crypto/store/str_lib.c

   1 /* crypto/store/str_lib.c -*- mode:C; c-file-style: "eay" -*- */
   2 /*
   3  * Written by Richard Levitte (richard@levitte.org) for the OpenSSL project
   4  * 2003.
   5  */
   6 /* ====================================================================
   7  * Copyright (c) 2003 The OpenSSL Project.  All rights reserved.
   8  *
   9  * Redistribution and use in source and binary forms, with or without
  10  * modification, are permitted provided that the following conditions
  11  * are met:
  12  *
  13  * 1. Redistributions of source code must retain the above copyright
  14  *    notice, this list of conditions and the following disclaimer.
  15  *
  16  * 2. Redistributions in binary form must reproduce the above copyright
  17  *    notice, this list of conditions and the following disclaimer in
  18  *    the documentation and/or other materials provided with the
  19  *    distribution.
  20  *
  21  * 3. All advertising materials mentioning features or use of this
  22  *    software must display the following acknowledgment:
  23  *    "This product includes software developed by the OpenSSL Project
  24  *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
  25  *
  26  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
  27  *    endorse or promote products derived from this software without
  28  *    prior written permission. For written permission, please contact
  29  *    openssl-core@openssl.org.
  30  *
  31  * 5. Products derived from this software may not be called "OpenSSL"
  32  *    nor may "OpenSSL" appear in their names without prior written
  33  *    permission of the OpenSSL Project.
  34  *
  35  * 6. Redistributions of any form whatsoever must retain the following
  36  *    acknowledgment:
  37  *    "This product includes software developed by the OpenSSL Project
  38  *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
  39  *
  40  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
  41  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  42  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  43  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
  44  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  45  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
  46  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
  47  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  48  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
  49  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  50  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
  51  * OF THE POSSIBILITY OF SUCH DAMAGE.
  52  * ====================================================================
  53  *
  54  * This product includes cryptographic software written by Eric Young
  55  * (eay@cryptsoft.com).  This product includes software written by Tim
  56  * Hudson (tjh@cryptsoft.com).
  57  *
  58  */
  59
  60 #include <string.h>
  61 #include <openssl/bn.h>
  62 #include <openssl/err.h>
  63 #ifndef OPENSSL_NO_ENGINE
  64 # include <openssl/engine.h>
  65 #endif
  66 #include <openssl/sha.h>
  67 #include <openssl/x509.h>
  68 #include "str_locl.h"
  69
  70 const char *const STORE_object_type_string[STORE_OBJECT_TYPE_NUM + 1] = {
  71     0,
  72     "X.509 Certificate",
  73     "X.509 CRL",
  74     "Private Key",
  75     "Public Key",
  76     "Number",
  77     "Arbitrary Data"
  78 };
  79
  80 const int STORE_param_sizes[STORE_PARAM_TYPE_NUM + 1] = {
  81     0,
  82     sizeof(int),                /* EVP_TYPE */
  83     sizeof(size_t),             /* BITS */
  84     -1,                         /* KEY_PARAMETERS */
  85     0                           /* KEY_NO_PARAMETERS */
  86 };
  87
  88 const int STORE_attr_sizes[STORE_ATTR_TYPE_NUM + 1] = {
  89     0,
  90     -1,                         /* FRIENDLYNAME: C string */
  91     SHA_DIGEST_LENGTH,          /* KEYID: SHA1 digest, 160 bits */
  92     SHA_DIGEST_LENGTH,          /* ISSUERKEYID: SHA1 digest, 160 bits */
  93     SHA_DIGEST_LENGTH,          /* SUBJECTKEYID: SHA1 digest, 160 bits */
  94     SHA_DIGEST_LENGTH,          /* ISSUERSERIALHASH: SHA1 digest, 160 bits */
  95     sizeof(X509_NAME *),        /* ISSUER: X509_NAME * */
  96     sizeof(BIGNUM *),           /* SERIAL: BIGNUM * */
  97     sizeof(X509_NAME *),        /* SUBJECT: X509_NAME * */
  98     SHA_DIGEST_LENGTH,          /* CERTHASH: SHA1 digest, 160 bits */
  99     -1,                         /* EMAIL: C string */
 100     -1,                         /* FILENAME: C string */
 101 };
 102
 103 STORE *STORE_new_method(const STORE_METHOD *method)
 104 {
 105     STORE *ret;
 106
 107     if (method == NULL) {
 108         STOREerr(STORE_F_STORE_NEW_METHOD, ERR_R_PASSED_NULL_PARAMETER);
 109         return NULL;
 110     }
 111
 112     ret = OPENSSL_malloc(sizeof(*ret));
 113     if (ret == NULL) {
 114         STOREerr(STORE_F_STORE_NEW_METHOD, ERR_R_MALLOC_FAILURE);
 115         return NULL;
 116     }
 117
 118     ret->meth = method;
 119
 120     CRYPTO_new_ex_data(CRYPTO_EX_INDEX_STORE, ret, &ret->ex_data);
 121     if (ret->meth->init && !ret->meth->init(ret)) {
 122         STORE_free(ret);
 123         ret = NULL;
 124     }
 125     return ret;
 126 }
 127
 128 STORE *STORE_new_engine(ENGINE *engine)
 129 {
 130     STORE *ret = NULL;
 131     ENGINE *e = engine;
 132     const STORE_METHOD *meth = 0;
 133
 134 #ifdef OPENSSL_NO_ENGINE
 135     e = NULL;
 136 #else
 137     if (engine) {
 138         if (!ENGINE_init(engine)) {
 139             STOREerr(STORE_F_STORE_NEW_ENGINE, ERR_R_ENGINE_LIB);
 140             return NULL;
 141         }
 142         e = engine;
 143     } else {
 144         STOREerr(STORE_F_STORE_NEW_ENGINE, ERR_R_PASSED_NULL_PARAMETER);
 145         return NULL;
 146     }
 147     if (e) {
 148         meth = ENGINE_get_STORE(e);
 149         if (!meth) {
 150             STOREerr(STORE_F_STORE_NEW_ENGINE, ERR_R_ENGINE_LIB);
 151             ENGINE_finish(e);
 152             return NULL;
 153         }
 154     }
 155 #endif
 156
 157     ret = STORE_new_method(meth);
 158     if (ret == NULL) {
 159         STOREerr(STORE_F_STORE_NEW_ENGINE, ERR_R_STORE_LIB);
 160         return NULL;
 161     }
 162
 163     ret->engine = e;
 164
 165     return (ret);
 166 }
 167
 168 void STORE_free(STORE *store)
 169 {
 170     if (store == NULL)
 171         return;
 172     if (store->meth->clean)
 173         store->meth->clean(store);
 174     CRYPTO_free_ex_data(CRYPTO_EX_INDEX_STORE, store, &store->ex_data);
 175     OPENSSL_free(store);
 176 }
 177
 178 int STORE_ctrl(STORE *store, int cmd, long i, void *p, void (*f) (void))
 179 {
 180     if (store == NULL) {
 181         STOREerr(STORE_F_STORE_CTRL, ERR_R_PASSED_NULL_PARAMETER);
 182         return 0;
 183     }
 184     if (store->meth->ctrl)
 185         return store->meth->ctrl(store, cmd, i, p, f);
 186     STOREerr(STORE_F_STORE_CTRL, STORE_R_NO_CONTROL_FUNCTION);
 187     return 0;
 188 }
 189
 190 int STORE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
 191                            CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
 192 {
 193     return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_STORE, argl, argp,
 194                                    new_func, dup_func, free_func);
 195 }
 196
 197 int STORE_set_ex_data(STORE *r, int idx, void *arg)
 198 {
 199     return (CRYPTO_set_ex_data(&r->ex_data, idx, arg));
 200 }
 201
 202 void *STORE_get_ex_data(STORE *r, int idx)
 203 {
 204     return (CRYPTO_get_ex_data(&r->ex_data, idx));
 205 }
 206
 207 const STORE_METHOD *STORE_get_method(STORE *store)
 208 {
 209     return store->meth;
 210 }
 211
 212 const STORE_METHOD *STORE_set_method(STORE *store, const STORE_METHOD *meth)
 213 {
 214     store->meth = meth;
 215     return store->meth;
 216 }
 217
 218 /* API helpers */
 219
 220 #define check_store(s,fncode,fnname,fnerrcode) \
 221         do \
 222                 { \
 223                 if ((s) == NULL || (s)->meth == NULL) \
