root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity

Add APIs for custom X509_LOOKUP_METHOD creation 

OpenSSL 1.1.0 made the X509_LOOKUP_METHOD structure opaque, so
applications that were previously able to define a custom lookup method
are not able to be ported.

This commit adds getters and setters for each of the current fields of
X509_LOOKUP_METHOD, along with getters and setters on several associated
opaque types (such as X509_LOOKUP and X509_OBJECT).

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6152)
This commit is contained in:
Mingtao Yang 2018-02-09 10:23:18 -08:00 committed by Richard Levitte
parent f3a246c63e
commit 0124f32a01
13 changed files with 514 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
crypto/err/openssl.txt
View File

@ -1685,6 +1685,7 @@ X509_F_X509_GET_PUBKEY_PARAMETERS:110:X509_get_pubkey_parameters
X509_F_X509_LOAD_CERT_CRL_FILE:132:X509_load_cert_crl_file X509_F_X509_LOAD_CERT_CRL_FILE:132:X509_load_cert_crl_file
X509_F_X509_LOAD_CERT_FILE:111:X509_load_cert_file X509_F_X509_LOAD_CERT_FILE:111:X509_load_cert_file
X509_F_X509_LOAD_CRL_FILE:112:X509_load_crl_file X509_F_X509_LOAD_CRL_FILE:112:X509_load_crl_file
X509_F_X509_LOOKUP_METH_NEW:160:X509_LOOKUP_meth_new
X509_F_X509_LOOKUP_NEW:155:X509_LOOKUP_new X509_F_X509_LOOKUP_NEW:155:X509_LOOKUP_new
X509_F_X509_NAME_ADD_ENTRY:113:X509_NAME_add_entry X509_F_X509_NAME_ADD_ENTRY:113:X509_NAME_add_entry
X509_F_X509_NAME_CANON:156:x509_name_canon X509_F_X509_NAME_CANON:156:x509_name_canon

2
crypto/x509/build.info
View File

@ -4,7 +4,7 @@ SOURCE[../../libcrypto]=\
x509_obj.c x509_req.c x509spki.c x509_vfy.c \ x509_obj.c x509_req.c x509spki.c x509_vfy.c \
x509_set.c x509cset.c x509rset.c x509_err.c \ x509_set.c x509cset.c x509rset.c x509_err.c \
x509name.c x509_v3.c x509_ext.c x509_att.c \ x509name.c x509_v3.c x509_ext.c x509_att.c \
x509type.c x509_lu.c x_all.c x509_txt.c \ x509type.c x509_meth.c x509_lu.c x_all.c x509_txt.c \
x509_trs.c by_file.c by_dir.c x509_vpm.c \ x509_trs.c by_file.c by_dir.c x509_vpm.c \
x_crl.c t_crl.c x_req.c t_req.c x_x509.c t_x509.c \ x_crl.c t_crl.c x_req.c t_req.c x_x509.c t_x509.c \
x_pubkey.c x_x509a.c x_attrib.c x_exten.c x_name.c x_pubkey.c x_x509a.c x_attrib.c x_exten.c x_name.c

2
crypto/x509/by_dir.c
View File

@ -110,7 +110,7 @@ static int new_dir(X509_LOOKUP *lu)
X509err(X509_F_NEW_DIR, ERR_R_MALLOC_FAILURE); X509err(X509_F_NEW_DIR, ERR_R_MALLOC_FAILURE);
goto err; goto err;
} }
lu->method_data = (char *)a; lu->method_data = a;
return 1; return 1;
err: err:

2
crypto/x509/x509_err.c
View File

@ -61,6 +61,8 @@ static const ERR_STRING_DATA X509_str_functs[] = {
"X509_load_cert_file"}, "X509_load_cert_file"},
{ERR_PACK(ERR_LIB_X509, X509_F_X509_LOAD_CRL_FILE, 0), {ERR_PACK(ERR_LIB_X509, X509_F_X509_LOAD_CRL_FILE, 0),
"X509_load_crl_file"}, "X509_load_crl_file"},
{ERR_PACK(ERR_LIB_X509, X509_F_X509_LOOKUP_METH_NEW, 0),
"X509_LOOKUP_meth_new"},
{ERR_PACK(ERR_LIB_X509, X509_F_X509_LOOKUP_NEW, 0), "X509_LOOKUP_new"}, {ERR_PACK(ERR_LIB_X509, X509_F_X509_LOOKUP_NEW, 0), "X509_LOOKUP_new"},
{ERR_PACK(ERR_LIB_X509, X509_F_X509_NAME_ADD_ENTRY, 0), {ERR_PACK(ERR_LIB_X509, X509_F_X509_NAME_ADD_ENTRY, 0),
"X509_NAME_add_entry"}, "X509_NAME_add_entry"},

