Further BUILDENV refinement, further fool-proofing of Makefiles and
[openssl.git] / crypto / store / str_lib.c
1 /* crypto/store/str_lib.c -*- mode:C; c-file-style: "eay" -*- */
2 /* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
3  * project 2003.
4  */
5 /* ====================================================================
6  * Copyright (c) 2003 The OpenSSL Project.  All rights reserved.
7  *
8  * Redistribution and use in source and binary forms, with or without
9  * modification, are permitted provided that the following conditions
10  * are met:
11  *
12  * 1. Redistributions of source code must retain the above copyright
13  *    notice, this list of conditions and the following disclaimer. 
14  *
15  * 2. Redistributions in binary form must reproduce the above copyright
16  *    notice, this list of conditions and the following disclaimer in
17  *    the documentation and/or other materials provided with the
18  *    distribution.
19  *
20  * 3. All advertising materials mentioning features or use of this
21  *    software must display the following acknowledgment:
22  *    "This product includes software developed by the OpenSSL Project
23  *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
24  *
25  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26  *    endorse or promote products derived from this software without
27  *    prior written permission. For written permission, please contact
28  *    openssl-core@openssl.org.
29  *
30  * 5. Products derived from this software may not be called "OpenSSL"
31  *    nor may "OpenSSL" appear in their names without prior written
32  *    permission of the OpenSSL Project.
33  *
34  * 6. Redistributions of any form whatsoever must retain the following
35  *    acknowledgment:
36  *    "This product includes software developed by the OpenSSL Project
37  *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
38  *
39  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
43  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50  * OF THE POSSIBILITY OF SUCH DAMAGE.
51  * ====================================================================
52  *
53  * This product includes cryptographic software written by Eric Young
54  * (eay@cryptsoft.com).  This product includes software written by Tim
55  * Hudson (tjh@cryptsoft.com).
56  *
57  */
58
59 #include <string.h>
60 #include <openssl/bn.h>
61 #include <openssl/err.h>
62 #include <openssl/engine.h>
63 #include <openssl/sha.h>
64 #include <openssl/x509.h>
65 #include "str_locl.h"
66
67 const char * const STORE_object_type_string[STORE_OBJECT_TYPE_NUM+1] =
68         {
69         0,
70         "X.509 Certificate",
71         "X.509 CRL",
72         "Private Key",
73         "Public Key",
74         "Number",
75         "Arbitrary Data"
76         };
77
78 const int STORE_param_sizes[STORE_PARAM_TYPE_NUM+1] =
79         {
80         0,
81         sizeof(int),            /* EVP_TYPE */
82         sizeof(size_t),         /* BITS */
83         -1,                     /* KEY_PARAMETERS */
84         0                       /* KEY_NO_PARAMETERS */
85         };      
86
87 const int STORE_attr_sizes[STORE_ATTR_TYPE_NUM+1] =
88         {
89         0,
90         -1,                     /* FRIENDLYNAME:        C string */
91         SHA_DIGEST_LENGTH,      /* KEYID:               SHA1 digest, 160 bits */
92         SHA_DIGEST_LENGTH,      /* ISSUERKEYID:         SHA1 digest, 160 bits */
93         SHA_DIGEST_LENGTH,      /* SUBJECTKEYID:        SHA1 digest, 160 bits */
94         SHA_DIGEST_LENGTH,      /* ISSUERSERIALHASH:    SHA1 digest, 160 bits */
95         sizeof(X509_NAME *),    /* ISSUER:              X509_NAME * */
96         sizeof(BIGNUM *),       /* SERIAL:              BIGNUM * */
97         sizeof(X509_NAME *),    /* SUBJECT:             X509_NAME * */
98         SHA_DIGEST_LENGTH,      /* CERTHASH:            SHA1 digest, 160 bits */
99         -1,                     /* EMAIL:               C string */
100         -1,                     /* FILENAME:            C string */
101         };      
102
103 STORE *STORE_new_method(const STORE_METHOD *method)
104         {
105         STORE *ret;
106
107         if (method == NULL)
108                 {
109                 STOREerr(STORE_F_STORE_NEW_METHOD,ERR_R_PASSED_NULL_PARAMETER);
110                 return NULL;
111                 }
112
113         ret=(STORE *)OPENSSL_malloc(sizeof(STORE));
114         if (ret == NULL)
115                 {
116                 STOREerr(STORE_F_STORE_NEW_METHOD,ERR_R_MALLOC_FAILURE);
117                 return NULL;
118                 }
119
120         ret->meth=method;
121
122         CRYPTO_new_ex_data(CRYPTO_EX_INDEX_STORE, ret, &ret->ex_data);
123         if (ret->meth->init && !ret->meth->init(ret))
124                 {
125                 STORE_free(ret);
126                 ret = NULL;
127                 }
128         return ret;
129         }
130
131 STORE *STORE_new_engine(ENGINE *engine)
132         {
133         STORE *ret = NULL;
134         ENGINE *e = engine;
135         const STORE_METHOD *meth = 0;
136
137 #ifdef OPENSSL_NO_ENGINE
138         e = NULL;
139 #else
140         if (engine)
141                 {
142                 if (!ENGINE_init(engine))
143                         {
144                         STOREerr(STORE_F_STORE_NEW_ENGINE, ERR_R_ENGINE_LIB);
145                         return NULL;
146                         }
147                 e = engine;
148                 }
149         else
150                 {
151                 STOREerr(STORE_F_STORE_NEW_ENGINE,ERR_R_PASSED_NULL_PARAMETER);
152                 return NULL;
153                 }
154         if(e)
155                 {
156                 meth = ENGINE_get_STORE(e);
157                 if(!meth)
158                         {
159                         STOREerr(STORE_F_STORE_NEW_ENGINE,
160                                 ERR_R_ENGINE_LIB);
161                         ENGINE_finish(e);
162                         return NULL;
163                         }
164                 }
165 #endif
166
167         ret = STORE_new_method(meth);
168         if (ret == NULL)
169                 {
170                 STOREerr(STORE_F_STORE_NEW_ENGINE,ERR_R_STORE_LIB);
171                 return NULL;
172                 }
173
174         ret->engine = e;
175
176         return(ret);
177         }
178
179 void STORE_free(STORE *store)
180         {
181         if (store == NULL)
182                 return;
183         if (store->meth->clean)
184                 store->meth->clean(store);
185         CRYPTO_free_ex_data(CRYPTO_EX_INDEX_STORE, store, &store->ex_data);
186         OPENSSL_free(store);
187         }
188
189 int STORE_ctrl(STORE *store, int cmd, long i, void *p, void (*f)(void))
190         {
191         if (store == NULL)
192                 {
193                 STOREerr(STORE_F_STORE_CTRL,ERR_R_PASSED_NULL_PARAMETER);
194                 return 0;
195                 }
196         if (store->meth->ctrl)
197                 return store->meth->ctrl(store, cmd, i, p, f);
198         STOREerr(STORE_F_STORE_CTRL,STORE_R_NO_CONTROL_FUNCTION);
199         return 0;
200         }
201
202
203 int STORE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
204              CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
205         {
206         return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_STORE, argl, argp,
207                                 new_func, dup_func, free_func);
208         }
209
210 int STORE_set_ex_data(STORE *r, int idx, void *arg)
211         {
212         return(CRYPTO_set_ex_data(&r->ex_data,idx,arg));
213         }
214
215 void *STORE_get_ex_data(STORE *r, int idx)
216         {
217         return(CRYPTO_get_ex_data(&r->ex_data,idx));
218         }
219
220 const STORE_METHOD *STORE_get_method(STORE *store)
221         {
222         return store->meth;
223         }
224
225 const STORE_METHOD *STORE_set_method(STORE *store, const STORE_METHOD *meth)
226         {
227         store->meth=meth;
228         return store->meth;
229         }
230
231
232 /* API helpers */
233
234 #define check_store(s,fncode,fnname,fnerrcode) \
235         do \
236                 { \
237                 if ((s) == NULL || (s)->meth) \
238                         { \
239                         STOREerr((fncode), ERR_R_PASSED_NULL_PARAMETER); \
240                         return 0; \
241                         } \
242                 if ((s)->meth->fnname == NULL) \
243                         { \
244                         STOREerr((fncode), (fnerrcode)); \
245                         return 0; \
246                         } \
247                 } \
248         while(0)
249
250 /* API functions */
251
252 X509 *STORE_get_certificate(STORE *s, OPENSSL_ITEM attributes[],
253         OPENSSL_ITEM parameters[])
254         {
255         STORE_OBJECT *object;
256         X509 *x;
257