 224                         { \
 225                         STOREerr((fncode), ERR_R_PASSED_NULL_PARAMETER); \
 226                         return 0; \
 227                         } \
 228                 if ((s)->meth->fnname == NULL) \
 229                         { \
 230                         STOREerr((fncode), (fnerrcode)); \
 231                         return 0; \
 232                         } \
 233                 } \
 234         while(0)
 235
 236 /* API functions */
 237
 238 X509 *STORE_get_certificate(STORE *s, OPENSSL_ITEM attributes[],
 239                             OPENSSL_ITEM parameters[])
 240 {
 241     STORE_OBJECT *object;
 242     X509 *x;
 243
 244     check_store(s, STORE_F_STORE_GET_CERTIFICATE,
 245                 get_object, STORE_R_NO_GET_OBJECT_FUNCTION);
 246
 247     object = s->meth->get_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
 248                                  attributes, parameters);
 249     if (!object || !object->data.x509.certificate) {
 250         STOREerr(STORE_F_STORE_GET_CERTIFICATE,
 251                  STORE_R_FAILED_GETTING_CERTIFICATE);
 252         return 0;
 253     }
 254     X509_up_ref(object->data.x509.certificate);
 255 #ifdef REF_PRINT
 256     REF_PRINT("X509", data);
 257 #endif
 258     x = object->data.x509.certificate;
 259     STORE_OBJECT_free(object);
 260     return x;
 261 }
 262
 263 int STORE_store_certificate(STORE *s, X509 *data, OPENSSL_ITEM attributes[],
 264                             OPENSSL_ITEM parameters[])
 265 {
 266     STORE_OBJECT *object;
 267     int i;
 268
 269     check_store(s, STORE_F_STORE_CERTIFICATE,
 270                 store_object, STORE_R_NO_STORE_OBJECT_FUNCTION);
 271
 272     object = STORE_OBJECT_new();
 273     if (!object) {
 274         STOREerr(STORE_F_STORE_STORE_CERTIFICATE, ERR_R_MALLOC_FAILURE);
 275         return 0;
 276     }
 277
 278     X509_up_ref(data);
 279 #ifdef REF_PRINT
 280     REF_PRINT("X509", data);
 281 #endif
 282     object->data.x509.certificate = data;
 283
 284     i = s->meth->store_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
 285                               object, attributes, parameters);
 286
 287     STORE_OBJECT_free(object);
 288
 289     if (!i) {
 290         STOREerr(STORE_F_STORE_STORE_CERTIFICATE,
 291                  STORE_R_FAILED_STORING_CERTIFICATE);
 292         return 0;
 293     }
 294     return 1;
 295 }
 296
 297 int STORE_modify_certificate(STORE *s, OPENSSL_ITEM search_attributes[],
 298                              OPENSSL_ITEM add_attributes[],
 299                              OPENSSL_ITEM modify_attributes[],
 300                              OPENSSL_ITEM delete_attributes[],
 301                              OPENSSL_ITEM parameters[])
 302 {
 303     check_store(s, STORE_F_STORE_MODIFY_CERTIFICATE,
 304                 modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION);
 305
 306     if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
 307                                 search_attributes, add_attributes,
 308                                 modify_attributes, delete_attributes,
 309                                 parameters)) {
 310         STOREerr(STORE_F_STORE_MODIFY_CERTIFICATE,
 311                  STORE_R_FAILED_MODIFYING_CERTIFICATE);
 312         return 0;
 313     }
 314     return 1;
 315 }
 316
 317 int STORE_revoke_certificate(STORE *s, OPENSSL_ITEM attributes[],
 318                              OPENSSL_ITEM parameters[])
 319 {
 320     check_store(s, STORE_F_STORE_REVOKE_CERTIFICATE,
 321                 revoke_object, STORE_R_NO_REVOKE_OBJECT_FUNCTION);
 322
 323     if (!s->meth->revoke_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
 324                                 attributes, parameters)) {
 325         STOREerr(STORE_F_STORE_REVOKE_CERTIFICATE,
 326                  STORE_R_FAILED_REVOKING_CERTIFICATE);
 327         return 0;
 328     }
 329     return 1;
 330 }
 331
 332 int STORE_delete_certificate(STORE *s, OPENSSL_ITEM attributes[],
 333                              OPENSSL_ITEM parameters[])
 334 {
 335     check_store(s, STORE_F_STORE_DELETE_CERTIFICATE,
 336                 delete_object, STORE_R_NO_DELETE_OBJECT_FUNCTION);
 337
 338     if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
 339                                 attributes, parameters)) {
 340         STOREerr(STORE_F_STORE_DELETE_CERTIFICATE,
 341                  STORE_R_FAILED_DELETING_CERTIFICATE);
 342         return 0;
 343     }
 344     return 1;
 345 }
 346
 347 void *STORE_list_certificate_start(STORE *s, OPENSSL_ITEM attributes[],
 348                                    OPENSSL_ITEM parameters[])
 349 {
 350     void *handle;
 351
 352     check_store(s, STORE_F_STORE_LIST_CERTIFICATE_START,
 353                 list_object_start, STORE_R_NO_LIST_OBJECT_START_FUNCTION);
 354
 355     handle = s->meth->list_object_start(s,
 356                                         STORE_OBJECT_TYPE_X509_CERTIFICATE,
 357                                         attributes, parameters);
 358     if (!handle) {
 359         STOREerr(STORE_F_STORE_LIST_CERTIFICATE_START,
 360                  STORE_R_FAILED_LISTING_CERTIFICATES);
 361         return 0;
 362     }
 363     return handle;
 364 }
 365
 366 X509 *STORE_list_certificate_next(STORE *s, void *handle)
 367 {
 368     STORE_OBJECT *object;
 369     X509 *x;
 370
 371     check_store(s, STORE_F_STORE_LIST_CERTIFICATE_NEXT,
 372                 list_object_next, STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
 373
 374     object = s->meth->list_object_next(s, handle);
 375     if (!object || !object->data.x509.certificate) {
 376         STOREerr(STORE_F_STORE_LIST_CERTIFICATE_NEXT,
 377                  STORE_R_FAILED_LISTING_CERTIFICATES);
 378         return 0;
 379     }
 380     X509_up_ref(object->data.x509.certificate);
 381 #ifdef REF_PRINT
 382     REF_PRINT("X509", data);
 383 #endif
 384     x = object->data.x509.certificate;
 385     STORE_OBJECT_free(object);
 386     return x;
 387 }
 388
 389 int STORE_list_certificate_end(STORE *s, void *handle)
 390 {
 391     check_store(s, STORE_F_STORE_LIST_CERTIFICATE_END,
 392                 list_object_end, STORE_R_NO_LIST_OBJECT_END_FUNCTION);
 393
 394     if (!s->meth->list_object_end(s, handle)) {
 395         STOREerr(STORE_F_STORE_LIST_CERTIFICATE_END,
 396                  STORE_R_FAILED_LISTING_CERTIFICATES);
 397         return 0;
 398     }
 399     return 1;
 400 }
 401
 402 int STORE_list_certificate_endp(STORE *s, void *handle)
 403 {
 404     check_store(s, STORE_F_STORE_LIST_CERTIFICATE_ENDP,
 405                 list_object_endp, STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
 406
 407     if (!s->meth->list_object_endp(s, handle)) {
 408         STOREerr(STORE_F_STORE_LIST_CERTIFICATE_ENDP,
 409                  STORE_R_FAILED_LISTING_CERTIFICATES);
 410         return 0;
 411     }
 412     return 1;
 413 }
 414
 415 EVP_PKEY *STORE_generate_key(STORE *s, OPENSSL_ITEM attributes[],
 416                              OPENSSL_ITEM parameters[])
 417 {
 418     STORE_OBJECT *object;
 419     EVP_PKEY *pkey;
 420
 421     check_store(s, STORE_F_STORE_GENERATE_KEY,
 422                 generate_object, STORE_R_NO_GENERATE_OBJECT_FUNCTION);
 423
 424     object = s->meth->generate_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
 425                                       attributes, parameters);
 426     if (!object || !object->data.key) {
 427         STOREerr(STORE_F_STORE_GENERATE_KEY, STORE_R_FAILED_GENERATING_KEY);
 428         return 0;
 429     }
 430     CRYPTO_add(&object->data.key->references, 1, CRYPTO_LOCK_EVP_PKEY);
 431 #ifdef REF_PRINT
 432     REF_PRINT("EVP_PKEY", data);
 433 #endif
 434     pkey = object->data.key;
 435     STORE_OBJECT_free(object);
 436     return pkey;
 437 }
 438
 439 EVP_PKEY *STORE_get_private_key(STORE *s, OPENSSL_ITEM attributes[],
 440                                 OPENSSL_ITEM parameters[])
 441 {
 442     STORE_OBJECT *object;