4
crypto/x509/x509_lcl.h
View File

@ -69,7 +69,7 @@ struct x509_crl_method_st {
}; };
struct x509_lookup_method_st { struct x509_lookup_method_st {
const char *name; char *name;
int (*new_item) (X509_LOOKUP *ctx); int (*new_item) (X509_LOOKUP *ctx);
void (*free) (X509_LOOKUP *ctx); void (*free) (X509_LOOKUP *ctx);
int (*init) (X509_LOOKUP *ctx); int (*init) (X509_LOOKUP *ctx);
@ -93,7 +93,7 @@ struct x509_lookup_st {
int init; /* have we been started */ int init; /* have we been started */
int skip; /* don't use us. */ int skip; /* don't use us. */
X509_LOOKUP_METHOD *method; /* the functions */ X509_LOOKUP_METHOD *method; /* the functions */
char *method_data; /* method data */ void *method_data; /* method data */
X509_STORE *store_ctx; /* who owns us */ X509_STORE *store_ctx; /* who owns us */
}; };

47
crypto/x509/x509_lu.c
View File

@ -118,6 +118,23 @@ int X509_LOOKUP_by_alias(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type,
return ctx->method->get_by_alias(ctx, type, str, len, ret); return ctx->method->get_by_alias(ctx, type, str, len, ret);
} }
int X509_LOOKUP_set_method_data(X509_LOOKUP *ctx, void *data)
{
ctx->method_data = data;
return 1;
}
void *X509_LOOKUP_get_method_data(const X509_LOOKUP *ctx)
{
return ctx->method_data;
}
X509_STORE *X509_LOOKUP_get_store(const X509_LOOKUP *ctx)
{
return ctx->store_ctx;
}
static int x509_object_cmp(const X509_OBJECT *const *a, static int x509_object_cmp(const X509_OBJECT *const *a,
const X509_OBJECT *const *b) const X509_OBJECT *const *b)
{ {
@ -403,8 +420,7 @@ X509_OBJECT *X509_OBJECT_new(void)
return ret; return ret;
} }
static void x509_object_free_internal(X509_OBJECT *a)
void X509_OBJECT_free(X509_OBJECT *a)
{ {
if (a == NULL) if (a == NULL)
return; return;
@ -418,6 +434,33 @@ void X509_OBJECT_free(X509_OBJECT *a)
X509_CRL_free(a->data.crl); X509_CRL_free(a->data.crl);
break; break;
} }
}
int X509_OBJECT_set1_X509(X509_OBJECT *a, X509 *obj)
{
if (a == NULL || !X509_up_ref(obj))
return 0;
x509_object_free_internal(a);
a->type = X509_LU_X509;
a->data.x509 = obj;
return 1;
}
int X509_OBJECT_set1_X509_CRL(X509_OBJECT *a, X509_CRL *obj)
{
if (a == NULL || !X509_CRL_up_ref(obj))
return 0;
x509_object_free_internal(a);
a->type = X509_LU_CRL;
a->data.crl = obj;
return 1;
}
void X509_OBJECT_free(X509_OBJECT *a)
{
x509_object_free_internal(a);
OPENSSL_free(a); OPENSSL_free(a);
} }

