crypto/store/str_lib.c

   1 /* crypto/store/str_lib.c -*- mode:C; c-file-style: "eay" -*- */
   2 /* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
   3  * project 2003.
   4  */
   5 /* ====================================================================
   6  * Copyright (c) 2003 The OpenSSL Project.  All rights reserved.
   7  *
   8  * Redistribution and use in source and binary forms, with or without
   9  * modification, are permitted provided that the following conditions
  10  * are met:
  11  *
  12  * 1. Redistributions of source code must retain the above copyright
  13  *    notice, this list of conditions and the following disclaimer.
  14  *
  15  * 2. Redistributions in binary form must reproduce the above copyright
  16  *    notice, this list of conditions and the following disclaimer in
  17  *    the documentation and/or other materials provided with the
  18  *    distribution.
  19  *
  20  * 3. All advertising materials mentioning features or use of this
  21  *    software must display the following acknowledgment:
  22  *    "This product includes software developed by the OpenSSL Project
  23  *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
  24  *
  25  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
  26  *    endorse or promote products derived from this software without
  27  *    prior written permission. For written permission, please contact
  28  *    openssl-core@openssl.org.
  29  *
  30  * 5. Products derived from this software may not be called "OpenSSL"
  31  *    nor may "OpenSSL" appear in their names without prior written
  32  *    permission of the OpenSSL Project.
  33  *
  34  * 6. Redistributions of any form whatsoever must retain the following
  35  *    acknowledgment:
  36  *    "This product includes software developed by the OpenSSL Project
  37  *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
  38  *
  39  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
  40  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  41  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
  42  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
  43  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
  44  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
  45  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
  46  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  47  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
  48  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  49  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
  50  * OF THE POSSIBILITY OF SUCH DAMAGE.
  51  * ====================================================================
  52  *
  53  * This product includes cryptographic software written by Eric Young
  54  * (eay@cryptsoft.com).  This product includes software written by Tim
  55  * Hudson (tjh@cryptsoft.com).
  56  *
  57  */
  58
  59 #include <string.h>
  60 #include <openssl/bn.h>
  61 #include <openssl/err.h>
  62 #include <openssl/engine.h>
  63 #include "str_locl.h"
  64
  65 const char * const STORE_object_type_string[STORE_OBJECT_TYPE_NUM+1] =
  66         {
  67         0,
  68         "X.509 Certificate",
  69         "X.509 CRL",
  70         "Private Key",
  71         "Public Key",
  72         "Number"
  73         };
  74
  75 const int STORE_param_sizes[STORE_PARAM_TYPE_NUM+1] =
  76         {
  77         0,
  78         sizeof(int),            /* EVP_TYPE */
  79         sizeof(size_t),         /* BITS */
  80         -1,                     /* KEY_PARAMETERS */
  81         0                       /* KEY_NO_PARAMETERS */
  82         };
  83
  84 const int STORE_attr_sizes[STORE_ATTR_TYPE_NUM+1] =
  85         {
  86         0,
  87         -1,                     /* FRIENDLYNAME:                C string */
  88         SHA_DIGEST_LENGTH,      /* KEYID:               SHA1 digest, 160 bits */
  89         SHA_DIGEST_LENGTH,      /* ISSUERKEYID:         SHA1 digest, 160 bits */
  90         SHA_DIGEST_LENGTH,      /* SUBJECTKEYID:                SHA1 digest, 160 bits */
  91         SHA_DIGEST_LENGTH,      /* ISSUERSERIALHASH:    SHA1 digest, 160 bits */
  92         sizeof(X509_NAME *),    /* ISSUER:              X509_NAME * */
  93         sizeof(BIGNUM *),       /* SERIAL:              BIGNUM * */
  94         sizeof(X509_NAME *),    /* SUBJECT:             X509_NAME * */
  95         SHA_DIGEST_LENGTH,      /* CERTHASH:            SHA1 digest, 160 bits */
  96         -1,                     /* EMAIL:               C string */
  97         -1,                     /* FILENAME:            C string */
  98         };
  99
 100 STORE *STORE_new_method(const STORE_METHOD *method)
 101         {
 102         STORE *ret;
 103
 104         ret=(STORE *)OPENSSL_malloc(sizeof(STORE));
 105         if (ret == NULL)
 106                 {
 107                 STOREerr(STORE_F_STORE_NEW_METHOD,ERR_R_MALLOC_FAILURE);
 108                 return NULL;
 109                 }
 110         if (method == NULL)
 111                 {
 112                 STOREerr(STORE_F_STORE_NEW_METHOD,ERR_R_PASSED_NULL_PARAMETER);
 113                 return NULL;
 114                 }
 115         else
 116                 ret->meth=method;
 117
 118         CRYPTO_new_ex_data(CRYPTO_EX_INDEX_STORE, ret, &ret->ex_data);
 119         if (ret->meth->init && !ret->meth->init(ret))
 120                 {
 121                 STORE_free(ret);
 122                 ret = NULL;
 123                 }
 124         return ret;
 125         }
 126
 127 STORE *STORE_new_engine(ENGINE *engine)
 128         {
 129         STORE *ret = NULL;
 130         ENGINE *e = engine;
 131         const STORE_METHOD *meth = 0;
 132
 133 #ifdef OPENSSL_NO_ENGINE
 134         e = NULL;
 135 #else
 136         if (engine)
 137                 {
 138                 if (!ENGINE_init(engine))
 139                         {
 140                         STOREerr(STORE_F_STORE_NEW_ENGINE, ERR_R_ENGINE_LIB);
 141                         return NULL;
 142                         }
 143                 e = engine;
 144                 }
 145         else
 146                 {
 147                 STOREerr(STORE_F_STORE_NEW_ENGINE,ERR_R_PASSED_NULL_PARAMETER);
 148                 return NULL;
 149                 }
 150         if(e)
 151                 {
 152                 meth = ENGINE_get_STORE(e);
 153                 if(!meth)
 154                         {
 155                         STOREerr(STORE_F_STORE_NEW_ENGINE,
 156                                 ERR_R_ENGINE_LIB);
 157                         ENGINE_finish(e);
 158                         return NULL;
 159                         }
 160                 }
 161 #endif
 162
 163         ret = STORE_new_method(meth);
 164         if (ret == NULL)
 165                 {
 166                 STOREerr(STORE_F_STORE_NEW_ENGINE,ERR_R_STORE_LIB);
 167                 return NULL;
 168                 }
 169
 170         ret->engine = e;
 171
 172         return(ret);
 173         }
 174
 175 void STORE_free(STORE *store)
 176         {
 177         if (store == NULL)
 178                 return;
 179         if (store->meth->clean)
 180                 store->meth->clean(store);
 181         CRYPTO_free_ex_data(CRYPTO_EX_INDEX_STORE, store, &store->ex_data);
 182         OPENSSL_free(store);
 183         }
 184
 185
 186 int STORE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
 187              CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
 188         {
 189         return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_STORE, argl, argp,
 190                                 new_func, dup_func, free_func);
 191         }
 192
 193 int STORE_set_ex_data(STORE *r, int idx, void *arg)
 194         {
 195         return(CRYPTO_set_ex_data(&r->ex_data,idx,arg));
 196         }
 197
 198 void *STORE_get_ex_data(STORE *r, int idx)
 199         {
