1e1051a39Sopenharmony_ci/* 2e1051a39Sopenharmony_ci * Copyright 2016-2022 The OpenSSL Project Authors. All Rights Reserved. 3e1051a39Sopenharmony_ci * 4e1051a39Sopenharmony_ci * Licensed under the Apache License 2.0 (the "License"). You may not use 5e1051a39Sopenharmony_ci * this file except in compliance with the License. You can obtain a copy 6e1051a39Sopenharmony_ci * in the file LICENSE in the source distribution or at 7e1051a39Sopenharmony_ci * https://www.openssl.org/source/license.html 8e1051a39Sopenharmony_ci */ 9e1051a39Sopenharmony_ci 10e1051a39Sopenharmony_ci#include <stdlib.h> 11e1051a39Sopenharmony_ci#include <string.h> 12e1051a39Sopenharmony_ci#include <assert.h> 13e1051a39Sopenharmony_ci 14e1051a39Sopenharmony_ci/* We need to use some STORE deprecated APIs */ 15e1051a39Sopenharmony_ci#define OPENSSL_SUPPRESS_DEPRECATED 16e1051a39Sopenharmony_ci 17e1051a39Sopenharmony_ci#include "e_os.h" 18e1051a39Sopenharmony_ci 19e1051a39Sopenharmony_ci#include <openssl/crypto.h> 20e1051a39Sopenharmony_ci#include <openssl/err.h> 21e1051a39Sopenharmony_ci#include <openssl/trace.h> 22e1051a39Sopenharmony_ci#include <openssl/core_names.h> 23e1051a39Sopenharmony_ci#include <openssl/provider.h> 24e1051a39Sopenharmony_ci#include <openssl/param_build.h> 25e1051a39Sopenharmony_ci#include <openssl/store.h> 26e1051a39Sopenharmony_ci#include "internal/thread_once.h" 27e1051a39Sopenharmony_ci#include "internal/cryptlib.h" 28e1051a39Sopenharmony_ci#include "internal/provider.h" 29e1051a39Sopenharmony_ci#include "internal/bio.h" 30e1051a39Sopenharmony_ci#include "crypto/store.h" 31e1051a39Sopenharmony_ci#include "store_local.h" 32e1051a39Sopenharmony_ci 33e1051a39Sopenharmony_cistatic int ossl_store_close_it(OSSL_STORE_CTX *ctx); 34e1051a39Sopenharmony_ci 35e1051a39Sopenharmony_cistatic int loader_set_params(OSSL_STORE_LOADER *loader, 36e1051a39Sopenharmony_ci OSSL_STORE_LOADER_CTX *loader_ctx, 37e1051a39Sopenharmony_ci const OSSL_PARAM params[], const char *propq) 38e1051a39Sopenharmony_ci{ 39e1051a39Sopenharmony_ci if (params != NULL) { 40e1051a39Sopenharmony_ci if (!loader->p_set_ctx_params(loader_ctx, params)) 41e1051a39Sopenharmony_ci return 0; 42e1051a39Sopenharmony_ci } 43e1051a39Sopenharmony_ci 44e1051a39Sopenharmony_ci if (propq != NULL) { 45e1051a39Sopenharmony_ci OSSL_PARAM propp[2]; 46e1051a39Sopenharmony_ci 47e1051a39Sopenharmony_ci if (OSSL_PARAM_locate_const(params, 48e1051a39Sopenharmony_ci OSSL_STORE_PARAM_PROPERTIES) != NULL) 49e1051a39Sopenharmony_ci /* use the propq from params */ 50e1051a39Sopenharmony_ci return 1; 51e1051a39Sopenharmony_ci 52e1051a39Sopenharmony_ci propp[0] = OSSL_PARAM_construct_utf8_string(OSSL_STORE_PARAM_PROPERTIES, 53e1051a39Sopenharmony_ci (char *)propq, 0); 54e1051a39Sopenharmony_ci propp[1] = OSSL_PARAM_construct_end(); 55e1051a39Sopenharmony_ci 56e1051a39Sopenharmony_ci if (!loader->p_set_ctx_params(loader_ctx, propp)) 57e1051a39Sopenharmony_ci return 0; 58e1051a39Sopenharmony_ci } 59e1051a39Sopenharmony_ci return 1; 60e1051a39Sopenharmony_ci} 61e1051a39Sopenharmony_ci 62e1051a39Sopenharmony_ciOSSL_STORE_CTX * 63e1051a39Sopenharmony_ciOSSL_STORE_open_ex(const char *uri, OSSL_LIB_CTX *libctx, const char *propq, 64e1051a39Sopenharmony_ci const UI_METHOD *ui_method, void *ui_data, 65e1051a39Sopenharmony_ci const OSSL_PARAM params[], 66e1051a39Sopenharmony_ci OSSL_STORE_post_process_info_fn post_process, 67e1051a39Sopenharmony_ci void *post_process_data) 68e1051a39Sopenharmony_ci{ 69e1051a39Sopenharmony_ci const OSSL_STORE_LOADER *loader = NULL; 70e1051a39Sopenharmony_ci OSSL_STORE_LOADER *fetched_loader = NULL; 71e1051a39Sopenharmony_ci OSSL_STORE_LOADER_CTX *loader_ctx = NULL; 72e1051a39Sopenharmony_ci OSSL_STORE_CTX *ctx = NULL; 73e1051a39Sopenharmony_ci char *propq_copy = NULL; 74e1051a39Sopenharmony_ci int no_loader_found = 1; 75e1051a39Sopenharmony_ci char scheme_copy[256], *p, *schemes[2], *scheme = NULL; 76e1051a39Sopenharmony_ci size_t schemes_n = 0; 77e1051a39Sopenharmony_ci size_t i; 78e1051a39Sopenharmony_ci 79e1051a39Sopenharmony_ci /* 80e1051a39Sopenharmony_ci * Put the file scheme first. If the uri does represent an existing file, 81e1051a39Sopenharmony_ci * possible device name and all, then it should be loaded. Only a failed 82e1051a39Sopenharmony_ci * attempt at loading a local file should have us try something else. 83e1051a39Sopenharmony_ci */ 84e1051a39Sopenharmony_ci schemes[schemes_n++] = "file"; 85e1051a39Sopenharmony_ci 86e1051a39Sopenharmony_ci /* 87e1051a39Sopenharmony_ci * Now, check if we have something that looks like a scheme, and add it 88e1051a39Sopenharmony_ci * as a second scheme. However, also check if there's an authority start 89e1051a39Sopenharmony_ci * (://), because that will invalidate the previous file scheme. Also, 90e1051a39Sopenharmony_ci * check that this isn't actually the file scheme, as there's no point 91e1051a39Sopenharmony_ci * going through that one twice! 92e1051a39Sopenharmony_ci */ 93e1051a39Sopenharmony_ci OPENSSL_strlcpy(scheme_copy, uri, sizeof(scheme_copy)); 94e1051a39Sopenharmony_ci if ((p = strchr(scheme_copy, ':')) != NULL) { 95e1051a39Sopenharmony_ci *p++ = '\0'; 96e1051a39Sopenharmony_ci if (OPENSSL_strcasecmp(scheme_copy, "file") != 0) { 97e1051a39Sopenharmony_ci if (strncmp(p, "//", 2) == 0) 98e1051a39Sopenharmony_ci schemes_n--; /* Invalidate the file scheme */ 99e1051a39Sopenharmony_ci schemes[schemes_n++] = scheme_copy; 100e1051a39Sopenharmony_ci } 101e1051a39Sopenharmony_ci } 102e1051a39Sopenharmony_ci 103e1051a39Sopenharmony_ci ERR_set_mark(); 104e1051a39Sopenharmony_ci 105e1051a39Sopenharmony_ci /* 106e1051a39Sopenharmony_ci * Try each scheme until we find one that could open the URI. 107e1051a39Sopenharmony_ci * 108e1051a39Sopenharmony_ci * For each scheme, we look for the engine implementation first, and 109e1051a39Sopenharmony_ci * failing that, we then try to fetch a provided implementation. 110e1051a39Sopenharmony_ci * This is consistent with how we handle legacy / engine implementations 111e1051a39Sopenharmony_ci * elsewhere. 