166
crypto/x509/x509_meth.c Normal file
View File

@ -0,0 +1,166 @@
/*
* Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
*
* Licensed under the OpenSSL license (the "License"). You may not use
* this file except in compliance with the License. You can obtain a copy
* in the file LICENSE in the source distribution or at
* https://www.openssl.org/source/license.html
*/
#include <stdio.h>
#include <time.h>
#include <errno.h>
#include "internal/cryptlib.h"
#include <openssl/asn1.h>
#include <openssl/x509.h>
#include <openssl/ossl_typ.h>
#include "x509_lcl.h"
X509_LOOKUP_METHOD *X509_LOOKUP_meth_new(const char *name)
{
X509_LOOKUP_METHOD *method = OPENSSL_zalloc(sizeof(X509_LOOKUP_METHOD));
if (method != NULL) {
method->name = OPENSSL_strdup(name);
if (method->name == NULL) {
X509err(X509_F_X509_LOOKUP_METH_NEW, ERR_R_MALLOC_FAILURE);
goto err;
}
}
return method;
err:
OPENSSL_free(method);
return NULL;
}
void X509_LOOKUP_meth_free(X509_LOOKUP_METHOD *method)
{
if (method != NULL)
OPENSSL_free(method->name);
OPENSSL_free(method);
}
int X509_LOOKUP_meth_set_new_item(X509_LOOKUP_METHOD *method,
int (*new_item) (X509_LOOKUP *ctx))
{
method->new_item = new_item;
return 1;
}
int (*X509_LOOKUP_meth_get_new_item(const X509_LOOKUP_METHOD* method))
(X509_LOOKUP *ctx)
{
return method->new_item;
}
int X509_LOOKUP_meth_set_free(
X509_LOOKUP_METHOD *method,
void (*free) (X509_LOOKUP *ctx))
{
method->free = free;
return 1;
}
void (*X509_LOOKUP_meth_get_free(const X509_LOOKUP_METHOD* method))
(X509_LOOKUP *ctx)
{
return method->free;
}
int X509_LOOKUP_meth_set_init(X509_LOOKUP_METHOD *method,
int (*init) (X509_LOOKUP *ctx))
{
method->init = init;
return 1;
}
int (*X509_LOOKUP_meth_get_init(const X509_LOOKUP_METHOD* method))
(X509_LOOKUP *ctx)
{
return method->init;
}
int X509_LOOKUP_meth_set_shutdown(
X509_LOOKUP_METHOD *method,
int (*shutdown) (X509_LOOKUP *ctx))
{
method->shutdown = shutdown;
return 1;
}
int (*X509_LOOKUP_meth_get_shutdown(const X509_LOOKUP_METHOD* method))
(X509_LOOKUP *ctx)
{
return method->shutdown;
}
int X509_LOOKUP_meth_set_ctrl(
X509_LOOKUP_METHOD *method,
X509_LOOKUP_ctrl_fn ctrl)
{
method->ctrl = ctrl;
return 1;
}
X509_LOOKUP_ctrl_fn X509_LOOKUP_meth_get_ctrl(const X509_LOOKUP_METHOD *method)
{
return method->ctrl;
}
int X509_LOOKUP_meth_set_get_by_subject(X509_LOOKUP_METHOD *method,
X509_LOOKUP_get_by_subject_fn get_by_subject)
{
method->get_by_subject = get_by_subject;
return 1;
}
X509_LOOKUP_get_by_subject_fn X509_LOOKUP_meth_get_get_by_subject(
const X509_LOOKUP_METHOD *method)
{
return method->get_by_subject;
}
int X509_LOOKUP_meth_set_get_by_issuer_serial(X509_LOOKUP_METHOD *method,
X509_LOOKUP_get_by_issuer_serial_fn get_by_issuer_serial)
{
method->get_by_issuer_serial = get_by_issuer_serial;
return 1;
}
X509_LOOKUP_get_by_issuer_serial_fn
X509_LOOKUP_meth_get_get_by_issuer_serial(const X509_LOOKUP_METHOD *method)
{
return method->get_by_issuer_serial;
}
int X509_LOOKUP_meth_set_get_by_fingerprint(X509_LOOKUP_METHOD *method,
X509_LOOKUP_get_by_fingerprint_fn get_by_fingerprint)
{
method->get_by_fingerprint = get_by_fingerprint;
return 1;
}
X509_LOOKUP_get_by_fingerprint_fn X509_LOOKUP_meth_get_get_by_fingerprint(
const X509_LOOKUP_METHOD *method)
{
return method->get_by_fingerprint;
}
int X509_LOOKUP_meth_set_get_by_alias(X509_LOOKUP_METHOD *method,
X509_LOOKUP_get_by_alias_fn get_by_alias)
{
method->get_by_alias = get_by_alias;
return 1;
}
X509_LOOKUP_get_by_alias_fn X509_LOOKUP_meth_get_get_by_alias(
const X509_LOOKUP_METHOD *method)
{
return method->get_by_alias;
}

1
doc/man3/X509_LOOKUP_hash_dir.pod
View File

@ -125,6 +125,7 @@ L<PEM_read_PrivateKey(3)>,
L<X509_STORE_load_locations(3)>, L<X509_STORE_load_locations(3)>,
L<X509_store_add_lookup(3)>, L<X509_store_add_lookup(3)>,
L<SSL_CTX_load_verify_locations(3)>, L<SSL_CTX_load_verify_locations(3)>,
L<X509_LOOKUP_meth_new(3)>,
=head1 COPYRIGHT =head1 COPYRIGHT

