY,
484 STORE_R_FAILED_STORING_KEY);
490 int STORE_revoke_private_key(STORE *s, OPENSSL_ITEM attributes[])
494 check_store(s,STORE_F_STORE_REVOKE_PRIVATE_KEY,
495 revoke_object,STORE_R_NO_REVOKE_OBJECT_FUNCTION);
497 i = s->meth->revoke_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY, attributes);
501 STOREerr(STORE_F_STORE_REVOKE_PRIVATE_KEY,
502 STORE_R_FAILED_REVOKING_KEY);
508 int STORE_delete_private_key(STORE *s, OPENSSL_ITEM attributes[])
510 check_store(s,STORE_F_STORE_DELETE_PRIVATE_KEY,
511 delete_object,STORE_R_NO_DELETE_OBJECT_FUNCTION);
513 if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY, attributes))
515 STOREerr(STORE_F_STORE_DELETE_PRIVATE_KEY,
516 STORE_R_FAILED_DELETING_KEY);
522 void *STORE_list_private_key_start(STORE *s, OPENSSL_ITEM attributes[])
526 check_store(s,STORE_F_STORE_LIST_PRIVATE_KEY_START,
527 list_object_start,STORE_R_NO_LIST_OBJECT_START_FUNCTION);
529 handle = s->meth->list_object_start(s, STORE_OBJECT_TYPE_PRIVATE_KEY, attributes);
532 STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_START,
533 STORE_R_FAILED_LISTING_KEYS);
539 EVP_PKEY *STORE_list_private_key_next(STORE *s, void *handle)
541 STORE_OBJECT *object;
544 check_store(s,STORE_F_STORE_LIST_PRIVATE_KEY_NEXT,
545 list_object_next,STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
547 object = s->meth->list_object_next(s, handle);
548 if (!object || !object->data.key || !object->data.key)
550 STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_NEXT,
551 STORE_R_FAILED_LISTING_KEYS);
554 CRYPTO_add(&object->data.key->references,1,CRYPTO_LOCK_EVP_PKEY);
556 REF_PRINT("EVP_PKEY",data);
558 pkey = object->data.key;
559 STORE_OBJECT_free(object);
563 int STORE_list_private_key_end(STORE *s, void *handle)
565 check_store(s,STORE_F_STORE_LIST_PRIVATE_KEY_END,
566 list_object_end,STORE_R_NO_LIST_OBJECT_END_FUNCTION);
568 if (!s->meth->list_object_end(s, handle))
570 STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_END,
571 STORE_R_FAILED_LISTING_KEYS);
577 int STORE_list_private_key_endp(STORE *s, void *handle)
579 check_store(s,STORE_F_STORE_LIST_PRIVATE_KEY_ENDP,
580 list_object_endp,STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
582 if (!s->meth->list_object_endp(s, handle))
584 STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_ENDP,
585 STORE_R_FAILED_LISTING_KEYS);
591 EVP_PKEY *STORE_get_public_key(STORE *s, OPENSSL_ITEM attributes[])
593 STORE_OBJECT *object;
596 check_store(s,STORE_F_STORE_GET_PUBLIC_KEY,
597 get_object,STORE_R_NO_GET_OBJECT_FUNCTION);
599 object = s->meth->get_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY, attributes);
600 if (!object || !object->data.key || !object->data.key)
602 STOREerr(STORE_F_STORE_GET_PUBLIC_KEY,
603 STORE_R_FAILED_GETTING_KEY);
606 CRYPTO_add(&object->data.key->references,1,CRYPTO_LOCK_EVP_PKEY);
608 REF_PRINT("EVP_PKEY",data);
610 pkey = object->data.key;
611 STORE_OBJECT_free(object);