258         check_store(s,STORE_F_STORE_GET_CERTIFICATE,
259                 get_object,STORE_R_NO_GET_OBJECT_FUNCTION);
260
261         object = s->meth->get_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
262                 attributes, parameters);
263         if (!object || !object->data.x509.certificate)
264                 {
265                 STOREerr(STORE_F_STORE_GET_CERTIFICATE,
266                         STORE_R_FAILED_GETTING_CERTIFICATE);
267                 return 0;
268                 }
269         CRYPTO_add(&object->data.x509.certificate->references,1,CRYPTO_LOCK_X509);
270 #ifdef REF_PRINT
271         REF_PRINT("X509",data);
272 #endif
273         x = object->data.x509.certificate;
274         STORE_OBJECT_free(object);
275         return x;
276         }
277
278 int STORE_store_certificate(STORE *s, X509 *data, OPENSSL_ITEM attributes[],
279         OPENSSL_ITEM parameters[])
280         {
281         STORE_OBJECT *object;
282         int i;
283
284         check_store(s,STORE_F_STORE_CERTIFICATE,
285                 store_object,STORE_R_NO_STORE_OBJECT_FUNCTION);
286
287         object = STORE_OBJECT_new();
288         if (!object)
289                 {
290                 STOREerr(STORE_F_STORE_STORE_CERTIFICATE,
291                         ERR_R_MALLOC_FAILURE);
292                 return 0;
293                 }
294         
295         CRYPTO_add(&data->references,1,CRYPTO_LOCK_X509);
296 #ifdef REF_PRINT
297         REF_PRINT("X509",data);
298 #endif
299         object->data.x509.certificate = data;
300
301         i = s->meth->store_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
302                 object, attributes, parameters);
303
304         STORE_OBJECT_free(object);
305
306         if (!i)
307                 {
308                 STOREerr(STORE_F_STORE_STORE_CERTIFICATE,
309                         STORE_R_FAILED_STORING_CERTIFICATE);
310                 return 0;
311                 }
312         return 1;
313         }
314
315 int STORE_modify_certificate(STORE *s, OPENSSL_ITEM search_attributes[],
316         OPENSSL_ITEM add_attributes[], OPENSSL_ITEM modify_attributes[],
317         OPENSSL_ITEM delete_attributes[], OPENSSL_ITEM parameters[])
318         {
319         check_store(s,STORE_F_STORE_MODIFY_CERTIFICATE,
320                 modify_object,STORE_R_NO_MODIFY_OBJECT_FUNCTION);
321
322         if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
323                     search_attributes, add_attributes, modify_attributes,
324                     delete_attributes, parameters))
325                 {
326                 STOREerr(STORE_F_STORE_MODIFY_CERTIFICATE,
327                         STORE_R_FAILED_MODIFYING_CERTIFICATE);
328                 return 0;
329                 }
330         return 1;
331         }
332
333 int STORE_revoke_certificate(STORE *s, OPENSSL_ITEM attributes[],
334         OPENSSL_ITEM parameters[])
335         {
336         check_store(s,STORE_F_STORE_REVOKE_CERTIFICATE,
337                 revoke_object,STORE_R_NO_REVOKE_OBJECT_FUNCTION);
338
339         if (!s->meth->revoke_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
340                     attributes, parameters))
341                 {
342                 STOREerr(STORE_F_STORE_REVOKE_CERTIFICATE,
343                         STORE_R_FAILED_REVOKING_CERTIFICATE);
344                 return 0;
345                 }
346         return 1;
347         }
348
349 int STORE_delete_certificate(STORE *s, OPENSSL_ITEM attributes[],
350         OPENSSL_ITEM parameters[])
351         {
352         check_store(s,STORE_F_STORE_DELETE_CERTIFICATE,
353                 delete_object,STORE_R_NO_DELETE_OBJECT_FUNCTION);
354
355         if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
356                     attributes, parameters))
357                 {
358                 STOREerr(STORE_F_STORE_DELETE_CERTIFICATE,
359                         STORE_R_FAILED_DELETING_CERTIFICATE);
360                 return 0;
361                 }
362         return 1;
363         }
364
365 void *STORE_list_certificate_start(STORE *s, OPENSSL_ITEM attributes[],
366         OPENSSL_ITEM parameters[])
367         {
368         void *handle;
369
370         check_store(s,STORE_F_STORE_LIST_CERTIFICATE_START,
371                 list_object_start,STORE_R_NO_LIST_OBJECT_START_FUNCTION);
372
373         handle = s->meth->list_object_start(s,
374                 STORE_OBJECT_TYPE_X509_CERTIFICATE, attributes, parameters);
375         if (!handle)
376                 {
377                 STOREerr(STORE_F_STORE_LIST_CERTIFICATE_START,
378                         STORE_R_FAILED_LISTING_CERTIFICATES);
379                 return 0;
380                 }
381         return handle;
382         }
383
384 X509 *STORE_list_certificate_next(STORE *s, void *handle)
385         {
386         STORE_OBJECT *object;
387         X509 *x;
388
389         check_store(s,STORE_F_STORE_LIST_CERTIFICATE_NEXT,
390                 list_object_next,STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
391
392         object = s->meth->list_object_next(s, handle);
393         if (!object || !object->data.x509.certificate)
394                 {
395                 STOREerr(STORE_F_STORE_LIST_CERTIFICATE_NEXT,
396                         STORE_R_FAILED_LISTING_CERTIFICATES);
397                 return 0;
398                 }
399         CRYPTO_add(&object->data.x509.certificate->references,1,CRYPTO_LOCK_X509);
400 #ifdef REF_PRINT
401         REF_PRINT("X509",data);
402 #endif
403         x = object->data.x509.certificate;
404         STORE_OBJECT_free(object);
405         return x;
406         }
407
408 int STORE_list_certificate_end(STORE *s, void *handle)
409         {
410         check_store(s,STORE_F_STORE_LIST_CERTIFICATE_END,
411                 list_object_end,STORE_R_NO_LIST_OBJECT_END_FUNCTION);
412
413         if (!s->meth->list_object_end(s, handle))
414                 {
415                 STOREerr(STORE_F_STORE_LIST_CERTIFICATE_END,
416                         STORE_R_FAILED_LISTING_CERTIFICATES);
417                 return 0;
418                 }
419         return 1;
420         }
421
422 int STORE_list_certificate_endp(STORE *s, void *handle)
423         {
424         check_store(s,STORE_F_STORE_LIST_CERTIFICATE_ENDP,
425                 list_object_endp,STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
426
427         if (!s->meth->list_object_endp(s, handle))
428                 {
429                 STOREerr(STORE_F_STORE_LIST_CERTIFICATE_ENDP,
430                         STORE_R_FAILED_LISTING_CERTIFICATES);
431                 return 0;
432                 }
433         return 1;
434         }
435
436 EVP_PKEY *STORE_generate_key(STORE *s, OPENSSL_ITEM attributes[],
437         OPENSSL_ITEM parameters[])
438         {
439         STORE_OBJECT *object;
440         EVP_PKEY *pkey;
441
442         check_store(s,STORE_F_STORE_GENERATE_KEY,
443                 generate_object,STORE_R_NO_GENERATE_OBJECT_FUNCTION);
444
445         object = s->meth->generate_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
446                 attributes, parameters);
447         if (!object || !object->data.key)
448                 {
449                 STOREerr(STORE_F_STORE_GENERATE_KEY,
450                         STORE_R_FAILED_GENERATING_KEY);
451                 return 0;
452                 }
453         CRYPTO_add(&object->data.key->references,1,CRYPTO_LOCK_EVP_PKEY);
454 #ifdef REF_PRINT
455         REF_PRINT("EVP_PKEY",data);
456 #endif
457         pkey = object->data.key;
458         STORE_OBJECT_free(object);
459         return pkey;
460         }
461
462 EVP_PKEY *STORE_get_private_key(STORE *s, OPENSSL_ITEM attributes[],
463         OPENSSL_ITEM parameters[])
464         {
465         STORE_OBJECT *object;
466         EVP_PKEY *pkey;
467
468         check_store(s,STORE_F_STORE_GET_PRIVATE_KEY,
469                 get_object,STORE_R_NO_GET_OBJECT_FUNCTION);
470
471         object = s->meth->get_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
472                 attributes, parameters);
473         if (!object || !object->data.key || !object->data.key)
474                 {
475                 STOREerr(STORE_F_STORE_GET_PRIVATE_KEY,
476                         STORE_R_FAILED_GETTING_KEY);
477                 return 0;
478                 }
479         CRYPTO_add(&object->data.key->references,1,CRYPTO_LOCK_EVP_PKEY);
480 #ifdef REF_PRINT
481         REF_PRINT("EVP_PKEY",data);
482 #endif
483         pkey = object->data.key;
484         STORE_OBJECT_free(object);
485         return pkey;
486         }
487
488 int STORE_store_private_key(STORE *s, EVP_PKEY *data, OPENSSL_ITEM attributes[],
489         OPENSSL_ITEM parameters[])
490         {
491         STORE_OBJECT *object;
492         int i;
493
494         check_store(s,STORE_F_STORE_STORE_PRIVATE_KEY,
495                 store_object,STORE_R_NO_STORE_OBJECT_FUNCTION);