112e1051a39Sopenharmony_ci */ 113e1051a39Sopenharmony_ci for (i = 0; loader_ctx == NULL && i < schemes_n; i++) { 114e1051a39Sopenharmony_ci scheme = schemes[i]; 115e1051a39Sopenharmony_ci OSSL_TRACE1(STORE, "Looking up scheme %s\n", scheme); 116e1051a39Sopenharmony_ci#ifndef OPENSSL_NO_DEPRECATED_3_0 117e1051a39Sopenharmony_ci if ((loader = ossl_store_get0_loader_int(scheme)) != NULL) { 118e1051a39Sopenharmony_ci no_loader_found = 0; 119e1051a39Sopenharmony_ci if (loader->open_ex != NULL) 120e1051a39Sopenharmony_ci loader_ctx = loader->open_ex(loader, uri, libctx, propq, 121e1051a39Sopenharmony_ci ui_method, ui_data); 122e1051a39Sopenharmony_ci else 123e1051a39Sopenharmony_ci loader_ctx = loader->open(loader, uri, ui_method, ui_data); 124e1051a39Sopenharmony_ci } 125e1051a39Sopenharmony_ci#endif 126e1051a39Sopenharmony_ci if (loader == NULL 127e1051a39Sopenharmony_ci && (fetched_loader = 128e1051a39Sopenharmony_ci OSSL_STORE_LOADER_fetch(libctx, scheme, propq)) != NULL) { 129e1051a39Sopenharmony_ci const OSSL_PROVIDER *provider = 130e1051a39Sopenharmony_ci OSSL_STORE_LOADER_get0_provider(fetched_loader); 131e1051a39Sopenharmony_ci void *provctx = OSSL_PROVIDER_get0_provider_ctx(provider); 132e1051a39Sopenharmony_ci 133e1051a39Sopenharmony_ci no_loader_found = 0; 134e1051a39Sopenharmony_ci loader_ctx = fetched_loader->p_open(provctx, uri); 135e1051a39Sopenharmony_ci if (loader_ctx == NULL) { 136e1051a39Sopenharmony_ci OSSL_STORE_LOADER_free(fetched_loader); 137e1051a39Sopenharmony_ci fetched_loader = NULL; 138e1051a39Sopenharmony_ci } else if(!loader_set_params(fetched_loader, loader_ctx, 139e1051a39Sopenharmony_ci params, propq)) { 140e1051a39Sopenharmony_ci (void)fetched_loader->p_close(loader_ctx); 141e1051a39Sopenharmony_ci OSSL_STORE_LOADER_free(fetched_loader); 142e1051a39Sopenharmony_ci fetched_loader = NULL; 143e1051a39Sopenharmony_ci } 144e1051a39Sopenharmony_ci loader = fetched_loader; 145e1051a39Sopenharmony_ci } 146e1051a39Sopenharmony_ci } 147e1051a39Sopenharmony_ci 148e1051a39Sopenharmony_ci if (no_loader_found) 149e1051a39Sopenharmony_ci /* 150e1051a39Sopenharmony_ci * It's assumed that ossl_store_get0_loader_int() and 151e1051a39Sopenharmony_ci * OSSL_STORE_LOADER_fetch() report their own errors 152e1051a39Sopenharmony_ci */ 153e1051a39Sopenharmony_ci goto err; 154e1051a39Sopenharmony_ci 155e1051a39Sopenharmony_ci OSSL_TRACE1(STORE, "Found loader for scheme %s\n", scheme); 156e1051a39Sopenharmony_ci 157e1051a39Sopenharmony_ci if (loader_ctx == NULL) 158e1051a39Sopenharmony_ci /* 159e1051a39Sopenharmony_ci * It's assumed that the loader's open() method reports its own 160e1051a39Sopenharmony_ci * errors 161e1051a39Sopenharmony_ci */ 162e1051a39Sopenharmony_ci goto err; 163e1051a39Sopenharmony_ci 164e1051a39Sopenharmony_ci OSSL_TRACE2(STORE, "Opened %s => %p\n", uri, (void *)loader_ctx); 165e1051a39Sopenharmony_ci 166e1051a39Sopenharmony_ci if ((propq != NULL && (propq_copy = OPENSSL_strdup(propq)) == NULL) 167e1051a39Sopenharmony_ci || (ctx = OPENSSL_zalloc(sizeof(*ctx))) == NULL) { 168e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_MALLOC_FAILURE); 169e1051a39Sopenharmony_ci goto err; 170e1051a39Sopenharmony_ci } 171e1051a39Sopenharmony_ci 172e1051a39Sopenharmony_ci if (ui_method != NULL 173e1051a39Sopenharmony_ci && (!ossl_pw_set_ui_method(&ctx->pwdata, ui_method, ui_data) 174e1051a39Sopenharmony_ci || !ossl_pw_enable_passphrase_caching(&ctx->pwdata))) { 175e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_CRYPTO_LIB); 176e1051a39Sopenharmony_ci goto err; 177e1051a39Sopenharmony_ci } 178e1051a39Sopenharmony_ci ctx->properties = propq_copy; 179e1051a39Sopenharmony_ci ctx->fetched_loader = fetched_loader; 180e1051a39Sopenharmony_ci ctx->loader = loader; 181e1051a39Sopenharmony_ci ctx->loader_ctx = loader_ctx; 182e1051a39Sopenharmony_ci ctx->post_process = post_process; 183e1051a39Sopenharmony_ci ctx->post_process_data = post_process_data; 184e1051a39Sopenharmony_ci 185e1051a39Sopenharmony_ci /* 186e1051a39Sopenharmony_ci * If the attempt to open with the 'file' scheme loader failed and the 187e1051a39Sopenharmony_ci * other scheme loader succeeded, the failure to open with the 'file' 188e1051a39Sopenharmony_ci * scheme loader leaves an error on the error stack. Let's remove it. 189e1051a39Sopenharmony_ci */ 190e1051a39Sopenharmony_ci ERR_pop_to_mark(); 191e1051a39Sopenharmony_ci 192e1051a39Sopenharmony_ci return ctx; 193e1051a39Sopenharmony_ci 194e1051a39Sopenharmony_ci err: 195e1051a39Sopenharmony_ci ERR_clear_last_mark(); 196e1051a39Sopenharmony_ci if (loader_ctx != NULL) { 197e1051a39Sopenharmony_ci /* 198e1051a39Sopenharmony_ci * Temporary structure so OSSL_STORE_close() can work even when 199e1051a39Sopenharmony_ci * |ctx| couldn't be allocated properly 200e1051a39Sopenharmony_ci */ 201e1051a39Sopenharmony_ci OSSL_STORE_CTX tmpctx = { NULL, }; 202e1051a39Sopenharmony_ci 203e1051a39Sopenharmony_ci tmpctx.fetched_loader = fetched_loader; 204e1051a39Sopenharmony_ci tmpctx.loader = loader; 205e1051a39Sopenharmony_ci tmpctx.loader_ctx = loader_ctx; 206e1051a39Sopenharmony_ci 207e1051a39Sopenharmony_ci /* 208e1051a39Sopenharmony_ci * We ignore a returned error because we will return NULL anyway in 209e1051a39Sopenharmony_ci * this case, so if something goes wrong when closing, that'll simply 210e1051a39Sopenharmony_ci * just add another entry on the error stack. 211e1051a39Sopenharmony_ci */ 212e1051a39Sopenharmony_ci (void)ossl_store_close_it(&tmpctx); 213e1051a39Sopenharmony_ci } 214e1051a39Sopenharmony_ci OSSL_STORE_LOADER_free(fetched_loader); 215e1051a39Sopenharmony_ci OPENSSL_free(propq_copy); 216e1051a39Sopenharmony_ci OPENSSL_free(ctx); 217e1051a39Sopenharmony_ci return NULL; 218e1051a39Sopenharmony_ci} 219e1051a39Sopenharmony_ci 220e1051a39Sopenharmony_ciOSSL_STORE_CTX *OSSL_STORE_open(const char *uri, 221e1051a39Sopenharmony_ci const UI_METHOD *ui_method, void *ui_data, 222e1051a39Sopenharmony_ci OSSL_STORE_post_process_info_fn post_process, 223e1051a39Sopenharmony_ci void *post_process_data) 224e1051a39Sopenharmony_ci{ 225e1051a39Sopenharmony_ci return OSSL_STORE_open_ex(uri, NULL, NULL, ui_method, ui_data, NULL, 226e1051a39Sopenharmony_ci post_process, post_process_data); 227e1051a39Sopenharmony_ci} 228e1051a39Sopenharmony_ci 229e1051a39Sopenharmony_ci#ifndef OPENSSL_NO_DEPRECATED_3_0 230e1051a39Sopenharmony_ciint OSSL_STORE_ctrl(OSSL_STORE_CTX *ctx, int cmd, ...) 