189
doc/man3/X509_LOOKUP_meth_new.pod Normal file
View File

@ -0,0 +1,189 @@
=pod
=head1 NAME
X509_LOOKUP_meth_new, X509_LOOKUP_meth_free, X509_LOOKUP_meth_set_new_item,
X509_LOOKUP_meth_get_new_item, X509_LOOKUP_meth_set_free,
X509_LOOKUP_meth_get_free, X509_LOOKUP_meth_set_init,
X509_LOOKUP_meth_get_init, X509_LOOKUP_meth_set_shutdown,
X509_LOOKUP_meth_get_shutdown,
X509_LOOKUP_ctrl_fn, X509_LOOKUP_meth_set_ctrl, X509_LOOKUP_meth_get_ctrl,
X509_LOOKUP_get_by_subject_fn, X509_LOOKUP_meth_set_get_by_subject,
X509_LOOKUP_meth_get_get_by_subject,
X509_LOOKUP_get_by_issuer_serial_fn, X509_LOOKUP_meth_set_get_by_issuer_serial,
X509_LOOKUP_meth_get_get_by_issuer_serial,
X509_LOOKUP_get_by_fingerprint_fn, X509_LOOKUP_meth_set_get_by_fingerprint,
X509_LOOKUP_meth_get_get_by_fingerprint,
X509_LOOKUP_get_by_alias_fn, X509_LOOKUP_meth_set_get_by_alias,
X509_LOOKUP_meth_get_get_by_alias,
X509_LOOKUP_set_method_data, X509_LOOKUP_get_method_data,
X509_LOOKUP_get_store, X509_OBJECT_set1_X509, X509_OBJECT_set1_X509_CRL
- Routines to build up X509_LOOKUP methods
=head1 SYNOPSIS
#include <openssl/x509_vfy.h>
X509_LOOKUP_METHOD *X509_LOOKUP_meth_new(const char *name);
void X509_LOOKUP_meth_free(X509_LOOKUP_METHOD *method);
int X509_LOOKUP_meth_set_new_item(X509_LOOKUP_METHOD *method,
int (*new_item) (X509_LOOKUP *ctx));
int (*X509_LOOKUP_meth_get_new_item(const X509_LOOKUP_METHOD* method))
(X509_LOOKUP *ctx);
int X509_LOOKUP_meth_set_free(X509_LOOKUP_METHOD *method,
void (*free) (X509_LOOKUP *ctx));
void (*X509_LOOKUP_meth_get_free(const X509_LOOKUP_METHOD* method))
(X509_LOOKUP *ctx);
int X509_LOOKUP_meth_set_init(X509_LOOKUP_METHOD *method,
int (*init) (X509_LOOKUP *ctx));
int (*X509_LOOKUP_meth_get_init(const X509_LOOKUP_METHOD* method))
(X509_LOOKUP *ctx);
int X509_LOOKUP_meth_set_shutdown(X509_LOOKUP_METHOD *method,
int (*shutdown) (X509_LOOKUP *ctx));
int (*X509_LOOKUP_meth_get_shutdown(const X509_LOOKUP_METHOD* method))
(X509_LOOKUP *ctx);
typedef int (*X509_LOOKUP_ctrl_fn)(X509_LOOKUP *ctx, int cmd, const char *argc,
long argl, char **ret);
int X509_LOOKUP_meth_set_ctrl(X509_LOOKUP_METHOD *method,
X509_LOOKUP_ctrl_fn ctrl_fn);
X509_LOOKUP_ctrl_fn X509_LOOKUP_meth_get_ctrl(const X509_LOOKUP_METHOD *method);
typedef int (*X509_LOOKUP_get_by_subject_fn)(X509_LOOKUP *ctx,
X509_LOOKUP_TYPE type,
X509_NAME *name,
X509_OBJECT *ret);
int X509_LOOKUP_meth_set_get_by_subject(X509_LOOKUP_METHOD *method,
X509_LOOKUP_get_by_subject_fn fn);
X509_LOOKUP_get_by_subject_fn X509_LOOKUP_meth_get_get_by_subject(
const X509_LOOKUP_METHOD *method);
typedef int (*X509_LOOKUP_get_by_issuer_serial_fn)(X509_LOOKUP *ctx,
X509_LOOKUP_TYPE type,
X509_NAME *name,
ASN1_INTEGER *serial,
X509_OBJECT *ret);
int X509_LOOKUP_meth_set_get_by_issuer_serial(
X509_LOOKUP_METHOD *method, X509_LOOKUP_get_by_issuer_serial_fn fn);
X509_LOOKUP_get_by_issuer_serial_fn X509_LOOKUP_meth_get_get_by_issuer_serial(
const X509_LOOKUP_METHOD *method);
typedef int (*X509_LOOKUP_get_by_fingerprint_fn)(X509_LOOKUP *ctx,
X509_LOOKUP_TYPE type,
const unsigned char* bytes,
int len,
X509_OBJECT *ret);
int X509_LOOKUP_meth_set_get_by_fingerprint(X509_LOOKUP_METHOD *method,
X509_LOOKUP_get_by_fingerprint_fn fn);
X509_LOOKUP_get_by_fingerprint_fn X509_LOOKUP_meth_get_get_by_fingerprint(
const X509_LOOKUP_METHOD *method);
typedef int (*X509_LOOKUP_get_by_alias_fn)(X509_LOOKUP *ctx,
X509_LOOKUP_TYPE type,
const char *str,
int len,
X509_OBJECT *ret);
int X509_LOOKUP_meth_set_get_by_alias(X509_LOOKUP_METHOD *method,
X509_LOOKUP_get_by_alias_fn fn);
X509_LOOKUP_get_by_alias_fn X509_LOOKUP_meth_get_get_by_alias(
const X509_LOOKUP_METHOD *method);
int X509_LOOKUP_set_method_data(X509_LOOKUP *ctx, void *data);
void *X509_LOOKUP_get_method_data(const X509_LOOKUP *ctx);
