OSSL_STORE_open.pod 6.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183
  1. =pod
  2. =head1 NAME
  3. OSSL_STORE_CTX, OSSL_STORE_post_process_info_fn,
  4. OSSL_STORE_open, OSSL_STORE_open_ex,
  5. OSSL_STORE_ctrl, OSSL_STORE_load, OSSL_STORE_eof,
  6. OSSL_STORE_error, OSSL_STORE_close
  7. - Types and functions to read objects from a URI
  8. =head1 SYNOPSIS
  9. #include <openssl/store.h>
  10. typedef struct ossl_store_ctx_st OSSL_STORE_CTX;
  11. typedef OSSL_STORE_INFO *(*OSSL_STORE_post_process_info_fn)(OSSL_STORE_INFO *,
  12. void *);
  13. OSSL_STORE_CTX *OSSL_STORE_open(const char *uri, const UI_METHOD *ui_method,
  14. void *ui_data,
  15. OSSL_STORE_post_process_info_fn post_process,
  16. void *post_process_data);
  17. OSSL_STORE_CTX *
  18. OSSL_STORE_open_ex(const char *uri, OPENSSL_CTX *libctx, const char *propq,
  19. const UI_METHOD *ui_method, void *ui_data,
  20. OSSL_STORE_post_process_info_fn post_process,
  21. void *post_process_data);
  22. OSSL_STORE_INFO *OSSL_STORE_load(OSSL_STORE_CTX *ctx);
  23. int OSSL_STORE_eof(OSSL_STORE_CTX *ctx);
  24. int OSSL_STORE_error(OSSL_STORE_CTX *ctx);
  25. int OSSL_STORE_close(OSSL_STORE_CTX *ctx);
  26. Deprecated since OpenSSL 3.0, can be hidden entirely by defining
  27. B<OPENSSL_API_COMPAT> with a suitable version value, see
  28. L<openssl_user_macros(7)>:
  29. int OSSL_STORE_ctrl(OSSL_STORE_CTX *ctx, int cmd, ... /* args */);
  30. =head1 DESCRIPTION
  31. These functions help the application to fetch supported objects (see
  32. L<OSSL_STORE_INFO(3)/SUPPORTED OBJECTS> for information on which those are)
  33. from a given URI.
  34. The general method to do so is to "open" the URI using OSSL_STORE_open(),
  35. read each available and supported object using OSSL_STORE_load() as long as
  36. OSSL_STORE_eof() hasn't been reached, and finish it off with OSSL_STORE_close().
  37. The retrieved information is stored in a B<OSSL_STORE_INFO>, which is further
  38. described in L<OSSL_STORE_INFO(3)>.
  39. =head2 Types
  40. B<OSSL_STORE_CTX> is a context variable that holds all the internal
  41. information for OSSL_STORE_open(), OSSL_STORE_open_ex(),
  42. OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close() to work
  43. together.
  44. =head2 Functions
  45. OSSL_STORE_open_ex() takes a uri or path I<uri>, password UI method
  46. I<ui_method> with associated data I<ui_data>, and post processing
  47. callback I<post_process> with associated data I<post_process_data>,
  48. a library context I<libctx> with an associated property query I<propq>,
  49. and opens a channel to the data located at the URI and returns a
  50. B<OSSL_STORE_CTX> with all necessary internal information.
  51. The given I<ui_method> and I<ui_data> will be reused by all
  52. functions that use B<OSSL_STORE_CTX> when interaction is needed,
  53. for instance to provide a password.
  54. The given I<post_process> and I<post_process_data> will be reused by
  55. OSSL_STORE_load() to manipulate or drop the value to be returned.
  56. The I<post_process> function drops values by returning NULL, which
  57. will cause OSSL_STORE_load() to start its process over with loading
  58. the next object, until I<post_process> returns something other than
  59. NULL, or the end of data is reached as indicated by OSSL_STORE_eof().
  60. OSSL_STORE_open() is similar to OSSL_STORE_open_ex() but uses NULL for
  61. the library context I<libctx> and property query I<propq>.
  62. OSSL_STORE_ctrl() takes a B<OSSL_STORE_CTX>, and command number I<cmd> and
  63. more arguments not specified here.
  64. The available loader specific command numbers and arguments they each
  65. take depends on the loader that's used and is documented together with
  66. that loader.
