diff options
author | Richard Levitte <levitte@openssl.org> | 2017-02-19 12:24:19 +0100 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2018-02-23 07:40:42 +0100 |
commit | fac8673b8aed77231e23d51d78cd8eb995d21f5c (patch) | |
tree | eb8bdf19c6cb436f7149b19dc0c788776b4b9ba2 /include | |
parent | 7622baf8a7c3e9084f97a4f41406a29ef5d04fc3 (diff) |
STORE: Add the possibility to search for specific information
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2688)
Diffstat (limited to 'include')
-rw-r--r-- | include/openssl/ossl_typ.h | 1 | ||||
-rw-r--r-- | include/openssl/store.h | 51 | ||||
-rw-r--r-- | include/openssl/storeerr.h | 7 |
3 files changed, 57 insertions, 2 deletions
diff --git a/include/openssl/ossl_typ.h b/include/openssl/ossl_typ.h index f5214ab1e5..2f242f1e7a 100644 --- a/include/openssl/ossl_typ.h +++ b/include/openssl/ossl_typ.h @@ -174,6 +174,7 @@ typedef struct ctlog_store_st CTLOG_STORE; typedef struct ct_policy_eval_ctx_st CT_POLICY_EVAL_CTX; typedef struct ossl_store_info_st OSSL_STORE_INFO; +typedef struct ossl_store_search_st OSSL_STORE_SEARCH; #if defined(__STDC_VERSION__) && __STDC_VERSION__ >= 199901L && \ defined(INTMAX_MAX) && defined(UINTMAX_MAX) diff --git a/include/openssl/store.h b/include/openssl/store.h index d4222512f7..7b43e8bd03 100644 --- a/include/openssl/store.h +++ b/include/openssl/store.h @@ -151,11 +151,54 @@ const char *OSSL_STORE_INFO_type_string(int type); */ void OSSL_STORE_INFO_free(OSSL_STORE_INFO *info); + +/*- + * Functions to construct a search URI from a base URI and search criteria + * ----------------------------------------------------------------------- + */ + +/* OSSL_STORE search types */ +# define OSSL_STORE_SEARCH_BY_NAME 1 /* subject in certs, issuer in CRLs */ +# define OSSL_STORE_SEARCH_BY_ISSUER_SERIAL 2 +# define OSSL_STORE_SEARCH_BY_KEY_FINGERPRINT 3 +# define OSSL_STORE_SEARCH_BY_ALIAS 4 + +/* To check what search types the scheme handler supports */ +int OSSL_STORE_supports_search(OSSL_STORE_CTX *ctx, int search_type); + +/* Search term constructors */ +/* + * The input is considered to be owned by the caller, and must therefore + * remain present throughout the lifetime of the returned OSSL_STORE_SEARCH + */ +OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_name(X509_NAME *name); +OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_issuer_serial(X509_NAME *name, + const ASN1_INTEGER + *serial); +OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_key_fingerprint(const EVP_MD *digest, + const unsigned char + *bytes, size_t len); +OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_alias(const char *alias); + +/* Search term destructor */ +void OSSL_STORE_SEARCH_free(OSSL_STORE_SEARCH *search); + +/* Search term accessors */ +int OSSL_STORE_SEARCH_get_type(const OSSL_STORE_SEARCH *criterion); +X509_NAME *OSSL_STORE_SEARCH_get0_name(OSSL_STORE_SEARCH *criterion); +const ASN1_INTEGER *OSSL_STORE_SEARCH_get0_serial(const OSSL_STORE_SEARCH + *criterion); +const unsigned char *OSSL_STORE_SEARCH_get0_bytes(const OSSL_STORE_SEARCH + *criterion, size_t *length); +const char *OSSL_STORE_SEARCH_get0_string(const OSSL_STORE_SEARCH *criterion); +const EVP_MD *OSSL_STORE_SEARCH_get0_digest(const OSSL_STORE_SEARCH *criterion); + /* - * Add expected return type (which can be unspecified) to the loading channel. - * This MUST happen before the first STORE_load(). + * Add search criterion and expected return type (which can be unspecified) + * to the loading channel. This MUST happen before the first OSSL_STORE_load(). */ int OSSL_STORE_expect(OSSL_STORE_CTX *ctx, int expected_type); +int OSSL_STORE_find(OSSL_STORE_CTX *ctx, OSSL_STORE_SEARCH *search); /*- @@ -186,6 +229,10 @@ int OSSL_STORE_LOADER_set_ctrl(OSSL_STORE_LOADER *loader, typedef int (*OSSL_STORE_expect_fn)(OSSL_STORE_LOADER_CTX *ctx, int expected); int OSSL_STORE_LOADER_set_expect(OSSL_STORE_LOADER *loader, OSSL_STORE_expect_fn expect_function); +typedef int (*OSSL_STORE_find_fn)(OSSL_STORE_LOADER_CTX *ctx, + OSSL_STORE_SEARCH *criteria); +int OSSL_STORE_LOADER_set_find(OSSL_STORE_LOADER *loader, + OSSL_STORE_find_fn find_function); typedef OSSL_STORE_INFO *(*OSSL_STORE_load_fn)(OSSL_STORE_LOADER_CTX *ctx, const UI_METHOD *ui_method, void *ui_data); diff --git a/include/openssl/storeerr.h b/include/openssl/storeerr.h index 864a9070e3..0eb8e88a48 100644 --- a/include/openssl/storeerr.h +++ b/include/openssl/storeerr.h @@ -28,6 +28,7 @@ int ERR_load_OSSL_STORE_strings(void); # define OSSL_STORE_F_OSSL_STORE_ATTACH_PEM_BIO 127 # define OSSL_STORE_F_OSSL_STORE_EXPECT 130 # define OSSL_STORE_F_OSSL_STORE_FILE_ATTACH_PEM_BIO_INT 128 +# define OSSL_STORE_F_OSSL_STORE_FIND 131 # define OSSL_STORE_F_OSSL_STORE_GET0_LOADER_INT 100 # define OSSL_STORE_F_OSSL_STORE_INFO_GET1_CERT 101 # define OSSL_STORE_F_OSSL_STORE_INFO_GET1_CRL 102 @@ -47,6 +48,10 @@ int ERR_load_OSSL_STORE_strings(void); # define OSSL_STORE_F_OSSL_STORE_OPEN 114 # define OSSL_STORE_F_OSSL_STORE_OPEN_INT 115 # define OSSL_STORE_F_OSSL_STORE_REGISTER_LOADER_INT 117 +# define OSSL_STORE_F_OSSL_STORE_SEARCH_BY_ALIAS 132 +# define OSSL_STORE_F_OSSL_STORE_SEARCH_BY_ISSUER_SERIAL 133 +# define OSSL_STORE_F_OSSL_STORE_SEARCH_BY_KEY_FINGERPRINT 136 +# define OSSL_STORE_F_OSSL_STORE_SEARCH_BY_NAME 137 # define OSSL_STORE_F_OSSL_STORE_UNREGISTER_LOADER_INT 116 # define OSSL_STORE_F_TRY_DECODE_PARAMS 121 # define OSSL_STORE_F_TRY_DECODE_PKCS12 122 @@ -58,6 +63,7 @@ int ERR_load_OSSL_STORE_strings(void); # define OSSL_STORE_R_AMBIGUOUS_CONTENT_TYPE 107 # define OSSL_STORE_R_BAD_PASSWORD_READ 115 # define OSSL_STORE_R_ERROR_VERIFYING_PKCS12_MAC 113 +# define OSSL_STORE_R_FINGERPRINT_SIZE_DOES_NOT_MATCH_DIGEST 121 # define OSSL_STORE_R_INVALID_SCHEME 106 # define OSSL_STORE_R_IS_NOT_A 112 # define OSSL_STORE_R_LOADER_INCOMPLETE 116 @@ -72,6 +78,7 @@ int ERR_load_OSSL_STORE_strings(void); # define OSSL_STORE_R_UI_PROCESS_INTERRUPTED_OR_CANCELLED 109 # define OSSL_STORE_R_UNREGISTERED_SCHEME 105 # define OSSL_STORE_R_UNSUPPORTED_CONTENT_TYPE 110 +# define OSSL_STORE_R_UNSUPPORTED_OPERATION 118 # define OSSL_STORE_R_URI_AUTHORITY_UNSUPPORTED 111 #endif |