X509_STORE *X509_LOOKUP_get_store(const X509_LOOKUP *ctx);
int X509_OBJECT_set1_X509(X509_OBJECT *a, X509 *obj);
int X509_OBJECT_set1_X509_CRL(X509_OBJECT *a, X509_CRL *obj);
=head1 DESCRIPTION
The B<X509_LOOKUP_METHOD> type is a structure used for the implementation of new
X509_LOOKUP types. It provides a set of functions used by OpenSSL for the
implementation of various X509 and X509_CRL lookup capabilities. One instance
of an X509_LOOKUP_METHOD can be associated to many instantiations of an
B<X509_LOOKUP> structure.
X509_LOOKUP_meth_new() creates a new B<X509_LOOKUP_METHOD> structure. It should
be given a human-readable string containing a brief description of the lookup
method.
X509_LOOKUP_meth_free() destroys a B<X509_LOOKUP_METHOD> structure.
X509_LOOKUP_get_new_item() and X509_LOOKUP_set_new_item() get and set the
function that is called when an B<X509_LOOKUP> object is created with
X509_LOOKUP_new(). If an X509_LOOKUP_METHOD requires any per-X509_LOOKUP
specific data, the supplied new_item function should allocate this data and
invoke X509_LOOKUP_set_method_data().
X509_LOOKUP_get_free() and X509_LOOKUP_set_free() get and set the function
that is used to free any method data that was allocated and set from within
new_item function.
X509_LOOKUP_meth_get_init() and X509_LOOKUP_meth_set_init() get and set the
function that is used to initialize the method data that was set with
X509_LOOKUP_set_method_data() as part of the new_item routine.
X509_LOOKUP_meth_get_shutdown() and X509_LOOKUP_meth_set_shutdown() get and set
the function that is used to shut down the method data whose state was
previously initialized in the init function.
X509_LOOKUP_meth_get_ctrl() and X509_LOOKUP_meth_set_ctrl() get and set a
function to be used to handle arbitrary control commands issued by
X509_LOOKUP_ctrl(). The control function is given the X509_LOOKUP
B<ctx>, along with the arguments passed by X509_LOOKUP_ctrl. B<cmd> is
an arbitrary integer that defines some operation. B<argc> is a pointer
to an array of characters. B<argl> is an integer. B<ret>, if set,
points to a location where any return data should be written to. How
B<argc> and B<argl> are used depends entirely on the control function.
X509_LOOKUP_set_get_by_subject(), X509_LOOKUP_set_get_by_issuer_serial(),
X509_LOOKUP_set_get_by_fingerprint(), X509_LOOKUP_set_get_by_alias() set
the functions used to retrieve an X509 or X509_CRL object by the object's
subject, issuer, fingerprint, and alias respectively. These functions are given
the X509_LOOKUP context, the type of the X509_OBJECT being requested, parameters
related to the lookup, and an X509_OBJECT that will receive the requested
object.
Implementations should use either X509_OBJECT_set1_X509() or
X509_OBJECT_set1_X509_CRL() to set the result. Any method data that was
created as a result of the new_item function set by
X509_LOOKUP_meth_set_new_item() can be accessed with
X509_LOOKUP_get_method_data(). The B<X509_STORE> object that owns the
X509_LOOKUP may be accessed with X509_LOOKUP_get_store(). Successful lookups
should return 1, and unsuccessful lookups should return 0.
X509_LOOKUP_get_get_by_subject(), X509_LOOKUP_get_get_by_issuer_serial(),
X509_LOOKUP_get_get_by_fingerprint(), X509_LOOKUP_get_get_by_alias() retrieve
the function set by the corresponding setter.
=head1 RETURN VALUES
The B<X509_LOOKUP_meth_set> functions return 1 on success or 0 on error.
The B<X509_LOOKUP_meth_get> functions return the corresponding function
pointers.
=head1 SEE ALSO
L<X509_STORE_new(3)>, L<SSL_CTX_set_cert_store(3)>
=head1 HISTORY
The functions described here were added in OpenSSL 1.1.0i.
=head1 COPYRIGHT
Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.
=cut