231e1051a39Sopenharmony_ci{ 232e1051a39Sopenharmony_ci va_list args; 233e1051a39Sopenharmony_ci int ret; 234e1051a39Sopenharmony_ci 235e1051a39Sopenharmony_ci va_start(args, cmd); 236e1051a39Sopenharmony_ci ret = OSSL_STORE_vctrl(ctx, cmd, args); 237e1051a39Sopenharmony_ci va_end(args); 238e1051a39Sopenharmony_ci 239e1051a39Sopenharmony_ci return ret; 240e1051a39Sopenharmony_ci} 241e1051a39Sopenharmony_ci 242e1051a39Sopenharmony_ciint OSSL_STORE_vctrl(OSSL_STORE_CTX *ctx, int cmd, va_list args) 243e1051a39Sopenharmony_ci{ 244e1051a39Sopenharmony_ci if (ctx->fetched_loader != NULL) { 245e1051a39Sopenharmony_ci if (ctx->fetched_loader->p_set_ctx_params != NULL) { 246e1051a39Sopenharmony_ci OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END }; 247e1051a39Sopenharmony_ci 248e1051a39Sopenharmony_ci switch (cmd) { 249e1051a39Sopenharmony_ci case OSSL_STORE_C_USE_SECMEM: 250e1051a39Sopenharmony_ci { 251e1051a39Sopenharmony_ci int on = *(va_arg(args, int *)); 252e1051a39Sopenharmony_ci 253e1051a39Sopenharmony_ci params[0] = OSSL_PARAM_construct_int("use_secmem", &on); 254e1051a39Sopenharmony_ci } 255e1051a39Sopenharmony_ci break; 256e1051a39Sopenharmony_ci default: 257e1051a39Sopenharmony_ci break; 258e1051a39Sopenharmony_ci } 259e1051a39Sopenharmony_ci 260e1051a39Sopenharmony_ci return ctx->fetched_loader->p_set_ctx_params(ctx->loader_ctx, 261e1051a39Sopenharmony_ci params); 262e1051a39Sopenharmony_ci } 263e1051a39Sopenharmony_ci } else if (ctx->loader->ctrl != NULL) { 264e1051a39Sopenharmony_ci return ctx->loader->ctrl(ctx->loader_ctx, cmd, args); 265e1051a39Sopenharmony_ci } 266e1051a39Sopenharmony_ci 267e1051a39Sopenharmony_ci /* 268e1051a39Sopenharmony_ci * If the fetched loader doesn't have a set_ctx_params or a ctrl, it's as 269e1051a39Sopenharmony_ci * if there was one that ignored our params, which usually returns 1. 270e1051a39Sopenharmony_ci */ 271e1051a39Sopenharmony_ci return 1; 272e1051a39Sopenharmony_ci} 273e1051a39Sopenharmony_ci#endif 274e1051a39Sopenharmony_ci 275e1051a39Sopenharmony_ciint OSSL_STORE_expect(OSSL_STORE_CTX *ctx, int expected_type) 276e1051a39Sopenharmony_ci{ 277e1051a39Sopenharmony_ci int ret = 1; 278e1051a39Sopenharmony_ci 279e1051a39Sopenharmony_ci if (ctx == NULL 280e1051a39Sopenharmony_ci || expected_type < 0 || expected_type > OSSL_STORE_INFO_CRL) { 281e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_PASSED_INVALID_ARGUMENT); 282e1051a39Sopenharmony_ci return 0; 283e1051a39Sopenharmony_ci } 284e1051a39Sopenharmony_ci if (ctx->loading) { 285e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_OSSL_STORE, OSSL_STORE_R_LOADING_STARTED); 286e1051a39Sopenharmony_ci return 0; 287e1051a39Sopenharmony_ci } 288e1051a39Sopenharmony_ci 289e1051a39Sopenharmony_ci ctx->expected_type = expected_type; 290e1051a39Sopenharmony_ci if (ctx->fetched_loader != NULL 291e1051a39Sopenharmony_ci && ctx->fetched_loader->p_set_ctx_params != NULL) { 292e1051a39Sopenharmony_ci OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END }; 293e1051a39Sopenharmony_ci 294e1051a39Sopenharmony_ci params[0] = 295e1051a39Sopenharmony_ci OSSL_PARAM_construct_int(OSSL_STORE_PARAM_EXPECT, &expected_type); 296e1051a39Sopenharmony_ci ret = ctx->fetched_loader->p_set_ctx_params(ctx->loader_ctx, params); 297e1051a39Sopenharmony_ci } 298e1051a39Sopenharmony_ci#ifndef OPENSSL_NO_DEPRECATED_3_0 299e1051a39Sopenharmony_ci if (ctx->fetched_loader == NULL 300e1051a39Sopenharmony_ci && ctx->loader->expect != NULL) { 301e1051a39Sopenharmony_ci ret = ctx->loader->expect(ctx->loader_ctx, expected_type); 302e1051a39Sopenharmony_ci } 303e1051a39Sopenharmony_ci#endif 304e1051a39Sopenharmony_ci return ret; 305e1051a39Sopenharmony_ci} 306e1051a39Sopenharmony_ci 307e1051a39Sopenharmony_ciint OSSL_STORE_find(OSSL_STORE_CTX *ctx, const OSSL_STORE_SEARCH *search) 308e1051a39Sopenharmony_ci{ 309e1051a39Sopenharmony_ci int ret = 1; 310e1051a39Sopenharmony_ci 311e1051a39Sopenharmony_ci if (ctx->loading) { 312e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_OSSL_STORE, OSSL_STORE_R_LOADING_STARTED); 313e1051a39Sopenharmony_ci return 0; 314e1051a39Sopenharmony_ci } 315e1051a39Sopenharmony_ci if (search == NULL) { 316e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_PASSED_NULL_PARAMETER); 317e1051a39Sopenharmony_ci return 0; 318e1051a39Sopenharmony_ci } 319e1051a39Sopenharmony_ci 320e1051a39Sopenharmony_ci if (ctx->fetched_loader != NULL) { 321e1051a39Sopenharmony_ci OSSL_PARAM_BLD *bld; 322e1051a39Sopenharmony_ci OSSL_PARAM *params; 323e1051a39Sopenharmony_ci /* OSSL_STORE_SEARCH_BY_NAME, OSSL_STORE_SEARCH_BY_ISSUER_SERIAL*/ 324e1051a39Sopenharmony_ci void *name_der = NULL; 325e1051a39Sopenharmony_ci int name_der_sz; 326e1051a39Sopenharmony_ci /* OSSL_STORE_SEARCH_BY_ISSUER_SERIAL */ 327e1051a39Sopenharmony_ci BIGNUM *number = NULL; 328e1051a39Sopenharmony_ci 329e1051a39Sopenharmony_ci if (ctx->fetched_loader->p_set_ctx_params == NULL) { 330e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_OSSL_STORE, OSSL_STORE_R_UNSUPPORTED_OPERATION); 331e1051a39Sopenharmony_ci return 0; 332e1051a39Sopenharmony_ci } 333e1051a39Sopenharmony_ci 334e1051a39Sopenharmony_ci if ((bld = OSSL_PARAM_BLD_new()) == NULL) { 335e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_MALLOC_FAILURE); 336e1051a39Sopenharmony_ci return 0; 337e1051a39Sopenharmony_ci } 338e1051a39Sopenharmony_ci 339e1051a39Sopenharmony_ci ret = 0; /* Assume the worst */ 340e1051a39Sopenharmony_ci 341e1051a39Sopenharmony_ci switch (search->search_type) { 342e1051a39Sopenharmony_ci case OSSL_STORE_SEARCH_BY_NAME: 343e1051a39Sopenharmony_ci if ((name_der_sz = i2d_X509_NAME(search->name, 344e1051a39Sopenharmony_ci (unsigned char **)&name_der)) > 0 345e1051a39Sopenharmony_ci && OSSL_PARAM_BLD_push_octet_string(bld, 346e1051a39Sopenharmony_ci OSSL_STORE_PARAM_SUBJECT, 347e1051a39Sopenharmony_ci name_der, name_der_sz)) 348e1051a39Sopenharmony_ci ret = 1; 349e1051a39Sopenharmony_ci break; 350e1051a39Sopenharmony_ci case OSSL_STORE_SEARCH_BY_ISSUER_SERIAL: 351e1051a39Sopenharmony_ci if ((name_der_sz = i2d_X509_NAME(search->name, 352e1051a39Sopenharmony_ci (unsigned char **)&name_der)) > 0 353e1051a39Sopenharmony_ci && (number = ASN1_INTEGER_to_BN(search->serial, NULL)) != NULL 354e1051a39Sopenharmony_ci && OSSL_PARAM_BLD_push_octet_string(bld, 355e1051a39Sopenharmony_ci OSSL_STORE_PARAM_ISSUER, 356e1051a39Sopenharmony_ci name_der, name_der_sz) 357e1051a39Sopenharmony_ci && OSSL_PARAM_BLD_push_BN(bld, OSSL_STORE_PARAM_SERIAL, 358e1051a39Sopenharmony_ci number)) 359e1051a39Sopenharmony_ci ret = 1; 360e1051a39Sopenharmony_ci break; 361e1051a39Sopenharmony_ci case OSSL_STORE_SEARCH_BY_KEY_FINGERPRINT: 362e1051a39Sopenharmony_ci if (OSSL_PARAM_BLD_push_utf8_string(bld, OSSL_STORE_PARAM_DIGEST, 363e1051a39Sopenharmony_ci EVP_MD_get0_name(search->digest), 364e1051a39Sopenharmony_ci 0) 365e1051a39Sopenharmony_ci && OSSL_PARAM_BLD_push_octet_string(bld, 366e1051a39Sopenharmony_ci OSSL_STORE_PARAM_FINGERPRINT, 367e1051a39Sopenharmony_ci search->string, 368e1051a39Sopenharmony_ci search->stringlength)) 369e1051a39Sopenharmony_ci ret = 1; 370e1051a39Sopenharmony_ci break; 371e1051a39Sopenharmony_ci case OSSL_STORE_SEARCH_BY_ALIAS: 372e1051a39Sopenharmony_ci if (OSSL_PARAM_BLD_push_utf8_string(bld, OSSL_STORE_PARAM_ALIAS, 373e1051a39Sopenharmony_ci (char *)search->string, 374e1051a39Sopenharmony_ci search->stringlength)) 375e1051a39Sopenharmony_ci ret = 1; 376e1051a39Sopenharmony_ci break; 377e1051a39Sopenharmony_ci } 