615 int store_public_key(STORE *s, EVP_PKEY *data, OPENSSL_ITEM attributes[])
617 STORE_OBJECT *object = STORE_OBJECT_new();
620 check_store(s,STORE_F_STORE_PUBLIC_KEY,
621 store_object,STORE_R_NO_STORE_OBJECT_FUNCTION);
625 STOREerr(STORE_F_STORE_PUBLIC_KEY,
626 ERR_R_MALLOC_FAILURE);
629 object->data.key = EVP_PKEY_new();
630 if (!object->data.key)
632 STOREerr(STORE_F_STORE_PUBLIC_KEY,
633 ERR_R_MALLOC_FAILURE);
637 CRYPTO_add(&data->references,1,CRYPTO_LOCK_EVP_PKEY);
639 REF_PRINT("EVP_PKEY",data);
641 object->data.key = data;
643 i = s->meth->store_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY, object, attributes);
645 STORE_OBJECT_free(object);
649 STOREerr(STORE_F_STORE_PUBLIC_KEY,
650 STORE_R_FAILED_STORING_KEY);
656 int STORE_revoke_public_key(STORE *s, OPENSSL_ITEM attributes[])
660 check_store(s,STORE_F_STORE_REVOKE_PUBLIC_KEY,
661 revoke_object,STORE_R_NO_REVOKE_OBJECT_FUNCTION);
663 i = s->meth->revoke_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY, attributes);
667 STOREerr(STORE_F_STORE_REVOKE_PUBLIC_KEY,
668 STORE_R_FAILED_REVOKING_KEY);
674 int STORE_delete_public_key(STORE *s, OPENSSL_ITEM attributes[])
676 check_store(s,STORE_F_STORE_DELETE_PUBLIC_KEY,
677 delete_object,STORE_R_NO_DELETE_OBJECT_FUNCTION);
679 if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY, attributes))
681 STOREerr(STORE_F_STORE_DELETE_PUBLIC_KEY,
682 STORE_R_FAILED_DELETING_KEY);
688 void *STORE_list_public_key_start(STORE *s, OPENSSL_ITEM attributes[])
692 check_store(s,STORE_F_STORE_LIST_PUBLIC_KEY_START,
693 list_object_start,STORE_R_NO_LIST_OBJECT_START_FUNCTION);
695 handle = s->meth->list_object_start(s, STORE_OBJECT_TYPE_PUBLIC_KEY, attributes);
698 STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_START,
699 STORE_R_FAILED_LISTING_KEYS);
705 EVP_PKEY *STORE_list_public_key_next(STORE *s, void *handle)
707 STORE_OBJECT *object;
710 check_store(s,STORE_F_STORE_LIST_PUBLIC_KEY_NEXT,
711 list_object_next,STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
713 object = s->meth->list_object_next(s, handle);
714 if (!object || !object->data.key || !object->data.key)
716 STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_NEXT,
717 STORE_R_FAILED_LISTING_KEYS);
720 CRYPTO_add(&object->data.key->references,1,CRYPTO_LOCK_EVP_PKEY);
722 REF_PRINT("EVP_PKEY",data);
724 pkey = object->data.key;
725 STORE_OBJECT_free(object);
729 int STORE_list_public_key_end(STORE *s, void *handle)
731 check_store(s,STORE_F_STORE_LIST_PUBLIC_KEY_END,
732 list_object_end,STORE_R_NO_LIST_OBJECT_END_FUNCTION);
734 if (!s->meth->list_object_end(s, handle))
736 STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_END,
737 STORE_R_FAILED_LISTING_KEYS);
743 int STORE_list_public_key_endp(STORE *s, void *handle)
745 check_store(s,STORE_F_STORE_LIST_PUBLIC_KEY_ENDP,
746 list_object_endp,STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
748 if (!s->meth->list_object_endp(s, handle))
750 STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_ENDP,