75
include/openssl/x509_vfy.h
View File

@ -261,7 +261,9 @@ X509_OBJECT *X509_OBJECT_new(void);
void X509_OBJECT_free(X509_OBJECT *a); void X509_OBJECT_free(X509_OBJECT *a);
X509_LOOKUP_TYPE X509_OBJECT_get_type(const X509_OBJECT *a); X509_LOOKUP_TYPE X509_OBJECT_get_type(const X509_OBJECT *a);
X509 *X509_OBJECT_get0_X509(const X509_OBJECT *a); X509 *X509_OBJECT_get0_X509(const X509_OBJECT *a);
int X509_OBJECT_set1_X509(X509_OBJECT *a, X509 *obj);
X509_CRL *X509_OBJECT_get0_X509_CRL(X509_OBJECT *a); X509_CRL *X509_OBJECT_get0_X509_CRL(X509_OBJECT *a);
int X509_OBJECT_set1_X509_CRL(X509_OBJECT *a, X509_CRL *obj);
X509_STORE *X509_STORE_new(void); X509_STORE *X509_STORE_new(void);
void X509_STORE_free(X509_STORE *v); void X509_STORE_free(X509_STORE *v);
int X509_STORE_lock(X509_STORE *ctx); int X509_STORE_lock(X509_STORE *ctx);
@ -368,6 +370,76 @@ X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m);
X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir(void); X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir(void);
X509_LOOKUP_METHOD *X509_LOOKUP_file(void); X509_LOOKUP_METHOD *X509_LOOKUP_file(void);
typedef int (*X509_LOOKUP_ctrl_fn)(X509_LOOKUP *ctx, int cmd, const char *argc,
long argl, char **ret);
typedef int (*X509_LOOKUP_get_by_subject_fn)(X509_LOOKUP *ctx,
X509_LOOKUP_TYPE type,
X509_NAME *name,
X509_OBJECT *ret);
typedef int (*X509_LOOKUP_get_by_issuer_serial_fn)(X509_LOOKUP *ctx,
X509_LOOKUP_TYPE type,
X509_NAME *name,
ASN1_INTEGER *serial,
X509_OBJECT *ret);
typedef int (*X509_LOOKUP_get_by_fingerprint_fn)(X509_LOOKUP *ctx,
X509_LOOKUP_TYPE type,
const unsigned char* bytes,
int len,
X509_OBJECT *ret);
typedef int (*X509_LOOKUP_get_by_alias_fn)(X509_LOOKUP *ctx,
X509_LOOKUP_TYPE type,
const char *str,
int len,
X509_OBJECT *ret);
X509_LOOKUP_METHOD *X509_LOOKUP_meth_new(const char *name);
void X509_LOOKUP_meth_free(X509_LOOKUP_METHOD *method);
int X509_LOOKUP_meth_set_new_item(X509_LOOKUP_METHOD *method,
int (*new_item) (X509_LOOKUP *ctx));
int (*X509_LOOKUP_meth_get_new_item(const X509_LOOKUP_METHOD* method))
(X509_LOOKUP *ctx);
int X509_LOOKUP_meth_set_free(X509_LOOKUP_METHOD *method,
void (*free) (X509_LOOKUP *ctx));
void (*X509_LOOKUP_meth_get_free(const X509_LOOKUP_METHOD* method))
(X509_LOOKUP *ctx);
int X509_LOOKUP_meth_set_init(X509_LOOKUP_METHOD *method,
int (*init) (X509_LOOKUP *ctx));
int (*X509_LOOKUP_meth_get_init(const X509_LOOKUP_METHOD* method))
(X509_LOOKUP *ctx);
int X509_LOOKUP_meth_set_shutdown(X509_LOOKUP_METHOD *method,
int (*shutdown) (X509_LOOKUP *ctx));
int (*X509_LOOKUP_meth_get_shutdown(const X509_LOOKUP_METHOD* method))