496
497         object = STORE_OBJECT_new();
498         if (!object)
499                 {
500                 STOREerr(STORE_F_STORE_STORE_PRIVATE_KEY,
501                         ERR_R_MALLOC_FAILURE);
502                 return 0;
503                 }
504         object->data.key = EVP_PKEY_new();
505         if (!object->data.key)
506                 {
507                 STOREerr(STORE_F_STORE_STORE_PRIVATE_KEY,
508                         ERR_R_MALLOC_FAILURE);
509                 return 0;
510                 }
511         
512         CRYPTO_add(&data->references,1,CRYPTO_LOCK_EVP_PKEY);
513 #ifdef REF_PRINT
514         REF_PRINT("EVP_PKEY",data);
515 #endif
516         object->data.key = data;
517
518         i = s->meth->store_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY, object,
519                 attributes, parameters);
520
521         STORE_OBJECT_free(object);
522
523         if (!i)
524                 {
525                 STOREerr(STORE_F_STORE_STORE_PRIVATE_KEY,
526                         STORE_R_FAILED_STORING_KEY);
527                 return 0;
528                 }
529         return i;
530         }
531
532 int STORE_modify_private_key(STORE *s, OPENSSL_ITEM search_attributes[],
533         OPENSSL_ITEM add_attributes[], OPENSSL_ITEM modify_attributes[],
534         OPENSSL_ITEM delete_attributes[], OPENSSL_ITEM parameters[])
535         {
536         check_store(s,STORE_F_STORE_MODIFY_PRIVATE_KEY,
537                 modify_object,STORE_R_NO_MODIFY_OBJECT_FUNCTION);
538
539         if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
540                     search_attributes, add_attributes, modify_attributes,
541                     delete_attributes, parameters))
542                 {
543                 STOREerr(STORE_F_STORE_MODIFY_PRIVATE_KEY,
544                         STORE_R_FAILED_MODIFYING_PRIVATE_KEY);
545                 return 0;
546                 }
547         return 1;
548         }
549
550 int STORE_revoke_private_key(STORE *s, OPENSSL_ITEM attributes[],
551         OPENSSL_ITEM parameters[])
552         {
553         int i;
554
555         check_store(s,STORE_F_STORE_REVOKE_PRIVATE_KEY,
556                 revoke_object,STORE_R_NO_REVOKE_OBJECT_FUNCTION);
557
558         i = s->meth->revoke_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
559                 attributes, parameters);
560
561         if (!i)
562                 {
563                 STOREerr(STORE_F_STORE_REVOKE_PRIVATE_KEY,
564                         STORE_R_FAILED_REVOKING_KEY);
565                 return 0;
566                 }
567         return i;
568         }
569
570 int STORE_delete_private_key(STORE *s, OPENSSL_ITEM attributes[],
571         OPENSSL_ITEM parameters[])
572         {
573         check_store(s,STORE_F_STORE_DELETE_PRIVATE_KEY,
574                 delete_object,STORE_R_NO_DELETE_OBJECT_FUNCTION);
575         
576         if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
577                     attributes, parameters))
578                 {
579                 STOREerr(STORE_F_STORE_DELETE_PRIVATE_KEY,
580                         STORE_R_FAILED_DELETING_KEY);
581                 return 0;
582                 }
583         return 1;
584         }
585
586 void *STORE_list_private_key_start(STORE *s, OPENSSL_ITEM attributes[],
587         OPENSSL_ITEM parameters[])
588         {
589         void *handle;
590
591         check_store(s,STORE_F_STORE_LIST_PRIVATE_KEY_START,
592                 list_object_start,STORE_R_NO_LIST_OBJECT_START_FUNCTION);
593
594         handle = s->meth->list_object_start(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
595                 attributes, parameters);
596         if (!handle)
597                 {
598                 STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_START,
599                         STORE_R_FAILED_LISTING_KEYS);
600                 return 0;
601                 }
602         return handle;
603         }
604
605 EVP_PKEY *STORE_list_private_key_next(STORE *s, void *handle)
606         {
607         STORE_OBJECT *object;
608         EVP_PKEY *pkey;
609
610         check_store(s,STORE_F_STORE_LIST_PRIVATE_KEY_NEXT,
611                 list_object_next,STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
612
613         object = s->meth->list_object_next(s, handle);
614         if (!object || !object->data.key || !object->data.key)
615                 {
616                 STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_NEXT,
617                         STORE_R_FAILED_LISTING_KEYS);
618                 return 0;
619                 }
620         CRYPTO_add(&object->data.key->references,1,CRYPTO_LOCK_EVP_PKEY);
621 #ifdef REF_PRINT
622         REF_PRINT("EVP_PKEY",data);
623 #endif
624         pkey = object->data.key;
625         STORE_OBJECT_free(object);
626         return pkey;
627         }
628
629 int STORE_list_private_key_end(STORE *s, void *handle)
630         {
631         check_store(s,STORE_F_STORE_LIST_PRIVATE_KEY_END,
632                 list_object_end,STORE_R_NO_LIST_OBJECT_END_FUNCTION);
633
634         if (!s->meth->list_object_end(s, handle))
635                 {
636                 STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_END,
637                         STORE_R_FAILED_LISTING_KEYS);
638                 return 0;
639                 }
640         return 1;
641         }
642
643 int STORE_list_private_key_endp(STORE *s, void *handle)
644         {
645         check_store(s,STORE_F_STORE_LIST_PRIVATE_KEY_ENDP,
646                 list_object_endp,STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
647
648         if (!s->meth->list_object_endp(s, handle))
649                 {
650                 STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_ENDP,
651                         STORE_R_FAILED_LISTING_KEYS);
652                 return 0;
653                 }
654         return 1;
655         }
656
657 EVP_PKEY *STORE_get_public_key(STORE *s, OPENSSL_ITEM attributes[],
658         OPENSSL_ITEM parameters[])
659         {
660         STORE_OBJECT *object;
661         EVP_PKEY *pkey;
662
663         check_store(s,STORE_F_STORE_GET_PUBLIC_KEY,
664                 get_object,STORE_R_NO_GET_OBJECT_FUNCTION);
665
666         object = s->meth->get_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
667                 attributes, parameters);
668         if (!object || !object->data.key || !object->data.key)
669                 {
670                 STOREerr(STORE_F_STORE_GET_PUBLIC_KEY,
671                         STORE_R_FAILED_GETTING_KEY);
672                 return 0;
673                 }
674         CRYPTO_add(&object->data.key->references,1,CRYPTO_LOCK_EVP_PKEY);
675 #ifdef REF_PRINT
676         REF_PRINT("EVP_PKEY",data);
677 #endif
678         pkey = object->data.key;
679         STORE_OBJECT_free(object);
680         return pkey;
681         }
682
683 int STORE_store_public_key(STORE *s, EVP_PKEY *data, OPENSSL_ITEM attributes[],
684         OPENSSL_ITEM parameters[])
685         {
686         STORE_OBJECT *object;
687         int i;
688
689         check_store(s,STORE_F_STORE_STORE_PUBLIC_KEY,
690                 store_object,STORE_R_NO_STORE_OBJECT_FUNCTION);
691
692         object = STORE_OBJECT_new();
693         if (!object)
694                 {
695                 STOREerr(STORE_F_STORE_STORE_PUBLIC_KEY,
696                         ERR_R_MALLOC_FAILURE);
697                 return 0;
698                 }
699         object->data.key = EVP_PKEY_new();
700         if (!object->data.key)
701                 {
702                 STOREerr(STORE_F_STORE_STORE_PUBLIC_KEY,
703                         ERR_R_MALLOC_FAILURE);
704                 return 0;
705                 }
706         
707         CRYPTO_add(&data->references,1,CRYPTO_LOCK_EVP_PKEY);
708 #ifdef REF_PRINT
709         REF_PRINT("EVP_PKEY",data);
710 #endif
711         object->data.key = data;
712
713         i = s->meth->store_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY, object,
714                 attributes, parameters);
715
716         STORE_OBJECT_free(object);
717
718         if (!i)
719                 {
720                 STOREerr(STORE_F_STORE_STORE_PUBLIC_KEY,
721                         STORE_R_FAILED_STORING_KEY);
722                 return 0;
723                 }
724         return i;
725         }
726
727 int STORE_modify_public_key(STORE *s, OPENSSL_ITEM search_attributes[],
728         OPENSSL_ITEM add_attributes[], OPENSSL_ITEM modify_attributes[],
729         OPENSSL_ITEM delete_attributes[], OPENSSL_ITEM parameters[])
730         {
731         check_store(s,STORE_F_STORE_MODIFY_PUBLIC_KEY,
732                 modify_object,STORE_R_NO_MODIFY_OBJECT_FUNCTION);
733
734         if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
735                     search_attributes, add_attributes, modify_attributes,
