123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183 |
- =pod
- =head1 NAME
- OSSL_STORE_CTX, OSSL_STORE_post_process_info_fn,
- OSSL_STORE_open, OSSL_STORE_open_ex,
- OSSL_STORE_ctrl, OSSL_STORE_load, OSSL_STORE_eof,
- OSSL_STORE_error, OSSL_STORE_close
- - Types and functions to read objects from a URI
- =head1 SYNOPSIS
- #include <openssl/store.h>
- typedef struct ossl_store_ctx_st OSSL_STORE_CTX;
- typedef OSSL_STORE_INFO *(*OSSL_STORE_post_process_info_fn)(OSSL_STORE_INFO *,
- void *);
- OSSL_STORE_CTX *OSSL_STORE_open(const char *uri, const UI_METHOD *ui_method,
- void *ui_data,
- OSSL_STORE_post_process_info_fn post_process,
- void *post_process_data);
- OSSL_STORE_CTX *
- OSSL_STORE_open_ex(const char *uri, OPENSSL_CTX *libctx, const char *propq,
- const UI_METHOD *ui_method, void *ui_data,
- OSSL_STORE_post_process_info_fn post_process,
- void *post_process_data);
- OSSL_STORE_INFO *OSSL_STORE_load(OSSL_STORE_CTX *ctx);
- int OSSL_STORE_eof(OSSL_STORE_CTX *ctx);
- int OSSL_STORE_error(OSSL_STORE_CTX *ctx);
- int OSSL_STORE_close(OSSL_STORE_CTX *ctx);
- Deprecated since OpenSSL 3.0, can be hidden entirely by defining
- B<OPENSSL_API_COMPAT> with a suitable version value, see
- L<openssl_user_macros(7)>:
- int OSSL_STORE_ctrl(OSSL_STORE_CTX *ctx, int cmd, ... /* args */);
- =head1 DESCRIPTION
- These functions help the application to fetch supported objects (see
- L<OSSL_STORE_INFO(3)/SUPPORTED OBJECTS> for information on which those are)
- from a given URI.
- The general method to do so is to "open" the URI using OSSL_STORE_open(),
- read each available and supported object using OSSL_STORE_load() as long as
- OSSL_STORE_eof() hasn't been reached, and finish it off with OSSL_STORE_close().
- The retrieved information is stored in a B<OSSL_STORE_INFO>, which is further
- described in L<OSSL_STORE_INFO(3)>.
- =head2 Types
- B<OSSL_STORE_CTX> is a context variable that holds all the internal
- information for OSSL_STORE_open(), OSSL_STORE_open_ex(),
- OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close() to work
- together.
- =head2 Functions
- OSSL_STORE_open_ex() takes a uri or path I<uri>, password UI method
- I<ui_method> with associated data I<ui_data>, and post processing
- callback I<post_process> with associated data I<post_process_data>,
- a library context I<libctx> with an associated property query I<propq>,
- and opens a channel to the data located at the URI and returns a
- B<OSSL_STORE_CTX> with all necessary internal information.
- The given I<ui_method> and I<ui_data> will be reused by all
- functions that use B<OSSL_STORE_CTX> when interaction is needed,
- for instance to provide a password.
- The given I<post_process> and I<post_process_data> will be reused by
- OSSL_STORE_load() to manipulate or drop the value to be returned.
- The I<post_process> function drops values by returning NULL, which
- will cause OSSL_STORE_load() to start its process over with loading
- the next object, until I<post_process> returns something other than
- NULL, or the end of data is reached as indicated by OSSL_STORE_eof().
- OSSL_STORE_open() is similar to OSSL_STORE_open_ex() but uses NULL for
- the library context I<libctx> and property query I<propq>.
- OSSL_STORE_ctrl() takes a B<OSSL_STORE_CTX>, and command number I<cmd> and
- more arguments not specified here.
- The available loader specific command numbers and arguments they each
- take depends on the loader that's used and is documented together with
- that loader.