 443     EVP_PKEY *pkey;
 444
 445     check_store(s, STORE_F_STORE_GET_PRIVATE_KEY,
 446                 get_object, STORE_R_NO_GET_OBJECT_FUNCTION);
 447
 448     object = s->meth->get_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
 449                                  attributes, parameters);
 450     if (!object || !object->data.key || !object->data.key) {
 451         STOREerr(STORE_F_STORE_GET_PRIVATE_KEY, STORE_R_FAILED_GETTING_KEY);
 452         return 0;
 453     }
 454     CRYPTO_add(&object->data.key->references, 1, CRYPTO_LOCK_EVP_PKEY);
 455 #ifdef REF_PRINT
 456     REF_PRINT("EVP_PKEY", data);
 457 #endif
 458     pkey = object->data.key;
 459     STORE_OBJECT_free(object);
 460     return pkey;
 461 }
 462
 463 int STORE_store_private_key(STORE *s, EVP_PKEY *data,
 464                             OPENSSL_ITEM attributes[],
 465                             OPENSSL_ITEM parameters[])
 466 {
 467     STORE_OBJECT *object;
 468     int i;
 469
 470     check_store(s, STORE_F_STORE_STORE_PRIVATE_KEY,
 471                 store_object, STORE_R_NO_STORE_OBJECT_FUNCTION);
 472
 473     object = STORE_OBJECT_new();
 474     if (!object) {
 475         STOREerr(STORE_F_STORE_STORE_PRIVATE_KEY, ERR_R_MALLOC_FAILURE);
 476         return 0;
 477     }
 478     object->data.key = EVP_PKEY_new();
 479     if (!object->data.key) {
 480         STOREerr(STORE_F_STORE_STORE_PRIVATE_KEY, ERR_R_MALLOC_FAILURE);
 481         return 0;
 482     }
 483
 484     CRYPTO_add(&data->references, 1, CRYPTO_LOCK_EVP_PKEY);
 485 #ifdef REF_PRINT
 486     REF_PRINT("EVP_PKEY", data);
 487 #endif
 488     object->data.key = data;
 489
 490     i = s->meth->store_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY, object,
 491                               attributes, parameters);
 492
 493     STORE_OBJECT_free(object);
 494
 495     if (!i) {
 496         STOREerr(STORE_F_STORE_STORE_PRIVATE_KEY, STORE_R_FAILED_STORING_KEY);
 497         return 0;
 498     }
 499     return i;
 500 }
 501
 502 int STORE_modify_private_key(STORE *s, OPENSSL_ITEM search_attributes[],
 503                              OPENSSL_ITEM add_attributes[],
 504                              OPENSSL_ITEM modify_attributes[],
 505                              OPENSSL_ITEM delete_attributes[],
 506                              OPENSSL_ITEM parameters[])
 507 {
 508     check_store(s, STORE_F_STORE_MODIFY_PRIVATE_KEY,
 509                 modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION);
 510
 511     if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
 512                                 search_attributes, add_attributes,
 513                                 modify_attributes, delete_attributes,
 514                                 parameters)) {
 515         STOREerr(STORE_F_STORE_MODIFY_PRIVATE_KEY,
 516                  STORE_R_FAILED_MODIFYING_PRIVATE_KEY);
 517         return 0;
 518     }
 519     return 1;
 520 }
 521
 522 int STORE_revoke_private_key(STORE *s, OPENSSL_ITEM attributes[],
 523                              OPENSSL_ITEM parameters[])
 524 {
 525     int i;
 526
 527     check_store(s, STORE_F_STORE_REVOKE_PRIVATE_KEY,
 528                 revoke_object, STORE_R_NO_REVOKE_OBJECT_FUNCTION);
 529
 530     i = s->meth->revoke_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
 531                                attributes, parameters);
 532
 533     if (!i) {
 534         STOREerr(STORE_F_STORE_REVOKE_PRIVATE_KEY,
 535                  STORE_R_FAILED_REVOKING_KEY);
 536         return 0;
 537     }
 538     return i;
 539 }
 540
 541 int STORE_delete_private_key(STORE *s, OPENSSL_ITEM attributes[],
 542                              OPENSSL_ITEM parameters[])
 543 {
 544     check_store(s, STORE_F_STORE_DELETE_PRIVATE_KEY,
 545                 delete_object, STORE_R_NO_DELETE_OBJECT_FUNCTION);
 546
 547     if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
 548                                 attributes, parameters)) {
 549         STOREerr(STORE_F_STORE_DELETE_PRIVATE_KEY,
 550                  STORE_R_FAILED_DELETING_KEY);
 551         return 0;
 552     }
 553     return 1;
 554 }
 555
 556 void *STORE_list_private_key_start(STORE *s, OPENSSL_ITEM attributes[],
 557                                    OPENSSL_ITEM parameters[])
 558 {
 559     void *handle;
 560
 561     check_store(s, STORE_F_STORE_LIST_PRIVATE_KEY_START,
 562                 list_object_start, STORE_R_NO_LIST_OBJECT_START_FUNCTION);
 563
 564     handle = s->meth->list_object_start(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
 565                                         attributes, parameters);
 566     if (!handle) {
 567         STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_START,
 568                  STORE_R_FAILED_LISTING_KEYS);
 569         return 0;
 570     }
 571     return handle;
 572 }
 573
 574 EVP_PKEY *STORE_list_private_key_next(STORE *s, void *handle)
 575 {
 576     STORE_OBJECT *object;
 577     EVP_PKEY *pkey;
 578
 579     check_store(s, STORE_F_STORE_LIST_PRIVATE_KEY_NEXT,
 580                 list_object_next, STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
 581
 582     object = s->meth->list_object_next(s, handle);
 583     if (!object || !object->data.key || !object->data.key) {
 584         STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_NEXT,
 585                  STORE_R_FAILED_LISTING_KEYS);
 586         return 0;
 587     }
 588     CRYPTO_add(&object->data.key->references, 1, CRYPTO_LOCK_EVP_PKEY);
 589 #ifdef REF_PRINT
 590     REF_PRINT("EVP_PKEY", data);
 591 #endif
 592     pkey = object->data.key;
 593     STORE_OBJECT_free(object);
 594     return pkey;
 595 }
 596
 597 int STORE_list_private_key_end(STORE *s, void *handle)
 598 {
 599     check_store(s, STORE_F_STORE_LIST_PRIVATE_KEY_END,
 600                 list_object_end, STORE_R_NO_LIST_OBJECT_END_FUNCTION);
 601
 602     if (!s->meth->list_object_end(s, handle)) {
 603         STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_END,
 604                  STORE_R_FAILED_LISTING_KEYS);
 605         return 0;
 606     }
 607     return 1;
 608 }
 609
 610 int STORE_list_private_key_endp(STORE *s, void *handle)
 611 {
 612     check_store(s, STORE_F_STORE_LIST_PRIVATE_KEY_ENDP,
 613                 list_object_endp, STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
 614
 615     if (!s->meth->list_object_endp(s, handle)) {
 616         STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_ENDP,
 617                  STORE_R_FAILED_LISTING_KEYS);
 618         return 0;
 619     }
 620     return 1;
 621 }
 622
 623 EVP_PKEY *STORE_get_public_key(STORE *s, OPENSSL_ITEM attributes[],
 624                                OPENSSL_ITEM parameters[])
 625 {
 626     STORE_OBJECT *object;
 627     EVP_PKEY *pkey;
 628
 629     check_store(s, STORE_F_STORE_GET_PUBLIC_KEY,
 630                 get_object, STORE_R_NO_GET_OBJECT_FUNCTION);
 631
 632     object = s->meth->get_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
 633                                  attributes, parameters);
 634     if (!object || !object->data.key || !object->data.key) {
 635         STOREerr(STORE_F_STORE_GET_PUBLIC_KEY, STORE_R_FAILED_GETTING_KEY);
 636         return 0;
 637     }
 638     CRYPTO_add(&object->data.key->references, 1, CRYPTO_LOCK_EVP_PKEY);
 639 #ifdef REF_PRINT
 640     REF_PRINT("EVP_PKEY", data);
 641 #endif
 642     pkey = object->data.key;
 643     STORE_OBJECT_free(object);
 644     return pkey;
 645 }
 646
 647 int STORE_store_public_key(STORE *s, EVP_PKEY *data,
 648                            OPENSSL_ITEM attributes[],
 649                            OPENSSL_ITEM parameters[])
 650 {
 651     STORE_OBJECT *object;
 652     int i;
 653
 654     check_store(s, STORE_F_STORE_STORE_PUBLIC_KEY,
 655                 store_object, STORE_R_NO_STORE_OBJECT_FUNCTION);
 656
 657     object = STORE_OBJECT_new();
 658     if (!object) {
 659         STOREerr(STORE_F_STORE_STORE_PUBLIC_KEY, ERR_R_MALLOC_FAILURE);
 660         return 0;