736                     delete_attributes, parameters))
737                 {
738                 STOREerr(STORE_F_STORE_MODIFY_PUBLIC_KEY,
739                         STORE_R_FAILED_MODIFYING_PUBLIC_KEY);
740                 return 0;
741                 }
742         return 1;
743         }
744
745 int STORE_revoke_public_key(STORE *s, OPENSSL_ITEM attributes[],
746         OPENSSL_ITEM parameters[])
747         {
748         int i;
749
750         check_store(s,STORE_F_STORE_REVOKE_PUBLIC_KEY,
751                 revoke_object,STORE_R_NO_REVOKE_OBJECT_FUNCTION);
752
753         i = s->meth->revoke_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
754                 attributes, parameters);
755
756         if (!i)
757                 {
758                 STOREerr(STORE_F_STORE_REVOKE_PUBLIC_KEY,
759                         STORE_R_FAILED_REVOKING_KEY);
760                 return 0;
761                 }
762         return i;
763         }
764
765 int STORE_delete_public_key(STORE *s, OPENSSL_ITEM attributes[],
766         OPENSSL_ITEM parameters[])
767         {
768         check_store(s,STORE_F_STORE_DELETE_PUBLIC_KEY,
769                 delete_object,STORE_R_NO_DELETE_OBJECT_FUNCTION);
770         
771         if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
772                     attributes, parameters))
773                 {
774                 STOREerr(STORE_F_STORE_DELETE_PUBLIC_KEY,
775                         STORE_R_FAILED_DELETING_KEY);
776                 return 0;
777                 }
778         return 1;
779         }
780
781 void *STORE_list_public_key_start(STORE *s, OPENSSL_ITEM attributes[],
782         OPENSSL_ITEM parameters[])
783         {
784         void *handle;
785
786         check_store(s,STORE_F_STORE_LIST_PUBLIC_KEY_START,
787                 list_object_start,STORE_R_NO_LIST_OBJECT_START_FUNCTION);
788
789         handle = s->meth->list_object_start(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
790                 attributes, parameters);
791         if (!handle)
792                 {
793                 STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_START,
794                         STORE_R_FAILED_LISTING_KEYS);
795                 return 0;
796                 }
797         return handle;
798         }
799
800 EVP_PKEY *STORE_list_public_key_next(STORE *s, void *handle)
801         {
802         STORE_OBJECT *object;
803         EVP_PKEY *pkey;
804
805         check_store(s,STORE_F_STORE_LIST_PUBLIC_KEY_NEXT,
806                 list_object_next,STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
807
808         object = s->meth->list_object_next(s, handle);
809         if (!object || !object->data.key || !object->data.key)
810                 {
811                 STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_NEXT,
812                         STORE_R_FAILED_LISTING_KEYS);
813                 return 0;
814                 }
815         CRYPTO_add(&object->data.key->references,1,CRYPTO_LOCK_EVP_PKEY);
816 #ifdef REF_PRINT
817         REF_PRINT("EVP_PKEY",data);
818 #endif
819         pkey = object->data.key;
820         STORE_OBJECT_free(object);
821         return pkey;
822         }
823
824 int STORE_list_public_key_end(STORE *s, void *handle)
825         {
826         check_store(s,STORE_F_STORE_LIST_PUBLIC_KEY_END,
827                 list_object_end,STORE_R_NO_LIST_OBJECT_END_FUNCTION);
828
829         if (!s->meth->list_object_end(s, handle))
830                 {
831                 STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_END,
832                         STORE_R_FAILED_LISTING_KEYS);
833                 return 0;
834                 }
835         return 1;
836         }
837
838 int STORE_list_public_key_endp(STORE *s, void *handle)
839         {
840         check_store(s,STORE_F_STORE_LIST_PUBLIC_KEY_ENDP,
841                 list_object_endp,STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
842
843         if (!s->meth->list_object_endp(s, handle))
844                 {
845                 STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_ENDP,
846                         STORE_R_FAILED_LISTING_KEYS);
847                 return 0;
848                 }
849         return 1;
850         }
851
852 X509_CRL *STORE_generate_crl(STORE *s, OPENSSL_ITEM attributes[],
853         OPENSSL_ITEM parameters[])
854         {
855         STORE_OBJECT *object;
856         X509_CRL *crl;
857
858         check_store(s,STORE_F_STORE_GENERATE_CRL,
859                 generate_object,STORE_R_NO_GENERATE_CRL_FUNCTION);
860
861         object = s->meth->generate_object(s, STORE_OBJECT_TYPE_X509_CRL,
862                 attributes, parameters);
863         if (!object || !object->data.crl)
864                 {
865                 STOREerr(STORE_F_STORE_GENERATE_CRL,
866                         STORE_R_FAILED_GENERATING_CRL);
867                 return 0;
868                 }
869         CRYPTO_add(&object->data.crl->references,1,CRYPTO_LOCK_X509_CRL);
870 #ifdef REF_PRINT
871         REF_PRINT("X509_CRL",data);
872 #endif
873         crl = object->data.crl;
874         STORE_OBJECT_free(object);
875         return crl;
876         }
877
878 X509_CRL *STORE_get_crl(STORE *s, OPENSSL_ITEM attributes[],
879         OPENSSL_ITEM parameters[])
880         {
881         STORE_OBJECT *object;
882         X509_CRL *crl;
883
884         check_store(s,STORE_F_STORE_GET_CRL,
885                 get_object,STORE_R_NO_GET_OBJECT_FUNCTION);
886
887         object = s->meth->get_object(s, STORE_OBJECT_TYPE_X509_CRL,
888                 attributes, parameters);
889         if (!object || !object->data.crl)
890                 {
891                 STOREerr(STORE_F_STORE_GET_CRL,
892                         STORE_R_FAILED_GETTING_KEY);
893                 return 0;
894                 }
895         CRYPTO_add(&object->data.crl->references,1,CRYPTO_LOCK_X509_CRL);
896 #ifdef REF_PRINT
897         REF_PRINT("X509_CRL",data);
898 #endif
899         crl = object->data.crl;
900         STORE_OBJECT_free(object);
901         return crl;
902         }
903
904 int STORE_store_crl(STORE *s, X509_CRL *data, OPENSSL_ITEM attributes[],
905         OPENSSL_ITEM parameters[])
906         {
907         STORE_OBJECT *object;
908         int i;
909
910         check_store(s,STORE_F_STORE_STORE_CRL,
911                 store_object,STORE_R_NO_STORE_OBJECT_FUNCTION);
912
913         object = STORE_OBJECT_new();
914         if (!object)
915                 {
916                 STOREerr(STORE_F_STORE_STORE_CRL,
917                         ERR_R_MALLOC_FAILURE);
918                 return 0;
919                 }
920         
921         CRYPTO_add(&data->references,1,CRYPTO_LOCK_X509_CRL);
922 #ifdef REF_PRINT
923         REF_PRINT("X509_CRL",data);
924 #endif
925         object->data.crl = data;
926
927         i = s->meth->store_object(s, STORE_OBJECT_TYPE_X509_CRL, object,
928                 attributes, parameters);
929
930         STORE_OBJECT_free(object);
931
932         if (!i)
933                 {
934                 STOREerr(STORE_F_STORE_STORE_CRL,
935                         STORE_R_FAILED_STORING_KEY);
936                 return 0;
937                 }
938         return i;
939         }
940
941 int STORE_modify_crl(STORE *s, OPENSSL_ITEM search_attributes[],
942         OPENSSL_ITEM add_attributes[], OPENSSL_ITEM modify_attributes[],
943         OPENSSL_ITEM delete_attributes[], OPENSSL_ITEM parameters[])
944         {
945         check_store(s,STORE_F_STORE_MODIFY_CRL,
946                 modify_object,STORE_R_NO_MODIFY_OBJECT_FUNCTION);
947
948         if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_X509_CRL,
949                     search_attributes, add_attributes, modify_attributes,
950                     delete_attributes, parameters))
951                 {
952                 STOREerr(STORE_F_STORE_MODIFY_CRL,
953                         STORE_R_FAILED_MODIFYING_CRL);
954                 return 0;
955                 }
956         return 1;
957         }
958
959 int STORE_delete_crl(STORE *s, OPENSSL_ITEM attributes[],
960         OPENSSL_ITEM parameters[])
961         {
962         check_store(s,STORE_F_STORE_DELETE_CRL,
963                 delete_object,STORE_R_NO_DELETE_OBJECT_FUNCTION);
964         
965         if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_X509_CRL,
966                     attributes, parameters))
967                 {
968                 STOREerr(STORE_F_STORE_DELETE_CRL,
969                         STORE_R_FAILED_DELETING_KEY);
970                 return 0;
971                 }
972         return 1;
973         }
974
975 void *STORE_list_crl_start(STORE *s, OPENSSL_ITEM attributes[],
976         OPENSSL_ITEM parameters[])
977         {
978         void *handle;
979
980         check_store(s,STORE_F_STORE_LIST_CRL_START,
981                 list_object_start,STORE_R_NO_LIST_OBJECT_START_FUNCTION);
982