378e1051a39Sopenharmony_ci if (ret) { 379e1051a39Sopenharmony_ci params = OSSL_PARAM_BLD_to_param(bld); 380e1051a39Sopenharmony_ci ret = ctx->fetched_loader->p_set_ctx_params(ctx->loader_ctx, 381e1051a39Sopenharmony_ci params); 382e1051a39Sopenharmony_ci OSSL_PARAM_free(params); 383e1051a39Sopenharmony_ci } 384e1051a39Sopenharmony_ci OSSL_PARAM_BLD_free(bld); 385e1051a39Sopenharmony_ci OPENSSL_free(name_der); 386e1051a39Sopenharmony_ci BN_free(number); 387e1051a39Sopenharmony_ci } else { 388e1051a39Sopenharmony_ci#ifndef OPENSSL_NO_DEPRECATED_3_0 389e1051a39Sopenharmony_ci /* legacy loader section */ 390e1051a39Sopenharmony_ci if (ctx->loader->find == NULL) { 391e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_OSSL_STORE, OSSL_STORE_R_UNSUPPORTED_OPERATION); 392e1051a39Sopenharmony_ci return 0; 393e1051a39Sopenharmony_ci } 394e1051a39Sopenharmony_ci ret = ctx->loader->find(ctx->loader_ctx, search); 395e1051a39Sopenharmony_ci#endif 396e1051a39Sopenharmony_ci } 397e1051a39Sopenharmony_ci 398e1051a39Sopenharmony_ci return ret; 399e1051a39Sopenharmony_ci} 400e1051a39Sopenharmony_ci 401e1051a39Sopenharmony_ciOSSL_STORE_INFO *OSSL_STORE_load(OSSL_STORE_CTX *ctx) 402e1051a39Sopenharmony_ci{ 403e1051a39Sopenharmony_ci OSSL_STORE_INFO *v = NULL; 404e1051a39Sopenharmony_ci 405e1051a39Sopenharmony_ci ctx->loading = 1; 406e1051a39Sopenharmony_ci again: 407e1051a39Sopenharmony_ci if (OSSL_STORE_eof(ctx)) 408e1051a39Sopenharmony_ci return NULL; 409e1051a39Sopenharmony_ci 410e1051a39Sopenharmony_ci if (ctx->loader != NULL) 411e1051a39Sopenharmony_ci OSSL_TRACE(STORE, "Loading next object\n"); 412e1051a39Sopenharmony_ci 413e1051a39Sopenharmony_ci if (ctx->cached_info != NULL 414e1051a39Sopenharmony_ci && sk_OSSL_STORE_INFO_num(ctx->cached_info) == 0) { 415e1051a39Sopenharmony_ci sk_OSSL_STORE_INFO_free(ctx->cached_info); 416e1051a39Sopenharmony_ci ctx->cached_info = NULL; 417e1051a39Sopenharmony_ci } 418e1051a39Sopenharmony_ci 419e1051a39Sopenharmony_ci if (ctx->cached_info != NULL) { 420e1051a39Sopenharmony_ci v = sk_OSSL_STORE_INFO_shift(ctx->cached_info); 421e1051a39Sopenharmony_ci } else { 422e1051a39Sopenharmony_ci if (ctx->fetched_loader != NULL) { 423e1051a39Sopenharmony_ci struct ossl_load_result_data_st load_data; 424e1051a39Sopenharmony_ci 425e1051a39Sopenharmony_ci load_data.v = NULL; 426e1051a39Sopenharmony_ci load_data.ctx = ctx; 427e1051a39Sopenharmony_ci 428e1051a39Sopenharmony_ci if (!ctx->fetched_loader->p_load(ctx->loader_ctx, 429e1051a39Sopenharmony_ci ossl_store_handle_load_result, 430e1051a39Sopenharmony_ci &load_data, 431e1051a39Sopenharmony_ci ossl_pw_passphrase_callback_dec, 432e1051a39Sopenharmony_ci &ctx->pwdata)) { 433e1051a39Sopenharmony_ci if (!OSSL_STORE_eof(ctx)) 434e1051a39Sopenharmony_ci ctx->error_flag = 1; 435e1051a39Sopenharmony_ci return NULL; 436e1051a39Sopenharmony_ci } 437e1051a39Sopenharmony_ci v = load_data.v; 438e1051a39Sopenharmony_ci } 439e1051a39Sopenharmony_ci#ifndef OPENSSL_NO_DEPRECATED_3_0 440e1051a39Sopenharmony_ci if (ctx->fetched_loader == NULL) 441e1051a39Sopenharmony_ci v = ctx->loader->load(ctx->loader_ctx, 442e1051a39Sopenharmony_ci ctx->pwdata._.ui_method.ui_method, 443e1051a39Sopenharmony_ci ctx->pwdata._.ui_method.ui_method_data); 444e1051a39Sopenharmony_ci#endif 445e1051a39Sopenharmony_ci } 446e1051a39Sopenharmony_ci 447e1051a39Sopenharmony_ci if (ctx->post_process != NULL && v != NULL) { 448e1051a39Sopenharmony_ci v = ctx->post_process(v, ctx->post_process_data); 449e1051a39Sopenharmony_ci 450e1051a39Sopenharmony_ci /* 451e1051a39Sopenharmony_ci * By returning NULL, the callback decides that this object should 452e1051a39Sopenharmony_ci * be ignored. 453e1051a39Sopenharmony_ci */ 454e1051a39Sopenharmony_ci if (v == NULL) 455e1051a39Sopenharmony_ci goto again; 456e1051a39Sopenharmony_ci } 457e1051a39Sopenharmony_ci 458e1051a39Sopenharmony_ci /* Clear any internally cached passphrase */ 459e1051a39Sopenharmony_ci (void)ossl_pw_clear_passphrase_cache(&ctx->pwdata); 460e1051a39Sopenharmony_ci 461e1051a39Sopenharmony_ci if (v != NULL && ctx->expected_type != 0) { 462e1051a39Sopenharmony_ci int returned_type = OSSL_STORE_INFO_get_type(v); 463e1051a39Sopenharmony_ci 464e1051a39Sopenharmony_ci if (returned_type != OSSL_STORE_INFO_NAME && returned_type != 0) { 465e1051a39Sopenharmony_ci if (ctx->expected_type != returned_type) { 466e1051a39Sopenharmony_ci OSSL_STORE_INFO_free(v); 467e1051a39Sopenharmony_ci goto again; 468e1051a39Sopenharmony_ci } 469e1051a39Sopenharmony_ci } 470e1051a39Sopenharmony_ci } 471e1051a39Sopenharmony_ci 472e1051a39Sopenharmony_ci if (v != NULL) 473e1051a39Sopenharmony_ci OSSL_TRACE1(STORE, "Got a %s\n", 474e1051a39Sopenharmony_ci OSSL_STORE_INFO_type_string(OSSL_STORE_INFO_get_type(v))); 475e1051a39Sopenharmony_ci 476e1051a39Sopenharmony_ci return v; 477e1051a39Sopenharmony_ci} 478e1051a39Sopenharmony_ci 479e1051a39Sopenharmony_ciint OSSL_STORE_error(OSSL_STORE_CTX *ctx) 480e1051a39Sopenharmony_ci{ 481e1051a39Sopenharmony_ci int ret = 1; 482e1051a39Sopenharmony_ci 483e1051a39Sopenharmony_ci if (ctx->fetched_loader != NULL) 484e1051a39Sopenharmony_ci ret = ctx->error_flag; 485e1051a39Sopenharmony_ci#ifndef OPENSSL_NO_DEPRECATED_3_0 486e1051a39Sopenharmony_ci if (ctx->fetched_loader == NULL) 487e1051a39Sopenharmony_ci ret = ctx->loader->error(ctx->loader_ctx); 488e1051a39Sopenharmony_ci#endif 489e1051a39Sopenharmony_ci return ret; 490e1051a39Sopenharmony_ci} 491e1051a39Sopenharmony_ci 492e1051a39Sopenharmony_ciint OSSL_STORE_eof(OSSL_STORE_CTX *ctx) 493e1051a39Sopenharmony_ci{ 494e1051a39Sopenharmony_ci int ret = 1; 495e1051a39Sopenharmony_ci 496e1051a39Sopenharmony_ci if (ctx->fetched_loader != NULL) 497e1051a39Sopenharmony_ci ret = ctx->loader->p_eof(ctx->loader_ctx); 498e1051a39Sopenharmony_ci#ifndef OPENSSL_NO_DEPRECATED_3_0 499e1051a39Sopenharmony_ci if (ctx->fetched_loader == NULL) 500e1051a39Sopenharmony_ci ret = ctx->loader->eof(ctx->loader_ctx); 501e1051a39Sopenharmony_ci#endif 502e1051a39Sopenharmony_ci return ret != 0; 503e1051a39Sopenharmony_ci} 504e1051a39Sopenharmony_ci 505e1051a39Sopenharmony_cistatic int ossl_store_close_it(OSSL_STORE_CTX *ctx) 506e1051a39Sopenharmony_ci{ 507e1051a39Sopenharmony_ci int ret = 0; 508e1051a39Sopenharmony_ci 509e1051a39Sopenharmony_ci if (ctx == NULL) 510e1051a39Sopenharmony_ci return 1; 511e1051a39Sopenharmony_ci OSSL_TRACE1(STORE, "Closing %p\n", (void *)ctx->loader_ctx); 512e1051a39Sopenharmony_ci 513e1051a39Sopenharmony_ci if (ctx->fetched_loader != NULL) 514e1051a39Sopenharmony_ci ret = ctx->loader->p_close(ctx->loader_ctx); 515e1051a39Sopenharmony_ci#ifndef OPENSSL_NO_DEPRECATED_3_0 516e1051a39Sopenharmony_ci if (ctx->fetched_loader == NULL) 517e1051a39Sopenharmony_ci ret = ctx->loader->closefn(ctx->loader_ctx); 518e1051a39Sopenharmony_ci#endif 519e1051a39Sopenharmony_ci 520e1051a39Sopenharmony_ci sk_OSSL_STORE_INFO_pop_free(ctx->cached_info, OSSL_STORE_INFO_free); 521e1051a39Sopenharmony_ci OSSL_STORE_LOADER_free(ctx->fetched_loader); 522e1051a39Sopenharmony_ci OPENSSL_free(ctx->properties); 523e1051a39Sopenharmony_ci ossl_pw_clear_passphrase_data(&ctx->pwdata); 524e1051a39Sopenharmony_ci return ret; 525e1051a39Sopenharmony_ci} 526e1051a39Sopenharmony_ci 527e1051a39Sopenharmony_ciint OSSL_STORE_close(OSSL_STORE_CTX *ctx) 528e1051a39Sopenharmony_ci{ 529e1051a39Sopenharmony_ci int ret = ossl_store_close_it(ctx); 530e1051a39Sopenharmony_ci 531e1051a39Sopenharmony_ci OPENSSL_free(ctx); 532e1051a39Sopenharmony_ci return ret; 533e1051a39Sopenharmony_ci} 534e1051a39Sopenharmony_ci 535e1051a39Sopenharmony_ci/* 536e1051a39Sopenharmony_ci * Functions to generate OSSL_STORE_INFOs, one function for each type we 537e1051a39Sopenharmony_ci * support having in them as well as a generic constructor. 538e1051a39Sopenharmony_ci * 539e1051a39Sopenharmony_ci * In all cases, ownership of the object is transferred to the OSSL_STORE_INFO 540e1051a39Sopenharmony_ci * and will therefore be freed when the OSSL_STORE_INFO is freed. 541e1051a39Sopenharmony_ci */ 542e1051a39Sopenharmony_ciOSSL_STORE_INFO *OSSL_STORE_INFO_new(int type, void *data) 543e1051a39Sopenharmony_ci{ 544e1051a39Sopenharmony_ci OSSL_STORE_INFO *info = OPENSSL_zalloc(sizeof(*info)); 545e1051a39Sopenharmony_ci 546e1051a39Sopenharmony_ci if (info == NULL) 547e1051a39Sopenharmony_ci return NULL; 548e1051a39Sopenharmony_ci 549e1051a39Sopenharmony_ci info->type = type; 550e1051a39Sopenharmony_ci info->_.data = data; 551e1051a39Sopenharmony_ci return info; 552e1051a39Sopenharmony_ci} 553e1051a39Sopenharmony_ci 554e1051a39Sopenharmony_ciOSSL_STORE_INFO *OSSL_STORE_INFO_new_NAME(char *name) 555e1051a39Sopenharmony_ci{ 556e1051a39Sopenharmony_ci OSSL_STORE_INFO *info = OSSL_STORE_INFO_new(OSSL_STORE_INFO_NAME, NULL); 557e1051a39Sopenharmony_ci 558e1051a39Sopenharmony_ci if (info == NULL) { 559e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_MALLOC_FAILURE); 560e1051a39Sopenharmony_ci return NULL; 561e1051a39Sopenharmony_ci } 562e1051a39Sopenharmony_ci 563e1051a39Sopenharmony_ci info->_.name.name = name; 564e1051a39Sopenharmony_ci info->_.name.desc = NULL; 565e1051a39Sopenharmony_ci 566e1051a39Sopenharmony_ci return info; 567e1051a39Sopenharmony_ci} 568e1051a39Sopenharmony_ci 569e1051a39Sopenharmony_ciint OSSL_STORE_INFO_set0_NAME_description(OSSL_STORE_INFO *info, char *desc) 570e1051a39Sopenharmony_ci{ 571e1051a39Sopenharmony_ci if (info->type != OSSL_STORE_INFO_NAME) { 572e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_PASSED_INVALID_ARGUMENT); 573e1051a39Sopenharmony_ci return 0; 574e1051a39Sopenharmony_ci } 575e1051a39Sopenharmony_ci 576e1051a39Sopenharmony_ci info->_.name.desc = desc; 577e1051a39Sopenharmony_ci 578e1051a39Sopenharmony_ci return 1; 579e1051a39Sopenharmony_ci} 580e1051a39Sopenharmony_ciOSSL_STORE_INFO *OSSL_STORE_INFO_new_PARAMS(EVP_PKEY *params) 581e1051a39Sopenharmony_ci{ 582e1051a39Sopenharmony_ci OSSL_STORE_INFO *info = OSSL_STORE_INFO_new(OSSL_STORE_INFO_PARAMS, params); 583e1051a39Sopenharmony_ci 584e1051a39Sopenharmony_ci if (info == NULL) 585e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_MALLOC_FAILURE); 586e1051a39Sopenharmony_ci return info; 587e1051a39Sopenharmony_ci} 588e1051a39Sopenharmony_ci 589e1051a39Sopenharmony_ciOSSL_STORE_INFO *OSSL_STORE_INFO_new_PUBKEY(EVP_PKEY *pkey) 590e1051a39Sopenharmony_ci{ 591e1051a39Sopenharmony_ci OSSL_STORE_INFO *info = OSSL_STORE_INFO_new(OSSL_STORE_INFO_PUBKEY, pkey); 592e1051a39Sopenharmony_ci 593e1051a39Sopenharmony_ci if (info == NULL) 594e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_MALLOC_FAILURE); 595e1051a39Sopenharmony_ci return info; 596e1051a39Sopenharmony_ci} 597e1051a39Sopenharmony_ci 598e1051a39Sopenharmony_ciOSSL_STORE_INFO *OSSL_STORE_INFO_new_PKEY(EVP_PKEY *pkey) 599e1051a39Sopenharmony_ci{ 600e1051a39Sopenharmony_ci OSSL_STORE_INFO *info = OSSL_STORE_INFO_new(OSSL_STORE_INFO_PKEY, pkey); 601e1051a39Sopenharmony_ci 602e1051a39Sopenharmony_ci if (info == NULL) 603e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_MALLOC_FAILURE); 604e1051a39Sopenharmony_ci return info; 605e1051a39Sopenharmony_ci} 606e1051a39Sopenharmony_ci 607e1051a39Sopenharmony_ciOSSL_STORE_INFO *OSSL_STORE_INFO_new_CERT(X509 *x509) 608e1051a39Sopenharmony_ci{ 609e1051a39Sopenharmony_ci OSSL_STORE_INFO *info = OSSL_STORE_INFO_new(OSSL_STORE_INFO_CERT, x509); 610e1051a39Sopenharmony_ci 611e1051a39Sopenharmony_ci if (info == NULL) 612e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_MALLOC_FAILURE); 613e1051a39Sopenharmony_ci return info; 614e1051a39Sopenharmony_ci} 615e1051a39Sopenharmony_ci 616e1051a39Sopenharmony_ciOSSL_STORE_INFO *OSSL_STORE_INFO_new_CRL(X509_CRL *crl) 617e1051a39Sopenharmony_ci{ 618e1051a39Sopenharmony_ci OSSL_STORE_INFO *info = OSSL_STORE_INFO_new(OSSL_STORE_INFO_CRL, crl); 619e1051a39Sopenharmony_ci 620e1051a39Sopenharmony_ci if (info == NULL) 621e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_MALLOC_FAILURE); 622e1051a39Sopenharmony_ci return info; 623e1051a39Sopenharmony_ci} 624e1051a39Sopenharmony_ci 625e1051a39Sopenharmony_ci/* 626e1051a39Sopenharmony_ci * Functions to try to extract data from a OSSL_STORE_INFO. 627e1051a39Sopenharmony_ci */ 628e1051a39Sopenharmony_ciint OSSL_STORE_INFO_get_type(const OSSL_STORE_INFO *info) 629e1051a39Sopenharmony_ci{ 630e1051a39Sopenharmony_ci return info->type; 631e1051a39Sopenharmony_ci} 632e1051a39Sopenharmony_ci 633e1051a39Sopenharmony_civoid *OSSL_STORE_INFO_get0_data(int type, const OSSL_STORE_INFO *info) 634e1051a39Sopenharmony_ci{ 635e1051a39Sopenharmony_ci if (info->type == type) 636e1051a39Sopenharmony_ci return info->_.data; 637e1051a39Sopenharmony_ci return NULL; 638e1051a39Sopenharmony_ci} 639e1051a39Sopenharmony_ci 640e1051a39Sopenharmony_ciconst char *OSSL_STORE_INFO_get0_NAME(const OSSL_STORE_INFO *info) 641e1051a39Sopenharmony_ci{ 642e1051a39Sopenharmony_ci if (info->type == OSSL_STORE_INFO_NAME) 643e1051a39Sopenharmony_ci return info->_.name.name; 644e1051a39Sopenharmony_ci return NULL; 645e1051a39Sopenharmony_ci} 646e1051a39Sopenharmony_ci 647e1051a39Sopenharmony_cichar *OSSL_STORE_INFO_get1_NAME(const OSSL_STORE_INFO *info) 648e1051a39Sopenharmony_ci{ 649e1051a39Sopenharmony_ci if (info->type == OSSL_STORE_INFO_NAME) { 650e1051a39Sopenharmony_ci char *ret = OPENSSL_strdup(info->_.name.name); 651e1051a39Sopenharmony_ci 