(X509_LOOKUP *ctx);
int X509_LOOKUP_meth_set_ctrl(X509_LOOKUP_METHOD *method,
X509_LOOKUP_ctrl_fn ctrl_fn);
X509_LOOKUP_ctrl_fn X509_LOOKUP_meth_get_ctrl(const X509_LOOKUP_METHOD *method);
int X509_LOOKUP_meth_set_get_by_subject(X509_LOOKUP_METHOD *method,
X509_LOOKUP_get_by_subject_fn fn);
X509_LOOKUP_get_by_subject_fn X509_LOOKUP_meth_get_get_by_subject(
const X509_LOOKUP_METHOD *method);
int X509_LOOKUP_meth_set_get_by_issuer_serial(X509_LOOKUP_METHOD *method,
X509_LOOKUP_get_by_issuer_serial_fn fn);
X509_LOOKUP_get_by_issuer_serial_fn X509_LOOKUP_meth_get_get_by_issuer_serial(
const X509_LOOKUP_METHOD *method);
int X509_LOOKUP_meth_set_get_by_fingerprint(X509_LOOKUP_METHOD *method,
X509_LOOKUP_get_by_fingerprint_fn fn);
X509_LOOKUP_get_by_fingerprint_fn X509_LOOKUP_meth_get_get_by_fingerprint(
const X509_LOOKUP_METHOD *method);
int X509_LOOKUP_meth_set_get_by_alias(X509_LOOKUP_METHOD *method,
X509_LOOKUP_get_by_alias_fn fn);
X509_LOOKUP_get_by_alias_fn X509_LOOKUP_meth_get_get_by_alias(
const X509_LOOKUP_METHOD *method);
int X509_STORE_add_cert(X509_STORE *ctx, X509 *x); int X509_STORE_add_cert(X509_STORE *ctx, X509 *x);
int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x); int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x);
@ -397,6 +469,9 @@ int X509_LOOKUP_by_fingerprint(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type,
X509_OBJECT *ret); X509_OBJECT *ret);
int X509_LOOKUP_by_alias(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type, int X509_LOOKUP_by_alias(X509_LOOKUP *ctx, X509_LOOKUP_TYPE type,
const char *str, int len, X509_OBJECT *ret); const char *str, int len, X509_OBJECT *ret);
int X509_LOOKUP_set_method_data(X509_LOOKUP *ctx, void *data);
void *X509_LOOKUP_get_method_data(const X509_LOOKUP *ctx);
X509_STORE *X509_LOOKUP_get_store(const X509_LOOKUP *ctx);
int X509_LOOKUP_shutdown(X509_LOOKUP *ctx); int X509_LOOKUP_shutdown(X509_LOOKUP *ctx);
int X509_STORE_load_locations(X509_STORE *ctx, int X509_STORE_load_locations(X509_STORE *ctx,

1
include/openssl/x509err.h
View File

@ -49,6 +49,7 @@ int ERR_load_X509_strings(void);
# define X509_F_X509_LOAD_CERT_CRL_FILE 132 # define X509_F_X509_LOAD_CERT_CRL_FILE 132
# define X509_F_X509_LOAD_CERT_FILE 111 # define X509_F_X509_LOAD_CERT_FILE 111
# define X509_F_X509_LOAD_CRL_FILE 112 # define X509_F_X509_LOAD_CRL_FILE 112
# define X509_F_X509_LOOKUP_METH_NEW 160
# define X509_F_X509_LOOKUP_NEW 155 # define X509_F_X509_LOOKUP_NEW 155
# define X509_F_X509_NAME_ADD_ENTRY 113 # define X509_F_X509_NAME_ADD_ENTRY 113
# define X509_F_X509_NAME_CANON 156 # define X509_F_X509_NAME_CANON 156