 661     }
 662     object->data.key = EVP_PKEY_new();
 663     if (!object->data.key) {
 664         STOREerr(STORE_F_STORE_STORE_PUBLIC_KEY, ERR_R_MALLOC_FAILURE);
 665         return 0;
 666     }
 667
 668     CRYPTO_add(&data->references, 1, CRYPTO_LOCK_EVP_PKEY);
 669 #ifdef REF_PRINT
 670     REF_PRINT("EVP_PKEY", data);
 671 #endif
 672     object->data.key = data;
 673
 674     i = s->meth->store_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY, object,
 675                               attributes, parameters);
 676
 677     STORE_OBJECT_free(object);
 678
 679     if (!i) {
 680         STOREerr(STORE_F_STORE_STORE_PUBLIC_KEY, STORE_R_FAILED_STORING_KEY);
 681         return 0;
 682     }
 683     return i;
 684 }
 685
 686 int STORE_modify_public_key(STORE *s, OPENSSL_ITEM search_attributes[],
 687                             OPENSSL_ITEM add_attributes[],
 688                             OPENSSL_ITEM modify_attributes[],
 689                             OPENSSL_ITEM delete_attributes[],
 690                             OPENSSL_ITEM parameters[])
 691 {
 692     check_store(s, STORE_F_STORE_MODIFY_PUBLIC_KEY,
 693                 modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION);
 694
 695     if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
 696                                 search_attributes, add_attributes,
 697                                 modify_attributes, delete_attributes,
 698                                 parameters)) {
 699         STOREerr(STORE_F_STORE_MODIFY_PUBLIC_KEY,
 700                  STORE_R_FAILED_MODIFYING_PUBLIC_KEY);
 701         return 0;
 702     }
 703     return 1;
 704 }
 705
 706 int STORE_revoke_public_key(STORE *s, OPENSSL_ITEM attributes[],
 707                             OPENSSL_ITEM parameters[])
 708 {
 709     int i;
 710
 711     check_store(s, STORE_F_STORE_REVOKE_PUBLIC_KEY,
 712                 revoke_object, STORE_R_NO_REVOKE_OBJECT_FUNCTION);
 713
 714     i = s->meth->revoke_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
 715                                attributes, parameters);
 716
 717     if (!i) {
 718         STOREerr(STORE_F_STORE_REVOKE_PUBLIC_KEY,
 719                  STORE_R_FAILED_REVOKING_KEY);
 720         return 0;
 721     }
 722     return i;
 723 }
 724
 725 int STORE_delete_public_key(STORE *s, OPENSSL_ITEM attributes[],
 726                             OPENSSL_ITEM parameters[])
 727 {
 728     check_store(s, STORE_F_STORE_DELETE_PUBLIC_KEY,
 729                 delete_object, STORE_R_NO_DELETE_OBJECT_FUNCTION);
 730
 731     if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
 732                                 attributes, parameters)) {
 733         STOREerr(STORE_F_STORE_DELETE_PUBLIC_KEY,
 734                  STORE_R_FAILED_DELETING_KEY);
 735         return 0;
 736     }
 737     return 1;
 738 }
 739
 740 void *STORE_list_public_key_start(STORE *s, OPENSSL_ITEM attributes[],
 741                                   OPENSSL_ITEM parameters[])
 742 {
 743     void *handle;
 744
 745     check_store(s, STORE_F_STORE_LIST_PUBLIC_KEY_START,
 746                 list_object_start, STORE_R_NO_LIST_OBJECT_START_FUNCTION);
 747
 748     handle = s->meth->list_object_start(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
 749                                         attributes, parameters);
 750     if (!handle) {
 751         STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_START,
 752                  STORE_R_FAILED_LISTING_KEYS);
 753         return 0;
 754     }
 755     return handle;
 756 }
 757
 758 EVP_PKEY *STORE_list_public_key_next(STORE *s, void *handle)
 759 {
 760     STORE_OBJECT *object;
 761     EVP_PKEY *pkey;
 762
 763     check_store(s, STORE_F_STORE_LIST_PUBLIC_KEY_NEXT,
 764                 list_object_next, STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
 765
 766     object = s->meth->list_object_next(s, handle);
 767     if (!object || !object->data.key || !object->data.key) {
 768         STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_NEXT,
 769                  STORE_R_FAILED_LISTING_KEYS);
 770         return 0;
 771     }
 772     CRYPTO_add(&object->data.key->references, 1, CRYPTO_LOCK_EVP_PKEY);
 773 #ifdef REF_PRINT
 774     REF_PRINT("EVP_PKEY", data);
 775 #endif
 776     pkey = object->data.key;
 777     STORE_OBJECT_free(object);
 778     return pkey;
 779 }
 780
 781 int STORE_list_public_key_end(STORE *s, void *handle)
 782 {
 783     check_store(s, STORE_F_STORE_LIST_PUBLIC_KEY_END,
 784                 list_object_end, STORE_R_NO_LIST_OBJECT_END_FUNCTION);
 785
 786     if (!s->meth->list_object_end(s, handle)) {
 787         STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_END,
 788                  STORE_R_FAILED_LISTING_KEYS);
 789         return 0;
 790     }
 791     return 1;
 792 }
 793
 794 int STORE_list_public_key_endp(STORE *s, void *handle)
 795 {
 796     check_store(s, STORE_F_STORE_LIST_PUBLIC_KEY_ENDP,
 797                 list_object_endp, STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
 798
 799     if (!s->meth->list_object_endp(s, handle)) {
 800         STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_ENDP,
 801                  STORE_R_FAILED_LISTING_KEYS);
 802         return 0;
 803     }
 804     return 1;
 805 }
 806
 807 X509_CRL *STORE_generate_crl(STORE *s, OPENSSL_ITEM attributes[],
 808                              OPENSSL_ITEM parameters[])
 809 {
 810     STORE_OBJECT *object;
 811     X509_CRL *crl;
 812
 813     check_store(s, STORE_F_STORE_GENERATE_CRL,
 814                 generate_object, STORE_R_NO_GENERATE_CRL_FUNCTION);
 815
 816     object = s->meth->generate_object(s, STORE_OBJECT_TYPE_X509_CRL,
 817                                       attributes, parameters);
 818     if (!object || !object->data.crl) {
 819         STOREerr(STORE_F_STORE_GENERATE_CRL, STORE_R_FAILED_GENERATING_CRL);
 820         return 0;
 821     }
 822     X509_CRL_up_ref(object->data.crl);
 823 #ifdef REF_PRINT
 824     REF_PRINT("X509_CRL", data);
 825 #endif
 826     crl = object->data.crl;
 827     STORE_OBJECT_free(object);
 828     return crl;
 829 }
 830
 831 X509_CRL *STORE_get_crl(STORE *s, OPENSSL_ITEM attributes[],
 832                         OPENSSL_ITEM parameters[])
 833 {
 834     STORE_OBJECT *object;
 835     X509_CRL *crl;
 836
 837     check_store(s, STORE_F_STORE_GET_CRL,
 838                 get_object, STORE_R_NO_GET_OBJECT_FUNCTION);
 839
 840     object = s->meth->get_object(s, STORE_OBJECT_TYPE_X509_CRL,
 841                                  attributes, parameters);
 842     if (!object || !object->data.crl) {
 843         STOREerr(STORE_F_STORE_GET_CRL, STORE_R_FAILED_GETTING_KEY);
 844         return 0;
 845     }
 846     X509_CRL_up_ref(object->data.crl);
 847 #ifdef REF_PRINT
 848     REF_PRINT("X509_CRL", data);
 849 #endif
 850     crl = object->data.crl;
 851     STORE_OBJECT_free(object);
 852     return crl;
 853 }
 854
 855 int STORE_store_crl(STORE *s, X509_CRL *data, OPENSSL_ITEM attributes[],
 856                     OPENSSL_ITEM parameters[])
 857 {
 858     STORE_OBJECT *object;
 859     int i;
 860
 861     check_store(s, STORE_F_STORE_STORE_CRL,
 862                 store_object, STORE_R_NO_STORE_OBJECT_FUNCTION);
 863
 864     object = STORE_OBJECT_new();
 865     if (!object) {
 866         STOREerr(STORE_F_STORE_STORE_CRL, ERR_R_MALLOC_FAILURE);
 867         return 0;
 868     }
 869
 870     X509_CRL_up_ref(data);
 871 #ifdef REF_PRINT
 872     REF_PRINT("X509_CRL", data);
 873 #endif
 874     object->data.crl = data;
 875
 876     i = s->meth->store_object(s, STORE_OBJECT_TYPE_X509_CRL, object,
 877                               attributes, parameters);
 878
 879     STORE_OBJECT_free(object);
 880
 881     if (!i) {
 882         STOREerr(STORE_F_STORE_STORE_CRL, STORE_R_FAILED_STORING_KEY);
 883         return 0;
 884     }
 885     return i;
 886 }
 887
 888 int STORE_modify_crl(STORE *s, OPENSSL_ITEM search_attributes[],