652e1051a39Sopenharmony_ci if (ret == NULL) 653e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_MALLOC_FAILURE); 654e1051a39Sopenharmony_ci return ret; 655e1051a39Sopenharmony_ci } 656e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_OSSL_STORE, OSSL_STORE_R_NOT_A_NAME); 657e1051a39Sopenharmony_ci return NULL; 658e1051a39Sopenharmony_ci} 659e1051a39Sopenharmony_ci 660e1051a39Sopenharmony_ciconst char *OSSL_STORE_INFO_get0_NAME_description(const OSSL_STORE_INFO *info) 661e1051a39Sopenharmony_ci{ 662e1051a39Sopenharmony_ci if (info->type == OSSL_STORE_INFO_NAME) 663e1051a39Sopenharmony_ci return info->_.name.desc; 664e1051a39Sopenharmony_ci return NULL; 665e1051a39Sopenharmony_ci} 666e1051a39Sopenharmony_ci 667e1051a39Sopenharmony_cichar *OSSL_STORE_INFO_get1_NAME_description(const OSSL_STORE_INFO *info) 668e1051a39Sopenharmony_ci{ 669e1051a39Sopenharmony_ci if (info->type == OSSL_STORE_INFO_NAME) { 670e1051a39Sopenharmony_ci char *ret = OPENSSL_strdup(info->_.name.desc 671e1051a39Sopenharmony_ci ? info->_.name.desc : ""); 672e1051a39Sopenharmony_ci 673e1051a39Sopenharmony_ci if (ret == NULL) 674e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_MALLOC_FAILURE); 675e1051a39Sopenharmony_ci return ret; 676e1051a39Sopenharmony_ci } 677e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_OSSL_STORE, OSSL_STORE_R_NOT_A_NAME); 678e1051a39Sopenharmony_ci return NULL; 679e1051a39Sopenharmony_ci} 680e1051a39Sopenharmony_ci 681e1051a39Sopenharmony_ciEVP_PKEY *OSSL_STORE_INFO_get0_PARAMS(const OSSL_STORE_INFO *info) 682e1051a39Sopenharmony_ci{ 683e1051a39Sopenharmony_ci if (info->type == OSSL_STORE_INFO_PARAMS) 684e1051a39Sopenharmony_ci return info->_.params; 685e1051a39Sopenharmony_ci return NULL; 686e1051a39Sopenharmony_ci} 687e1051a39Sopenharmony_ci 688e1051a39Sopenharmony_ciEVP_PKEY *OSSL_STORE_INFO_get1_PARAMS(const OSSL_STORE_INFO *info) 689e1051a39Sopenharmony_ci{ 690e1051a39Sopenharmony_ci if (info->type == OSSL_STORE_INFO_PARAMS) { 691e1051a39Sopenharmony_ci EVP_PKEY_up_ref(info->_.params); 692e1051a39Sopenharmony_ci return info->_.params; 693e1051a39Sopenharmony_ci } 694e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_OSSL_STORE, OSSL_STORE_R_NOT_PARAMETERS); 695e1051a39Sopenharmony_ci return NULL; 696e1051a39Sopenharmony_ci} 697e1051a39Sopenharmony_ci 698e1051a39Sopenharmony_ciEVP_PKEY *OSSL_STORE_INFO_get0_PUBKEY(const OSSL_STORE_INFO *info) 699e1051a39Sopenharmony_ci{ 700e1051a39Sopenharmony_ci if (info->type == OSSL_STORE_INFO_PUBKEY) 701e1051a39Sopenharmony_ci return info->_.pubkey; 702e1051a39Sopenharmony_ci return NULL; 703e1051a39Sopenharmony_ci} 704e1051a39Sopenharmony_ci 705e1051a39Sopenharmony_ciEVP_PKEY *OSSL_STORE_INFO_get1_PUBKEY(const OSSL_STORE_INFO *info) 706e1051a39Sopenharmony_ci{ 707e1051a39Sopenharmony_ci if (info->type == OSSL_STORE_INFO_PUBKEY) { 708e1051a39Sopenharmony_ci EVP_PKEY_up_ref(info->_.pubkey); 709e1051a39Sopenharmony_ci return info->_.pubkey; 710e1051a39Sopenharmony_ci } 711e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_OSSL_STORE, OSSL_STORE_R_NOT_A_PUBLIC_KEY); 712e1051a39Sopenharmony_ci return NULL; 713e1051a39Sopenharmony_ci} 714e1051a39Sopenharmony_ci 715e1051a39Sopenharmony_ciEVP_PKEY *OSSL_STORE_INFO_get0_PKEY(const OSSL_STORE_INFO *info) 716e1051a39Sopenharmony_ci{ 717e1051a39Sopenharmony_ci if (info->type == OSSL_STORE_INFO_PKEY) 718e1051a39Sopenharmony_ci return info->_.pkey; 719e1051a39Sopenharmony_ci return NULL; 720e1051a39Sopenharmony_ci} 721e1051a39Sopenharmony_ci 722e1051a39Sopenharmony_ciEVP_PKEY *OSSL_STORE_INFO_get1_PKEY(const OSSL_STORE_INFO *info) 723e1051a39Sopenharmony_ci{ 724e1051a39Sopenharmony_ci if (info->type == OSSL_STORE_INFO_PKEY) { 725e1051a39Sopenharmony_ci EVP_PKEY_up_ref(info->_.pkey); 726e1051a39Sopenharmony_ci return info->_.pkey; 727e1051a39Sopenharmony_ci } 728e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_OSSL_STORE, OSSL_STORE_R_NOT_A_PRIVATE_KEY); 729e1051a39Sopenharmony_ci return NULL; 730e1051a39Sopenharmony_ci} 731e1051a39Sopenharmony_ci 732e1051a39Sopenharmony_ciX509 *OSSL_STORE_INFO_get0_CERT(const OSSL_STORE_INFO *info) 733e1051a39Sopenharmony_ci{ 734e1051a39Sopenharmony_ci if (info->type == OSSL_STORE_INFO_CERT) 735e1051a39Sopenharmony_ci return info->_.x509; 736e1051a39Sopenharmony_ci return NULL; 737e1051a39Sopenharmony_ci} 738e1051a39Sopenharmony_ci 739e1051a39Sopenharmony_ciX509 *OSSL_STORE_INFO_get1_CERT(const OSSL_STORE_INFO *info) 740e1051a39Sopenharmony_ci{ 741e1051a39Sopenharmony_ci if (info->type == OSSL_STORE_INFO_CERT) { 742e1051a39Sopenharmony_ci X509_up_ref(info->_.x509); 743e1051a39Sopenharmony_ci return info->_.x509; 744e1051a39Sopenharmony_ci } 745e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_OSSL_STORE, OSSL_STORE_R_NOT_A_CERTIFICATE); 746e1051a39Sopenharmony_ci return NULL; 747e1051a39Sopenharmony_ci} 748e1051a39Sopenharmony_ci 749e1051a39Sopenharmony_ciX509_CRL *OSSL_STORE_INFO_get0_CRL(const OSSL_STORE_INFO *info) 750e1051a39Sopenharmony_ci{ 751e1051a39Sopenharmony_ci if (info->type == OSSL_STORE_INFO_CRL) 752e1051a39Sopenharmony_ci return info->_.crl; 753e1051a39Sopenharmony_ci return NULL; 754e1051a39Sopenharmony_ci} 755e1051a39Sopenharmony_ci 756e1051a39Sopenharmony_ciX509_CRL *OSSL_STORE_INFO_get1_CRL(const OSSL_STORE_INFO *info) 757e1051a39Sopenharmony_ci{ 758e1051a39Sopenharmony_ci if (info->type == OSSL_STORE_INFO_CRL) { 759e1051a39Sopenharmony_ci X509_CRL_up_ref(info->_.crl); 760e1051a39Sopenharmony_ci return info->_.crl; 761e1051a39Sopenharmony_ci } 762e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_OSSL_STORE, OSSL_STORE_R_NOT_A_CRL); 763e1051a39Sopenharmony_ci return NULL; 764e1051a39Sopenharmony_ci} 765e1051a39Sopenharmony_ci 766e1051a39Sopenharmony_ci/* 767e1051a39Sopenharmony_ci * Free the OSSL_STORE_INFO 768e1051a39Sopenharmony_ci */ 769e1051a39Sopenharmony_civoid OSSL_STORE_INFO_free(OSSL_STORE_INFO *info) 770e1051a39Sopenharmony_ci{ 771e1051a39Sopenharmony_ci if (info != NULL) { 772e1051a39Sopenharmony_ci switch (info->type) { 773e1051a39Sopenharmony_ci case OSSL_STORE_INFO_NAME: 774e1051a39Sopenharmony_ci OPENSSL_free(info->_.name.name); 775e1051a39Sopenharmony_ci OPENSSL_free(info->_.name.desc); 776e1051a39Sopenharmony_ci break; 777e1051a39Sopenharmony_ci case OSSL_STORE_INFO_PARAMS: 778e1051a39Sopenharmony_ci EVP_PKEY_free(info->_.params); 779e1051a39Sopenharmony_ci break; 780e1051a39Sopenharmony_ci case OSSL_STORE_INFO_PUBKEY: 781e1051a39Sopenharmony_ci EVP_PKEY_free(info->_.pubkey); 782e1051a39Sopenharmony_ci break; 783e1051a39Sopenharmony_ci case OSSL_STORE_INFO_PKEY: 784e1051a39Sopenharmony_ci EVP_PKEY_free(info->_.pkey); 785e1051a39Sopenharmony_ci break; 