751 STORE_R_FAILED_LISTING_KEYS);
757 X509_CRL *STORE_generate_crl(STORE *s, OPENSSL_ITEM attributes[])
759 STORE_OBJECT *object;
762 check_store(s,STORE_F_STORE_GENERATE_CRL,
763 generate_object,STORE_R_NO_GENERATE_CRL_FUNCTION);
765 object = s->meth->generate_object(s, STORE_OBJECT_TYPE_X509_CRL, 0, attributes);
766 if (!object || !object->data.crl)
768 STOREerr(STORE_F_STORE_GENERATE_CRL,
769 STORE_R_FAILED_GENERATING_CRL);
772 CRYPTO_add(&object->data.crl->references,1,CRYPTO_LOCK_X509_CRL);
774 REF_PRINT("X509_CRL",data);
776 crl = object->data.crl;
777 STORE_OBJECT_free(object);
781 X509_CRL *STORE_get_crl(STORE *s, OPENSSL_ITEM attributes[])
783 STORE_OBJECT *object;
786 check_store(s,STORE_F_STORE_GET_CRL,
787 get_object,STORE_R_NO_GET_OBJECT_FUNCTION);
789 object = s->meth->get_object(s, STORE_OBJECT_TYPE_X509_CRL, attributes);
790 if (!object || !object->data.crl)
792 STOREerr(STORE_F_STORE_GET_CRL,
793 STORE_R_FAILED_GETTING_KEY);
796 CRYPTO_add(&object->data.crl->references,1,CRYPTO_LOCK_X509_CRL);
798 REF_PRINT("X509_CRL",data);
800 crl = object->data.crl;
801 STORE_OBJECT_free(object);
805 int store_crl(STORE *s, X509_CRL *data, OPENSSL_ITEM attributes[])
807 STORE_OBJECT *object = STORE_OBJECT_new();
810 check_store(s,STORE_F_STORE_CRL,
811 store_object,STORE_R_NO_STORE_OBJECT_FUNCTION);
815 STOREerr(STORE_F_STORE_CRL,
816 ERR_R_MALLOC_FAILURE);
820 CRYPTO_add(&data->references,1,CRYPTO_LOCK_X509_CRL);
822 REF_PRINT("X509_CRL",data);
824 object->data.crl = data;
826 i = s->meth->store_object(s, STORE_OBJECT_TYPE_X509_CRL, object, attributes);
828 STORE_OBJECT_free(object);
832 STOREerr(STORE_F_STORE_CRL,
833 STORE_R_FAILED_STORING_KEY);
839 int STORE_delete_crl(STORE *s, OPENSSL_ITEM attributes[])
841 check_store(s,STORE_F_STORE_DELETE_CRL,
842 delete_object,STORE_R_NO_DELETE_OBJECT_FUNCTION);
844 if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_X509_CRL, attributes))
846 STOREerr(STORE_F_STORE_DELETE_CRL,
847 STORE_R_FAILED_DELETING_KEY);
853 void *STORE_list_crl_start(STORE *s, OPENSSL_ITEM attributes[])
857 check_store(s,STORE_F_STORE_LIST_CRL_START,
858 list_object_start,STORE_R_NO_LIST_OBJECT_START_FUNCTION);
860 handle = s->meth->list_object_start(s, STORE_OBJECT_TYPE_X509_CRL, attributes);
863 STOREerr(STORE_F_STORE_LIST_CRL_START,
864 STORE_R_FAILED_LISTING_KEYS);
870 X509_CRL *STORE_list_crl_next(STORE *s, void *handle)
872 STORE_OBJECT *object;
875 check_store(s,STORE_F_STORE_LIST_CRL_NEXT,
876 list_object_next,STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
878 object = s->meth->list_object_next(s, handle);
879 if (!object || !object->data.crl)
881 STOREerr(STORE_F_STORE_LIST_CRL_NEXT,
882 STORE_R_FAILED_LISTING_KEYS);
885 CRYPTO_add(&object->data.crl->references,1,CRYPTO_LOCK_X509_CRL);
887 REF_PRINT("X509_CRL",data);
889 crl = object->data.crl;
890 STORE_OBJECT_free(object);
894 int STORE_list_crl_end(STORE *s, void *handle)
896 check_store(s,STORE_F_STORE_LIST_CRL_END,