 200         return(CRYPTO_get_ex_data(&r->ex_data,idx));
 201         }
 202
 203 const STORE_METHOD *STORE_get_method(STORE *store)
 204         {
 205         return store->meth;
 206         }
 207
 208 const STORE_METHOD *STORE_set_method(STORE *store, const STORE_METHOD *meth)
 209         {
 210         store->meth=meth;
 211         return store->meth;
 212         }
 213
 214
 215 /* API helpers */
 216
 217 #define check_store(s,fncode,fnname,fnerrcode) \
 218         do \
 219                 { \
 220                 if ((s) == NULL || (s)->meth) \
 221                         { \
 222                         STOREerr((fncode), ERR_R_PASSED_NULL_PARAMETER); \
 223                         return 0; \
 224                         } \
 225                 if ((s)->meth->fnname == NULL) \
 226                         { \
 227                         STOREerr((fncode), (fnerrcode)); \
 228                         return 0; \
 229                         } \
 230                 } \
 231         while(0)
 232
 233 /* API functions */
 234
 235 X509 *STORE_get_certificate(STORE *s, OPENSSL_ITEM attributes[],
 236         OPENSSL_ITEM parameters[])
 237         {
 238         STORE_OBJECT *object;
 239         X509 *x;
 240
 241         check_store(s,STORE_F_STORE_GET_CERTIFICATE,
 242                 get_object,STORE_R_NO_GET_OBJECT_FUNCTION);
 243
 244         object = s->meth->get_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
 245                 attributes, parameters);
 246         if (!object || !object->data.x509.certificate)
 247                 {
 248                 STOREerr(STORE_F_STORE_GET_CERTIFICATE,
 249                         STORE_R_FAILED_GETTING_CERTIFICATE);
 250                 return 0;
 251                 }
 252         CRYPTO_add(&object->data.x509.certificate->references,1,CRYPTO_LOCK_X509);
 253 #ifdef REF_PRINT
 254         REF_PRINT("X509",data);
 255 #endif
 256         x = object->data.x509.certificate;
 257         STORE_OBJECT_free(object);
 258         return x;
 259         }
 260
 261 int store_certificate(STORE *s, X509 *data, OPENSSL_ITEM attributes[],
 262         OPENSSL_ITEM parameters[])
 263         {
 264         STORE_OBJECT *object = STORE_OBJECT_new();
 265         int i;
 266
 267         check_store(s,STORE_F_STORE_CERTIFICATE,
 268                 store_object,STORE_R_NO_STORE_OBJECT_FUNCTION);
 269
 270         if (!object)
 271                 {
 272                 STOREerr(STORE_F_STORE_CERTIFICATE,
 273                         ERR_R_MALLOC_FAILURE);
 274                 return 0;
 275                 }
 276
 277         CRYPTO_add(&data->references,1,CRYPTO_LOCK_X509);
 278 #ifdef REF_PRINT
 279         REF_PRINT("X509",data);
 280 #endif
 281         object->data.x509.certificate = data;
 282
 283         i = s->meth->store_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
 284                 object, attributes, parameters);
 285
 286         STORE_OBJECT_free(object);
 287
 288         if (!i)
 289                 {
 290                 STOREerr(STORE_F_STORE_CERTIFICATE,
 291                         STORE_R_FAILED_STORING_CERTIFICATE);
 292                 return 0;
 293                 }
 294         return 1;
 295         }
 296
 297 int STORE_revoke_certificate(STORE *s, OPENSSL_ITEM attributes[],
 298         OPENSSL_ITEM parameters[])
 299         {
 300         check_store(s,STORE_F_STORE_REVOKE_CERTIFICATE,
 301                 revoke_object,STORE_R_NO_REVOKE_OBJECT_FUNCTION);
 302
 303         if (!s->meth->revoke_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
 304                     attributes, parameters))
 305                 {
 306                 STOREerr(STORE_F_STORE_REVOKE_CERTIFICATE,
 307                         STORE_R_FAILED_REVOKING_CERTIFICATE);
 308                 return 0;
 309                 }
 310         return 1;
 311         }
 312
 313 int STORE_delete_certificate(STORE *s, OPENSSL_ITEM attributes[],
 314         OPENSSL_ITEM parameters[])
 315         {
 316         check_store(s,STORE_F_STORE_DELETE_CERTIFICATE,
 317                 delete_object,STORE_R_NO_DELETE_OBJECT_FUNCTION);
 318
 319         if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
 320                     attributes, parameters))
 321                 {
 322                 STOREerr(STORE_F_STORE_DELETE_CERTIFICATE,
 323                         STORE_R_FAILED_DELETING_CERTIFICATE);
 324                 return 0;
 325                 }
 326         return 1;
 327         }
 328
 329 void *STORE_list_certificate_start(STORE *s, OPENSSL_ITEM attributes[],
 330         OPENSSL_ITEM parameters[])
 331         {
 332         void *handle;
 333
 334         check_store(s,STORE_F_STORE_LIST_CERTIFICATE_START,
 335                 list_object_start,STORE_R_NO_LIST_OBJECT_START_FUNCTION);
 336
 337         handle = s->meth->list_object_start(s,
 338                 STORE_OBJECT_TYPE_X509_CERTIFICATE, attributes, parameters);
 339         if (!handle)
 340                 {
 341                 STOREerr(STORE_F_STORE_LIST_CERTIFICATE_START,
 342                         STORE_R_FAILED_LISTING_CERTIFICATES);
 343                 return 0;
 344                 }
 345         return handle;
 346         }
 347
 348 X509 *STORE_list_certificate_next(STORE *s, void *handle)
 349         {
 350         STORE_OBJECT *object;
 351         X509 *x;
 352
 353         check_store(s,STORE_F_STORE_LIST_CERTIFICATE_NEXT,
 354                 list_object_next,STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
 355
 356         object = s->meth->list_object_next(s, handle);
 357         if (!object || !object->data.x509.certificate)
 358                 {
 359                 STOREerr(STORE_F_STORE_LIST_CERTIFICATE_NEXT,
 360                         STORE_R_FAILED_LISTING_CERTIFICATES);
 361                 return 0;
 362                 }
 363         CRYPTO_add(&object->data.x509.certificate->references,1,CRYPTO_LOCK_X509);
 364 #ifdef REF_PRINT
 365         REF_PRINT("X509",data);
 366 #endif
 367         x = object->data.x509.certificate;
 368         STORE_OBJECT_free(object);
 369         return x;
 370         }
 371
 372 int STORE_list_certificate_end(STORE *s, void *handle)
 373         {
 374         check_store(s,STORE_F_STORE_LIST_CERTIFICATE_END,
 375                 list_object_end,STORE_R_NO_LIST_OBJECT_END_FUNCTION);
 376
 377         if (!s->meth->list_object_end(s, handle))
 378                 {
 379                 STOREerr(STORE_F_STORE_LIST_CERTIFICATE_END,
 380                         STORE_R_FAILED_LISTING_CERTIFICATES);
 381                 return 0;
 382                 }
 383         return 1;
 384         }
 385
 386 int STORE_list_certificate_endp(STORE *s, void *handle)
 387         {
 388         check_store(s,STORE_F_STORE_LIST_CERTIFICATE_ENDP,
 389                 list_object_endp,STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
 390
 391         if (!s->meth->list_object_endp(s, handle))
 392                 {
 393                 STOREerr(STORE_F_STORE_LIST_CERTIFICATE_ENDP,
 394                         STORE_R_FAILED_LISTING_CERTIFICATES);
 395                 return 0;
 396                 }
 397         return 1;
 398         }
 399
 400 EVP_PKEY *STORE_generate_key(STORE *s, OPENSSL_ITEM attributes[],
 401         OPENSSL_ITEM parameters[])
 402         {
 403         STORE_OBJECT *object;
 404         EVP_PKEY *pkey;
 405
 406         check_store(s,STORE_F_STORE_GENERATE_KEY,
 407                 generate_object,STORE_R_NO_GENERATE_OBJECT_FUNCTION);
 408
 409         object = s->meth->generate_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
 410                 attributes, parameters);
 411         if (!object || !object->data.key)
 412                 {
 413                 STOREerr(STORE_F_STORE_GENERATE_KEY,
 414                         STORE_R_FAILED_GENERATING_KEY);
 415                 return 0;