786e1051a39Sopenharmony_ci case OSSL_STORE_INFO_CERT: 787e1051a39Sopenharmony_ci X509_free(info->_.x509); 788e1051a39Sopenharmony_ci break; 789e1051a39Sopenharmony_ci case OSSL_STORE_INFO_CRL: 790e1051a39Sopenharmony_ci X509_CRL_free(info->_.crl); 791e1051a39Sopenharmony_ci break; 792e1051a39Sopenharmony_ci } 793e1051a39Sopenharmony_ci OPENSSL_free(info); 794e1051a39Sopenharmony_ci } 795e1051a39Sopenharmony_ci} 796e1051a39Sopenharmony_ci 797e1051a39Sopenharmony_ciint OSSL_STORE_supports_search(OSSL_STORE_CTX *ctx, int search_type) 798e1051a39Sopenharmony_ci{ 799e1051a39Sopenharmony_ci int ret = 0; 800e1051a39Sopenharmony_ci 801e1051a39Sopenharmony_ci if (ctx->fetched_loader != NULL) { 802e1051a39Sopenharmony_ci void *provctx = 803e1051a39Sopenharmony_ci ossl_provider_ctx(OSSL_STORE_LOADER_get0_provider(ctx->fetched_loader)); 804e1051a39Sopenharmony_ci const OSSL_PARAM *params; 805e1051a39Sopenharmony_ci const OSSL_PARAM *p_subject = NULL; 806e1051a39Sopenharmony_ci const OSSL_PARAM *p_issuer = NULL; 807e1051a39Sopenharmony_ci const OSSL_PARAM *p_serial = NULL; 808e1051a39Sopenharmony_ci const OSSL_PARAM *p_fingerprint = NULL; 809e1051a39Sopenharmony_ci const OSSL_PARAM *p_alias = NULL; 810e1051a39Sopenharmony_ci 811e1051a39Sopenharmony_ci if (ctx->fetched_loader->p_settable_ctx_params == NULL) 812e1051a39Sopenharmony_ci return 0; 813e1051a39Sopenharmony_ci 814e1051a39Sopenharmony_ci params = ctx->fetched_loader->p_settable_ctx_params(provctx); 815e1051a39Sopenharmony_ci p_subject = OSSL_PARAM_locate_const(params, OSSL_STORE_PARAM_SUBJECT); 816e1051a39Sopenharmony_ci p_issuer = OSSL_PARAM_locate_const(params, OSSL_STORE_PARAM_ISSUER); 817e1051a39Sopenharmony_ci p_serial = OSSL_PARAM_locate_const(params, OSSL_STORE_PARAM_SERIAL); 818e1051a39Sopenharmony_ci p_fingerprint = 819e1051a39Sopenharmony_ci OSSL_PARAM_locate_const(params, OSSL_STORE_PARAM_FINGERPRINT); 820e1051a39Sopenharmony_ci p_alias = OSSL_PARAM_locate_const(params, OSSL_STORE_PARAM_ALIAS); 821e1051a39Sopenharmony_ci 822e1051a39Sopenharmony_ci switch (search_type) { 823e1051a39Sopenharmony_ci case OSSL_STORE_SEARCH_BY_NAME: 824e1051a39Sopenharmony_ci ret = (p_subject != NULL); 825e1051a39Sopenharmony_ci break; 826e1051a39Sopenharmony_ci case OSSL_STORE_SEARCH_BY_ISSUER_SERIAL: 827e1051a39Sopenharmony_ci ret = (p_issuer != NULL && p_serial != NULL); 828e1051a39Sopenharmony_ci break; 829e1051a39Sopenharmony_ci case OSSL_STORE_SEARCH_BY_KEY_FINGERPRINT: 830e1051a39Sopenharmony_ci ret = (p_fingerprint != NULL); 831e1051a39Sopenharmony_ci break; 832e1051a39Sopenharmony_ci case OSSL_STORE_SEARCH_BY_ALIAS: 833e1051a39Sopenharmony_ci ret = (p_alias != NULL); 834e1051a39Sopenharmony_ci break; 835e1051a39Sopenharmony_ci } 836e1051a39Sopenharmony_ci } 837e1051a39Sopenharmony_ci#ifndef OPENSSL_NO_DEPRECATED_3_0 838e1051a39Sopenharmony_ci if (ctx->fetched_loader == NULL) { 839e1051a39Sopenharmony_ci OSSL_STORE_SEARCH tmp_search; 840e1051a39Sopenharmony_ci 841e1051a39Sopenharmony_ci if (ctx->loader->find == NULL) 842e1051a39Sopenharmony_ci return 0; 843e1051a39Sopenharmony_ci tmp_search.search_type = search_type; 844e1051a39Sopenharmony_ci ret = ctx->loader->find(NULL, &tmp_search); 845e1051a39Sopenharmony_ci } 846e1051a39Sopenharmony_ci#endif 847e1051a39Sopenharmony_ci return ret; 848e1051a39Sopenharmony_ci} 849e1051a39Sopenharmony_ci 850e1051a39Sopenharmony_ci/* Search term constructors */ 851e1051a39Sopenharmony_ciOSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_name(X509_NAME *name) 852e1051a39Sopenharmony_ci{ 853e1051a39Sopenharmony_ci OSSL_STORE_SEARCH *search = OPENSSL_zalloc(sizeof(*search)); 854e1051a39Sopenharmony_ci 855e1051a39Sopenharmony_ci if (search == NULL) { 856e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_MALLOC_FAILURE); 857e1051a39Sopenharmony_ci return NULL; 858e1051a39Sopenharmony_ci } 859e1051a39Sopenharmony_ci 860e1051a39Sopenharmony_ci search->search_type = OSSL_STORE_SEARCH_BY_NAME; 861e1051a39Sopenharmony_ci search->name = name; 862e1051a39Sopenharmony_ci return search; 863e1051a39Sopenharmony_ci} 864e1051a39Sopenharmony_ci 865e1051a39Sopenharmony_ciOSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_issuer_serial(X509_NAME *name, 866e1051a39Sopenharmony_ci const ASN1_INTEGER *serial) 867e1051a39Sopenharmony_ci{ 868e1051a39Sopenharmony_ci OSSL_STORE_SEARCH *search = OPENSSL_zalloc(sizeof(*search)); 869e1051a39Sopenharmony_ci 870e1051a39Sopenharmony_ci if (search == NULL) { 871e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_MALLOC_FAILURE); 872e1051a39Sopenharmony_ci return NULL; 873e1051a39Sopenharmony_ci } 874e1051a39Sopenharmony_ci 875e1051a39Sopenharmony_ci search->search_type = OSSL_STORE_SEARCH_BY_ISSUER_SERIAL; 876e1051a39Sopenharmony_ci search->name = name; 877e1051a39Sopenharmony_ci search->serial = serial; 878e1051a39Sopenharmony_ci return search; 879e1051a39Sopenharmony_ci} 880e1051a39Sopenharmony_ci 881e1051a39Sopenharmony_ciOSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_key_fingerprint(const EVP_MD *digest, 882e1051a39Sopenharmony_ci const unsigned char 883e1051a39Sopenharmony_ci *bytes, size_t len) 884e1051a39Sopenharmony_ci{ 885e1051a39Sopenharmony_ci OSSL_STORE_SEARCH *search = OPENSSL_zalloc(sizeof(*search)); 886e1051a39Sopenharmony_ci 887e1051a39Sopenharmony_ci if (search == NULL) { 888e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_MALLOC_FAILURE); 889e1051a39Sopenharmony_ci return NULL; 890e1051a39Sopenharmony_ci } 891e1051a39Sopenharmony_ci 892e1051a39Sopenharmony_ci if (digest != NULL && len != (size_t)EVP_MD_get_size(digest)) { 893e1051a39Sopenharmony_ci ERR_raise_data(ERR_LIB_OSSL_STORE, 894e1051a39Sopenharmony_ci OSSL_STORE_R_FINGERPRINT_SIZE_DOES_NOT_MATCH_DIGEST, 895e1051a39Sopenharmony_ci "%s size is %d, fingerprint size is %zu", 896e1051a39Sopenharmony_ci EVP_MD_get0_name(digest), EVP_MD_get_size(digest), len); 897e1051a39Sopenharmony_ci OPENSSL_free(search); 898e1051a39Sopenharmony_ci return NULL; 899e1051a39Sopenharmony_ci } 900e1051a39Sopenharmony_ci 901e1051a39Sopenharmony_ci search->search_type = OSSL_STORE_SEARCH_BY_KEY_FINGERPRINT; 902e1051a39Sopenharmony_ci search->digest = digest; 903e1051a39Sopenharmony_ci search->string = bytes; 904e1051a39Sopenharmony_ci search->stringlength = len; 905e1051a39Sopenharmony_ci return search; 906e1051a39Sopenharmony_ci} 907e1051a39Sopenharmony_ci 908e1051a39Sopenharmony_ciOSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_alias(const char *alias) 909e1051a39Sopenharmony_ci{ 910e1051a39Sopenharmony_ci OSSL_STORE_SEARCH *search = OPENSSL_zalloc(sizeof(*search)); 911e1051a39Sopenharmony_ci 912e1051a39Sopenharmony_ci if (search == NULL) { 