897 list_object_end,STORE_R_NO_LIST_OBJECT_END_FUNCTION);
899 if (!s->meth->list_object_end(s, handle))
901 STOREerr(STORE_F_STORE_LIST_CRL_END,
902 STORE_R_FAILED_LISTING_KEYS);
908 int STORE_list_crl_endp(STORE *s, void *handle)
910 check_store(s,STORE_F_STORE_LIST_CRL_ENDP,
911 list_object_endp,STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
913 if (!s->meth->list_object_endp(s, handle))
915 STOREerr(STORE_F_STORE_LIST_CRL_ENDP,
916 STORE_R_FAILED_LISTING_KEYS);
922 int store_number(STORE *s, BIGNUM *data, OPENSSL_ITEM attributes[])
924 STORE_OBJECT *object = STORE_OBJECT_new();
927 check_store(s,STORE_F_STORE_NUMBER,
928 store_object,STORE_R_NO_STORE_OBJECT_NUMBER_FUNCTION);
932 STOREerr(STORE_F_STORE_NUMBER,
933 ERR_R_MALLOC_FAILURE);
937 object->data.number = data;
939 i = s->meth->store_object(s, STORE_OBJECT_TYPE_NUMBER, object, attributes);
941 STORE_OBJECT_free(object);
945 STOREerr(STORE_F_STORE_NUMBER,
946 STORE_R_FAILED_STORING_NUMBER);
952 BIGNUM *STORE_get_number(STORE *s, OPENSSL_ITEM attributes[])
954 STORE_OBJECT *object;
957 check_store(s,STORE_F_STORE_GET_NUMBER,
958 get_object,STORE_R_NO_GET_OBJECT_NUMBER_FUNCTION);
960 object = s->meth->get_object(s, STORE_OBJECT_TYPE_NUMBER, attributes);
961 if (!object || !object->data.number)
963 STOREerr(STORE_F_STORE_GET_NUMBER,
964 STORE_R_FAILED_GETTING_NUMBER);
967 n = object->data.number;
968 object->data.number = NULL;
969 STORE_OBJECT_free(object);
973 int STORE_delete_number(STORE *s, OPENSSL_ITEM attributes[])
975 check_store(s,STORE_F_STORE_DELETE_NUMBER,
976 delete_object,STORE_R_NO_DELETE_NUMBER_FUNCTION);
978 if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_NUMBER, attributes))
980 STOREerr(STORE_F_STORE_DELETE_NUMBER,
981 STORE_R_FAILED_DELETING_NUMBER);
987 int store_arbitrary(STORE *s, BUF_MEM *data, OPENSSL_ITEM attributes[])
989 STORE_OBJECT *object = STORE_OBJECT_new();
992 check_store(s,STORE_F_STORE_ARBITRARY,
993 store_object,STORE_R_NO_STORE_OBJECT_ARBITRARY_FUNCTION);
997 STOREerr(STORE_F_STORE_ARBITRARY,
998 ERR_R_MALLOC_FAILURE);
1002 object->data.arbitrary = data;
1004 i = s->meth->store_object(s, STORE_OBJECT_TYPE_ARBITRARY, object, attributes);
1006 STORE_OBJECT_free(object);
1010 STOREerr(STORE_F_STORE_ARBITRARY,
1011 STORE_R_FAILED_STORING_ARBITRARY);
1017 BUF_MEM *STORE_get_arbitrary(STORE *s, OPENSSL_ITEM attributes[])
1019 STORE_OBJECT *object;
1022 check_store(s,STORE_F_STORE_GET_ARBITRARY,
1023 get_object,STORE_R_NO_GET_OBJECT_ARBITRARY_FUNCTION);
1025 object = s->meth->get_object(s, STORE_OBJECT_TYPE_ARBITRARY, attributes);
1026 if (!object || !object->data.arbitrary)
1028 STOREerr(STORE_F_STORE_GET_ARBITRARY,
1029 STORE_R_FAILED_GETTING_ARBITRARY);
1032 b = object->data.arbitrary;
1033 object->data.arbitrary = NULL;
1034 STORE_OBJECT_free(object);
1038 int STORE_delete_arbitrary(STORE *s, OPENSSL_ITEM attributes[])
1040 check_store(s,STORE_F_STORE_DELETE_ARBITRARY,
1041 delete_object,STORE_R_NO_DELETE_ARBITRARY_FUNCTION);