983         handle = s->meth->list_object_start(s, STORE_OBJECT_TYPE_X509_CRL,
984                 attributes, parameters);
985         if (!handle)
986                 {
987                 STOREerr(STORE_F_STORE_LIST_CRL_START,
988                         STORE_R_FAILED_LISTING_KEYS);
989                 return 0;
990                 }
991         return handle;
992         }
993
994 X509_CRL *STORE_list_crl_next(STORE *s, void *handle)
995         {
996         STORE_OBJECT *object;
997         X509_CRL *crl;
998
999         check_store(s,STORE_F_STORE_LIST_CRL_NEXT,
1000                 list_object_next,STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
1001
1002         object = s->meth->list_object_next(s, handle);
1003         if (!object || !object->data.crl)
1004                 {
1005                 STOREerr(STORE_F_STORE_LIST_CRL_NEXT,
1006                         STORE_R_FAILED_LISTING_KEYS);
1007                 return 0;
1008                 }
1009         CRYPTO_add(&object->data.crl->references,1,CRYPTO_LOCK_X509_CRL);
1010 #ifdef REF_PRINT
1011         REF_PRINT("X509_CRL",data);
1012 #endif
1013         crl = object->data.crl;
1014         STORE_OBJECT_free(object);
1015         return crl;
1016         }
1017
1018 int STORE_list_crl_end(STORE *s, void *handle)
1019         {
1020         check_store(s,STORE_F_STORE_LIST_CRL_END,
1021                 list_object_end,STORE_R_NO_LIST_OBJECT_END_FUNCTION);
1022
1023         if (!s->meth->list_object_end(s, handle))
1024                 {
1025                 STOREerr(STORE_F_STORE_LIST_CRL_END,
1026                         STORE_R_FAILED_LISTING_KEYS);
1027                 return 0;
1028                 }
1029         return 1;
1030         }
1031
1032 int STORE_list_crl_endp(STORE *s, void *handle)
1033         {
1034         check_store(s,STORE_F_STORE_LIST_CRL_ENDP,
1035                 list_object_endp,STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
1036
1037         if (!s->meth->list_object_endp(s, handle))
1038                 {
1039                 STOREerr(STORE_F_STORE_LIST_CRL_ENDP,
1040                         STORE_R_FAILED_LISTING_KEYS);
1041                 return 0;
1042                 }
1043         return 1;
1044         }
1045
1046 int STORE_store_number(STORE *s, BIGNUM *data, OPENSSL_ITEM attributes[],
1047         OPENSSL_ITEM parameters[])
1048         {
1049         STORE_OBJECT *object;
1050         int i;
1051
1052         check_store(s,STORE_F_STORE_STORE_NUMBER,
1053                 store_object,STORE_R_NO_STORE_OBJECT_NUMBER_FUNCTION);
1054
1055         object = STORE_OBJECT_new();
1056         if (!object)
1057                 {
1058                 STOREerr(STORE_F_STORE_STORE_NUMBER,
1059                         ERR_R_MALLOC_FAILURE);
1060                 return 0;
1061                 }
1062         
1063         object->data.number = data;
1064
1065         i = s->meth->store_object(s, STORE_OBJECT_TYPE_NUMBER, object,
1066                 attributes, parameters);
1067
1068         STORE_OBJECT_free(object);
1069
1070         if (!i)
1071                 {
1072                 STOREerr(STORE_F_STORE_STORE_NUMBER,
1073                         STORE_R_FAILED_STORING_NUMBER);
1074                 return 0;
1075                 }
1076         return 1;
1077         }
1078
1079 int STORE_modify_number(STORE *s, OPENSSL_ITEM search_attributes[],
1080         OPENSSL_ITEM add_attributes[], OPENSSL_ITEM modify_attributes[],
1081         OPENSSL_ITEM delete_attributes[], OPENSSL_ITEM parameters[])
1082         {
1083         check_store(s,STORE_F_STORE_MODIFY_NUMBER,
1084                 modify_object,STORE_R_NO_MODIFY_OBJECT_FUNCTION);
1085
1086         if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_NUMBER,
1087                     search_attributes, add_attributes, modify_attributes,
1088                     delete_attributes, parameters))
1089                 {
1090                 STOREerr(STORE_F_STORE_MODIFY_NUMBER,
1091                         STORE_R_FAILED_MODIFYING_NUMBER);
1092                 return 0;
1093                 }
1094         return 1;
1095         }
1096
1097 BIGNUM *STORE_get_number(STORE *s, OPENSSL_ITEM attributes[],
1098         OPENSSL_ITEM parameters[])
1099         {
1100         STORE_OBJECT *object;
1101         BIGNUM *n;
1102
1103         check_store(s,STORE_F_STORE_GET_NUMBER,
1104                 get_object,STORE_R_NO_GET_OBJECT_NUMBER_FUNCTION);
1105
1106         object = s->meth->get_object(s, STORE_OBJECT_TYPE_NUMBER, attributes,
1107                 parameters);
1108         if (!object || !object->data.number)
1109                 {
1110                 STOREerr(STORE_F_STORE_GET_NUMBER,
1111                         STORE_R_FAILED_GETTING_NUMBER);
1112                 return 0;
1113                 }
1114         n = object->data.number;
1115         object->data.number = NULL;
1116         STORE_OBJECT_free(object);
1117         return n;
1118         }
1119
1120 int STORE_delete_number(STORE *s, OPENSSL_ITEM attributes[],
1121         OPENSSL_ITEM parameters[])
1122         {
1123         check_store(s,STORE_F_STORE_DELETE_NUMBER,
1124                 delete_object,STORE_R_NO_DELETE_NUMBER_FUNCTION);
1125
1126         if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_NUMBER, attributes,
1127                     parameters))
1128                 {
1129                 STOREerr(STORE_F_STORE_DELETE_NUMBER,
1130                         STORE_R_FAILED_DELETING_NUMBER);
1131                 return 0;
1132                 }
1133         return 1;
1134         }
1135
1136 int STORE_store_arbitrary(STORE *s, BUF_MEM *data, OPENSSL_ITEM attributes[],
1137         OPENSSL_ITEM parameters[])
1138         {
1139         STORE_OBJECT *object;
1140         int i;
1141
1142         check_store(s,STORE_F_STORE_STORE_ARBITRARY,
1143                 store_object,STORE_R_NO_STORE_OBJECT_ARBITRARY_FUNCTION);
1144
1145         object = STORE_OBJECT_new();
1146         if (!object)
1147                 {
1148                 STOREerr(STORE_F_STORE_STORE_ARBITRARY,
1149                         ERR_R_MALLOC_FAILURE);
1150                 return 0;
1151                 }
1152         
1153         object->data.arbitrary = data;
1154
1155         i = s->meth->store_object(s, STORE_OBJECT_TYPE_ARBITRARY, object,
1156                 attributes, parameters);
1157
1158         STORE_OBJECT_free(object);
1159
1160         if (!i)
1161                 {
1162                 STOREerr(STORE_F_STORE_STORE_ARBITRARY,
1163                         STORE_R_FAILED_STORING_ARBITRARY);
1164                 return 0;
1165                 }
1166         return 1;
1167         }
1168
1169 int STORE_modify_arbitrary(STORE *s, OPENSSL_ITEM search_attributes[],
1170         OPENSSL_ITEM add_attributes[], OPENSSL_ITEM modify_attributes[],
1171         OPENSSL_ITEM delete_attributes[], OPENSSL_ITEM parameters[])
1172         {
1173         check_store(s,STORE_F_STORE_MODIFY_ARBITRARY,
1174                 modify_object,STORE_R_NO_MODIFY_OBJECT_FUNCTION);
1175
1176         if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_ARBITRARY,
1177                     search_attributes, add_attributes, modify_attributes,
1178                     delete_attributes, parameters))
1179                 {
1180                 STOREerr(STORE_F_STORE_MODIFY_ARBITRARY,
1181                         STORE_R_FAILED_MODIFYING_ARBITRARY);
1182                 return 0;
1183                 }
1184         return 1;
1185         }
1186
1187 BUF_MEM *STORE_get_arbitrary(STORE *s, OPENSSL_ITEM attributes[],
1188         OPENSSL_ITEM parameters[])
1189         {
1190         STORE_OBJECT *object;
1191         BUF_MEM *b;
1192
1193         check_store(s,STORE_F_STORE_GET_ARBITRARY,
1194                 get_object,STORE_R_NO_GET_OBJECT_ARBITRARY_FUNCTION);
1195
1196         object = s->meth->get_object(s, STORE_OBJECT_TYPE_ARBITRARY,
1197                 attributes, parameters);
1198         if (!object || !object->data.arbitrary)
1199                 {
1200                 STOREerr(STORE_F_STORE_GET_ARBITRARY,
1201                         STORE_R_FAILED_GETTING_ARBITRARY);
1202                 return 0;
1203                 }
1204         b = object->data.arbitrary;
1205         object->data.arbitrary = NULL;
1206         STORE_OBJECT_free(object);
1207         return b;
1208         }
1209
1210 int STORE_delete_arbitrary(STORE *s, OPENSSL_ITEM attributes[],
1211         OPENSSL_ITEM parameters[])
1212         {
1213         check_store(s,STORE_F_STORE_DELETE_ARBITRARY,
1214                 delete_object,STORE_R_NO_DELETE_ARBITRARY_FUNCTION);
1215
1216         if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_ARBITRARY, attributes,
1217                     parameters))
1218                 {
1219                 STOREerr(STORE_F_STORE_DELETE_ARBITRARY,
1220                         STORE_R_FAILED_DELETING_ARBITRARY);