 889                      OPENSSL_ITEM add_attributes[],
 890                      OPENSSL_ITEM modify_attributes[],
 891                      OPENSSL_ITEM delete_attributes[],
 892                      OPENSSL_ITEM parameters[])
 893 {
 894     check_store(s, STORE_F_STORE_MODIFY_CRL,
 895                 modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION);
 896
 897     if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_X509_CRL,
 898                                 search_attributes, add_attributes,
 899                                 modify_attributes, delete_attributes,
 900                                 parameters)) {
 901         STOREerr(STORE_F_STORE_MODIFY_CRL, STORE_R_FAILED_MODIFYING_CRL);
 902         return 0;
 903     }
 904     return 1;
 905 }
 906
 907 int STORE_delete_crl(STORE *s, OPENSSL_ITEM attributes[],
 908                      OPENSSL_ITEM parameters[])
 909 {
 910     check_store(s, STORE_F_STORE_DELETE_CRL,
 911                 delete_object, STORE_R_NO_DELETE_OBJECT_FUNCTION);
 912
 913     if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_X509_CRL,
 914                                 attributes, parameters)) {
 915         STOREerr(STORE_F_STORE_DELETE_CRL, STORE_R_FAILED_DELETING_KEY);
 916         return 0;
 917     }
 918     return 1;
 919 }
 920
 921 void *STORE_list_crl_start(STORE *s, OPENSSL_ITEM attributes[],
 922                            OPENSSL_ITEM parameters[])
 923 {
 924     void *handle;
 925
 926     check_store(s, STORE_F_STORE_LIST_CRL_START,
 927                 list_object_start, STORE_R_NO_LIST_OBJECT_START_FUNCTION);
 928
 929     handle = s->meth->list_object_start(s, STORE_OBJECT_TYPE_X509_CRL,
 930                                         attributes, parameters);
 931     if (!handle) {
 932         STOREerr(STORE_F_STORE_LIST_CRL_START, STORE_R_FAILED_LISTING_KEYS);
 933         return 0;
 934     }
 935     return handle;
 936 }
 937
 938 X509_CRL *STORE_list_crl_next(STORE *s, void *handle)
 939 {
 940     STORE_OBJECT *object;
 941     X509_CRL *crl;
 942
 943     check_store(s, STORE_F_STORE_LIST_CRL_NEXT,
 944                 list_object_next, STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
 945
 946     object = s->meth->list_object_next(s, handle);
 947     if (!object || !object->data.crl) {
 948         STOREerr(STORE_F_STORE_LIST_CRL_NEXT, STORE_R_FAILED_LISTING_KEYS);
 949         return 0;
 950     }
 951     X509_CRL_up_ref(object->data.crl);
 952 #ifdef REF_PRINT
 953     REF_PRINT("X509_CRL", data);
 954 #endif
 955     crl = object->data.crl;
 956     STORE_OBJECT_free(object);
 957     return crl;
 958 }
 959
 960 int STORE_list_crl_end(STORE *s, void *handle)
 961 {
 962     check_store(s, STORE_F_STORE_LIST_CRL_END,
 963                 list_object_end, STORE_R_NO_LIST_OBJECT_END_FUNCTION);
 964
 965     if (!s->meth->list_object_end(s, handle)) {
 966         STOREerr(STORE_F_STORE_LIST_CRL_END, STORE_R_FAILED_LISTING_KEYS);
 967         return 0;
 968     }
 969     return 1;
 970 }
 971
 972 int STORE_list_crl_endp(STORE *s, void *handle)
 973 {
 974     check_store(s, STORE_F_STORE_LIST_CRL_ENDP,
 975                 list_object_endp, STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
 976
 977     if (!s->meth->list_object_endp(s, handle)) {
 978         STOREerr(STORE_F_STORE_LIST_CRL_ENDP, STORE_R_FAILED_LISTING_KEYS);
 979         return 0;
 980     }
 981     return 1;
 982 }
 983
 984 int STORE_store_number(STORE *s, BIGNUM *data, OPENSSL_ITEM attributes[],
 985                        OPENSSL_ITEM parameters[])
 986 {
 987     STORE_OBJECT *object;
 988     int i;
 989
 990     check_store(s, STORE_F_STORE_STORE_NUMBER,
 991                 store_object, STORE_R_NO_STORE_OBJECT_NUMBER_FUNCTION);
 992
 993     object = STORE_OBJECT_new();
 994     if (!object) {
 995         STOREerr(STORE_F_STORE_STORE_NUMBER, ERR_R_MALLOC_FAILURE);
 996         return 0;
 997     }
 998
 999     object->data.number = data;
1000
1001     i = s->meth->store_object(s, STORE_OBJECT_TYPE_NUMBER, object,
1002                               attributes, parameters);
1003
1004     STORE_OBJECT_free(object);
1005
1006     if (!i) {
1007         STOREerr(STORE_F_STORE_STORE_NUMBER, STORE_R_FAILED_STORING_NUMBER);
1008         return 0;
1009     }
1010     return 1;
1011 }
1012
1013 int STORE_modify_number(STORE *s, OPENSSL_ITEM search_attributes[],
1014                         OPENSSL_ITEM add_attributes[],
1015                         OPENSSL_ITEM modify_attributes[],
1016                         OPENSSL_ITEM delete_attributes[],
1017                         OPENSSL_ITEM parameters[])
1018 {
1019     check_store(s, STORE_F_STORE_MODIFY_NUMBER,
1020                 modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION);
1021
1022     if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_NUMBER,
1023                                 search_attributes, add_attributes,
1024                                 modify_attributes, delete_attributes,
1025                                 parameters)) {
1026         STOREerr(STORE_F_STORE_MODIFY_NUMBER,
1027                  STORE_R_FAILED_MODIFYING_NUMBER);
1028         return 0;
1029     }
1030     return 1;
1031 }
1032
1033 BIGNUM *STORE_get_number(STORE *s, OPENSSL_ITEM attributes[],
1034                          OPENSSL_ITEM parameters[])
1035 {
1036     STORE_OBJECT *object;
1037     BIGNUM *n;
1038
1039     check_store(s, STORE_F_STORE_GET_NUMBER,
1040                 get_object, STORE_R_NO_GET_OBJECT_NUMBER_FUNCTION);
1041
1042     object = s->meth->get_object(s, STORE_OBJECT_TYPE_NUMBER, attributes,
1043                                  parameters);
1044     if (!object || !object->data.number) {
1045         STOREerr(STORE_F_STORE_GET_NUMBER, STORE_R_FAILED_GETTING_NUMBER);
1046         return 0;
1047     }
1048     n = object->data.number;
1049     object->data.number = NULL;
1050     STORE_OBJECT_free(object);
1051     return n;
1052 }
1053
1054 int STORE_delete_number(STORE *s, OPENSSL_ITEM attributes[],
1055                         OPENSSL_ITEM parameters[])
1056 {
1057     check_store(s, STORE_F_STORE_DELETE_NUMBER,
1058                 delete_object, STORE_R_NO_DELETE_NUMBER_FUNCTION);
1059
1060     if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_NUMBER, attributes,
1061                                 parameters)) {
1062         STOREerr(STORE_F_STORE_DELETE_NUMBER, STORE_R_FAILED_DELETING_NUMBER);
1063         return 0;
1064     }
1065     return 1;
1066 }
1067
1068 int STORE_store_arbitrary(STORE *s, BUF_MEM *data, OPENSSL_ITEM attributes[],
1069                           OPENSSL_ITEM parameters[])
1070 {
1071     STORE_OBJECT *object;
1072     int i;
1073
1074     check_store(s, STORE_F_STORE_STORE_ARBITRARY,
1075                 store_object, STORE_R_NO_STORE_OBJECT_ARBITRARY_FUNCTION);
1076
1077     object = STORE_OBJECT_new();
1078     if (!object) {
1079         STOREerr(STORE_F_STORE_STORE_ARBITRARY, ERR_R_MALLOC_FAILURE);
1080         return 0;
1081     }
1082
1083     object->data.arbitrary = data;
1084
1085     i = s->meth->store_object(s, STORE_OBJECT_TYPE_ARBITRARY, object,
1086                               attributes, parameters);
1087
1088     STORE_OBJECT_free(object);
1089
1090     if (!i) {
1091         STOREerr(STORE_F_STORE_STORE_ARBITRARY,
1092                  STORE_R_FAILED_STORING_ARBITRARY);
1093         return 0;
1094     }
1095     return 1;
1096 }
1097
1098 int STORE_modify_arbitrary(STORE *s, OPENSSL_ITEM search_attributes[],
1099                            OPENSSL_ITEM add_attributes[],
1100                            OPENSSL_ITEM modify_attributes[],
1101                            OPENSSL_ITEM delete_attributes[],
1102                            OPENSSL_ITEM parameters[])
1103 {
1104     check_store(s, STORE_F_STORE_MODIFY_ARBITRARY,
1105                 modify_object, STORE_R_NO_MODIFY_OBJECT_FUNCTION);
1106
1107     if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_ARBITRARY,
1108                                 search_attributes, add_attributes,