1043 if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_ARBITRARY, attributes))
1045 STOREerr(STORE_F_STORE_DELETE_ARBITRARY,
1046 STORE_R_FAILED_DELETING_ARBITRARY);
1052 STORE_OBJECT *STORE_OBJECT_new(void)
1054 STORE_OBJECT *object = OPENSSL_malloc(sizeof(STORE_OBJECT));
1055 if (object) memset(object, 0, sizeof(STORE_OBJECT));
1058 void STORE_OBJECT_free(STORE_OBJECT *data)
1063 case STORE_OBJECT_TYPE_X509_CERTIFICATE:
1064 X509_free(data->data.x509.certificate);
1066 case STORE_OBJECT_TYPE_X509_CRL:
1067 X509_CRL_free(data->data.crl);
1069 case STORE_OBJECT_TYPE_PRIVATE_KEY:
1070 case STORE_OBJECT_TYPE_PUBLIC_KEY:
1071 EVP_PKEY_free(data->data.key);
1073 case STORE_OBJECT_TYPE_NUMBER:
1074 BN_free(data->data.number);
1076 case STORE_OBJECT_TYPE_ARBITRARY:
1077 BUF_MEM_free(data->data.arbitrary);
1083 IMPLEMENT_STACK_OF(STORE_OBJECT*);
1086 struct STORE_attr_info_st
1088 unsigned char set[(STORE_ATTR_TYPE_NUM + 8) / 8];
1092 unsigned char *sha1string;
1096 } values[STORE_ATTR_TYPE_NUM+1];
1097 size_t value_sizes[STORE_ATTR_TYPE_NUM+1];
1100 #define ATTR_IS_SET(a,i) ((i) > 0 && (i) < STORE_ATTR_TYPE_NUM \
1101 && ((a)->set[(i) / 8] & (1 << ((i) % 8))))
1102 #define SET_ATTRBIT(a,i) ((a)->set[(i) / 8] |= (1 << ((i) % 8)))
1103 #define CLEAR_ATTRBIT(a,i) ((a)->set[(i) / 8] &= ~(1 << ((i) % 8)))
1105 STORE_ATTR_INFO *STORE_ATTR_INFO_new(void)
1107 return (STORE_ATTR_INFO *)OPENSSL_malloc(sizeof(STORE_ATTR_INFO));
1109 static void STORE_ATTR_INFO_attr_free(STORE_ATTR_INFO *attrs,
1110 STORE_ATTR_TYPES code)
1112 if (ATTR_IS_SET(attrs,code))
1116 case STORE_ATTR_FRIENDLYNAME:
1117 case STORE_ATTR_EMAIL:
1118 case STORE_ATTR_FILENAME:
1119 STORE_ATTR_INFO_modify_cstr(attrs, code, NULL, 0);
1121 case STORE_ATTR_KEYID:
1122 case STORE_ATTR_ISSUERKEYID:
1123 case STORE_ATTR_SUBJECTKEYID:
1124 case STORE_ATTR_ISSUERSERIALHASH:
1125 case STORE_ATTR_CERTHASH:
1126 STORE_ATTR_INFO_modify_sha1str(attrs, code, NULL, 0);
1128 case STORE_ATTR_ISSUER:
1129 case STORE_ATTR_SUBJECT:
1130 STORE_ATTR_INFO_modify_dn(attrs, code, NULL);
1132 case STORE_ATTR_SERIAL:
1133 STORE_ATTR_INFO_modify_number(attrs, code, NULL);
1140 int STORE_ATTR_INFO_free(STORE_ATTR_INFO *attrs)
1145 for(i = 0; i++ < STORE_ATTR_TYPE_NUM;)
1146 STORE_ATTR_INFO_attr_free(attrs, i);
1147 OPENSSL_free(attrs);
1151 char *STORE_ATTR_INFO_get0_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code)
1155 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_CSTR,
1156 ERR_R_PASSED_NULL_PARAMETER);
1159 if (ATTR_IS_SET(attrs,code))
1160 return attrs->values[code].cstring;
1161 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_CSTR,
1165 unsigned char *STORE_ATTR_INFO_get0_sha1str(STORE_ATTR_INFO *attrs,
1166 STORE_ATTR_TYPES code)
1170 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_SHA1STR,
1171 ERR_R_PASSED_NULL_PARAMETER);
1174 if (ATTR_IS_SET(attrs,code))
1175 return attrs->values[code].sha1string;
1176 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_SHA1STR,
