diff options
| author | Dmitry Belyavskiy <beldmit@gmail.com> | 2023-08-28 13:37:33 +0200 |
|---|---|---|
| committer | Dmitry Belyavskiy <beldmit@gmail.com> | 2023-09-15 10:18:36 +0200 |
| commit | 0a8807b4a838ec6e6a84b2a28781e821ede90480 (patch) | |
| tree | 32094d09c9778459d19367181bfcca71a0248cf0 | |
| parent | Fix engine cleanup error handling (diff) | |
| download | openssl-0a8807b4a838ec6e6a84b2a28781e821ede90480.tar.xz openssl-0a8807b4a838ec6e6a84b2a28781e821ede90480.zip | |
Store: API for deletion
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/21901)
| -rw-r--r-- | crypto/store/store_lib.c | 47 | ||||
| -rw-r--r-- | crypto/store/store_local.h | 1 | ||||
| -rw-r--r-- | crypto/store/store_meth.c | 6 | ||||
| -rw-r--r-- | include/openssl/core_dispatch.h | 4 | ||||
| -rw-r--r-- | include/openssl/store.h | 8 |
5 files changed, 65 insertions, 1 deletions
diff --git a/crypto/store/store_lib.c b/crypto/store/store_lib.c index df3180c048..a68e8e28b6 100644 --- a/crypto/store/store_lib.c +++ b/crypto/store/store_lib.c @@ -480,6 +480,53 @@ OSSL_STORE_INFO *OSSL_STORE_load(OSSL_STORE_CTX *ctx) return v; } +int OSSL_STORE_delete(const char *uri, OSSL_LIB_CTX *libctx, const char *propq, + const UI_METHOD *ui_method, void *ui_data, + const OSSL_PARAM params[]) +{ + OSSL_STORE_LOADER *fetched_loader = NULL; + char scheme[256], *p; + int res = 0; + struct ossl_passphrase_data_st pwdata = {0}; + + OPENSSL_strlcpy(scheme, uri, sizeof(scheme)); + if ((p = strchr(scheme, ':')) != NULL) + *p++ = '\0'; + else /* We don't work without explicit scheme */ + return 0; + + if (ui_method != NULL + && (!ossl_pw_set_ui_method(&pwdata, ui_method, ui_data) + || !ossl_pw_enable_passphrase_caching(&pwdata))) { + ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_CRYPTO_LIB); + return 0; + } + + OSSL_TRACE1(STORE, "Looking up scheme %s\n", scheme); + fetched_loader = OSSL_STORE_LOADER_fetch(libctx, scheme, propq); + + if (fetched_loader != NULL && fetched_loader->p_delete != NULL) { + const OSSL_PROVIDER *provider = + OSSL_STORE_LOADER_get0_provider(fetched_loader); + void *provctx = OSSL_PROVIDER_get0_provider_ctx(provider); + + /* + * It's assumed that the loader's delete() method reports its own + * errors + */ + OSSL_TRACE1(STORE, "Performing URI delete %s\n", uri); + res = fetched_loader->p_delete(provctx, uri, params, + ossl_pw_passphrase_callback_dec, + &pwdata); + } + /* Clear any internally cached passphrase */ + (void)ossl_pw_clear_passphrase_cache(&pwdata); + + OSSL_STORE_LOADER_free(fetched_loader); + + return res; +} + int OSSL_STORE_error(OSSL_STORE_CTX *ctx) { int ret = 1; diff --git a/crypto/store/store_local.h b/crypto/store/store_local.h index 223758ab2b..06c8c9b218 100644 --- a/crypto/store/store_local.h +++ b/crypto/store/store_local.h @@ -112,6 +112,7 @@ struct ossl_store_loader_st { OSSL_FUNC_store_eof_fn *p_eof; OSSL_FUNC_store_close_fn *p_close; OSSL_FUNC_store_export_object_fn *p_export_object; + OSSL_FUNC_store_delete_fn *p_delete; }; DEFINE_LHASH_OF_EX(OSSL_STORE_LOADER); diff --git a/crypto/store/store_meth.c b/crypto/store/store_meth.c index 7fc79e2989..766777c3a0 100644 --- a/crypto/store/store_meth.c +++ b/crypto/store/store_meth.c @@ -219,6 +219,10 @@ static void *loader_from_algorithm(int scheme_id, const OSSL_ALGORITHM *algodef, if (loader->p_export_object == NULL) loader->p_export_object = OSSL_FUNC_store_export_object(fns); break; + case OSSL_FUNC_STORE_DELETE: + if (loader->p_delete == NULL) + loader->p_delete = OSSL_FUNC_store_delete(fns); + break; } } @@ -226,7 +230,7 @@ static void *loader_from_algorithm(int scheme_id, const OSSL_ALGORITHM *algodef, || loader->p_load == NULL || loader->p_eof == NULL || loader->p_close == NULL) { - /* Only set_ctx_params is optionaal */ + /* Only set_ctx_params is optional */ OSSL_STORE_LOADER_free(loader); ERR_raise(ERR_LIB_OSSL_STORE, OSSL_STORE_R_LOADER_INCOMPLETE); return NULL; diff --git a/include/openssl/core_dispatch.h b/include/openssl/core_dispatch.h index 7c48bd7f86..9631626ae3 100644 --- a/include/openssl/core_dispatch.h +++ b/include/openssl/core_dispatch.h @@ -936,6 +936,7 @@ OSSL_CORE_MAKE_FUNC(int, decoder_export_object, #define OSSL_FUNC_STORE_EOF 6 #define OSSL_FUNC_STORE_CLOSE 7 #define OSSL_FUNC_STORE_EXPORT_OBJECT 8 +#define OSSL_FUNC_STORE_DELETE 9 OSSL_CORE_MAKE_FUNC(void *, store_open, (void *provctx, const char *uri)) OSSL_CORE_MAKE_FUNC(void *, store_attach, (void *provctx, OSSL_CORE_BIO *in)) OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, store_settable_ctx_params, @@ -951,6 +952,9 @@ OSSL_CORE_MAKE_FUNC(int, store_close, (void *loaderctx)) OSSL_CORE_MAKE_FUNC(int, store_export_object, (void *loaderctx, const void *objref, size_t objref_sz, OSSL_CALLBACK *export_cb, void *export_cbarg)) +OSSL_CORE_MAKE_FUNC(int, store_delete, + (void *provctx, const char *uri, const OSSL_PARAM params[], + OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg)) # ifdef __cplusplus } diff --git a/include/openssl/store.h b/include/openssl/store.h index dafb16fd90..46fb4d40f0 100644 --- a/include/openssl/store.h +++ b/include/openssl/store.h @@ -99,6 +99,14 @@ OSSL_DEPRECATEDIN_3_0 int OSSL_STORE_vctrl(OSSL_STORE_CTX *ctx, int cmd, OSSL_STORE_INFO *OSSL_STORE_load(OSSL_STORE_CTX *ctx); /* + * Deletes the object in the store by URI. + * Returns 1 on success, 0 otherwise. + */ +int OSSL_STORE_delete(const char *uri, OSSL_LIB_CTX *libctx, const char *propq, + const UI_METHOD *ui_method, void *ui_data, + const OSSL_PARAM params[]); + +/* * Check if end of data (end of file) is reached * Returns 1 on end, 0 otherwise. */ |