1109                                 modify_attributes, delete_attributes,
1110                                 parameters)) {
1111         STOREerr(STORE_F_STORE_MODIFY_ARBITRARY,
1112                  STORE_R_FAILED_MODIFYING_ARBITRARY);
1113         return 0;
1114     }
1115     return 1;
1116 }
1117
1118 BUF_MEM *STORE_get_arbitrary(STORE *s, OPENSSL_ITEM attributes[],
1119                              OPENSSL_ITEM parameters[])
1120 {
1121     STORE_OBJECT *object;
1122     BUF_MEM *b;
1123
1124     check_store(s, STORE_F_STORE_GET_ARBITRARY,
1125                 get_object, STORE_R_NO_GET_OBJECT_ARBITRARY_FUNCTION);
1126
1127     object = s->meth->get_object(s, STORE_OBJECT_TYPE_ARBITRARY,
1128                                  attributes, parameters);
1129     if (!object || !object->data.arbitrary) {
1130         STOREerr(STORE_F_STORE_GET_ARBITRARY,
1131                  STORE_R_FAILED_GETTING_ARBITRARY);
1132         return 0;
1133     }
1134     b = object->data.arbitrary;
1135     object->data.arbitrary = NULL;
1136     STORE_OBJECT_free(object);
1137     return b;
1138 }
1139
1140 int STORE_delete_arbitrary(STORE *s, OPENSSL_ITEM attributes[],
1141                            OPENSSL_ITEM parameters[])
1142 {
1143     check_store(s, STORE_F_STORE_DELETE_ARBITRARY,
1144                 delete_object, STORE_R_NO_DELETE_ARBITRARY_FUNCTION);
1145
1146     if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_ARBITRARY, attributes,
1147                                 parameters)) {
1148         STOREerr(STORE_F_STORE_DELETE_ARBITRARY,
1149                  STORE_R_FAILED_DELETING_ARBITRARY);
1150         return 0;
1151     }
1152     return 1;
1153 }
1154
1155 STORE_OBJECT *STORE_OBJECT_new(void)
1156 {
1157     STORE_OBJECT *object = OPENSSL_zalloc(sizeof(*object));
1158     return object;
1159 }
1160
1161 void STORE_OBJECT_free(STORE_OBJECT *data)
1162 {
1163     if (!data)
1164         return;
1165     switch (data->type) {
1166     case STORE_OBJECT_TYPE_X509_CERTIFICATE:
1167         X509_free(data->data.x509.certificate);
1168         break;
1169     case STORE_OBJECT_TYPE_X509_CRL:
1170         X509_CRL_free(data->data.crl);
1171         break;
1172     case STORE_OBJECT_TYPE_PRIVATE_KEY:
1173     case STORE_OBJECT_TYPE_PUBLIC_KEY:
1174         EVP_PKEY_free(data->data.key);
1175         break;
1176     case STORE_OBJECT_TYPE_NUMBER:
1177         BN_free(data->data.number);
1178         break;
1179     case STORE_OBJECT_TYPE_ARBITRARY:
1180         BUF_MEM_free(data->data.arbitrary);
1181         break;
1182     }
1183     OPENSSL_free(data);
1184 }
1185
1186 struct STORE_attr_info_st {
1187     unsigned char set[(STORE_ATTR_TYPE_NUM + 8) / 8];
1188     union {
1189         char *cstring;
1190         unsigned char *sha1string;
1191         X509_NAME *dn;
1192         BIGNUM *number;
1193         void *any;
1194     } values[STORE_ATTR_TYPE_NUM + 1];
1195     size_t value_sizes[STORE_ATTR_TYPE_NUM + 1];
1196 };
1197
1198 #define ATTR_IS_SET(a,i)        ((i) > 0 && (i) < STORE_ATTR_TYPE_NUM \
1199                                 && ((a)->set[(i) / 8] & (1 << ((i) % 8))))
1200 #define SET_ATTRBIT(a,i)        ((a)->set[(i) / 8] |= (1 << ((i) % 8)))
1201 #define CLEAR_ATTRBIT(a,i)      ((a)->set[(i) / 8] &= ~(1 << ((i) % 8)))
1202
1203 STORE_ATTR_INFO *STORE_ATTR_INFO_new(void)
1204 {
1205     STORE_ATTR_INFO *p = OPENSSL_malloc(sizeof(*p));
1206
1207     return p;
1208 }
1209
1210 static void STORE_ATTR_INFO_attr_free(STORE_ATTR_INFO *attrs,
1211                                       STORE_ATTR_TYPES code)
1212 {
1213     if (ATTR_IS_SET(attrs, code)) {
1214         switch (code) {
1215         case STORE_ATTR_FRIENDLYNAME:
1216         case STORE_ATTR_EMAIL:
1217         case STORE_ATTR_FILENAME:
1218             STORE_ATTR_INFO_modify_cstr(attrs, code, NULL, 0);
1219             break;
1220         case STORE_ATTR_KEYID:
1221         case STORE_ATTR_ISSUERKEYID:
1222         case STORE_ATTR_SUBJECTKEYID:
1223         case STORE_ATTR_ISSUERSERIALHASH:
1224         case STORE_ATTR_CERTHASH:
1225             STORE_ATTR_INFO_modify_sha1str(attrs, code, NULL, 0);
1226             break;
1227         case STORE_ATTR_ISSUER:
1228         case STORE_ATTR_SUBJECT:
1229             STORE_ATTR_INFO_modify_dn(attrs, code, NULL);
1230             break;
1231         case STORE_ATTR_SERIAL:
1232             STORE_ATTR_INFO_modify_number(attrs, code, NULL);
1233             break;
1234         default:
1235             break;
1236         }
1237     }
1238 }
1239
1240 int STORE_ATTR_INFO_free(STORE_ATTR_INFO *attrs)
1241 {
1242     if (attrs) {
1243         STORE_ATTR_TYPES i;
1244         for (i = 0; i++ < STORE_ATTR_TYPE_NUM;)
1245             STORE_ATTR_INFO_attr_free(attrs, i);
1246         OPENSSL_free(attrs);
1247     }
1248     return 1;
1249 }
1250
1251 char *STORE_ATTR_INFO_get0_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code)
1252 {
1253     if (!attrs) {
1254         STOREerr(STORE_F_STORE_ATTR_INFO_GET0_CSTR,
1255                  ERR_R_PASSED_NULL_PARAMETER);
1256         return NULL;
1257     }
1258     if (ATTR_IS_SET(attrs, code))
1259         return attrs->values[code].cstring;
1260     STOREerr(STORE_F_STORE_ATTR_INFO_GET0_CSTR, STORE_R_NO_VALUE);
1261     return NULL;
1262 }
1263
1264 unsigned char *STORE_ATTR_INFO_get0_sha1str(STORE_ATTR_INFO *attrs,
1265                                             STORE_ATTR_TYPES code)
1266 {
1267     if (!attrs) {
1268         STOREerr(STORE_F_STORE_ATTR_INFO_GET0_SHA1STR,
1269                  ERR_R_PASSED_NULL_PARAMETER);
1270         return NULL;
1271     }
1272     if (ATTR_IS_SET(attrs, code))
1273         return attrs->values[code].sha1string;
1274     STOREerr(STORE_F_STORE_ATTR_INFO_GET0_SHA1STR, STORE_R_NO_VALUE);
1275     return NULL;
1276 }
1277
1278 X509_NAME *STORE_ATTR_INFO_get0_dn(STORE_ATTR_INFO *attrs,
1279                                    STORE_ATTR_TYPES code)
1280 {
1281     if (!attrs) {
1282         STOREerr(STORE_F_STORE_ATTR_INFO_GET0_DN,
1283                  ERR_R_PASSED_NULL_PARAMETER);
1284         return NULL;
1285     }
1286     if (ATTR_IS_SET(attrs, code))
1287         return attrs->values[code].dn;
1288     STOREerr(STORE_F_STORE_ATTR_INFO_GET0_DN, STORE_R_NO_VALUE);
1289     return NULL;
1290 }
1291
1292 BIGNUM *STORE_ATTR_INFO_get0_number(STORE_ATTR_INFO *attrs,
1293                                     STORE_ATTR_TYPES code)
1294 {
1295     if (!attrs) {
1296         STOREerr(STORE_F_STORE_ATTR_INFO_GET0_NUMBER,
1297                  ERR_R_PASSED_NULL_PARAMETER);
1298         return NULL;
1299     }
1300     if (ATTR_IS_SET(attrs, code))
1301         return attrs->values[code].number;
1302     STOREerr(STORE_F_STORE_ATTR_INFO_GET0_NUMBER, STORE_R_NO_VALUE);
1303     return NULL;
1304 }
1305
1306 int STORE_ATTR_INFO_set_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1307                              char *cstr, size_t cstr_size)
1308 {
1309     if (!attrs) {
1310         STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR,
1311                  ERR_R_PASSED_NULL_PARAMETER);
1312         return 0;
1313     }
1314     if (!ATTR_IS_SET(attrs, code)) {
1315         if ((attrs->values[code].cstring = BUF_strndup(cstr, cstr_size)))
1316             return 1;
1317         STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR, ERR_R_MALLOC_FAILURE);
1318         return 0;
1319     }
1320     STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR, STORE_R_ALREADY_HAS_A_VALUE);
1321     return 0;
1322 }
1323
1324 int STORE_ATTR_INFO_set_sha1str(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1325                                 unsigned char *sha1str, size_t sha1str_size)
1326 {
1327     if (!attrs) {
1328         STOREerr(STORE_F_STORE_ATTR_INFO_SET_SHA1STR,
1329                  ERR_R_PASSED_NULL_PARAMETER);
1330         return 0;
1331     }
1332     if (!ATTR_IS_SET(attrs, code)) {
1333         if ((attrs->values[code].sha1string =
1334              (unsigned char *)BUF_memdup(sha1str, sha1str_size)))