1180 X509_NAME *STORE_ATTR_INFO_get0_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code)
1184 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_DN,
1185 ERR_R_PASSED_NULL_PARAMETER);
1188 if (ATTR_IS_SET(attrs,code))
1189 return attrs->values[code].dn;
1190 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_DN,
1194 BIGNUM *STORE_ATTR_INFO_get0_number(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code)
1198 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_NUMBER,
1199 ERR_R_PASSED_NULL_PARAMETER);
1202 if (ATTR_IS_SET(attrs,code))
1203 return attrs->values[code].number;
1204 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_NUMBER,
1208 int STORE_ATTR_INFO_set_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1209 char *cstr, size_t cstr_size)
1213 STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR,
1214 ERR_R_PASSED_NULL_PARAMETER);
1217 if (!ATTR_IS_SET(attrs,code))
1219 if ((attrs->values[code].cstring = BUF_strndup(cstr, cstr_size)))
1221 STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR,
1222 ERR_R_MALLOC_FAILURE);
1225 STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR, STORE_R_ALREADY_HAS_A_VALUE);
1228 int STORE_ATTR_INFO_set_sha1str(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1229 unsigned char *sha1str, size_t sha1str_size)
1233 STOREerr(STORE_F_STORE_ATTR_INFO_SET_SHA1STR,
1234 ERR_R_PASSED_NULL_PARAMETER);
1237 if (!ATTR_IS_SET(attrs,code))
1239 if ((attrs->values[code].sha1string =
1240 (unsigned char *)BUF_memdup(sha1str,
1243 STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR,
1244 ERR_R_MALLOC_FAILURE);
1247 STOREerr(STORE_F_STORE_ATTR_INFO_SET_SHA1STR, STORE_R_ALREADY_HAS_A_VALUE);
1250 int STORE_ATTR_INFO_set_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1255 STOREerr(STORE_F_STORE_ATTR_INFO_SET_DN,
1256 ERR_R_PASSED_NULL_PARAMETER);
1259 if (!ATTR_IS_SET(attrs,code))
1261 if ((attrs->values[code].dn = X509_NAME_dup(dn)))
1263 STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR,
1264 ERR_R_MALLOC_FAILURE);
1267 STOREerr(STORE_F_STORE_ATTR_INFO_SET_DN, STORE_R_ALREADY_HAS_A_VALUE);
1270 int STORE_ATTR_INFO_set_number(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1275 STOREerr(STORE_F_STORE_ATTR_INFO_SET_NUMBER,
1276 ERR_R_PASSED_NULL_PARAMETER);
1279 if (!ATTR_IS_SET(attrs,code))
1281 if ((attrs->values[code].number = BN_dup(number)))
1283 STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR,
1284 ERR_R_MALLOC_FAILURE);
1287 STOREerr(STORE_F_STORE_ATTR_INFO_SET_NUMBER, STORE_R_ALREADY_HAS_A_VALUE);
1290 int STORE_ATTR_INFO_modify_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1291 char *cstr, size_t cstr_size)
1295 STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_CSTR,
1296 ERR_R_PASSED_NULL_PARAMETER);
1299 if (ATTR_IS_SET(attrs,code))
1301 OPENSSL_free(attrs->values[code].cstring);
1302 attrs->values[code].cstring = NULL;
1303 CLEAR_ATTRBIT(attrs, code);
