str_lib.c

mediastreamer2是开源的网络传输媒体流的库

/* crypto/store/str_lib.c -*- mode:C; c-file-style: "eay" -*- */
/* Written by Richard Levitte (richard@levitte.org) for the OpenSSL
 * project 2003.
 */
/* ====================================================================
 * Copyright (c) 2003 The OpenSSL Project.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 *
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer. 
 *
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in
 *    the documentation and/or other materials provided with the
 *    distribution.
 *
 * 3. All advertising materials mentioning features or use of this
 *    software must display the following acknowledgment:
 *    "This product includes software developed by the OpenSSL Project
 *    for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
 *
 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
 *    endorse or promote products derived from this software without
 *    prior written permission. For written permission, please contact
 *    openssl-core@openssl.org.
 *
 * 5. Products derived from this software may not be called "OpenSSL"
 *    nor may "OpenSSL" appear in their names without prior written
 *    permission of the OpenSSL Project.
 *
 * 6. Redistributions of any form whatsoever must retain the following
 *    acknowledgment:
 *    "This product includes software developed by the OpenSSL Project
 *    for use in the OpenSSL Toolkit (http://www.openssl.org/)"
 *
 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 * OF THE POSSIBILITY OF SUCH DAMAGE.
 * ====================================================================
 *
 * This product includes cryptographic software written by Eric Young
 * (eay@cryptsoft.com).  This product includes software written by Tim
 * Hudson (tjh@cryptsoft.com).
 *
 */

#include <string.h>
#include <openssl/bn.h>
#include <openssl/err.h>
#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
#endif
#include <openssl/sha.h>
#include <openssl/x509.h>
#include "str_locl.h"

const char * const STORE_object_type_string[STORE_OBJECT_TYPE_NUM+1] =
	{
	0,
	"X.509 Certificate",
	"X.509 CRL",
	"Private Key",
	"Public Key",
	"Number",
	"Arbitrary Data"
	};

const int STORE_param_sizes[STORE_PARAM_TYPE_NUM+1] =
	{
	0,
	sizeof(int),		/* EVP_TYPE */
	sizeof(size_t),		/* BITS */
	-1,			/* KEY_PARAMETERS */
	0			/* KEY_NO_PARAMETERS */
	};	

const int STORE_attr_sizes[STORE_ATTR_TYPE_NUM+1] =
	{
	0,
	-1,			/* FRIENDLYNAME:	C string */
	SHA_DIGEST_LENGTH,	/* KEYID:		SHA1 digest, 160 bits */
	SHA_DIGEST_LENGTH,	/* ISSUERKEYID:		SHA1 digest, 160 bits */
	SHA_DIGEST_LENGTH,	/* SUBJECTKEYID:	SHA1 digest, 160 bits */
	SHA_DIGEST_LENGTH,	/* ISSUERSERIALHASH:	SHA1 digest, 160 bits */
	sizeof(X509_NAME *),	/* ISSUER:		X509_NAME * */
	sizeof(BIGNUM *),	/* SERIAL:		BIGNUM * */
	sizeof(X509_NAME *),	/* SUBJECT:		X509_NAME * */
	SHA_DIGEST_LENGTH,	/* CERTHASH:		SHA1 digest, 160 bits */
	-1,			/* EMAIL:		C string */
	-1,			/* FILENAME:		C string */
	};	

STORE *STORE_new_method(const STORE_METHOD *method)
	{
	STORE *ret;

	if (method == NULL)
		{
		STOREerr(STORE_F_STORE_NEW_METHOD,ERR_R_PASSED_NULL_PARAMETER);
		return NULL;
		}

	ret=(STORE *)OPENSSL_malloc(sizeof(STORE));
	if (ret == NULL)
		{
		STOREerr(STORE_F_STORE_NEW_METHOD,ERR_R_MALLOC_FAILURE);
		return NULL;
		}

	ret->meth=method;

	CRYPTO_new_ex_data(CRYPTO_EX_INDEX_STORE, ret, &ret->ex_data);
	if (ret->meth->init && !ret->meth->init(ret))
		{
		STORE_free(ret);
		ret = NULL;
		}
	return ret;
	}