25
util/libcrypto.num
View File

@ -4548,3 +4548,28 @@ RSA_get0_p 4489 1_1_1 EXIST::FUNCTION:RSA
RSA_get0_iqmp 4490 1_1_1 EXIST::FUNCTION:RSA RSA_get0_iqmp 4490 1_1_1 EXIST::FUNCTION:RSA
ECDSA_SIG_get0_r 4491 1_1_1 EXIST::FUNCTION:EC ECDSA_SIG_get0_r 4491 1_1_1 EXIST::FUNCTION:EC
ECDSA_SIG_get0_s 4492 1_1_1 EXIST::FUNCTION:EC ECDSA_SIG_get0_s 4492 1_1_1 EXIST::FUNCTION:EC
X509_LOOKUP_meth_get_get_by_fingerprint 4493 1_1_0i EXIST::FUNCTION:
X509_LOOKUP_meth_new 4494 1_1_0i EXIST::FUNCTION:
X509_LOOKUP_meth_get_init 4495 1_1_0i EXIST::FUNCTION:
X509_LOOKUP_meth_get_get_by_alias 4496 1_1_0i EXIST::FUNCTION:
X509_LOOKUP_meth_set_new_item 4497 1_1_0i EXIST::FUNCTION:
X509_LOOKUP_meth_set_shutdown 4498 1_1_0i EXIST::FUNCTION:
X509_LOOKUP_meth_get_new_item 4499 1_1_0i EXIST::FUNCTION:
X509_LOOKUP_meth_set_ctrl 4500 1_1_0i EXIST::FUNCTION:
X509_LOOKUP_meth_set_get_by_issuer_serial 4501 1_1_0i EXIST::FUNCTION:
X509_LOOKUP_get_store 4502 1_1_0i EXIST::FUNCTION:
X509_LOOKUP_meth_get_ctrl 4503 1_1_0i EXIST::FUNCTION:
X509_LOOKUP_meth_set_get_by_alias 4504 1_1_0i EXIST::FUNCTION:
X509_LOOKUP_meth_get_get_by_subject 4505 1_1_0i EXIST::FUNCTION:
X509_LOOKUP_meth_get_free 4506 1_1_0i EXIST::FUNCTION:
X509_LOOKUP_meth_set_get_by_subject 4507 1_1_0i EXIST::FUNCTION:
X509_LOOKUP_meth_set_free 4508 1_1_0i EXIST::FUNCTION:
X509_LOOKUP_meth_get_shutdown 4509 1_1_0i EXIST::FUNCTION:
X509_LOOKUP_set_method_data 4510 1_1_0i EXIST::FUNCTION:
X509_LOOKUP_get_method_data 4511 1_1_0i EXIST::FUNCTION:
X509_LOOKUP_meth_set_get_by_fingerprint 4512 1_1_0i EXIST::FUNCTION:
X509_LOOKUP_meth_free 4513 1_1_0i EXIST::FUNCTION:
X509_OBJECT_set1_X509 4514 1_1_0i EXIST::FUNCTION:
X509_LOOKUP_meth_get_get_by_issuer_serial 4515 1_1_0i EXIST::FUNCTION:
X509_LOOKUP_meth_set_init 4516 1_1_0i EXIST::FUNCTION:
X509_OBJECT_set1_X509_CRL 4517 1_1_0i EXIST::FUNCTION:

5
util/private.num
View File

@ -73,6 +73,11 @@ X509_STORE_CTX_lookup_crls_fn datatype
X509_STORE_CTX_verify_cb datatype X509_STORE_CTX_verify_cb datatype
X509_STORE_CTX_verify_fn datatype X509_STORE_CTX_verify_fn datatype
X509_STORE_set_verify_cb_func datatype X509_STORE_set_verify_cb_func datatype
X509_LOOKUP_get_by_alias_fn datatype
X509_LOOKUP_get_by_subject_fn datatype
X509_LOOKUP_get_by_fingerprint_fn datatype
X509_LOOKUP_ctrl_fn datatype
X509_LOOKUP_get_by_issuer_serial_fn datatype
bio_info_cb datatype bio_info_cb datatype
BIO_info_cb datatype BIO_info_cb datatype
custom_ext_add_cb datatype custom_ext_add_cb datatype