1305 return STORE_ATTR_INFO_set_cstr(attrs, code, cstr, cstr_size);
1307 int STORE_ATTR_INFO_modify_sha1str(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1308 unsigned char *sha1str, size_t sha1str_size)
1312 STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_SHA1STR,
1313 ERR_R_PASSED_NULL_PARAMETER);
1316 if (ATTR_IS_SET(attrs,code))
1318 OPENSSL_free(attrs->values[code].sha1string);
1319 attrs->values[code].sha1string = NULL;
1320 CLEAR_ATTRBIT(attrs, code);
1322 return STORE_ATTR_INFO_set_sha1str(attrs, code, sha1str, sha1str_size);
1324 int STORE_ATTR_INFO_modify_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1329 STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_DN,
1330 ERR_R_PASSED_NULL_PARAMETER);
1333 if (ATTR_IS_SET(attrs,code))
1335 OPENSSL_free(attrs->values[code].dn);
1336 attrs->values[code].dn = NULL;
1337 CLEAR_ATTRBIT(attrs, code);
1339 return STORE_ATTR_INFO_set_dn(attrs, code, dn);
1341 int STORE_ATTR_INFO_modify_number(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1346 STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_NUMBER,
1347 ERR_R_PASSED_NULL_PARAMETER);
1350 if (ATTR_IS_SET(attrs,code))
1352 OPENSSL_free(attrs->values[code].number);
1353 attrs->values[code].number = NULL;
1354 CLEAR_ATTRBIT(attrs, code);
1356 return STORE_ATTR_INFO_set_number(attrs, code, number);
1359 struct attr_list_ctx_st
1361 OPENSSL_ITEM *attributes;
1363 void *STORE_parse_attrs_start(OPENSSL_ITEM *attributes)
1367 struct attr_list_ctx_st *context =
1368 (struct attr_list_ctx_st *)OPENSSL_malloc(sizeof(struct attr_list_ctx_st));
1370 context->attributes = attributes;
1372 STOREerr(STORE_F_STORE_PARSE_ATTRS_END,
1373 ERR_R_MALLOC_FAILURE);
1376 STOREerr(STORE_F_STORE_PARSE_ATTRS_END, ERR_R_PASSED_NULL_PARAMETER);
1379 STORE_ATTR_INFO *STORE_parse_attrs_next(void *handle)
1381 struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)handle;
1383 if (context && context->attributes)
1385 STORE_ATTR_INFO *attrs = NULL;
1387 while(context->attributes
1388 && context->attributes->code != STORE_ATTR_OR
1389 && context->attributes->code != STORE_ATTR_END)
1391 switch(context->attributes->code)
1393 case STORE_ATTR_FRIENDLYNAME:
1394 case STORE_ATTR_EMAIL:
1395 case STORE_ATTR_FILENAME:
1396 if (!attrs) attrs = STORE_ATTR_INFO_new();
1399 STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
1400 ERR_R_MALLOC_FAILURE);
1403 STORE_ATTR_INFO_set_cstr(attrs,
1404 context->attributes->code,
1405 context->attributes->value,
1406 context->attributes->value_size);
1408 case STORE_ATTR_KEYID:
1409 case STORE_ATTR_ISSUERKEYID:
1410 case STORE_ATTR_SUBJECTKEYID:
1411 case STORE_ATTR_ISSUERSERIALHASH:
1412 case STORE_ATTR_CERTHASH:
1413 if (!attrs) attrs = STORE_ATTR_INFO_new();
1416 STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
1417 ERR_R_MALLOC_FAILURE);
1420 STORE_ATTR_INFO_set_sha1str(attrs,
1421 context->attributes->code,
1422 context->attributes->value,
1423 context->attributes->value_size);
1425 case STORE_ATTR_ISSUER:
1426 case STORE_ATTR_SUBJECT:
1427 if (!attrs) attrs = STORE_ATTR_INFO_new();
1430 STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
1431 ERR_R_MALLOC_FAILURE);
1434 STORE_ATTR_INFO_modify_dn(attrs,
1435 context->attributes->code,
1436 context->attributes->value);
1438 case STORE_ATTR_SERIAL:
1439 if (!attrs) attrs = STORE_ATTR_INFO_new();
1442 STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
1443 ERR_R_MALLOC_FAILURE);
1446 STORE_ATTR_INFO_modify_number(attrs,
1447 context->attributes->code,
1448 context->attributes->value);
1451 context->attributes++;
1453 if (context->attributes->code == STORE_ATTR_OR)
1454 context->attributes++;
1457 while(context->attributes
1458 && context->attributes->code != STORE_ATTR_OR
1459 && context->attributes->code != STORE_ATTR_END)
1460 context->attributes++;
1461 if (context->attributes->code == STORE_ATTR_OR)
1462 context->attributes++;
1465 STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT, ERR_R_PASSED_NULL_PARAMETER);
1468 int STORE_parse_attrs_end(void *handle)
1470 struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)handle;
1472 if (context && context->attributes)
1475 OPENSSL_ITEM *attributes = context->attributes;
1477 OPENSSL_free(context);
1480 STOREerr(STORE_F_STORE_PARSE_ATTRS_END, ERR_R_PASSED_NULL_PARAMETER);
1484 int STORE_parse_attrs_endp(void *handle)
1486 struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)handle;
1488 if (context && context->attributes)
1490 return context->attributes->code == STORE_ATTR_END;
1492 STOREerr(STORE_F_STORE_PARSE_ATTRS_END, ERR_R_PASSED_NULL_PARAMETER);
1496 int STORE_ATTR_INFO_compare(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
1498 unsigned char *abits, *bbits;
1501 if (a == b) return 0;
1506 for (i = 0; i < (STORE_ATTR_TYPE_NUM + 8) / 8; i++, abits++, bbits++)
1508 if (*abits < *bbits) return -1;
1509 if (*abits > *bbits) return 1;
1513 int STORE_ATTR_INFO_in(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
1515 unsigned char *abits, *bbits;
1518 if (a == b) return 1;
1523 for (i = 0; i < (STORE_ATTR_TYPE_NUM + 8) / 8; i++, abits++, bbits++)
1525 if (*abits && *bbits != *abits)
1530 int STORE_ATTR_INFO_in_ex(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
1534 if (a == b) return 1;
1535 if (!STORE_ATTR_INFO_in(a, b)) return 0;
1536 for (i = 1; i < STORE_ATTR_TYPE_NUM; i++)
1537 if (ATTR_IS_SET(a, i))
1541 case STORE_ATTR_FRIENDLYNAME:
1542 case STORE_ATTR_EMAIL:
1543 case STORE_ATTR_FILENAME:
1544 if (strcmp(a->values[i].cstring,
1545 b->values[i].cstring))
1548 case STORE_ATTR_KEYID:
1549 case STORE_ATTR_ISSUERKEYID:
1550 case STORE_ATTR_SUBJECTKEYID:
1551 case STORE_ATTR_ISSUERSERIALHASH:
1552 case STORE_ATTR_CERTHASH:
1553 if (memcmp(a->values[i].sha1string,
1554 b->values[i].sha1string,
1558 case STORE_ATTR_ISSUER:
1559 case STORE_ATTR_SUBJECT:
1560 if (X509_NAME_cmp(a->values[i].dn,
1564 case STORE_ATTR_SERIAL:
1565 if (BN_cmp(a->values[i].number,
1566 b->values[i].number))