STORE *STORE_new_engine(ENGINE *engine)
	{
	STORE *ret = NULL;
	ENGINE *e = engine;
	const STORE_METHOD *meth = 0;

#ifdef OPENSSL_NO_ENGINE
	e = NULL;
#else
	if (engine)
		{
		if (!ENGINE_init(engine))
			{
			STOREerr(STORE_F_STORE_NEW_ENGINE, ERR_R_ENGINE_LIB);
			return NULL;
			}
		e = engine;
		}
	else
		{
		STOREerr(STORE_F_STORE_NEW_ENGINE,ERR_R_PASSED_NULL_PARAMETER);
		return NULL;
		}
	if(e)
		{
		meth = ENGINE_get_STORE(e);
		if(!meth)
			{
			STOREerr(STORE_F_STORE_NEW_ENGINE,
				ERR_R_ENGINE_LIB);
			ENGINE_finish(e);
			return NULL;
			}
		}
#endif

	ret = STORE_new_method(meth);
	if (ret == NULL)
		{
		STOREerr(STORE_F_STORE_NEW_ENGINE,ERR_R_STORE_LIB);
		return NULL;
		}

	ret->engine = e;

	return(ret);
	}

void STORE_free(STORE *store)
	{
	if (store == NULL)
		return;
	if (store->meth->clean)
		store->meth->clean(store);
	CRYPTO_free_ex_data(CRYPTO_EX_INDEX_STORE, store, &store->ex_data);
	OPENSSL_free(store);
	}

int STORE_ctrl(STORE *store, int cmd, long i, void *p, void (*f)(void))
	{
	if (store == NULL)
		{
		STOREerr(STORE_F_STORE_CTRL,ERR_R_PASSED_NULL_PARAMETER);
		return 0;
		}
	if (store->meth->ctrl)
		return store->meth->ctrl(store, cmd, i, p, f);
	STOREerr(STORE_F_STORE_CTRL,STORE_R_NO_CONTROL_FUNCTION);
	return 0;
	}


int STORE_get_ex_new_index(long argl, void *argp, CRYPTO_EX_new *new_func,
	     CRYPTO_EX_dup *dup_func, CRYPTO_EX_free *free_func)
        {
	return CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_STORE, argl, argp,
				new_func, dup_func, free_func);
        }

int STORE_set_ex_data(STORE *r, int idx, void *arg)
	{
	return(CRYPTO_set_ex_data(&r->ex_data,idx,arg));
	}

void *STORE_get_ex_data(STORE *r, int idx)
	{
	return(CRYPTO_get_ex_data(&r->ex_data,idx));
	}

const STORE_METHOD *STORE_get_method(STORE *store)
	{
	return store->meth;
	}

const STORE_METHOD *STORE_set_method(STORE *store, const STORE_METHOD *meth)
	{
	store->meth=meth;
	return store->meth;
	}


/* API helpers */

#define check_store(s,fncode,fnname,fnerrcode) \
	do \
		{ \
		if ((s) == NULL || (s)->meth) \
			{ \
			STOREerr((fncode), ERR_R_PASSED_NULL_PARAMETER); \
			return 0; \
			} \
		if ((s)->meth->fnname == NULL) \
			{ \
			STOREerr((fncode), (fnerrcode)); \
			return 0; \
			} \
		} \
	while(0)