 416                 }
 417         CRYPTO_add(&object->data.key->references,1,CRYPTO_LOCK_EVP_PKEY);
 418 #ifdef REF_PRINT
 419         REF_PRINT("EVP_PKEY",data);
 420 #endif
 421         pkey = object->data.key;
 422         STORE_OBJECT_free(object);
 423         return pkey;
 424         }
 425
 426 EVP_PKEY *STORE_get_private_key(STORE *s, OPENSSL_ITEM attributes[],
 427         OPENSSL_ITEM parameters[])
 428         {
 429         STORE_OBJECT *object;
 430         EVP_PKEY *pkey;
 431
 432         check_store(s,STORE_F_STORE_GET_PRIVATE_KEY,
 433                 get_object,STORE_R_NO_GET_OBJECT_FUNCTION);
 434
 435         object = s->meth->get_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
 436                 attributes, parameters);
 437         if (!object || !object->data.key || !object->data.key)
 438                 {
 439                 STOREerr(STORE_F_STORE_GET_PRIVATE_KEY,
 440                         STORE_R_FAILED_GETTING_KEY);
 441                 return 0;
 442                 }
 443         CRYPTO_add(&object->data.key->references,1,CRYPTO_LOCK_EVP_PKEY);
 444 #ifdef REF_PRINT
 445         REF_PRINT("EVP_PKEY",data);
 446 #endif
 447         pkey = object->data.key;
 448         STORE_OBJECT_free(object);
 449         return pkey;
 450         }
 451
 452 int store_private_key(STORE *s, EVP_PKEY *data, OPENSSL_ITEM attributes[],
 453         OPENSSL_ITEM parameters[])
 454         {
 455         STORE_OBJECT *object = STORE_OBJECT_new();
 456         int i;
 457
 458         check_store(s,STORE_F_STORE_PRIVATE_KEY,
 459                 store_object,STORE_R_NO_STORE_OBJECT_FUNCTION);
 460
 461         if (!object)
 462                 {
 463                 STOREerr(STORE_F_STORE_PRIVATE_KEY,
 464                         ERR_R_MALLOC_FAILURE);
 465                 return 0;
 466                 }
 467         object->data.key = EVP_PKEY_new();
 468         if (!object->data.key)
 469                 {
 470                 STOREerr(STORE_F_STORE_PRIVATE_KEY,
 471                         ERR_R_MALLOC_FAILURE);
 472                 return 0;
 473                 }
 474
 475         CRYPTO_add(&data->references,1,CRYPTO_LOCK_EVP_PKEY);
 476 #ifdef REF_PRINT
 477         REF_PRINT("EVP_PKEY",data);
 478 #endif
 479         object->data.key = data;
 480
 481         i = s->meth->store_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY, object,
 482                 attributes, parameters);
 483
 484         STORE_OBJECT_free(object);
 485
 486         if (!i)
 487                 {
 488                 STOREerr(STORE_F_STORE_PRIVATE_KEY,
 489                         STORE_R_FAILED_STORING_KEY);
 490                 return 0;
 491                 }
 492         return i;
 493         }
 494
 495 int STORE_revoke_private_key(STORE *s, OPENSSL_ITEM attributes[],
 496         OPENSSL_ITEM parameters[])
 497         {
 498         int i;
 499
 500         check_store(s,STORE_F_STORE_REVOKE_PRIVATE_KEY,
 501                 revoke_object,STORE_R_NO_REVOKE_OBJECT_FUNCTION);
 502
 503         i = s->meth->revoke_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
 504                 attributes, parameters);
 505
 506         if (!i)
 507                 {
 508                 STOREerr(STORE_F_STORE_REVOKE_PRIVATE_KEY,
 509                         STORE_R_FAILED_REVOKING_KEY);
 510                 return 0;
 511                 }
 512         return i;
 513         }
 514
 515 int STORE_delete_private_key(STORE *s, OPENSSL_ITEM attributes[],
 516         OPENSSL_ITEM parameters[])
 517         {
 518         check_store(s,STORE_F_STORE_DELETE_PRIVATE_KEY,
 519                 delete_object,STORE_R_NO_DELETE_OBJECT_FUNCTION);
 520
 521         if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
 522                     attributes, parameters))
 523                 {
 524                 STOREerr(STORE_F_STORE_DELETE_PRIVATE_KEY,
 525                         STORE_R_FAILED_DELETING_KEY);
 526                 return 0;
 527                 }
 528         return 1;
 529         }
 530
 531 void *STORE_list_private_key_start(STORE *s, OPENSSL_ITEM attributes[],
 532         OPENSSL_ITEM parameters[])
 533         {
 534         void *handle;
 535
 536         check_store(s,STORE_F_STORE_LIST_PRIVATE_KEY_START,
 537                 list_object_start,STORE_R_NO_LIST_OBJECT_START_FUNCTION);
 538
 539         handle = s->meth->list_object_start(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
 540                 attributes, parameters);
 541         if (!handle)
 542                 {
 543                 STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_START,
 544                         STORE_R_FAILED_LISTING_KEYS);
 545                 return 0;
 546                 }
 547         return handle;
 548         }
 549
 550 EVP_PKEY *STORE_list_private_key_next(STORE *s, void *handle)
 551         {
 552         STORE_OBJECT *object;
 553         EVP_PKEY *pkey;
 554
 555         check_store(s,STORE_F_STORE_LIST_PRIVATE_KEY_NEXT,
 556                 list_object_next,STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
 557
 558         object = s->meth->list_object_next(s, handle);
 559         if (!object || !object->data.key || !object->data.key)
 560                 {
 561                 STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_NEXT,
 562                         STORE_R_FAILED_LISTING_KEYS);
 563                 return 0;
 564                 }
 565         CRYPTO_add(&object->data.key->references,1,CRYPTO_LOCK_EVP_PKEY);
 566 #ifdef REF_PRINT
 567         REF_PRINT("EVP_PKEY",data);
 568 #endif
 569         pkey = object->data.key;
 570         STORE_OBJECT_free(object);
 571         return pkey;
 572         }
 573
 574 int STORE_list_private_key_end(STORE *s, void *handle)
 575         {
 576         check_store(s,STORE_F_STORE_LIST_PRIVATE_KEY_END,
 577                 list_object_end,STORE_R_NO_LIST_OBJECT_END_FUNCTION);
 578
 579         if (!s->meth->list_object_end(s, handle))
 580                 {
 581                 STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_END,
 582                         STORE_R_FAILED_LISTING_KEYS);
 583                 return 0;
 584                 }
 585         return 1;
 586         }
 587
 588 int STORE_list_private_key_endp(STORE *s, void *handle)
 589         {
 590         check_store(s,STORE_F_STORE_LIST_PRIVATE_KEY_ENDP,
 591                 list_object_endp,STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
 592
 593         if (!s->meth->list_object_endp(s, handle))
 594                 {
 595                 STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_ENDP,
 596                         STORE_R_FAILED_LISTING_KEYS);
 597                 return 0;
 598                 }
 599         return 1;
 600         }
 601
 602 EVP_PKEY *STORE_get_public_key(STORE *s, OPENSSL_ITEM attributes[],
 603         OPENSSL_ITEM parameters[])
 604         {
 605         STORE_OBJECT *object;
 606         EVP_PKEY *pkey;
 607
 608         check_store(s,STORE_F_STORE_GET_PUBLIC_KEY,
 609                 get_object,STORE_R_NO_GET_OBJECT_FUNCTION);
 610
 611         object = s->meth->get_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
 612                 attributes, parameters);
 613         if (!object || !object->data.key || !object->data.key)
 614                 {
 615                 STOREerr(STORE_F_STORE_GET_PUBLIC_KEY,
 616                         STORE_R_FAILED_GETTING_KEY);
 617                 return 0;
 618                 }
 619         CRYPTO_add(&object->data.key->references,1,CRYPTO_LOCK_EVP_PKEY);
 620 #ifdef REF_PRINT
 621         REF_PRINT("EVP_PKEY",data);
 622 #endif
 623         pkey = object->data.key;
 624         STORE_OBJECT_free(object);
 625         return pkey;
 626         }
 627
 628 int store_public_key(STORE *s, EVP_PKEY *data, OPENSSL_ITEM attributes[],
 629         OPENSSL_ITEM parameters[])