1335             return 1;
1336         STOREerr(STORE_F_STORE_ATTR_INFO_SET_SHA1STR, ERR_R_MALLOC_FAILURE);
1337         return 0;
1338     }
1339     STOREerr(STORE_F_STORE_ATTR_INFO_SET_SHA1STR,
1340              STORE_R_ALREADY_HAS_A_VALUE);
1341     return 0;
1342 }
1343
1344 int STORE_ATTR_INFO_set_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1345                            X509_NAME *dn)
1346 {
1347     if (!attrs) {
1348         STOREerr(STORE_F_STORE_ATTR_INFO_SET_DN, ERR_R_PASSED_NULL_PARAMETER);
1349         return 0;
1350     }
1351     if (!ATTR_IS_SET(attrs, code)) {
1352         if ((attrs->values[code].dn = X509_NAME_dup(dn)))
1353             return 1;
1354         STOREerr(STORE_F_STORE_ATTR_INFO_SET_DN, ERR_R_MALLOC_FAILURE);
1355         return 0;
1356     }
1357     STOREerr(STORE_F_STORE_ATTR_INFO_SET_DN, STORE_R_ALREADY_HAS_A_VALUE);
1358     return 0;
1359 }
1360
1361 int STORE_ATTR_INFO_set_number(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1362                                BIGNUM *number)
1363 {
1364     if (!attrs) {
1365         STOREerr(STORE_F_STORE_ATTR_INFO_SET_NUMBER,
1366                  ERR_R_PASSED_NULL_PARAMETER);
1367         return 0;
1368     }
1369     if (!ATTR_IS_SET(attrs, code)) {
1370         if ((attrs->values[code].number = BN_dup(number)))
1371             return 1;
1372         STOREerr(STORE_F_STORE_ATTR_INFO_SET_NUMBER, ERR_R_MALLOC_FAILURE);
1373         return 0;
1374     }
1375     STOREerr(STORE_F_STORE_ATTR_INFO_SET_NUMBER, STORE_R_ALREADY_HAS_A_VALUE);
1376     return 0;
1377 }
1378
1379 int STORE_ATTR_INFO_modify_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1380                                 char *cstr, size_t cstr_size)
1381 {
1382     if (!attrs) {
1383         STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_CSTR,
1384                  ERR_R_PASSED_NULL_PARAMETER);
1385         return 0;
1386     }
1387     if (ATTR_IS_SET(attrs, code)) {
1388         OPENSSL_free(attrs->values[code].cstring);
1389         attrs->values[code].cstring = NULL;
1390         CLEAR_ATTRBIT(attrs, code);
1391     }
1392     return STORE_ATTR_INFO_set_cstr(attrs, code, cstr, cstr_size);
1393 }
1394
1395 int STORE_ATTR_INFO_modify_sha1str(STORE_ATTR_INFO *attrs,
1396                                    STORE_ATTR_TYPES code,
1397                                    unsigned char *sha1str,
1398                                    size_t sha1str_size)
1399 {
1400     if (!attrs) {
1401         STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_SHA1STR,
1402                  ERR_R_PASSED_NULL_PARAMETER);
1403         return 0;
1404     }
1405     if (ATTR_IS_SET(attrs, code)) {
1406         OPENSSL_free(attrs->values[code].sha1string);
1407         attrs->values[code].sha1string = NULL;
1408         CLEAR_ATTRBIT(attrs, code);
1409     }
1410     return STORE_ATTR_INFO_set_sha1str(attrs, code, sha1str, sha1str_size);
1411 }
1412
1413 int STORE_ATTR_INFO_modify_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1414                               X509_NAME *dn)
1415 {
1416     if (!attrs) {
1417         STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_DN,
1418                  ERR_R_PASSED_NULL_PARAMETER);
1419         return 0;
1420     }
1421     if (ATTR_IS_SET(attrs, code)) {
1422         OPENSSL_free(attrs->values[code].dn);
1423         attrs->values[code].dn = NULL;
1424         CLEAR_ATTRBIT(attrs, code);
1425     }
1426     return STORE_ATTR_INFO_set_dn(attrs, code, dn);
1427 }
1428
1429 int STORE_ATTR_INFO_modify_number(STORE_ATTR_INFO *attrs,
1430                                   STORE_ATTR_TYPES code, BIGNUM *number)
1431 {
1432     if (!attrs) {
1433         STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_NUMBER,
1434                  ERR_R_PASSED_NULL_PARAMETER);
1435         return 0;
1436     }
1437     if (ATTR_IS_SET(attrs, code)) {
1438         OPENSSL_free(attrs->values[code].number);
1439         attrs->values[code].number = NULL;
1440         CLEAR_ATTRBIT(attrs, code);
1441     }
1442     return STORE_ATTR_INFO_set_number(attrs, code, number);
1443 }
1444
1445 struct attr_list_ctx_st {
1446     OPENSSL_ITEM *attributes;
1447 };
1448 void *STORE_parse_attrs_start(OPENSSL_ITEM *attributes)
1449 {
1450     if (attributes) {
1451         struct attr_list_ctx_st *context = OPENSSL_malloc(sizeof(*context));
1452         if (context)
1453             context->attributes = attributes;
1454         else
1455             STOREerr(STORE_F_STORE_PARSE_ATTRS_START, ERR_R_MALLOC_FAILURE);
1456         return context;
1457     }
1458     STOREerr(STORE_F_STORE_PARSE_ATTRS_START, ERR_R_PASSED_NULL_PARAMETER);
1459     return 0;
1460 }
1461
1462 STORE_ATTR_INFO *STORE_parse_attrs_next(void *handle)
1463 {
1464     struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)handle;
1465
1466     if (context && context->attributes) {
1467         STORE_ATTR_INFO *attrs = NULL;
1468
1469         while (context->attributes
1470                && context->attributes->code != STORE_ATTR_OR
1471                && context->attributes->code != STORE_ATTR_END) {
1472             switch (context->attributes->code) {
1473             case STORE_ATTR_FRIENDLYNAME:
1474             case STORE_ATTR_EMAIL:
1475             case STORE_ATTR_FILENAME:
1476                 if (!attrs)
1477                     attrs = STORE_ATTR_INFO_new();
1478                 if (attrs == NULL) {
1479                     STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
1480                              ERR_R_MALLOC_FAILURE);
1481                     goto err;
1482                 }
1483                 STORE_ATTR_INFO_set_cstr(attrs,
1484                                          context->attributes->code,
1485                                          context->attributes->value,
1486                                          context->attributes->value_size);
1487                 break;
1488             case STORE_ATTR_KEYID:
1489             case STORE_ATTR_ISSUERKEYID:
1490             case STORE_ATTR_SUBJECTKEYID:
1491             case STORE_ATTR_ISSUERSERIALHASH:
1492             case STORE_ATTR_CERTHASH:
1493                 if (!attrs)
1494                     attrs = STORE_ATTR_INFO_new();
1495                 if (attrs == NULL) {
1496                     STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
1497                              ERR_R_MALLOC_FAILURE);
1498                     goto err;
1499                 }
1500                 STORE_ATTR_INFO_set_sha1str(attrs,
1501                                             context->attributes->code,
1502                                             context->attributes->value,
1503                                             context->attributes->value_size);
1504                 break;
1505             case STORE_ATTR_ISSUER:
1506             case STORE_ATTR_SUBJECT:
1507                 if (!attrs)
1508                     attrs = STORE_ATTR_INFO_new();
1509                 if (attrs == NULL) {
1510                     STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
1511                              ERR_R_MALLOC_FAILURE);
1512                     goto err;
1513                 }
1514                 STORE_ATTR_INFO_modify_dn(attrs,
1515                                           context->attributes->code,
1516                                           context->attributes->value);
1517                 break;
1518             case STORE_ATTR_SERIAL:
1519                 if (!attrs)
1520                     attrs = STORE_ATTR_INFO_new();
1521                 if (attrs == NULL) {
1522                     STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
1523                              ERR_R_MALLOC_FAILURE);
1524                     goto err;
1525                 }
1526                 STORE_ATTR_INFO_modify_number(attrs,
1527                                               context->attributes->code,
1528                                               context->attributes->value);
1529                 break;