/* API functions */

X509 *STORE_get_certificate(STORE *s, OPENSSL_ITEM attributes[],
	OPENSSL_ITEM parameters[])
	{
	STORE_OBJECT *object;
	X509 *x;

	check_store(s,STORE_F_STORE_GET_CERTIFICATE,
		get_object,STORE_R_NO_GET_OBJECT_FUNCTION);

	object = s->meth->get_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
		attributes, parameters);
	if (!object || !object->data.x509.certificate)
		{
		STOREerr(STORE_F_STORE_GET_CERTIFICATE,
			STORE_R_FAILED_GETTING_CERTIFICATE);
		return 0;
		}
	CRYPTO_add(&object->data.x509.certificate->references,1,CRYPTO_LOCK_X509);
#ifdef REF_PRINT
	REF_PRINT("X509",data);
#endif
	x = object->data.x509.certificate;
	STORE_OBJECT_free(object);
	return x;
	}

int STORE_store_certificate(STORE *s, X509 *data, OPENSSL_ITEM attributes[],
	OPENSSL_ITEM parameters[])
	{
	STORE_OBJECT *object;
	int i;

	check_store(s,STORE_F_STORE_CERTIFICATE,
		store_object,STORE_R_NO_STORE_OBJECT_FUNCTION);

	object = STORE_OBJECT_new();
	if (!object)
		{
		STOREerr(STORE_F_STORE_STORE_CERTIFICATE,
			ERR_R_MALLOC_FAILURE);
		return 0;
		}
	
	CRYPTO_add(&data->references,1,CRYPTO_LOCK_X509);
#ifdef REF_PRINT
	REF_PRINT("X509",data);
#endif
	object->data.x509.certificate = data;

	i = s->meth->store_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
		object, attributes, parameters);

	STORE_OBJECT_free(object);

	if (!i)
		{
		STOREerr(STORE_F_STORE_STORE_CERTIFICATE,
			STORE_R_FAILED_STORING_CERTIFICATE);
		return 0;
		}
	return 1;
	}

int STORE_modify_certificate(STORE *s, OPENSSL_ITEM search_attributes[],
	OPENSSL_ITEM add_attributes[], OPENSSL_ITEM modify_attributes[],
	OPENSSL_ITEM delete_attributes[], OPENSSL_ITEM parameters[])
	{
	check_store(s,STORE_F_STORE_MODIFY_CERTIFICATE,
		modify_object,STORE_R_NO_MODIFY_OBJECT_FUNCTION);

	if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
		    search_attributes, add_attributes, modify_attributes,
		    delete_attributes, parameters))
		{
		STOREerr(STORE_F_STORE_MODIFY_CERTIFICATE,
			STORE_R_FAILED_MODIFYING_CERTIFICATE);
		return 0;
		}
	return 1;
	}

int STORE_revoke_certificate(STORE *s, OPENSSL_ITEM attributes[],
	OPENSSL_ITEM parameters[])
	{
	check_store(s,STORE_F_STORE_REVOKE_CERTIFICATE,
		revoke_object,STORE_R_NO_REVOKE_OBJECT_FUNCTION);

	if (!s->meth->revoke_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
		    attributes, parameters))
		{
		STOREerr(STORE_F_STORE_REVOKE_CERTIFICATE,
			STORE_R_FAILED_REVOKING_CERTIFICATE);
		return 0;
		}
	return 1;
	}

int STORE_delete_certificate(STORE *s, OPENSSL_ITEM attributes[],
	OPENSSL_ITEM parameters[])
	{
	check_store(s,STORE_F_STORE_DELETE_CERTIFICATE,
		delete_object,STORE_R_NO_DELETE_OBJECT_FUNCTION);

	if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_X509_CERTIFICATE,
		    attributes, parameters))
		{
		STOREerr(STORE_F_STORE_DELETE_CERTIFICATE,
			STORE_R_FAILED_DELETING_CERTIFICATE);
		return 0;
		}
	return 1;
	}

void *STORE_list_certificate_start(STORE *s, OPENSSL_ITEM attributes[],
	OPENSSL_ITEM parameters[])
	{
	void *handle;

	check_store(s,STORE_F_STORE_LIST_CERTIFICATE_START,
		list_object_start,STORE_R_NO_LIST_OBJECT_START_FUNCTION);

	handle = s->meth->list_object_start(s,
		STORE_OBJECT_TYPE_X509_CERTIFICATE, attributes, parameters);
	if (!handle)
		{
		STOREerr(STORE_F_STORE_LIST_CERTIFICATE_START,
			STORE_R_FAILED_LISTING_CERTIFICATES);
		return 0;
		}
	return handle;
	}