 630         {
 631         STORE_OBJECT *object = STORE_OBJECT_new();
 632         int i;
 633
 634         check_store(s,STORE_F_STORE_PUBLIC_KEY,
 635                 store_object,STORE_R_NO_STORE_OBJECT_FUNCTION);
 636
 637         if (!object)
 638                 {
 639                 STOREerr(STORE_F_STORE_PUBLIC_KEY,
 640                         ERR_R_MALLOC_FAILURE);
 641                 return 0;
 642                 }
 643         object->data.key = EVP_PKEY_new();
 644         if (!object->data.key)
 645                 {
 646                 STOREerr(STORE_F_STORE_PUBLIC_KEY,
 647                         ERR_R_MALLOC_FAILURE);
 648                 return 0;
 649                 }
 650
 651         CRYPTO_add(&data->references,1,CRYPTO_LOCK_EVP_PKEY);
 652 #ifdef REF_PRINT
 653         REF_PRINT("EVP_PKEY",data);
 654 #endif
 655         object->data.key = data;
 656
 657         i = s->meth->store_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY, object,
 658                 attributes, parameters);
 659
 660         STORE_OBJECT_free(object);
 661
 662         if (!i)
 663                 {
 664                 STOREerr(STORE_F_STORE_PUBLIC_KEY,
 665                         STORE_R_FAILED_STORING_KEY);
 666                 return 0;
 667                 }
 668         return i;
 669         }
 670
 671 int STORE_revoke_public_key(STORE *s, OPENSSL_ITEM attributes[],
 672         OPENSSL_ITEM parameters[])
 673         {
 674         int i;
 675
 676         check_store(s,STORE_F_STORE_REVOKE_PUBLIC_KEY,
 677                 revoke_object,STORE_R_NO_REVOKE_OBJECT_FUNCTION);
 678
 679         i = s->meth->revoke_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
 680                 attributes, parameters);
 681
 682         if (!i)
 683                 {
 684                 STOREerr(STORE_F_STORE_REVOKE_PUBLIC_KEY,
 685                         STORE_R_FAILED_REVOKING_KEY);
 686                 return 0;
 687                 }
 688         return i;
 689         }
 690
 691 int STORE_delete_public_key(STORE *s, OPENSSL_ITEM attributes[],
 692         OPENSSL_ITEM parameters[])
 693         {
 694         check_store(s,STORE_F_STORE_DELETE_PUBLIC_KEY,
 695                 delete_object,STORE_R_NO_DELETE_OBJECT_FUNCTION);
 696
 697         if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
 698                     attributes, parameters))
 699                 {
 700                 STOREerr(STORE_F_STORE_DELETE_PUBLIC_KEY,
 701                         STORE_R_FAILED_DELETING_KEY);
 702                 return 0;
 703                 }
 704         return 1;
 705         }
 706
 707 void *STORE_list_public_key_start(STORE *s, OPENSSL_ITEM attributes[],
 708         OPENSSL_ITEM parameters[])
 709         {
 710         void *handle;
 711
 712         check_store(s,STORE_F_STORE_LIST_PUBLIC_KEY_START,
 713                 list_object_start,STORE_R_NO_LIST_OBJECT_START_FUNCTION);
 714
 715         handle = s->meth->list_object_start(s, STORE_OBJECT_TYPE_PUBLIC_KEY,
 716                 attributes, parameters);
 717         if (!handle)
 718                 {
 719                 STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_START,
 720                         STORE_R_FAILED_LISTING_KEYS);
 721                 return 0;
 722                 }
 723         return handle;
 724         }
 725
 726 EVP_PKEY *STORE_list_public_key_next(STORE *s, void *handle)
 727         {
 728         STORE_OBJECT *object;
 729         EVP_PKEY *pkey;
 730
 731         check_store(s,STORE_F_STORE_LIST_PUBLIC_KEY_NEXT,
 732                 list_object_next,STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
 733
 734         object = s->meth->list_object_next(s, handle);
 735         if (!object || !object->data.key || !object->data.key)
 736                 {
 737                 STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_NEXT,
 738                         STORE_R_FAILED_LISTING_KEYS);
 739                 return 0;
 740                 }
 741         CRYPTO_add(&object->data.key->references,1,CRYPTO_LOCK_EVP_PKEY);
 742 #ifdef REF_PRINT
 743         REF_PRINT("EVP_PKEY",data);
 744 #endif
 745         pkey = object->data.key;
 746         STORE_OBJECT_free(object);
 747         return pkey;
 748         }
 749
 750 int STORE_list_public_key_end(STORE *s, void *handle)
 751         {
 752         check_store(s,STORE_F_STORE_LIST_PUBLIC_KEY_END,
 753                 list_object_end,STORE_R_NO_LIST_OBJECT_END_FUNCTION);
 754
 755         if (!s->meth->list_object_end(s, handle))
 756                 {
 757                 STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_END,
 758                         STORE_R_FAILED_LISTING_KEYS);
 759                 return 0;
 760                 }
 761         return 1;
 762         }
 763
 764 int STORE_list_public_key_endp(STORE *s, void *handle)
 765         {
 766         check_store(s,STORE_F_STORE_LIST_PUBLIC_KEY_ENDP,
 767                 list_object_endp,STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
 768
 769         if (!s->meth->list_object_endp(s, handle))
 770                 {
 771                 STOREerr(STORE_F_STORE_LIST_PUBLIC_KEY_ENDP,
 772                         STORE_R_FAILED_LISTING_KEYS);
 773                 return 0;
 774                 }
 775         return 1;
 776         }
 777
 778 X509_CRL *STORE_generate_crl(STORE *s, OPENSSL_ITEM attributes[],
 779         OPENSSL_ITEM parameters[])
 780         {
 781         STORE_OBJECT *object;
 782         X509_CRL *crl;
 783
 784         check_store(s,STORE_F_STORE_GENERATE_CRL,
 785                 generate_object,STORE_R_NO_GENERATE_CRL_FUNCTION);
 786
 787         object = s->meth->generate_object(s, STORE_OBJECT_TYPE_X509_CRL,
 788                 attributes, parameters);
 789         if (!object || !object->data.crl)
 790                 {
 791                 STOREerr(STORE_F_STORE_GENERATE_CRL,
 792                         STORE_R_FAILED_GENERATING_CRL);
 793                 return 0;
 794                 }
 795         CRYPTO_add(&object->data.crl->references,1,CRYPTO_LOCK_X509_CRL);
 796 #ifdef REF_PRINT
 797         REF_PRINT("X509_CRL",data);
 798 #endif
 799         crl = object->data.crl;
 800         STORE_OBJECT_free(object);
 801         return crl;
 802         }
 803
 804 X509_CRL *STORE_get_crl(STORE *s, OPENSSL_ITEM attributes[],
 805         OPENSSL_ITEM parameters[])
 806         {
 807         STORE_OBJECT *object;
 808         X509_CRL *crl;
 809
 810         check_store(s,STORE_F_STORE_GET_CRL,
 811                 get_object,STORE_R_NO_GET_OBJECT_FUNCTION);
 812
 813         object = s->meth->get_object(s, STORE_OBJECT_TYPE_X509_CRL,
 814                 attributes, parameters);
 815         if (!object || !object->data.crl)
 816                 {
 817                 STOREerr(STORE_F_STORE_GET_CRL,
 818                         STORE_R_FAILED_GETTING_KEY);
 819                 return 0;
 820                 }
 821         CRYPTO_add(&object->data.crl->references,1,CRYPTO_LOCK_X509_CRL);
 822 #ifdef REF_PRINT
 823         REF_PRINT("X509_CRL",data);
 824 #endif
 825         crl = object->data.crl;
 826         STORE_OBJECT_free(object);
 827         return crl;
 828         }
 829
 830 int store_crl(STORE *s, X509_CRL *data, OPENSSL_ITEM attributes[],
 831         OPENSSL_ITEM parameters[])
 832         {
 833         STORE_OBJECT *object = STORE_OBJECT_new();
 834         int i;
 835
 836         check_store(s,STORE_F_STORE_CRL,
 837                 store_object,STORE_R_NO_STORE_OBJECT_FUNCTION);
 838
 839         if (!object)
 840                 {
 841                 STOREerr(STORE_F_STORE_CRL,
 842                         ERR_R_MALLOC_FAILURE);
 843                 return 0;
 844                 }
 845
 846         CRYPTO_add(&data->references,1,CRYPTO_LOCK_X509_CRL);
 847 #ifdef REF_PRINT
 848         REF_PRINT("X509_CRL",data);
