/*
- * Copyright (c) 2004 - 2006 Kungliga Tekniska Högskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
+ * Copyright (c) 2004 - 2006 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
*
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
*
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
*
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
*
- * 3. Neither the name of the Institute nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
*
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
*/
-/* $Id: hx_locl.h 22538 2008-01-27 13:05:47Z lha $ */
+/* $Id$ */
-#ifdef HAVE_CONFIG_H
#include <config.h>
-#endif
#include <stdio.h>
#include <stdlib.h>
#include <ctype.h>
#include <errno.h>
+#ifdef HAVE_STRINGS_H
#include <strings.h>
+#endif
#include <assert.h>
#include <stdarg.h>
#include <err.h>
+#include <limits.h>
+
+#include <roken.h>
+
#include <getarg.h>
#include <base64.h>
#include <hex.h>
-#include <roken.h>
#include <com_err.h>
#include <parse_units.h>
#include <parse_bytes.h>
#include <der.h>
+#define HC_DEPRECATED_CRYPTO
#include "crypto-headers.h"
struct hx509_keyset_ops;
typedef void (*_hx509_cert_release_func)(struct hx509_cert_data *, void *);
-typedef struct hx509_private_key_ops hx509_private_key_ops;
+
+#include "sel.h"
#include <hx509-private.h>
#include <hx509_err.h>
#define HX509_QUERY_MATCH_KEY_HASH_SHA1 0x100000
#define HX509_QUERY_MATCH_TIME 0x200000
#define HX509_QUERY_MATCH_EKU 0x400000
-#define HX509_QUERY_MASK 0x7fffff
+#define HX509_QUERY_MATCH_EXPR 0x800000
+#define HX509_QUERY_MASK 0xffffff
Certificate *subject;
Certificate *certificate;
heim_integer *serial;
Name *subject_name;
hx509_path *path;
char *friendlyname;
- int (*cmp_func)(void *, hx509_cert);
+ int (*cmp_func)(hx509_context, hx509_cert, void *);
void *cmp_func_ctx;
heim_octet_string *keyhash_sha1;
time_t timenow;
heim_oid *eku;
+ struct hx_expr *expr;
};
struct hx509_keyset_ops {
const char *name;
int flags;
- int (*init)(hx509_context, hx509_certs, void **,
+ int (*init)(hx509_context, hx509_certs, void **,
int, const char *, hx509_lock);
int (*store)(hx509_context, hx509_certs, void *, int, hx509_lock);
int (*free)(hx509_certs, void *);
int (*add)(hx509_context, hx509_certs, void *, hx509_cert);
- int (*query)(hx509_context, hx509_certs, void *,
+ int (*query)(hx509_context, hx509_certs, void *,
const hx509_query *, hx509_cert *);
int (*iter_start)(hx509_context, hx509_certs, void *, void **);
int (*iter)(hx509_context, hx509_certs, void *, void *, hx509_cert *);
int (*iter_end)(hx509_context, hx509_certs, void *, void *);
- int (*printinfo)(hx509_context, hx509_certs,
+ int (*printinfo)(hx509_context, hx509_certs,
void *, int (*)(void *, const char *), void *);
int (*getkeys)(hx509_context, hx509_certs, void *, hx509_private_key **);
int (*addkey)(hx509_context, hx509_certs, void *, hx509_private_key);
/* _hx509_calculate_path flag field */
#define HX509_CALCULATE_PATH_NO_ANCHOR 1
+/* environment */
+struct hx509_env_data {
+ enum { env_string, env_list } type;
+ char *name;
+ struct hx509_env_data *next;
+ union {
+ char *string;
+ struct hx509_env_data *list;
+ } u;
+};
+
+
extern const AlgorithmIdentifier * _hx509_crypto_default_sig_alg;
extern const AlgorithmIdentifier * _hx509_crypto_default_digest_alg;
extern const AlgorithmIdentifier * _hx509_crypto_default_secret_alg;