X509 *STORE_list_certificate_next(STORE *s, void *handle)
	{
	STORE_OBJECT *object;
	X509 *x;

	check_store(s,STORE_F_STORE_LIST_CERTIFICATE_NEXT,
		list_object_next,STORE_R_NO_LIST_OBJECT_NEXT_FUNCTION);

	object = s->meth->list_object_next(s, handle);
	if (!object || !object->data.x509.certificate)
		{
		STOREerr(STORE_F_STORE_LIST_CERTIFICATE_NEXT,
			STORE_R_FAILED_LISTING_CERTIFICATES);
		return 0;
		}
	CRYPTO_add(&object->data.x509.certificate->references,1,CRYPTO_LOCK_X509);
#ifdef REF_PRINT
	REF_PRINT("X509",data);
#endif
	x = object->data.x509.certificate;
	STORE_OBJECT_free(object);
	return x;
	}

int STORE_list_certificate_end(STORE *s, void *handle)
	{
	check_store(s,STORE_F_STORE_LIST_CERTIFICATE_END,
		list_object_end,STORE_R_NO_LIST_OBJECT_END_FUNCTION);

	if (!s->meth->list_object_end(s, handle))
		{
		STOREerr(STORE_F_STORE_LIST_CERTIFICATE_END,
			STORE_R_FAILED_LISTING_CERTIFICATES);
		return 0;
		}
	return 1;
	}

int STORE_list_certificate_endp(STORE *s, void *handle)
	{
	check_store(s,STORE_F_STORE_LIST_CERTIFICATE_ENDP,
		list_object_endp,STORE_R_NO_LIST_OBJECT_ENDP_FUNCTION);

	if (!s->meth->list_object_endp(s, handle))
		{
		STOREerr(STORE_F_STORE_LIST_CERTIFICATE_ENDP,
			STORE_R_FAILED_LISTING_CERTIFICATES);
		return 0;
		}
	return 1;
	}

EVP_PKEY *STORE_generate_key(STORE *s, OPENSSL_ITEM attributes[],
	OPENSSL_ITEM parameters[])
	{
	STORE_OBJECT *object;
	EVP_PKEY *pkey;

	check_store(s,STORE_F_STORE_GENERATE_KEY,
		generate_object,STORE_R_NO_GENERATE_OBJECT_FUNCTION);

	object = s->meth->generate_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
		attributes, parameters);
	if (!object || !object->data.key)
		{
		STOREerr(STORE_F_STORE_GENERATE_KEY,
			STORE_R_FAILED_GENERATING_KEY);
		return 0;
		}
	CRYPTO_add(&object->data.key->references,1,CRYPTO_LOCK_EVP_PKEY);
#ifdef REF_PRINT
	REF_PRINT("EVP_PKEY",data);
#endif
	pkey = object->data.key;
	STORE_OBJECT_free(object);
	return pkey;
	}

EVP_PKEY *STORE_get_private_key(STORE *s, OPENSSL_ITEM attributes[],
	OPENSSL_ITEM parameters[])
	{
	STORE_OBJECT *object;
	EVP_PKEY *pkey;

	check_store(s,STORE_F_STORE_GET_PRIVATE_KEY,
		get_object,STORE_R_NO_GET_OBJECT_FUNCTION);

	object = s->meth->get_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
		attributes, parameters);
	if (!object || !object->data.key || !object->data.key)
		{
		STOREerr(STORE_F_STORE_GET_PRIVATE_KEY,
			STORE_R_FAILED_GETTING_KEY);
		return 0;
		}
	CRYPTO_add(&object->data.key->references,1,CRYPTO_LOCK_EVP_PKEY);
#ifdef REF_PRINT
	REF_PRINT("EVP_PKEY",data);
#endif
	pkey = object->data.key;
	STORE_OBJECT_free(object);
	return pkey;
	}

int STORE_store_private_key(STORE *s, EVP_PKEY *data, OPENSSL_ITEM attributes[],
	OPENSSL_ITEM parameters[])
	{
	STORE_OBJECT *object;
	int i;