1530             }
1531             context->attributes++;
1532         }
1533         if (context->attributes->code == STORE_ATTR_OR)
1534             context->attributes++;
1535         return attrs;
1536  err:
1537         while (context->attributes
1538                && context->attributes->code != STORE_ATTR_OR
1539                && context->attributes->code != STORE_ATTR_END)
1540             context->attributes++;
1541         if (context->attributes->code == STORE_ATTR_OR)
1542             context->attributes++;
1543         return NULL;
1544     }
1545     STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT, ERR_R_PASSED_NULL_PARAMETER);
1546     return NULL;
1547 }
1548
1549 int STORE_parse_attrs_end(void *handle)
1550 {
1551     struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)handle;
1552
1553     if (context && context->attributes) {
1554 #if 0
1555         OPENSSL_ITEM *attributes = context->attributes;
1556 #endif
1557         OPENSSL_free(context);
1558         return 1;
1559     }
1560     STOREerr(STORE_F_STORE_PARSE_ATTRS_END, ERR_R_PASSED_NULL_PARAMETER);
1561     return 0;
1562 }
1563
1564 int STORE_parse_attrs_endp(void *handle)
1565 {
1566     struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)handle;
1567
1568     if (context && context->attributes) {
1569         return context->attributes->code == STORE_ATTR_END;
1570     }
1571     STOREerr(STORE_F_STORE_PARSE_ATTRS_ENDP, ERR_R_PASSED_NULL_PARAMETER);
1572     return 0;
1573 }
1574
1575 static int attr_info_compare_compute_range(const unsigned char *abits,
1576                                            const unsigned char *bbits,
1577                                            unsigned int *alowp,
1578                                            unsigned int *ahighp,
1579                                            unsigned int *blowp,
1580                                            unsigned int *bhighp)
1581 {
1582     unsigned int alow = (unsigned int)-1, ahigh = 0;
1583     unsigned int blow = (unsigned int)-1, bhigh = 0;
1584     int i, res = 0;
1585
1586     for (i = 0; i < (STORE_ATTR_TYPE_NUM + 8) / 8; i++, abits++, bbits++) {
1587         if (res == 0) {
1588             if (*abits < *bbits)
1589                 res = -1;
1590             if (*abits > *bbits)
1591                 res = 1;
1592         }
1593         if (*abits) {
1594             if (alow == (unsigned int)-1) {
1595                 alow = i * 8;
1596                 if (!(*abits & 0x01))
1597                     alow++;
1598                 if (!(*abits & 0x02))
1599                     alow++;
1600                 if (!(*abits & 0x04))
1601                     alow++;
1602                 if (!(*abits & 0x08))
1603                     alow++;
1604                 if (!(*abits & 0x10))
1605                     alow++;
1606                 if (!(*abits & 0x20))
1607                     alow++;
1608                 if (!(*abits & 0x40))
1609                     alow++;
1610             }
1611             ahigh = i * 8 + 7;
1612             if (!(*abits & 0x80))
1613                 ahigh++;
1614             if (!(*abits & 0x40))
1615                 ahigh++;
1616             if (!(*abits & 0x20))
1617                 ahigh++;
1618             if (!(*abits & 0x10))
1619                 ahigh++;
1620             if (!(*abits & 0x08))
1621                 ahigh++;
1622             if (!(*abits & 0x04))
1623                 ahigh++;
1624             if (!(*abits & 0x02))
1625                 ahigh++;
1626         }
1627         if (*bbits) {
1628             if (blow == (unsigned int)-1) {
1629                 blow = i * 8;
1630                 if (!(*bbits & 0x01))
1631                     blow++;
1632                 if (!(*bbits & 0x02))
1633                     blow++;
1634                 if (!(*bbits & 0x04))
1635                     blow++;
1636                 if (!(*bbits & 0x08))
1637                     blow++;
1638                 if (!(*bbits & 0x10))
1639                     blow++;
1640                 if (!(*bbits & 0x20))
1641                     blow++;
1642                 if (!(*bbits & 0x40))
1643                     blow++;
1644             }
1645             bhigh = i * 8 + 7;
1646             if (!(*bbits & 0x80))
1647                 bhigh++;
1648             if (!(*bbits & 0x40))
1649                 bhigh++;
1650             if (!(*bbits & 0x20))
1651                 bhigh++;
1652             if (!(*bbits & 0x10))
1653                 bhigh++;
1654             if (!(*bbits & 0x08))
1655                 bhigh++;
1656             if (!(*bbits & 0x04))
1657                 bhigh++;
1658             if (!(*bbits & 0x02))
1659                 bhigh++;
1660         }
1661     }
1662     if (ahigh + alow < bhigh + blow)
1663         res = -1;
1664     if (ahigh + alow > bhigh + blow)
1665         res = 1;
1666     if (alowp)
1667         *alowp = alow;
1668     if (ahighp)
1669         *ahighp = ahigh;
1670     if (blowp)
1671         *blowp = blow;
1672     if (bhighp)
1673         *bhighp = bhigh;
1674     return res;
1675 }
1676
1677 int STORE_ATTR_INFO_compare(const STORE_ATTR_INFO *const *a,
1678                             const STORE_ATTR_INFO *const *b)
1679 {
1680     if (a == b)
1681         return 0;
1682     if (!a)
1683         return -1;
1684     if (!b)
1685         return 1;
1686     return attr_info_compare_compute_range((*a)->set, (*b)->set, 0, 0, 0, 0);
1687 }
1688
1689 int STORE_ATTR_INFO_in_range(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
1690 {
1691     unsigned int alow, ahigh, blow, bhigh;
1692
1693     if (a == b)
1694         return 1;
1695     if (!a)
1696         return 0;
1697     if (!b)
1698         return 0;
1699     attr_info_compare_compute_range(a->set, b->set,
1700                                     &alow, &ahigh, &blow, &bhigh);
1701     if (alow >= blow && ahigh <= bhigh)
1702         return 1;
1703     return 0;
1704 }
1705
1706 int STORE_ATTR_INFO_in(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
1707 {
1708     unsigned char *abits, *bbits;
1709     int i;
1710
1711     if (a == b)
1712         return 1;
1713     if (!a)
1714         return 0;
1715     if (!b)
1716         return 0;
1717     abits = a->set;
1718     bbits = b->set;
1719     for (i = 0; i < (STORE_ATTR_TYPE_NUM + 8) / 8; i++, abits++, bbits++) {
1720         if (*abits && (*bbits & *abits) != *abits)
1721             return 0;
1722     }
1723     return 1;
1724 }
1725
1726 int STORE_ATTR_INFO_in_ex(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
1727 {
1728     STORE_ATTR_TYPES i;
1729
1730     if (a == b)
1731         return 1;
1732     if (!STORE_ATTR_INFO_in(a, b))
1733         return 0;
1734     for (i = 1; i < STORE_ATTR_TYPE_NUM; i++)
1735         if (ATTR_IS_SET(a, i)) {
1736             switch (i) {
1737             case STORE_ATTR_FRIENDLYNAME:
1738             case STORE_ATTR_EMAIL:
1739             case STORE_ATTR_FILENAME:
1740                 if (strcmp(a->values[i].cstring, b->values[i].cstring))
1741                     return 0;
1742                 break;
1743             case STORE_ATTR_KEYID:
1744             case STORE_ATTR_ISSUERKEYID:
1745             case STORE_ATTR_SUBJECTKEYID:
1746             case STORE_ATTR_ISSUERSERIALHASH:
1747             case STORE_ATTR_CERTHASH:
1748                 if (memcmp(a->values[i].sha1string,
1749                            b->values[i].sha1string, a->value_sizes[i]))
1750                     return 0;
1751                 break;
1752             case STORE_ATTR_ISSUER:
1753             case STORE_ATTR_SUBJECT:
1754                 if (X509_NAME_cmp(a->values[i].dn, b->values[i].dn))
1755                     return 0;
1756                 break;
1757             case STORE_ATTR_SERIAL:
1758                 if (BN_cmp(a->values[i].number, b->values[i].number))
1759                     return 0;
1760                 break;
1761             default:
1762                 break;
1763             }
1764         }
1765
1766     return 1;
1767 }