1221                 return 0;
1222                 }
1223         return 1;
1224         }
1225
1226 STORE_OBJECT *STORE_OBJECT_new(void)
1227         {
1228         STORE_OBJECT *object = OPENSSL_malloc(sizeof(STORE_OBJECT));
1229         if (object) memset(object, 0, sizeof(STORE_OBJECT));
1230         return object;
1231         }
1232 void STORE_OBJECT_free(STORE_OBJECT *data)
1233         {
1234         if (!data) return;
1235         switch (data->type)
1236                 {
1237         case STORE_OBJECT_TYPE_X509_CERTIFICATE:
1238                 X509_free(data->data.x509.certificate);
1239                 break;
1240         case STORE_OBJECT_TYPE_X509_CRL:
1241                 X509_CRL_free(data->data.crl);
1242                 break;
1243         case STORE_OBJECT_TYPE_PRIVATE_KEY:
1244         case STORE_OBJECT_TYPE_PUBLIC_KEY:
1245                 EVP_PKEY_free(data->data.key);
1246                 break;
1247         case STORE_OBJECT_TYPE_NUMBER:
1248                 BN_free(data->data.number);
1249                 break;
1250         case STORE_OBJECT_TYPE_ARBITRARY:
1251                 BUF_MEM_free(data->data.arbitrary);
1252                 break;
1253                 }
1254         OPENSSL_free(data);
1255         }
1256
1257 IMPLEMENT_STACK_OF(STORE_OBJECT*)
1258
1259
1260 struct STORE_attr_info_st
1261         {
1262         unsigned char set[(STORE_ATTR_TYPE_NUM + 8) / 8];
1263         union
1264                 {
1265                 char *cstring;
1266                 unsigned char *sha1string;
1267                 X509_NAME *dn;
1268                 BIGNUM *number;
1269                 void *any;
1270                 } values[STORE_ATTR_TYPE_NUM+1];
1271         size_t value_sizes[STORE_ATTR_TYPE_NUM+1];
1272         };
1273
1274 #define ATTR_IS_SET(a,i)        ((i) > 0 && (i) < STORE_ATTR_TYPE_NUM \
1275                                 && ((a)->set[(i) / 8] & (1 << ((i) % 8))))
1276 #define SET_ATTRBIT(a,i)        ((a)->set[(i) / 8] |= (1 << ((i) % 8)))
1277 #define CLEAR_ATTRBIT(a,i)      ((a)->set[(i) / 8] &= ~(1 << ((i) % 8)))
1278
1279 STORE_ATTR_INFO *STORE_ATTR_INFO_new(void)
1280         {
1281         return (STORE_ATTR_INFO *)OPENSSL_malloc(sizeof(STORE_ATTR_INFO));
1282         }
1283 static void STORE_ATTR_INFO_attr_free(STORE_ATTR_INFO *attrs,
1284         STORE_ATTR_TYPES code)
1285         {
1286         if (ATTR_IS_SET(attrs,code))
1287                 {
1288                 switch(code)
1289                         {
1290                 case STORE_ATTR_FRIENDLYNAME:
1291                 case STORE_ATTR_EMAIL:
1292                 case STORE_ATTR_FILENAME:
1293                         STORE_ATTR_INFO_modify_cstr(attrs, code, NULL, 0);
1294                         break;
1295                 case STORE_ATTR_KEYID:
1296                 case STORE_ATTR_ISSUERKEYID:
1297                 case STORE_ATTR_SUBJECTKEYID:
1298                 case STORE_ATTR_ISSUERSERIALHASH:
1299                 case STORE_ATTR_CERTHASH:
1300                         STORE_ATTR_INFO_modify_sha1str(attrs, code, NULL, 0);
1301                         break;
1302                 case STORE_ATTR_ISSUER:
1303                 case STORE_ATTR_SUBJECT:
1304                         STORE_ATTR_INFO_modify_dn(attrs, code, NULL);
1305                         break;
1306                 case STORE_ATTR_SERIAL:
1307                         STORE_ATTR_INFO_modify_number(attrs, code, NULL);
1308                         break;
1309                 default:
1310                         break;
1311                         }
1312                 }
1313         }
1314 int STORE_ATTR_INFO_free(STORE_ATTR_INFO *attrs)
1315         {
1316         if (attrs)
1317                 {
1318                 STORE_ATTR_TYPES i;
1319                 for(i = 0; i++ < STORE_ATTR_TYPE_NUM;)
1320                         STORE_ATTR_INFO_attr_free(attrs, i);
1321                 OPENSSL_free(attrs);
1322                 }
1323         return 1;
1324         }
1325 char *STORE_ATTR_INFO_get0_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code)
1326         {
1327         if (!attrs)
1328                 {
1329                 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_CSTR,
1330                         ERR_R_PASSED_NULL_PARAMETER);
1331                 return NULL;
1332                 }
1333         if (ATTR_IS_SET(attrs,code))
1334                 return attrs->values[code].cstring;
1335         STOREerr(STORE_F_STORE_ATTR_INFO_GET0_CSTR,
1336                 STORE_R_NO_VALUE);
1337         return NULL;
1338         }
1339 unsigned char *STORE_ATTR_INFO_get0_sha1str(STORE_ATTR_INFO *attrs,
1340         STORE_ATTR_TYPES code)
1341         {
1342         if (!attrs)
1343                 {
1344                 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_SHA1STR,
1345                         ERR_R_PASSED_NULL_PARAMETER);
1346                 return NULL;
1347                 }
1348         if (ATTR_IS_SET(attrs,code))
1349                 return attrs->values[code].sha1string;
1350         STOREerr(STORE_F_STORE_ATTR_INFO_GET0_SHA1STR,
1351                 STORE_R_NO_VALUE);
1352         return NULL;
1353         }
1354 X509_NAME *STORE_ATTR_INFO_get0_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code)
1355         {
1356         if (!attrs)
1357                 {
1358                 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_DN,
1359                         ERR_R_PASSED_NULL_PARAMETER);
1360                 return NULL;
1361                 }
1362         if (ATTR_IS_SET(attrs,code))
1363                 return attrs->values[code].dn;
1364         STOREerr(STORE_F_STORE_ATTR_INFO_GET0_DN,
1365                 STORE_R_NO_VALUE);
1366         return NULL;
1367         }
1368 BIGNUM *STORE_ATTR_INFO_get0_number(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code)
1369         {
1370         if (!attrs)
1371                 {
1372                 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_NUMBER,
1373                         ERR_R_PASSED_NULL_PARAMETER);
1374                 return NULL;
1375                 }
1376         if (ATTR_IS_SET(attrs,code))
1377                 return attrs->values[code].number;
1378         STOREerr(STORE_F_STORE_ATTR_INFO_GET0_NUMBER,
1379                 STORE_R_NO_VALUE);
1380         return NULL;
1381         }
1382 int STORE_ATTR_INFO_set_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1383         char *cstr, size_t cstr_size)
1384         {
1385         if (!attrs)
1386                 {
1387                 STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR,
1388                         ERR_R_PASSED_NULL_PARAMETER);
1389                 return 0;
1390                 }
1391         if (!ATTR_IS_SET(attrs,code))
1392                 {
1393                 if ((attrs->values[code].cstring = BUF_strndup(cstr, cstr_size)))
1394                         return 1;
1395                 STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR,
1396                         ERR_R_MALLOC_FAILURE);
1397                 return 0;
1398                 }
1399         STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR, STORE_R_ALREADY_HAS_A_VALUE);
1400         return 0;
1401         }
1402 int STORE_ATTR_INFO_set_sha1str(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1403         unsigned char *sha1str, size_t sha1str_size)
1404         {
1405         if (!attrs)
1406                 {
1407                 STOREerr(STORE_F_STORE_ATTR_INFO_SET_SHA1STR,
1408                         ERR_R_PASSED_NULL_PARAMETER);
1409                 return 0;
1410                 }
1411         if (!ATTR_IS_SET(attrs,code))
1412                 {
1413                 if ((attrs->values[code].sha1string =
1414                             (unsigned char *)BUF_memdup(sha1str,
1415                                     sha1str_size)))
1416                         return 1;
1417                 STOREerr(STORE_F_STORE_ATTR_INFO_SET_SHA1STR,
1418                         ERR_R_MALLOC_FAILURE);
1419                 return 0;
1420                 }
1421         STOREerr(STORE_F_STORE_ATTR_INFO_SET_SHA1STR, STORE_R_ALREADY_HAS_A_VALUE);
1422         return 0;
1423         }
1424 int STORE_ATTR_INFO_set_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1425         X509_NAME *dn)
1426         {
1427         if (!attrs)
1428                 {
1429                 STOREerr(STORE_F_STORE_ATTR_INFO_SET_DN,
1430                         ERR_R_PASSED_NULL_PARAMETER);
1431                 return 0;
1432                 }
1433         if (!ATTR_IS_SET(attrs,code))
1434                 {
1435                 if ((attrs->values[code].dn = X509_NAME_dup(dn)))
1436                         return 1;
1437                 STOREerr(STORE_F_STORE_ATTR_INFO_SET_DN,
1438                         ERR_R_MALLOC_FAILURE);
1439                 return 0;
1440                 }
