diff options
| author | Richard Levitte <levitte@openssl.org> | 2016-12-06 14:41:33 +0100 |
|---|---|---|
| committer | Richard Levitte <levitte@openssl.org> | 2017-06-29 19:25:39 +0200 |
| commit | 4c17819c41b32f6652662d4a2942e35c67d7d650 (patch) | |
| tree | 9529006887355c68d375bd061feb9a02a1acce4a /crypto/store | |
| parent | Make it possible to tell the file loader to use secure memory (diff) | |
| download | openssl-4c17819c41b32f6652662d4a2942e35c67d7d650.tar.xz openssl-4c17819c41b32f6652662d4a2942e35c67d7d650.zip | |
Add internal functions to fetch PEM data from an opened BIO
store_attach_pem_bio() creates a STORE_CTX with the 'file' scheme
loader backend in PEM reading mode on an already opened BIO.
store_detach_pem_bio() detaches the STORE_CTX from the BIO and
destroys it (without destroying the BIO).
These two functions can be used in place of STORE_open() and
STORE_close(), and are present as internal support for other OpenSSL
functions.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2745)
Diffstat (limited to 'crypto/store')
| -rw-r--r-- | crypto/store/loader_file.c | 24 | ||||
| -rw-r--r-- | crypto/store/store_err.c | 4 | ||||
| -rw-r--r-- | crypto/store/store_lib.c | 44 | ||||
| -rw-r--r-- | crypto/store/store_locl.h | 8 |
4 files changed, 80 insertions, 0 deletions
diff --git a/crypto/store/loader_file.c b/crypto/store/loader_file.c index 8c8b81eb74..2b0f213df0 100644 --- a/crypto/store/loader_file.c +++ b/crypto/store/loader_file.c @@ -25,6 +25,7 @@ #include "internal/asn1_int.h" #include "internal/o_dir.h" #include "internal/cryptlib.h" +#include "internal/store_int.h" #include "store_locl.h" #include "e_os.h" @@ -800,6 +801,23 @@ static int file_ctrl(OSSL_STORE_LOADER_CTX *ctx, int cmd, va_list args) return ret; } +/* Internal function to decode an already opened PEM file */ +OSSL_STORE_LOADER_CTX *ossl_store_file_attach_pem_bio_int(BIO *bp) +{ + OSSL_STORE_LOADER_CTX *ctx = OPENSSL_zalloc(sizeof(*ctx)); + + if (ctx == NULL) { + OSSL_STOREerr(OSSL_STORE_F_OSSL_STORE_FILE_ATTACH_PEM_BIO_INT, + ERR_R_MALLOC_FAILURE); + return NULL; + } + + ctx->_.file.file = bp; + ctx->type = is_pem; + + return ctx; +} + static OSSL_STORE_INFO *file_load_try_decode(OSSL_STORE_LOADER_CTX *ctx, const char *pem_name, const char *pem_header, @@ -1158,6 +1176,12 @@ static int file_close(OSSL_STORE_LOADER_CTX *ctx) return 1; } +int ossl_store_file_detach_pem_bio_int(OSSL_STORE_LOADER_CTX *ctx) +{ + OSSL_STORE_LOADER_CTX_free(ctx); + return 1; +} + static OSSL_STORE_LOADER file_loader = { "file", diff --git a/crypto/store/store_err.c b/crypto/store/store_err.c index 8f1a9be195..aad643b163 100644 --- a/crypto/store/store_err.c +++ b/crypto/store/store_err.c @@ -23,6 +23,10 @@ static const ERR_STRING_DATA OSSL_STORE_str_functs[] = { {ERR_PACK(ERR_LIB_OSSL_STORE, OSSL_STORE_F_FILE_NAME_TO_URI, 0), "file_name_to_uri"}, {ERR_PACK(ERR_LIB_OSSL_STORE, OSSL_STORE_F_FILE_OPEN, 0), "file_open"}, + {ERR_PACK(ERR_LIB_OSSL_STORE, OSSL_STORE_F_OSSL_STORE_ATTACH_PEM_BIO, 0), + "ossl_store_attach_pem_bio"}, + {ERR_PACK(ERR_LIB_OSSL_STORE, OSSL_STORE_F_OSSL_STORE_FILE_ATTACH_PEM_BIO_INT, 0), + "ossl_store_file_attach_pem_bio_int"}, {ERR_PACK(ERR_LIB_OSSL_STORE, OSSL_STORE_F_OSSL_STORE_GET0_LOADER_INT, 0), "ossl_store_get0_loader_int"}, {ERR_PACK(ERR_LIB_OSSL_STORE, OSSL_STORE_F_OSSL_STORE_INFO_GET1_CERT, 0), diff --git a/crypto/store/store_lib.c b/crypto/store/store_lib.c index 2c8ce86a27..d5bb8b88ce 100644 --- a/crypto/store/store_lib.c +++ b/crypto/store/store_lib.c @@ -14,6 +14,7 @@ #include <openssl/err.h> #include <openssl/store.h> #include "internal/thread_once.h" +#include "internal/store_int.h" #include "store_locl.h" struct ossl_store_ctx_st { @@ -407,3 +408,46 @@ char *ossl_store_info_get0_EMBEDDED_pem_name(OSSL_STORE_INFO *info) return info->_.embedded.pem_name; return NULL; } + +OSSL_STORE_CTX *ossl_store_attach_pem_bio(BIO *bp, const UI_METHOD *ui_method, + void *ui_data) +{ + OSSL_STORE_CTX *ctx = NULL; + const OSSL_STORE_LOADER *loader = NULL; + OSSL_STORE_LOADER_CTX *loader_ctx = NULL; + + if ((loader = ossl_store_get0_loader_int("file")) == NULL + || ((loader_ctx = ossl_store_file_attach_pem_bio_int(bp)) == NULL)) + goto done; + if ((ctx = OPENSSL_zalloc(sizeof(*ctx))) == NULL) { + OSSL_STOREerr(OSSL_STORE_F_OSSL_STORE_ATTACH_PEM_BIO, + ERR_R_MALLOC_FAILURE); + goto done; + } + + ctx->loader = loader; + ctx->loader_ctx = loader_ctx; + loader_ctx = NULL; + ctx->ui_method = ui_method; + ctx->ui_data = ui_data; + ctx->post_process = NULL; + ctx->post_process_data = NULL; + + done: + if (loader_ctx != NULL) + /* + * We ignore a returned error because we will return NULL anyway in + * this case, so if something goes wrong when closing, that'll simply + * just add another entry on the error stack. + */ + (void)loader->close(loader_ctx); + return ctx; +} + +int ossl_store_detach_pem_bio(OSSL_STORE_CTX *ctx) +{ + int loader_ret = ossl_store_file_detach_pem_bio_int(ctx->loader_ctx); + + OPENSSL_free(ctx); + return loader_ret; +} diff --git a/crypto/store/store_locl.h b/crypto/store/store_locl.h index a954c577c4..789d332810 100644 --- a/crypto/store/store_locl.h +++ b/crypto/store/store_locl.h @@ -92,3 +92,11 @@ void ossl_store_destroy_loaders_int(void); int ossl_store_init_once(void); int ossl_store_file_loader_init(void); + +/*- + * 'file' scheme stuff + * ------------------- + */ + +OSSL_STORE_LOADER_CTX *ossl_store_file_attach_pem_bio_int(BIO *bp); +int ossl_store_file_detach_pem_bio_int(OSSL_STORE_LOADER_CTX *ctx); |