Store: API for deletion

Reviewed-by: Richard Levitte <levitte@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/21901)
2023-08-28 13:37:33 +02:00 · 2023-08-28 13:37:33 +02:00 · 0a8807b4a8
parent 00f2efccf5
commit 0a8807b4a8
5 changed files with 65 additions and 1 deletions
--- a/crypto/store/store_lib.c
+++ b/crypto/store/store_lib.c
@ -480,6 +480,53 @@ OSSL_STORE_INFO *OSSL_STORE_load(OSSL_STORE_CTX *ctx)
    return v;
 }

+int OSSL_STORE_delete(const char *uri, OSSL_LIB_CTX *libctx, const char *propq,
+                      const UI_METHOD *ui_method, void *ui_data,
+                      const OSSL_PARAM params[])
+{
+    OSSL_STORE_LOADER *fetched_loader = NULL;
+    char scheme[256], *p;
+    int res = 0;
+    struct ossl_passphrase_data_st pwdata = {0};
+
+    OPENSSL_strlcpy(scheme, uri, sizeof(scheme));
+    if ((p = strchr(scheme, ':')) != NULL)
+        *p++ = '\0';
+    else /* We don't work without explicit scheme */
+        return 0;
+
+    if (ui_method != NULL
+        && (!ossl_pw_set_ui_method(&pwdata, ui_method, ui_data)
+            || !ossl_pw_enable_passphrase_caching(&pwdata))) {
+        ERR_raise(ERR_LIB_OSSL_STORE, ERR_R_CRYPTO_LIB);
+        return 0;
+    }
+
+    OSSL_TRACE1(STORE, "Looking up scheme %s\n", scheme);
+    fetched_loader = OSSL_STORE_LOADER_fetch(libctx, scheme, propq);
+
+    if (fetched_loader != NULL && fetched_loader->p_delete != NULL) {
+        const OSSL_PROVIDER *provider =
+            OSSL_STORE_LOADER_get0_provider(fetched_loader);
+        void *provctx = OSSL_PROVIDER_get0_provider_ctx(provider);
+
+        /*
+         * It's assumed that the loader's delete() method reports its own
+         * errors
+         */
+        OSSL_TRACE1(STORE, "Performing URI delete %s\n", uri);
+        res = fetched_loader->p_delete(provctx, uri, params,
+                                       ossl_pw_passphrase_callback_dec,
+                                       &pwdata);
+    }
+    /* Clear any internally cached passphrase */
+    (void)ossl_pw_clear_passphrase_cache(&pwdata);
+
+    OSSL_STORE_LOADER_free(fetched_loader);
+
+    return res;
+}
+
 int OSSL_STORE_error(OSSL_STORE_CTX *ctx)
 {
    int ret = 1;
--- a/crypto/store/store_local.h
+++ b/crypto/store/store_local.h
@ -112,6 +112,7 @@ struct ossl_store_loader_st {
    OSSL_FUNC_store_eof_fn *p_eof;
    OSSL_FUNC_store_close_fn *p_close;
    OSSL_FUNC_store_export_object_fn *p_export_object;
+    OSSL_FUNC_store_delete_fn *p_delete;
 };
 DEFINE_LHASH_OF_EX(OSSL_STORE_LOADER);

--- a/crypto/store/store_meth.c
+++ b/crypto/store/store_meth.c
@ -219,6 +219,10 @@ static void *loader_from_algorithm(int scheme_id, const OSSL_ALGORITHM *algodef,
            if (loader->p_export_object == NULL)
                loader->p_export_object = OSSL_FUNC_store_export_object(fns);
            break;
+        case OSSL_FUNC_STORE_DELETE:
+            if (loader->p_delete == NULL)
+                loader->p_delete = OSSL_FUNC_store_delete(fns);
+            break;
        }
    }

@ -226,7 +230,7 @@ static void *loader_from_algorithm(int scheme_id, const OSSL_ALGORITHM *algodef,
        || loader->p_load == NULL
        || loader->p_eof == NULL
        || loader->p_close == NULL) {
-        /* Only set_ctx_params is optionaal */
+        /* Only set_ctx_params is optional */
        OSSL_STORE_LOADER_free(loader);
        ERR_raise(ERR_LIB_OSSL_STORE, OSSL_STORE_R_LOADER_INCOMPLETE);
        return NULL;
--- a/include/openssl/core_dispatch.h
+++ b/include/openssl/core_dispatch.h
@ -936,6 +936,7 @@ OSSL_CORE_MAKE_FUNC(int, decoder_export_object,
 #define OSSL_FUNC_STORE_EOF                         6
 #define OSSL_FUNC_STORE_CLOSE                       7
 #define OSSL_FUNC_STORE_EXPORT_OBJECT               8
+#define OSSL_FUNC_STORE_DELETE                      9
 OSSL_CORE_MAKE_FUNC(void *, store_open, (void *provctx, const char *uri))
 OSSL_CORE_MAKE_FUNC(void *, store_attach, (void *provctx, OSSL_CORE_BIO *in))
 OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, store_settable_ctx_params,
@ -951,6 +952,9 @@ OSSL_CORE_MAKE_FUNC(int, store_close, (void *loaderctx))
 OSSL_CORE_MAKE_FUNC(int, store_export_object,
                    (void *loaderctx, const void *objref, size_t objref_sz,
                     OSSL_CALLBACK *export_cb, void *export_cbarg))
+OSSL_CORE_MAKE_FUNC(int, store_delete,
+                    (void *provctx, const char *uri, const OSSL_PARAM params[],
+                     OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg))

 # ifdef __cplusplus
 }
--- a/include/openssl/store.h
+++ b/include/openssl/store.h
@ -98,6 +98,14 @@ OSSL_DEPRECATEDIN_3_0 int OSSL_STORE_vctrl(OSSL_STORE_CTX *ctx, int cmd,
 */
 OSSL_STORE_INFO *OSSL_STORE_load(OSSL_STORE_CTX *ctx);

+/*
+ * Deletes the object in the store by URI.
+ * Returns 1 on success, 0 otherwise.
+ */
+int OSSL_STORE_delete(const char *uri, OSSL_LIB_CTX *libctx, const char *propq,
+                      const UI_METHOD *ui_method, void *ui_data,
+                      const OSSL_PARAM params[]);
+
 /*
 * Check if end of data (end of file) is reached
 * Returns 1 on end, 0 otherwise.