 849 #endif
 850         object->data.crl = data;
 851
 852         i = s->meth->store_object(s, STORE_OBJECT_TYPE_X509_CRL, object,
 853                 attributes, parameters);
 854
 855         STORE_OBJECT_free(object);
 856
 857         if (!i)
 858                 {
 859                 STOREerr(STORE_F_STORE_CRL,
 860                         STORE_R_FAILED_STORING_KEY);
 861                 return 0;
 862                 }
 863         return i;
 864         }
 865
 866 int STORE_delete_crl(STORE *s, OPENSSL_ITEM attributes[],
 867         OPENSSL_ITEM parameters[])
 868         {
 869         check_store(s,STORE_F_STORE_DELETE_CRL,
 870                 delete_object,STORE_R_NO_DELETE_OBJECT_FUNCTION);
 871
 872         if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_X509_CRL,
 873                     attributes, parameters))
 874                 {
 875                 STOREerr(STORE_F_STORE_DELETE_CRL,
 876                         STORE_R_FAILED_DELETING_KEY);
 877                 return 0;
 878                 }
 879         return 1;
 880         }
 881
 882 void *STORE_list_crl_start(STORE *s, OPENSSL_ITEM attributes[],
 883         OPENSSL_ITEM parameters[])
 884         {
 885         void *handle;
 886
 887         check_store(s,STORE_F_STORE_LIST_CRL_START,
 888                 list_object_start,STORE_R_NO_LIST_OBJECT_START_FUNCTION);
 889
 890         handle = s->meth->list_object_start(s, STORE_OBJECT_TYPE_X509_CRL,
 891                 attributes, parameters);
 892         if (!handle)
 893                 {
 894                 STOREerr(STORE_F_STORE_LIST_CRL_START,
 895                         STORE_R_FAILED_LISTING_KEYS);
 896                 return 0;
 897                 }
 898         return handle;
 899         }
 900
 901 X509_CRL *STORE_list_crl_next(STORE *s, void *handle)
 902         {
 903         STORE_OBJECT *object;
 904         X509_CRL *crl;
 905
 906         check_store(s,STORE_F_STORE_LIST_CRL_NEXT,
 907                 list_object_next,STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);
 908
 909         object = s->meth->list_object_next(s, handle);
 910         if (!object || !object->data.crl)
 911                 {
 912                 STOREerr(STORE_F_STORE_LIST_CRL_NEXT,
 913                         STORE_R_FAILED_LISTING_KEYS);
 914                 return 0;
 915                 }
 916         CRYPTO_add(&object->data.crl->references,1,CRYPTO_LOCK_X509_CRL);
 917 #ifdef REF_PRINT
 918         REF_PRINT("X509_CRL",data);
 919 #endif
 920         crl = object->data.crl;
 921         STORE_OBJECT_free(object);
 922         return crl;
 923         }
 924
 925 int STORE_list_crl_end(STORE *s, void *handle)
 926         {
 927         check_store(s,STORE_F_STORE_LIST_CRL_END,
 928                 list_object_end,STORE_R_NO_LIST_OBJECT_END_FUNCTION);
 929
 930         if (!s->meth->list_object_end(s, handle))
 931                 {
 932                 STOREerr(STORE_F_STORE_LIST_CRL_END,
 933                         STORE_R_FAILED_LISTING_KEYS);
 934                 return 0;
 935                 }
 936         return 1;
 937         }
 938
 939 int STORE_list_crl_endp(STORE *s, void *handle)
 940         {
 941         check_store(s,STORE_F_STORE_LIST_CRL_ENDP,
 942                 list_object_endp,STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);
 943
 944         if (!s->meth->list_object_endp(s, handle))
 945                 {
 946                 STOREerr(STORE_F_STORE_LIST_CRL_ENDP,
 947                         STORE_R_FAILED_LISTING_KEYS);
 948                 return 0;
 949                 }
 950         return 1;
 951         }
 952
 953 int store_number(STORE *s, BIGNUM *data, OPENSSL_ITEM attributes[],
 954         OPENSSL_ITEM parameters[])
 955         {
 956         STORE_OBJECT *object = STORE_OBJECT_new();
 957         int i;
 958
 959         check_store(s,STORE_F_STORE_NUMBER,
 960                 store_object,STORE_R_NO_STORE_OBJECT_NUMBER_FUNCTION);
 961
 962         if (!object)
 963                 {
 964                 STOREerr(STORE_F_STORE_NUMBER,
 965                         ERR_R_MALLOC_FAILURE);
 966                 return 0;
 967                 }
 968
 969         object->data.number = data;
 970
 971         i = s->meth->store_object(s, STORE_OBJECT_TYPE_NUMBER, object,
 972                 attributes, parameters);
 973
 974         STORE_OBJECT_free(object);
 975
 976         if (!i)
 977                 {
 978                 STOREerr(STORE_F_STORE_NUMBER,
 979                         STORE_R_FAILED_STORING_NUMBER);
 980                 return 0;
 981                 }
 982         return 1;
 983         }
 984
 985 BIGNUM *STORE_get_number(STORE *s, OPENSSL_ITEM attributes[],
 986         OPENSSL_ITEM parameters[])
 987         {
 988         STORE_OBJECT *object;
 989         BIGNUM *n;
 990
 991         check_store(s,STORE_F_STORE_GET_NUMBER,
 992                 get_object,STORE_R_NO_GET_OBJECT_NUMBER_FUNCTION);
 993
 994         object = s->meth->get_object(s, STORE_OBJECT_TYPE_NUMBER, attributes,
 995                 parameters);
 996         if (!object || !object->data.number)
 997                 {
 998                 STOREerr(STORE_F_STORE_GET_NUMBER,
 999                         STORE_R_FAILED_GETTING_NUMBER);
1000                 return 0;
1001                 }
1002         n = object->data.number;
1003         object->data.number = NULL;
1004         STORE_OBJECT_free(object);
1005         return n;
1006         }
1007
1008 int STORE_delete_number(STORE *s, OPENSSL_ITEM attributes[],
1009         OPENSSL_ITEM parameters[])
1010         {
1011         check_store(s,STORE_F_STORE_DELETE_NUMBER,
1012                 delete_object,STORE_R_NO_DELETE_NUMBER_FUNCTION);
1013
1014         if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_NUMBER, attributes,
1015                     parameters))
1016                 {
1017                 STOREerr(STORE_F_STORE_DELETE_NUMBER,
1018                         STORE_R_FAILED_DELETING_NUMBER);
1019                 return 0;
1020                 }
1021         return 1;
1022         }
1023
1024 int store_arbitrary(STORE *s, BUF_MEM *data, OPENSSL_ITEM attributes[],
1025         OPENSSL_ITEM parameters[])
1026         {
1027         STORE_OBJECT *object = STORE_OBJECT_new();
1028         int i;
1029
1030         check_store(s,STORE_F_STORE_ARBITRARY,
1031                 store_object,STORE_R_NO_STORE_OBJECT_ARBITRARY_FUNCTION);
1032
1033         if (!object)
1034                 {
1035                 STOREerr(STORE_F_STORE_ARBITRARY,
1036                         ERR_R_MALLOC_FAILURE);
1037                 return 0;
1038                 }
1039
1040         object->data.arbitrary = data;
1041
1042         i = s->meth->store_object(s, STORE_OBJECT_TYPE_ARBITRARY, object,
1043                 attributes, parameters);
1044
1045         STORE_OBJECT_free(object);
1046
1047         if (!i)
1048                 {
1049                 STOREerr(STORE_F_STORE_ARBITRARY,
1050                         STORE_R_FAILED_STORING_ARBITRARY);
1051                 return 0;
1052                 }
1053         return 1;
1054         }
1055
1056 BUF_MEM *STORE_get_arbitrary(STORE *s, OPENSSL_ITEM attributes[],
1057         OPENSSL_ITEM parameters[])
1058         {
1059         STORE_OBJECT *object;
1060         BUF_MEM *b;
1061
1062         check_store(s,STORE_F_STORE_GET_ARBITRARY,
1063                 get_object,STORE_R_NO_GET_OBJECT_ARBITRARY_FUNCTION);
1064
1065         object = s->meth->get_object(s, STORE_OBJECT_TYPE_ARBITRARY,
1066                 attributes, parameters);
1067         if (!object || !object->data.arbitrary)
1068                 {
1069                 STOREerr(STORE_F_STORE_GET_ARBITRARY,
1070                         STORE_R_FAILED_GETTING_ARBITRARY);
1071                 return 0;
1072                 }
1073         b = object->data.arbitrary;