1441         STOREerr(STORE_F_STORE_ATTR_INFO_SET_DN, STORE_R_ALREADY_HAS_A_VALUE);
1442         return 0;
1443         }
1444 int STORE_ATTR_INFO_set_number(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1445         BIGNUM *number)
1446         {
1447         if (!attrs)
1448                 {
1449                 STOREerr(STORE_F_STORE_ATTR_INFO_SET_NUMBER,
1450                         ERR_R_PASSED_NULL_PARAMETER);
1451                 return 0;
1452                 }
1453         if (!ATTR_IS_SET(attrs,code))
1454                 {
1455                 if ((attrs->values[code].number = BN_dup(number)))
1456                         return 1;
1457                 STOREerr(STORE_F_STORE_ATTR_INFO_SET_NUMBER,
1458                         ERR_R_MALLOC_FAILURE);
1459                 return 0;
1460                 }
1461         STOREerr(STORE_F_STORE_ATTR_INFO_SET_NUMBER, STORE_R_ALREADY_HAS_A_VALUE);
1462         return 0;
1463         }
1464 int STORE_ATTR_INFO_modify_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1465         char *cstr, size_t cstr_size)
1466         {
1467         if (!attrs)
1468                 {
1469                 STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_CSTR,
1470                         ERR_R_PASSED_NULL_PARAMETER);
1471                 return 0;
1472                 }
1473         if (ATTR_IS_SET(attrs,code))
1474                 {
1475                 OPENSSL_free(attrs->values[code].cstring);
1476                 attrs->values[code].cstring = NULL;
1477                 CLEAR_ATTRBIT(attrs, code);
1478                 }
1479         return STORE_ATTR_INFO_set_cstr(attrs, code, cstr, cstr_size);
1480         }
1481 int STORE_ATTR_INFO_modify_sha1str(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1482         unsigned char *sha1str, size_t sha1str_size)
1483         {
1484         if (!attrs)
1485                 {
1486                 STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_SHA1STR,
1487                         ERR_R_PASSED_NULL_PARAMETER);
1488                 return 0;
1489                 }
1490         if (ATTR_IS_SET(attrs,code))
1491                 {
1492                 OPENSSL_free(attrs->values[code].sha1string);
1493                 attrs->values[code].sha1string = NULL;
1494                 CLEAR_ATTRBIT(attrs, code);
1495                 }
1496         return STORE_ATTR_INFO_set_sha1str(attrs, code, sha1str, sha1str_size);
1497         }
1498 int STORE_ATTR_INFO_modify_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1499         X509_NAME *dn)
1500         {
1501         if (!attrs)
1502                 {
1503                 STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_DN,
1504                         ERR_R_PASSED_NULL_PARAMETER);
1505                 return 0;
1506                 }
1507         if (ATTR_IS_SET(attrs,code))
1508                 {
1509                 OPENSSL_free(attrs->values[code].dn);
1510                 attrs->values[code].dn = NULL;
1511                 CLEAR_ATTRBIT(attrs, code);
1512                 }
1513         return STORE_ATTR_INFO_set_dn(attrs, code, dn);
1514         }
1515 int STORE_ATTR_INFO_modify_number(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1516         BIGNUM *number)
1517         {
1518         if (!attrs)
1519                 {
1520                 STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_NUMBER,
1521                         ERR_R_PASSED_NULL_PARAMETER);
1522                 return 0;
1523                 }
1524         if (ATTR_IS_SET(attrs,code))
1525                 {
1526                 OPENSSL_free(attrs->values[code].number);
1527                 attrs->values[code].number = NULL;
1528                 CLEAR_ATTRBIT(attrs, code);
1529                 }
1530         return STORE_ATTR_INFO_set_number(attrs, code, number);
1531         }
1532
1533 struct attr_list_ctx_st
1534         {
1535         OPENSSL_ITEM *attributes;
1536         };
1537 void *STORE_parse_attrs_start(OPENSSL_ITEM *attributes)
1538         {
1539         if (attributes)
1540                 {
1541                 struct attr_list_ctx_st *context =
1542                         (struct attr_list_ctx_st *)OPENSSL_malloc(sizeof(struct attr_list_ctx_st));
1543                 if (context)
1544                         context->attributes = attributes;
1545                 else
1546                         STOREerr(STORE_F_STORE_PARSE_ATTRS_START,
1547                                 ERR_R_MALLOC_FAILURE);
1548                 return context;
1549                 }
1550         STOREerr(STORE_F_STORE_PARSE_ATTRS_START, ERR_R_PASSED_NULL_PARAMETER);
1551         return 0;
1552         }
1553 STORE_ATTR_INFO *STORE_parse_attrs_next(void *handle)
1554         {
1555         struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)handle;
1556
1557         if (context && context->attributes)
1558                 {
1559                 STORE_ATTR_INFO *attrs = NULL;
1560
1561                 while(context->attributes
1562                         && context->attributes->code != STORE_ATTR_OR
1563                         && context->attributes->code != STORE_ATTR_END)
1564                         {
1565                         switch(context->attributes->code)
1566                                 {
1567                         case STORE_ATTR_FRIENDLYNAME:
1568                         case STORE_ATTR_EMAIL:
1569                         case STORE_ATTR_FILENAME:
1570                                 if (!attrs) attrs = STORE_ATTR_INFO_new();
1571                                 if (attrs == NULL)
1572                                         {
1573                                         STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
1574                                                 ERR_R_MALLOC_FAILURE);
1575                                         goto err;
1576                                         }
1577                                 STORE_ATTR_INFO_set_cstr(attrs,
1578                                         context->attributes->code,
1579                                         context->attributes->value,
1580                                         context->attributes->value_size);
1581                                 break;
1582                         case STORE_ATTR_KEYID:
1583                         case STORE_ATTR_ISSUERKEYID:
1584                         case STORE_ATTR_SUBJECTKEYID:
1585                         case STORE_ATTR_ISSUERSERIALHASH:
1586                         case STORE_ATTR_CERTHASH:
1587                                 if (!attrs) attrs = STORE_ATTR_INFO_new();
1588                                 if (attrs == NULL)
1589                                         {
1590                                         STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
1591                                                 ERR_R_MALLOC_FAILURE);
1592                                         goto err;
1593                                         }
1594                                 STORE_ATTR_INFO_set_sha1str(attrs,
1595                                         context->attributes->code,
1596                                         context->attributes->value,
1597                                         context->attributes->value_size);
1598                                 break;
1599                         case STORE_ATTR_ISSUER:
1600                         case STORE_ATTR_SUBJECT:
1601                                 if (!attrs) attrs = STORE_ATTR_INFO_new();
1602                                 if (attrs == NULL)
1603                                         {
1604                                         STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
1605                                                 ERR_R_MALLOC_FAILURE);
1606                                         goto err;
1607                                         }
1608                                 STORE_ATTR_INFO_modify_dn(attrs,
1609                                         context->attributes->code,
1610                                         context->attributes->value);
1611                                 break;
1612                         case STORE_ATTR_SERIAL:
1613                                 if (!attrs) attrs = STORE_ATTR_INFO_new();
1614                                 if (attrs == NULL)
1615                                         {
1616                                         STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
1617                                                 ERR_R_MALLOC_FAILURE);
1618                                         goto err;
1619                                         }
1620                                 STORE_ATTR_INFO_modify_number(attrs,
1621                                         context->attributes->code,
1622                                         context->attributes->value);
1623                                 break;