  67. There are also global controls available:
  68. =over 4
  69. =item B<OSSL_STORE_C_USE_SECMEM>
  70. Controls if the loader should attempt to use secure memory for any
  71. allocated B<OSSL_STORE_INFO> and its contents.
  72. This control expects one argument, a pointer to an I<int> that is expected to
  73. have the value 1 (yes) or 0 (no).
  74. Any other value is an error.
  75. =back
  76. OSSL_STORE_load() takes a B<OSSL_STORE_CTX> and tries to load the next
  77. available object and return it wrapped with B<OSSL_STORE_INFO>.
  78. OSSL_STORE_eof() takes a B<OSSL_STORE_CTX> and checks if we've reached the end
  79. of data.
  80. OSSL_STORE_error() takes a B<OSSL_STORE_CTX> and checks if an error occurred in
  81. the last OSSL_STORE_load() call.
  82. Note that it may still be meaningful to try and load more objects, unless
  83. OSSL_STORE_eof() shows that the end of data has been reached.
  84. OSSL_STORE_close() takes a B<OSSL_STORE_CTX>, closes the channel that was opened
  85. by OSSL_STORE_open() and frees all other information that was stored in the
  86. B<OSSL_STORE_CTX>, as well as the B<OSSL_STORE_CTX> itself.
  87. If I<ctx> is NULL it does nothing.
  88. =head1 NOTES
  89. A string without a scheme prefix (that is, a non-URI string) is
  90. implicitly interpreted as using the F<file:> scheme.
  91. There are some tools that can be used together with
  92. OSSL_STORE_open() to determine if any failure is caused by an unparsable
  93. URI, or if it's a different error (such as memory allocation
  94. failures); if the URI was parsable but the scheme unregistered, the
  95. top error will have the reason C<OSSL_STORE_R_UNREGISTERED_SCHEME>.
  96. These functions make no direct assumption regarding the pass phrase received
  97. from the password callback.
  98. The loaders may make assumptions, however.
  99. For example, the B<file:> scheme loader inherits the assumptions made by
  100. OpenSSL functionality that handles the different file types; this is mostly
  101. relevant for PKCS#12 objects.
  102. See L<passphrase-encoding(7)> for further information.
  103. =head1 RETURN VALUES
  104. OSSL_STORE_open() returns a pointer to a B<OSSL_STORE_CTX> on success, or
  105. NULL on failure.
  106. OSSL_STORE_load() returns a pointer to a B<OSSL_STORE_INFO> on success, or NULL
  107. on error or when end of data is reached.
  108. Use OSSL_STORE_error() and OSSL_STORE_eof() to determine the meaning of a
  109. returned NULL.
  110. OSSL_STORE_eof() returns 1 if the end of data has been reached, otherwise
  111. 0.
  112. OSSL_STORE_error() returns 1 if an error occurred in an OSSL_STORE_load() call,
  113. otherwise 0.
  114. OSSL_STORE_ctrl() and OSSL_STORE_close() returns 1 on success, or 0 on failure.
  115. =head1 SEE ALSO
  116. L<ossl_store(7)>, L<OSSL_STORE_INFO(3)>, L<OSSL_STORE_register_loader(3)>,
  117. L<passphrase-encoding(7)>
  118. =head1 HISTORY
  119. OSSL_STORE_open_ex() was added in OpenSSL 3.0.
  120. B<OSSL_STORE_CTX>, OSSL_STORE_post_process_info_fn(), OSSL_STORE_open(),
  121. OSSL_STORE_ctrl(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close()
  122. were added in OpenSSL 1.1.1.
  123. Handling of NULL I<ctx> argument for OSSL_STORE_close()
  124. was introduced in OpenSSL 1.1.1h.
  125. OSSL_STORE_open_ex() was added in OpenSSL 3.0.
  126. OSSL_STORE_ctrl() and OSSL_STORE_vctrl() were deprecated in OpenSSL 3.0.
  127. =head1 COPYRIGHT
  128. Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
  129. Licensed under the Apache License 2.0 (the "License"). You may not use
  130. this file except in compliance with the License. You can obtain a copy
  131. in the file LICENSE in the source distribution or at
  132. L<https://www.openssl.org/source/license.html>.
  133. =cut