1074         object->data.arbitrary = NULL;
1075         STORE_OBJECT_free(object);
1076         return b;
1077         }
1078
1079 int STORE_delete_arbitrary(STORE *s, OPENSSL_ITEM attributes[],
1080         OPENSSL_ITEM parameters[])
1081         {
1082         check_store(s,STORE_F_STORE_DELETE_ARBITRARY,
1083                 delete_object,STORE_R_NO_DELETE_ARBITRARY_FUNCTION);
1084
1085         if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_ARBITRARY, attributes,
1086                     parameters))
1087                 {
1088                 STOREerr(STORE_F_STORE_DELETE_ARBITRARY,
1089                         STORE_R_FAILED_DELETING_ARBITRARY);
1090                 return 0;
1091                 }
1092         return 1;
1093         }
1094
1095 STORE_OBJECT *STORE_OBJECT_new(void)
1096         {
1097         STORE_OBJECT *object = OPENSSL_malloc(sizeof(STORE_OBJECT));
1098         if (object) memset(object, 0, sizeof(STORE_OBJECT));
1099         return object;
1100         }
1101 void STORE_OBJECT_free(STORE_OBJECT *data)
1102         {
1103         if (!data) return;
1104         switch (data->type)
1105                 {
1106         case STORE_OBJECT_TYPE_X509_CERTIFICATE:
1107                 X509_free(data->data.x509.certificate);
1108                 break;
1109         case STORE_OBJECT_TYPE_X509_CRL:
1110                 X509_CRL_free(data->data.crl);
1111                 break;
1112         case STORE_OBJECT_TYPE_PRIVATE_KEY:
1113         case STORE_OBJECT_TYPE_PUBLIC_KEY:
1114                 EVP_PKEY_free(data->data.key);
1115                 break;
1116         case STORE_OBJECT_TYPE_NUMBER:
1117                 BN_free(data->data.number);
1118                 break;
1119         case STORE_OBJECT_TYPE_ARBITRARY:
1120                 BUF_MEM_free(data->data.arbitrary);
1121                 break;
1122                 }
1123         OPENSSL_free(data);
1124         }
1125
1126 IMPLEMENT_STACK_OF(STORE_OBJECT*);
1127
1128
1129 struct STORE_attr_info_st
1130         {
1131         unsigned char set[(STORE_ATTR_TYPE_NUM + 8) / 8];
1132         union
1133                 {
1134                 char *cstring;
1135                 unsigned char *sha1string;
1136                 X509_NAME *dn;
1137                 BIGNUM *number;
1138                 void *any;
1139                 } values[STORE_ATTR_TYPE_NUM+1];
1140         size_t value_sizes[STORE_ATTR_TYPE_NUM+1];
1141         };
1142
1143 #define ATTR_IS_SET(a,i)        ((i) > 0 && (i) < STORE_ATTR_TYPE_NUM \
1144                                 && ((a)->set[(i) / 8] & (1 << ((i) % 8))))
1145 #define SET_ATTRBIT(a,i)        ((a)->set[(i) / 8] |= (1 << ((i) % 8)))
1146 #define CLEAR_ATTRBIT(a,i)      ((a)->set[(i) / 8] &= ~(1 << ((i) % 8)))
1147
1148 STORE_ATTR_INFO *STORE_ATTR_INFO_new(void)
1149         {
1150         return (STORE_ATTR_INFO *)OPENSSL_malloc(sizeof(STORE_ATTR_INFO));
1151         }
1152 static void STORE_ATTR_INFO_attr_free(STORE_ATTR_INFO *attrs,
1153         STORE_ATTR_TYPES code)
1154         {
1155         if (ATTR_IS_SET(attrs,code))
1156                 {
1157                 switch(code)
1158                         {
1159                 case STORE_ATTR_FRIENDLYNAME:
1160                 case STORE_ATTR_EMAIL:
1161                 case STORE_ATTR_FILENAME:
1162                         STORE_ATTR_INFO_modify_cstr(attrs, code, NULL, 0);
1163                         break;
1164                 case STORE_ATTR_KEYID:
1165                 case STORE_ATTR_ISSUERKEYID:
1166                 case STORE_ATTR_SUBJECTKEYID:
1167                 case STORE_ATTR_ISSUERSERIALHASH:
1168                 case STORE_ATTR_CERTHASH:
1169                         STORE_ATTR_INFO_modify_sha1str(attrs, code, NULL, 0);
1170                         break;
1171                 case STORE_ATTR_ISSUER:
1172                 case STORE_ATTR_SUBJECT:
1173                         STORE_ATTR_INFO_modify_dn(attrs, code, NULL);
1174                         break;
1175                 case STORE_ATTR_SERIAL:
1176                         STORE_ATTR_INFO_modify_number(attrs, code, NULL);
1177                         break;
1178                 default:
1179                         break;
1180                         }
1181                 }
1182         }
1183 int STORE_ATTR_INFO_free(STORE_ATTR_INFO *attrs)
1184         {
1185         if (attrs)
1186                 {
1187                 STORE_ATTR_TYPES i;
1188                 for(i = 0; i++ < STORE_ATTR_TYPE_NUM;)
1189                         STORE_ATTR_INFO_attr_free(attrs, i);
1190                 OPENSSL_free(attrs);
1191                 }
1192         return 1;
1193         }
1194 char *STORE_ATTR_INFO_get0_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code)
1195         {
1196         if (!attrs)
1197                 {
1198                 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_CSTR,
1199                         ERR_R_PASSED_NULL_PARAMETER);
1200                 return NULL;
1201                 }
1202         if (ATTR_IS_SET(attrs,code))
1203                 return attrs->values[code].cstring;
1204         STOREerr(STORE_F_STORE_ATTR_INFO_GET0_CSTR,
1205                 STORE_R_NO_VALUE);
1206         return NULL;
1207         }
1208 unsigned char *STORE_ATTR_INFO_get0_sha1str(STORE_ATTR_INFO *attrs,
1209         STORE_ATTR_TYPES code)
1210         {
1211         if (!attrs)
1212                 {
1213                 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_SHA1STR,
1214                         ERR_R_PASSED_NULL_PARAMETER);
1215                 return NULL;
1216                 }
1217         if (ATTR_IS_SET(attrs,code))
1218                 return attrs->values[code].sha1string;
1219         STOREerr(STORE_F_STORE_ATTR_INFO_GET0_SHA1STR,
1220                 STORE_R_NO_VALUE);
1221         return NULL;
1222         }
1223 X509_NAME *STORE_ATTR_INFO_get0_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code)
1224         {
1225         if (!attrs)
1226                 {
1227                 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_DN,
1228                         ERR_R_PASSED_NULL_PARAMETER);
1229                 return NULL;
1230                 }
1231         if (ATTR_IS_SET(attrs,code))
1232                 return attrs->values[code].dn;
1233         STOREerr(STORE_F_STORE_ATTR_INFO_GET0_DN,
1234                 STORE_R_NO_VALUE);
1235         return NULL;
1236         }
1237 BIGNUM *STORE_ATTR_INFO_get0_number(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code)
1238         {
1239         if (!attrs)
1240                 {
1241                 STOREerr(STORE_F_STORE_ATTR_INFO_GET0_NUMBER,
1242                         ERR_R_PASSED_NULL_PARAMETER);
1243                 return NULL;
1244                 }
1245         if (ATTR_IS_SET(attrs,code))
1246                 return attrs->values[code].number;
1247         STOREerr(STORE_F_STORE_ATTR_INFO_GET0_NUMBER,
1248                 STORE_R_NO_VALUE);
1249         return NULL;
1250         }
1251 int STORE_ATTR_INFO_set_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1252         char *cstr, size_t cstr_size)
1253         {
1254         if (!attrs)
1255                 {
1256                 STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR,
1257                         ERR_R_PASSED_NULL_PARAMETER);
1258                 return 0;
1259                 }
1260         if (!ATTR_IS_SET(attrs,code))
1261                 {
1262                 if ((attrs->values[code].cstring = BUF_strndup(cstr, cstr_size)))
1263                         return 1;
1264                 STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR,
1265                         ERR_R_MALLOC_FAILURE);
1266                 return 0;
1267                 }
1268         STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR, STORE_R_ALREADY_HAS_A_VALUE);
1269         return 0;
1270         }