1624                                 }
1625                         context->attributes++;
1626                         }
1627                 if (context->attributes->code == STORE_ATTR_OR)
1628                         context->attributes++;
1629                 return attrs;
1630         err:
1631                 while(context->attributes
1632                         && context->attributes->code != STORE_ATTR_OR
1633                         && context->attributes->code != STORE_ATTR_END)
1634                         context->attributes++;
1635                 if (context->attributes->code == STORE_ATTR_OR)
1636                         context->attributes++;
1637                 return NULL;
1638                 }
1639         STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT, ERR_R_PASSED_NULL_PARAMETER);
1640         return NULL;
1641         }
1642 int STORE_parse_attrs_end(void *handle)
1643         {
1644         struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)handle;
1645
1646         if (context && context->attributes)
1647                 {
1648 #if 0
1649                 OPENSSL_ITEM *attributes = context->attributes;
1650 #endif
1651                 OPENSSL_free(context);
1652                 return 1;
1653                 }
1654         STOREerr(STORE_F_STORE_PARSE_ATTRS_END, ERR_R_PASSED_NULL_PARAMETER);
1655         return 0;
1656         }
1657
1658 int STORE_parse_attrs_endp(void *handle)
1659         {
1660         struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)handle;
1661
1662         if (context && context->attributes)
1663                 {
1664                 return context->attributes->code == STORE_ATTR_END;
1665                 }
1666         STOREerr(STORE_F_STORE_PARSE_ATTRS_ENDP, ERR_R_PASSED_NULL_PARAMETER);
1667         return 0;
1668         }
1669
1670 static int attr_info_compare_compute_range(
1671         unsigned char *abits, unsigned char *bbits,
1672         unsigned int *alowp, unsigned int *ahighp,
1673         unsigned int *blowp, unsigned int *bhighp)
1674         {
1675         unsigned int alow = (unsigned int)-1, ahigh = 0;
1676         unsigned int blow = (unsigned int)-1, bhigh = 0;
1677         int i, res = 0;
1678
1679         for (i = 0; i < (STORE_ATTR_TYPE_NUM + 8) / 8; i++, abits++, bbits++)
1680                 {
1681                 if (res == 0)
1682                         {
1683                         if (*abits < *bbits) res = -1;
1684                         if (*abits > *bbits) res = 1;
1685                         }
1686                 if (*abits)
1687                         {
1688                         if (alow == (unsigned int)-1)
1689                                 {
1690                                 alow = i * 8;
1691                                 if (!(*abits & 0x01)) alow++;
1692                                 if (!(*abits & 0x02)) alow++;
1693                                 if (!(*abits & 0x04)) alow++;
1694                                 if (!(*abits & 0x08)) alow++;
1695                                 if (!(*abits & 0x10)) alow++;
1696                                 if (!(*abits & 0x20)) alow++;
1697                                 if (!(*abits & 0x40)) alow++;
1698                                 }
1699                         ahigh = i * 8 + 7;
1700                         if (!(*abits & 0x80)) ahigh++;
1701                         if (!(*abits & 0x40)) ahigh++;
1702                         if (!(*abits & 0x20)) ahigh++;
1703                         if (!(*abits & 0x10)) ahigh++;
1704                         if (!(*abits & 0x08)) ahigh++;
1705                         if (!(*abits & 0x04)) ahigh++;
1706                         if (!(*abits & 0x02)) ahigh++;
1707                         }
1708                 if (*bbits)
1709                         {
1710                         if (blow == (unsigned int)-1)
1711                                 {
1712                                 blow = i * 8;
1713                                 if (!(*bbits & 0x01)) blow++;
1714                                 if (!(*bbits & 0x02)) blow++;
1715                                 if (!(*bbits & 0x04)) blow++;
1716                                 if (!(*bbits & 0x08)) blow++;
1717                                 if (!(*bbits & 0x10)) blow++;
1718                                 if (!(*bbits & 0x20)) blow++;
1719                                 if (!(*bbits & 0x40)) blow++;
1720                                 }
1721                         bhigh = i * 8 + 7;
1722                         if (!(*bbits & 0x80)) bhigh++;
1723                         if (!(*bbits & 0x40)) bhigh++;
1724                         if (!(*bbits & 0x20)) bhigh++;
1725                         if (!(*bbits & 0x10)) bhigh++;
1726                         if (!(*bbits & 0x08)) bhigh++;
1727                         if (!(*bbits & 0x04)) bhigh++;
1728                         if (!(*bbits & 0x02)) bhigh++;
1729                         }
1730                 }
1731         if (ahigh + alow < bhigh + blow) res = -1;
1732         if (ahigh + alow > bhigh + blow) res = 1;
1733         if (alowp) *alowp = alow;
1734         if (ahighp) *ahighp = ahigh;
1735         if (blowp) *blowp = blow;
1736         if (bhighp) *bhighp = bhigh;
1737         return res;
1738         }
1739
1740 int STORE_ATTR_INFO_compare(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
1741         {
1742         if (a == b) return 0;
1743         if (!a) return -1;
1744         if (!b) return 1;
1745         return attr_info_compare_compute_range(a->set, b->set, 0, 0, 0, 0);
1746         }
1747 int STORE_ATTR_INFO_in_range(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
1748         {
1749         unsigned int alow, ahigh, blow, bhigh;
1750
1751         if (a == b) return 1;
1752         if (!a) return 0;
1753         if (!b) return 0;
1754         attr_info_compare_compute_range(a->set, b->set,
1755                 &alow, &ahigh, &blow, &bhigh);
1756         if (alow >= blow && ahigh <= bhigh)
1757                 return 1;
1758         return 0;
1759         }
1760 int STORE_ATTR_INFO_in(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
1761         {
1762         unsigned char *abits, *bbits;
1763         int i;
1764
1765         if (a == b) return 1;
1766         if (!a) return 0;
1767         if (!b) return 0;
1768         abits = a->set;
1769         bbits = b->set;
1770         for (i = 0; i < (STORE_ATTR_TYPE_NUM + 8) / 8; i++, abits++, bbits++)
1771                 {
1772                 if (*abits && (*bbits & *abits) != *abits)
1773                         return 0;
1774                 }
1775         return 1;
1776         }
1777 int STORE_ATTR_INFO_in_ex(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
1778         {
1779         STORE_ATTR_TYPES i;
1780
1781         if (a == b) return 1;
1782         if (!STORE_ATTR_INFO_in(a, b)) return 0;
1783         for (i = 1; i < STORE_ATTR_TYPE_NUM; i++)
1784                 if (ATTR_IS_SET(a, i))
1785                         {
1786                         switch(i)
1787                                 {
1788                         case STORE_ATTR_FRIENDLYNAME:
1789                         case STORE_ATTR_EMAIL:
1790                         case STORE_ATTR_FILENAME:
1791                                 if (strcmp(a->values[i].cstring,
1792                                             b->values[i].cstring))
1793                                         return 0;
1794                                 break;
1795                         case STORE_ATTR_KEYID:
1796                         case STORE_ATTR_ISSUERKEYID:
1797                         case STORE_ATTR_SUBJECTKEYID:
1798                         case STORE_ATTR_ISSUERSERIALHASH:
1799                         case STORE_ATTR_CERTHASH:
1800                                 if (memcmp(a->values[i].sha1string,
1801                                             b->values[i].sha1string,
1802                                             a->value_sizes[i]))
1803                                         return 0;
1804                                 break;
1805                         case STORE_ATTR_ISSUER:
1806                         case STORE_ATTR_SUBJECT:
1807                                 if (X509_NAME_cmp(a->values[i].dn,
1808                                             b->values[i].dn))
1809                                         return 0;
1810                                 break;
1811                         case STORE_ATTR_SERIAL:
1812                                 if (BN_cmp(a->values[i].number,
1813                                             b->values[i].number))
1814                                         return 0;
1815                                 break;
1816                         default:
1817                                 break;
1818                                 }
1819                         }
1820
1821         return 1;
1822         }