- There are also global controls available:
- =over 4
- =item B<OSSL_STORE_C_USE_SECMEM>
- Controls if the loader should attempt to use secure memory for any
- allocated B<OSSL_STORE_INFO> and its contents.
- This control expects one argument, a pointer to an I<int> that is expected to
- have the value 1 (yes) or 0 (no).
- Any other value is an error.
- =back
- OSSL_STORE_load() takes a B<OSSL_STORE_CTX> and tries to load the next
- available object and return it wrapped with B<OSSL_STORE_INFO>.
- OSSL_STORE_eof() takes a B<OSSL_STORE_CTX> and checks if we've reached the end
- of data.
- OSSL_STORE_error() takes a B<OSSL_STORE_CTX> and checks if an error occurred in
- the last OSSL_STORE_load() call.
- Note that it may still be meaningful to try and load more objects, unless
- OSSL_STORE_eof() shows that the end of data has been reached.
- OSSL_STORE_close() takes a B<OSSL_STORE_CTX>, closes the channel that was opened
- by OSSL_STORE_open() and frees all other information that was stored in the
- B<OSSL_STORE_CTX>, as well as the B<OSSL_STORE_CTX> itself.
- If I<ctx> is NULL it does nothing.
- =head1 NOTES
- A string without a scheme prefix (that is, a non-URI string) is
- implicitly interpreted as using the F<file:> scheme.
- There are some tools that can be used together with
- OSSL_STORE_open() to determine if any failure is caused by an unparsable
- URI, or if it's a different error (such as memory allocation
- failures); if the URI was parsable but the scheme unregistered, the
- top error will have the reason C<OSSL_STORE_R_UNREGISTERED_SCHEME>.
- These functions make no direct assumption regarding the pass phrase received
- from the password callback.
- The loaders may make assumptions, however.
- For example, the B<file:> scheme loader inherits the assumptions made by
- OpenSSL functionality that handles the different file types; this is mostly
- relevant for PKCS#12 objects.
- See L<passphrase-encoding(7)> for further information.
- =head1 RETURN VALUES
- OSSL_STORE_open() returns a pointer to a B<OSSL_STORE_CTX> on success, or
- NULL on failure.
- OSSL_STORE_load() returns a pointer to a B<OSSL_STORE_INFO> on success, or NULL
- on error or when end of data is reached.
- Use OSSL_STORE_error() and OSSL_STORE_eof() to determine the meaning of a
- returned NULL.
- OSSL_STORE_eof() returns 1 if the end of data has been reached, otherwise
- 0.
- OSSL_STORE_error() returns 1 if an error occurred in an OSSL_STORE_load() call,
- otherwise 0.
- OSSL_STORE_ctrl() and OSSL_STORE_close() returns 1 on success, or 0 on failure.
- =head1 SEE ALSO
- L<ossl_store(7)>, L<OSSL_STORE_INFO(3)>, L<OSSL_STORE_register_loader(3)>,
- L<passphrase-encoding(7)>
- =head1 HISTORY
- OSSL_STORE_open_ex() was added in OpenSSL 3.0.
- B<OSSL_STORE_CTX>, OSSL_STORE_post_process_info_fn(), OSSL_STORE_open(),
- OSSL_STORE_ctrl(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close()
- were added in OpenSSL 1.1.1.
- Handling of NULL I<ctx> argument for OSSL_STORE_close()
- was introduced in OpenSSL 1.1.1h.
- OSSL_STORE_open_ex() was added in OpenSSL 3.0.
- OSSL_STORE_ctrl() and OSSL_STORE_vctrl() were deprecated in OpenSSL 3.0.
- =head1 COPYRIGHT
- Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
- Licensed under the Apache License 2.0 (the "License"). You may not use
- this file except in compliance with the License. You can obtain a copy
- in the file LICENSE in the source distribution or at
- L<https://www.openssl.org/source/license.html>.
- =cut
|