913e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_MALLOC_FAILURE); 914e1051a39Sopenharmony_ci return NULL; 915e1051a39Sopenharmony_ci } 916e1051a39Sopenharmony_ci 917e1051a39Sopenharmony_ci search->search_type = OSSL_STORE_SEARCH_BY_ALIAS; 918e1051a39Sopenharmony_ci search->string = (const unsigned char *)alias; 919e1051a39Sopenharmony_ci search->stringlength = strlen(alias); 920e1051a39Sopenharmony_ci return search; 921e1051a39Sopenharmony_ci} 922e1051a39Sopenharmony_ci 923e1051a39Sopenharmony_ci/* Search term destructor */ 924e1051a39Sopenharmony_civoid OSSL_STORE_SEARCH_free(OSSL_STORE_SEARCH *search) 925e1051a39Sopenharmony_ci{ 926e1051a39Sopenharmony_ci OPENSSL_free(search); 927e1051a39Sopenharmony_ci} 928e1051a39Sopenharmony_ci 929e1051a39Sopenharmony_ci/* Search term accessors */ 930e1051a39Sopenharmony_ciint OSSL_STORE_SEARCH_get_type(const OSSL_STORE_SEARCH *criterion) 931e1051a39Sopenharmony_ci{ 932e1051a39Sopenharmony_ci return criterion->search_type; 933e1051a39Sopenharmony_ci} 934e1051a39Sopenharmony_ci 935e1051a39Sopenharmony_ciX509_NAME *OSSL_STORE_SEARCH_get0_name(const OSSL_STORE_SEARCH *criterion) 936e1051a39Sopenharmony_ci{ 937e1051a39Sopenharmony_ci return criterion->name; 938e1051a39Sopenharmony_ci} 939e1051a39Sopenharmony_ci 940e1051a39Sopenharmony_ciconst ASN1_INTEGER *OSSL_STORE_SEARCH_get0_serial(const OSSL_STORE_SEARCH 941e1051a39Sopenharmony_ci *criterion) 942e1051a39Sopenharmony_ci{ 943e1051a39Sopenharmony_ci return criterion->serial; 944e1051a39Sopenharmony_ci} 945e1051a39Sopenharmony_ci 946e1051a39Sopenharmony_ciconst unsigned char *OSSL_STORE_SEARCH_get0_bytes(const OSSL_STORE_SEARCH 947e1051a39Sopenharmony_ci *criterion, size_t *length) 948e1051a39Sopenharmony_ci{ 949e1051a39Sopenharmony_ci *length = criterion->stringlength; 950e1051a39Sopenharmony_ci return criterion->string; 951e1051a39Sopenharmony_ci} 952e1051a39Sopenharmony_ci 953e1051a39Sopenharmony_ciconst char *OSSL_STORE_SEARCH_get0_string(const OSSL_STORE_SEARCH *criterion) 954e1051a39Sopenharmony_ci{ 955e1051a39Sopenharmony_ci return (const char *)criterion->string; 956e1051a39Sopenharmony_ci} 957e1051a39Sopenharmony_ci 958e1051a39Sopenharmony_ciconst EVP_MD *OSSL_STORE_SEARCH_get0_digest(const OSSL_STORE_SEARCH *criterion) 959e1051a39Sopenharmony_ci{ 960e1051a39Sopenharmony_ci return criterion->digest; 961e1051a39Sopenharmony_ci} 962e1051a39Sopenharmony_ci 963e1051a39Sopenharmony_ciOSSL_STORE_CTX *OSSL_STORE_attach(BIO *bp, const char *scheme, 964e1051a39Sopenharmony_ci OSSL_LIB_CTX *libctx, const char *propq, 965e1051a39Sopenharmony_ci const UI_METHOD *ui_method, void *ui_data, 966e1051a39Sopenharmony_ci const OSSL_PARAM params[], 967e1051a39Sopenharmony_ci OSSL_STORE_post_process_info_fn post_process, 968e1051a39Sopenharmony_ci void *post_process_data) 969e1051a39Sopenharmony_ci{ 970e1051a39Sopenharmony_ci const OSSL_STORE_LOADER *loader = NULL; 971e1051a39Sopenharmony_ci OSSL_STORE_LOADER *fetched_loader = NULL; 972e1051a39Sopenharmony_ci OSSL_STORE_LOADER_CTX *loader_ctx = NULL; 973e1051a39Sopenharmony_ci OSSL_STORE_CTX *ctx = NULL; 974e1051a39Sopenharmony_ci 975e1051a39Sopenharmony_ci if (scheme == NULL) 976e1051a39Sopenharmony_ci scheme = "file"; 977e1051a39Sopenharmony_ci 978e1051a39Sopenharmony_ci OSSL_TRACE1(STORE, "Looking up scheme %s\n", scheme); 979e1051a39Sopenharmony_ci ERR_set_mark(); 980e1051a39Sopenharmony_ci#ifndef OPENSSL_NO_DEPRECATED_3_0 981e1051a39Sopenharmony_ci if ((loader = ossl_store_get0_loader_int(scheme)) != NULL) 982e1051a39Sopenharmony_ci loader_ctx = loader->attach(loader, bp, libctx, propq, 983e1051a39Sopenharmony_ci ui_method, ui_data); 984e1051a39Sopenharmony_ci#endif 985e1051a39Sopenharmony_ci if (loader == NULL 986e1051a39Sopenharmony_ci && (fetched_loader = 987e1051a39Sopenharmony_ci OSSL_STORE_LOADER_fetch(libctx, scheme, propq)) != NULL) { 988e1051a39Sopenharmony_ci const OSSL_PROVIDER *provider = 989e1051a39Sopenharmony_ci OSSL_STORE_LOADER_get0_provider(fetched_loader); 990e1051a39Sopenharmony_ci void *provctx = OSSL_PROVIDER_get0_provider_ctx(provider); 991e1051a39Sopenharmony_ci OSSL_CORE_BIO *cbio = ossl_core_bio_new_from_bio(bp); 992e1051a39Sopenharmony_ci 993e1051a39Sopenharmony_ci if (cbio == NULL 994e1051a39Sopenharmony_ci || (loader_ctx = fetched_loader->p_attach(provctx, cbio)) == NULL) { 995e1051a39Sopenharmony_ci OSSL_STORE_LOADER_free(fetched_loader); 996e1051a39Sopenharmony_ci fetched_loader = NULL; 997e1051a39Sopenharmony_ci } else if (!loader_set_params(fetched_loader, loader_ctx, 998e1051a39Sopenharmony_ci params, propq)) { 999e1051a39Sopenharmony_ci (void)fetched_loader->p_close(loader_ctx); 1000e1051a39Sopenharmony_ci OSSL_STORE_LOADER_free(fetched_loader); 1001e1051a39Sopenharmony_ci fetched_loader = NULL; 1002e1051a39Sopenharmony_ci } 1003e1051a39Sopenharmony_ci loader = fetched_loader; 1004e1051a39Sopenharmony_ci ossl_core_bio_free(cbio); 1005e1051a39Sopenharmony_ci } 1006e1051a39Sopenharmony_ci 1007e1051a39Sopenharmony_ci if (loader_ctx == NULL) { 1008e1051a39Sopenharmony_ci ERR_clear_last_mark(); 1009e1051a39Sopenharmony_ci return NULL; 1010e1051a39Sopenharmony_ci } 1011e1051a39Sopenharmony_ci 1012e1051a39Sopenharmony_ci if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) == NULL) { 1013e1051a39Sopenharmony_ci ERR_clear_last_mark(); 1014e1051a39Sopenharmony_ci ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_MALLOC_FAILURE); 1015e1051a39Sopenharmony_ci return NULL; 1016e1051a39Sopenharmony_ci } 1017e1051a39Sopenharmony_ci 1018e1051a39Sopenharmony_ci if (ui_method != NULL 1019e1051a39Sopenharmony_ci && !ossl_pw_set_ui_method(&ctx->pwdata, ui_method, ui_data)) { 1020e1051a39Sopenharmony_ci ERR_clear_last_mark(); 1021e1051a39Sopenharmony_ci OPENSSL_free(ctx); 1022e1051a39Sopenharmony_ci return NULL; 1023e1051a39Sopenharmony_ci } 1024e1051a39Sopenharmony_ci 1025e1051a39Sopenharmony_ci ctx->fetched_loader = fetched_loader; 1026e1051a39Sopenharmony_ci ctx->loader = loader; 1027e1051a39Sopenharmony_ci ctx->loader_ctx = loader_ctx; 1028e1051a39Sopenharmony_ci ctx->post_process = post_process; 1029e1051a39Sopenharmony_ci ctx->post_process_data = post_process_data; 1030e1051a39Sopenharmony_ci 1031e1051a39Sopenharmony_ci /* 1032e1051a39Sopenharmony_ci * ossl_store_get0_loader_int will raise an error if the loader for the 1033e1051a39Sopenharmony_ci * the scheme cannot be retrieved. But if a loader was successfully 1034e1051a39Sopenharmony_ci * fetched then we remove this error from the error stack. 1035e1051a39Sopenharmony_ci */ 1036e1051a39Sopenharmony_ci ERR_pop_to_mark(); 1037e1051a39Sopenharmony_ci 1038e1051a39Sopenharmony_ci return ctx; 1039e1051a39Sopenharmony_ci} 1040