1271 int STORE_ATTR_INFO_set_sha1str(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1272         unsigned char *sha1str, size_t sha1str_size)
1273         {
1274         if (!attrs)
1275                 {
1276                 STOREerr(STORE_F_STORE_ATTR_INFO_SET_SHA1STR,
1277                         ERR_R_PASSED_NULL_PARAMETER);
1278                 return 0;
1279                 }
1280         if (!ATTR_IS_SET(attrs,code))
1281                 {
1282                 if ((attrs->values[code].sha1string =
1283                             (unsigned char *)BUF_memdup(sha1str,
1284                                     sha1str_size)))
1285                         return 1;
1286                 STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR,
1287                         ERR_R_MALLOC_FAILURE);
1288                 return 0;
1289                 }
1290         STOREerr(STORE_F_STORE_ATTR_INFO_SET_SHA1STR, STORE_R_ALREADY_HAS_A_VALUE);
1291         return 0;
1292         }
1293 int STORE_ATTR_INFO_set_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1294         X509_NAME *dn)
1295         {
1296         if (!attrs)
1297                 {
1298                 STOREerr(STORE_F_STORE_ATTR_INFO_SET_DN,
1299                         ERR_R_PASSED_NULL_PARAMETER);
1300                 return 0;
1301                 }
1302         if (!ATTR_IS_SET(attrs,code))
1303                 {
1304                 if ((attrs->values[code].dn = X509_NAME_dup(dn)))
1305                         return 1;
1306                 STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR,
1307                         ERR_R_MALLOC_FAILURE);
1308                 return 0;
1309                 }
1310         STOREerr(STORE_F_STORE_ATTR_INFO_SET_DN, STORE_R_ALREADY_HAS_A_VALUE);
1311         return 0;
1312         }
1313 int STORE_ATTR_INFO_set_number(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1314         BIGNUM *number)
1315         {
1316         if (!attrs)
1317                 {
1318                 STOREerr(STORE_F_STORE_ATTR_INFO_SET_NUMBER,
1319                         ERR_R_PASSED_NULL_PARAMETER);
1320                 return 0;
1321                 }
1322         if (!ATTR_IS_SET(attrs,code))
1323                 {
1324                 if ((attrs->values[code].number = BN_dup(number)))
1325                         return 1;
1326                 STOREerr(STORE_F_STORE_ATTR_INFO_SET_CSTR,
1327                         ERR_R_MALLOC_FAILURE);
1328                 return 0;
1329                 }
1330         STOREerr(STORE_F_STORE_ATTR_INFO_SET_NUMBER, STORE_R_ALREADY_HAS_A_VALUE);
1331         return 0;
1332         }
1333 int STORE_ATTR_INFO_modify_cstr(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1334         char *cstr, size_t cstr_size)
1335         {
1336         if (!attrs)
1337                 {
1338                 STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_CSTR,
1339                         ERR_R_PASSED_NULL_PARAMETER);
1340                 return 0;
1341                 }
1342         if (ATTR_IS_SET(attrs,code))
1343                 {
1344                 OPENSSL_free(attrs->values[code].cstring);
1345                 attrs->values[code].cstring = NULL;
1346                 CLEAR_ATTRBIT(attrs, code);
1347                 }
1348         return STORE_ATTR_INFO_set_cstr(attrs, code, cstr, cstr_size);
1349         }
1350 int STORE_ATTR_INFO_modify_sha1str(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1351         unsigned char *sha1str, size_t sha1str_size)
1352         {
1353         if (!attrs)
1354                 {
1355                 STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_SHA1STR,
1356                         ERR_R_PASSED_NULL_PARAMETER);
1357                 return 0;
1358                 }
1359         if (ATTR_IS_SET(attrs,code))
1360                 {
1361                 OPENSSL_free(attrs->values[code].sha1string);
1362                 attrs->values[code].sha1string = NULL;
1363                 CLEAR_ATTRBIT(attrs, code);
1364                 }
1365         return STORE_ATTR_INFO_set_sha1str(attrs, code, sha1str, sha1str_size);
1366         }
1367 int STORE_ATTR_INFO_modify_dn(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1368         X509_NAME *dn)
1369         {
1370         if (!attrs)
1371                 {
1372                 STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_DN,
1373                         ERR_R_PASSED_NULL_PARAMETER);
1374                 return 0;
1375                 }
1376         if (ATTR_IS_SET(attrs,code))
1377                 {
1378                 OPENSSL_free(attrs->values[code].dn);
1379                 attrs->values[code].dn = NULL;
1380                 CLEAR_ATTRBIT(attrs, code);
1381                 }
1382         return STORE_ATTR_INFO_set_dn(attrs, code, dn);
1383         }
1384 int STORE_ATTR_INFO_modify_number(STORE_ATTR_INFO *attrs, STORE_ATTR_TYPES code,
1385         BIGNUM *number)
1386         {
1387         if (!attrs)
1388                 {
1389                 STOREerr(STORE_F_STORE_ATTR_INFO_MODIFY_NUMBER,
1390                         ERR_R_PASSED_NULL_PARAMETER);
1391                 return 0;
1392                 }
1393         if (ATTR_IS_SET(attrs,code))
1394                 {
1395                 OPENSSL_free(attrs->values[code].number);
1396                 attrs->values[code].number = NULL;
1397                 CLEAR_ATTRBIT(attrs, code);
1398                 }
1399         return STORE_ATTR_INFO_set_number(attrs, code, number);
1400         }
1401
1402 struct attr_list_ctx_st
1403         {
1404         OPENSSL_ITEM *attributes;
1405         };
1406 void *STORE_parse_attrs_start(OPENSSL_ITEM *attributes)
1407         {
1408         if (attributes)
1409                 {
1410                 struct attr_list_ctx_st *context =
1411                         (struct attr_list_ctx_st *)OPENSSL_malloc(sizeof(struct attr_list_ctx_st));
1412                 if (context)
1413                         context->attributes = attributes;
1414                 else
1415                         STOREerr(STORE_F_STORE_PARSE_ATTRS_END,
1416                                 ERR_R_MALLOC_FAILURE);
1417                 return context;
1418                 }
1419         STOREerr(STORE_F_STORE_PARSE_ATTRS_END, ERR_R_PASSED_NULL_PARAMETER);
1420         return 0;
1421         }
1422 STORE_ATTR_INFO *STORE_parse_attrs_next(void *handle)
1423         {
1424         struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)handle;
1425
1426         if (context && context->attributes)
1427                 {
1428                 STORE_ATTR_INFO *attrs = NULL;
1429
1430                 while(context->attributes
1431                         && context->attributes->code != STORE_ATTR_OR
1432                         && context->attributes->code != STORE_ATTR_END)
1433                         {
1434                         switch(context->attributes->code)
1435                                 {
1436                         case STORE_ATTR_FRIENDLYNAME:
1437                         case STORE_ATTR_EMAIL:
1438                         case STORE_ATTR_FILENAME:
1439                                 if (!attrs) attrs = STORE_ATTR_INFO_new();
1440                                 if (attrs == NULL)
1441                                         {
1442                                         STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
1443                                                 ERR_R_MALLOC_FAILURE);
1444                                         goto err;
1445                                         }
1446                                 STORE_ATTR_INFO_set_cstr(attrs,
1447                                         context->attributes->code,
1448                                         context->attributes->value,
1449                                         context->attributes->value_size);
1450                                 break;