	check_store(s,STORE_F_STORE_STORE_PRIVATE_KEY,
		store_object,STORE_R_NO_STORE_OBJECT_FUNCTION);

	object = STORE_OBJECT_new();
	if (!object)
		{
		STOREerr(STORE_F_STORE_STORE_PRIVATE_KEY,
			ERR_R_MALLOC_FAILURE);
		return 0;
		}
	object->data.key = EVP_PKEY_new();
	if (!object->data.key)
		{
		STOREerr(STORE_F_STORE_STORE_PRIVATE_KEY,
			ERR_R_MALLOC_FAILURE);
		return 0;
		}
	
	CRYPTO_add(&data->references,1,CRYPTO_LOCK_EVP_PKEY);
#ifdef REF_PRINT
	REF_PRINT("EVP_PKEY",data);
#endif
	object->data.key = data;

	i = s->meth->store_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY, object,
		attributes, parameters);

	STORE_OBJECT_free(object);

	if (!i)
		{
		STOREerr(STORE_F_STORE_STORE_PRIVATE_KEY,
			STORE_R_FAILED_STORING_KEY);
		return 0;
		}
	return i;
	}

int STORE_modify_private_key(STORE *s, OPENSSL_ITEM search_attributes[],
	OPENSSL_ITEM add_attributes[], OPENSSL_ITEM modify_attributes[],
	OPENSSL_ITEM delete_attributes[], OPENSSL_ITEM parameters[])
	{
	check_store(s,STORE_F_STORE_MODIFY_PRIVATE_KEY,
		modify_object,STORE_R_NO_MODIFY_OBJECT_FUNCTION);

	if (!s->meth->modify_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
		    search_attributes, add_attributes, modify_attributes,
		    delete_attributes, parameters))
		{
		STOREerr(STORE_F_STORE_MODIFY_PRIVATE_KEY,
			STORE_R_FAILED_MODIFYING_PRIVATE_KEY);
		return 0;
		}
	return 1;
	}

int STORE_revoke_private_key(STORE *s, OPENSSL_ITEM attributes[],
	OPENSSL_ITEM parameters[])
	{
	int i;

	check_store(s,STORE_F_STORE_REVOKE_PRIVATE_KEY,
		revoke_object,STORE_R_NO_REVOKE_OBJECT_FUNCTION);

	i = s->meth->revoke_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
		attributes, parameters);

	if (!i)
		{
		STOREerr(STORE_F_STORE_REVOKE_PRIVATE_KEY,
			STORE_R_FAILED_REVOKING_KEY);
		return 0;
		}
	return i;
	}

int STORE_delete_private_key(STORE *s, OPENSSL_ITEM attributes[],
	OPENSSL_ITEM parameters[])
	{
	check_store(s,STORE_F_STORE_DELETE_PRIVATE_KEY,
		delete_object,STORE_R_NO_DELETE_OBJECT_FUNCTION);
	
	if (!s->meth->delete_object(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
		    attributes, parameters))
		{
		STOREerr(STORE_F_STORE_DELETE_PRIVATE_KEY,
			STORE_R_FAILED_DELETING_KEY);
		return 0;
		}
	return 1;
	}

void *STORE_list_private_key_start(STORE *s, OPENSSL_ITEM attributes[],
	OPENSSL_ITEM parameters[])
	{
	void *handle;

	check_store(s,STORE_F_STORE_LIST_PRIVATE_KEY_START,
		list_object_start,STORE_R_NO_LIST_OBJECT_START_FUNCTION);

	handle = s->meth->list_object_start(s, STORE_OBJECT_TYPE_PRIVATE_KEY,
		attributes, parameters);
	if (!handle)
		{
		STOREerr(STORE_F_STORE_LIST_PRIVATE_KEY_START,
			STORE_R_FAILED_LISTING_KEYS);
		return 0;
		}
	return handle;
	}

EVP_PKEY *STORE_list_private_key_next(STORE *s, void *handle)
	{
	STORE_OBJECT *object;