1451                         case STORE_ATTR_KEYID:
1452                         case STORE_ATTR_ISSUERKEYID:
1453                         case STORE_ATTR_SUBJECTKEYID:
1454                         case STORE_ATTR_ISSUERSERIALHASH:
1455                         case STORE_ATTR_CERTHASH:
1456                                 if (!attrs) attrs = STORE_ATTR_INFO_new();
1457                                 if (attrs == NULL)
1458                                         {
1459                                         STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
1460                                                 ERR_R_MALLOC_FAILURE);
1461                                         goto err;
1462                                         }
1463                                 STORE_ATTR_INFO_set_sha1str(attrs,
1464                                         context->attributes->code,
1465                                         context->attributes->value,
1466                                         context->attributes->value_size);
1467                                 break;
1468                         case STORE_ATTR_ISSUER:
1469                         case STORE_ATTR_SUBJECT:
1470                                 if (!attrs) attrs = STORE_ATTR_INFO_new();
1471                                 if (attrs == NULL)
1472                                         {
1473                                         STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
1474                                                 ERR_R_MALLOC_FAILURE);
1475                                         goto err;
1476                                         }
1477                                 STORE_ATTR_INFO_modify_dn(attrs,
1478                                         context->attributes->code,
1479                                         context->attributes->value);
1480                                 break;
1481                         case STORE_ATTR_SERIAL:
1482                                 if (!attrs) attrs = STORE_ATTR_INFO_new();
1483                                 if (attrs == NULL)
1484                                         {
1485                                         STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT,
1486                                                 ERR_R_MALLOC_FAILURE);
1487                                         goto err;
1488                                         }
1489                                 STORE_ATTR_INFO_modify_number(attrs,
1490                                         context->attributes->code,
1491                                         context->attributes->value);
1492                                 break;
1493                                 }
1494                         context->attributes++;
1495                         }
1496                 if (context->attributes->code == STORE_ATTR_OR)
1497                         context->attributes++;
1498                 return attrs;
1499         err:
1500                 while(context->attributes
1501                         && context->attributes->code != STORE_ATTR_OR
1502                         && context->attributes->code != STORE_ATTR_END)
1503                         context->attributes++;
1504                 if (context->attributes->code == STORE_ATTR_OR)
1505                         context->attributes++;
1506                 return NULL;
1507                 }
1508         STOREerr(STORE_F_STORE_PARSE_ATTRS_NEXT, ERR_R_PASSED_NULL_PARAMETER);
1509         return NULL;
1510         }
1511 int STORE_parse_attrs_end(void *handle)
1512         {
1513         struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)handle;
1514
1515         if (context && context->attributes)
1516                 {
1517 #if 0
1518                 OPENSSL_ITEM *attributes = context->attributes;
1519 #endif
1520                 OPENSSL_free(context);
1521                 return 1;
1522                 }
1523         STOREerr(STORE_F_STORE_PARSE_ATTRS_END, ERR_R_PASSED_NULL_PARAMETER);
1524         return 0;
1525         }
1526
1527 int STORE_parse_attrs_endp(void *handle)
1528         {
1529         struct attr_list_ctx_st *context = (struct attr_list_ctx_st *)handle;
1530
1531         if (context && context->attributes)
1532                 {
1533                 return context->attributes->code == STORE_ATTR_END;
1534                 }
1535         STOREerr(STORE_F_STORE_PARSE_ATTRS_END, ERR_R_PASSED_NULL_PARAMETER);
1536         return 0;
1537         }
1538
1539 int STORE_ATTR_INFO_compare(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
1540         {
1541         unsigned char *abits, *bbits;
1542         int i;
1543
1544         if (a == b) return 0;
1545         if (!a) return -1;
1546         if (!b) return 1;
1547         abits = a->set;
1548         bbits = b->set;
1549         for (i = 0; i < (STORE_ATTR_TYPE_NUM + 8) / 8; i++, abits++, bbits++)
1550                 {
1551                 if (*abits < *bbits) return -1;
1552                 if (*abits > *bbits) return 1;
1553                 }
1554         return 0;
1555         }
1556 int STORE_ATTR_INFO_in(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
1557         {
1558         unsigned char *abits, *bbits;
1559         int i;
1560
1561         if (a == b) return 1;
1562         if (!a) return 0;
1563         if (!b) return 0;
1564         abits = a->set;
1565         bbits = b->set;
1566         for (i = 0; i < (STORE_ATTR_TYPE_NUM + 8) / 8; i++, abits++, bbits++)
1567                 {
1568                 if (*abits && *bbits != *abits)
1569                         return 0;
1570                 }
1571         return 1;
1572         }
1573 int STORE_ATTR_INFO_in_ex(STORE_ATTR_INFO *a, STORE_ATTR_INFO *b)
1574         {
1575         STORE_ATTR_TYPES i;
1576
1577         if (a == b) return 1;
1578         if (!STORE_ATTR_INFO_in(a, b)) return 0;
1579         for (i = 1; i < STORE_ATTR_TYPE_NUM; i++)
1580                 if (ATTR_IS_SET(a, i))
1581                         {
1582                         switch(i)
1583                                 {
1584                         case STORE_ATTR_FRIENDLYNAME:
1585                         case STORE_ATTR_EMAIL:
1586                         case STORE_ATTR_FILENAME:
1587                                 if (strcmp(a->values[i].cstring,
1588                                             b->values[i].cstring))
1589                                         return 0;
1590                                 break;
1591                         case STORE_ATTR_KEYID:
1592                         case STORE_ATTR_ISSUERKEYID:
1593                         case STORE_ATTR_SUBJECTKEYID:
1594                         case STORE_ATTR_ISSUERSERIALHASH:
1595                         case STORE_ATTR_CERTHASH:
1596                                 if (memcmp(a->values[i].sha1string,
1597                                             b->values[i].sha1string,
1598                                             a->value_sizes[i]))
1599                                         return 0;
1600                                 break;
1601                         case STORE_ATTR_ISSUER:
1602                         case STORE_ATTR_SUBJECT:
1603                                 if (X509_NAME_cmp(a->values[i].dn,
1604                                             b->values[i].dn))
1605                                         return 0;
1606                                 break;
1607                         case STORE_ATTR_SERIAL:
1608                                 if (BN_cmp(a->values[i].number,
1609                                             b->values[i].number))
1610                                         return 0;
1611                                 break;
1612                         default:
1613                                 break;
1614                                 }
1615                         }
1616
1617         return 1;
1618         }