Home Explore Help
Sign In
OWEALs
/
openssl
mirror of git://git.openssl.org/openssl.git
2
0
Fork 0
Files Issues 1 Wiki
Tree: 606e0426a1
Branches Tags
openssl
/
doc
/
man3
/
OSSL_ENCODER_to_bio.pod

OSSL_ENCODER_to_bio.pod 4.1 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133 
  1. =pod
    2. 

  2. 

  3. =head1 NAME
    4. 

  4. 

  5. OSSL_ENCODER_to_data,
    6. 

  6. OSSL_ENCODER_to_bio,
    7. 

  7. OSSL_ENCODER_to_fp
    8. 

  8. - Routines to perform an encoding
    9. 

  9. 

  10. =head1 SYNOPSIS
    11. 

  11. 

  12.  #include <openssl/encoder.h>
    13. 

  13. 

  14.  int OSSL_ENCODER_to_data(OSSL_ENCODER_CTX *ctx, unsigned char **pdata,
    15. 

  15.                           size_t *pdata_len);
    16. 

  16.  int OSSL_ENCODER_to_bio(OSSL_ENCODER_CTX *ctx, BIO *out);
    17. 

  17.  int OSSL_ENCODER_to_fp(OSSL_ENCODER_CTX *ctx, FILE *fp);
    18. 

  18. 

  19. Feature availability macros:
    20. 

  20. 

  21. =over 4
    22. 

  22. 

  23. =item OSSL_ENCODER_to_fp() is only available when B<OPENSSL_NO_STDIO>
    24. 

  24. is undefined.
    25. 

  25. 

  26. =back
    27. 

  27. 

  28. =head1 DESCRIPTION
    29. 

  29. 

  30. OSSL_ENCODER_to_data() runs the encoding process for the context I<ctx>,
    31. 

  31. with the output going to the I<*pdata> and I<*pdata_len>.
    32. 

  32. If I<*pdata> is NULL when OSSL_ENCODER_to_data() is called, a buffer will be
    33. 

  33. allocated using L<OPENSSL_zalloc(3)>, and I<*pdata> will be set to point at
    34. 

  34. the start of that buffer, and I<*pdata_len> will be assigned its length when
    35. 

  35. OSSL_ENCODER_to_data() returns.
    36. 

  36. If I<*pdata> is non-NULL when OSSL_ENCODER_to_data() is called, I<*pdata_len>
    37. 

  37. is assumed to have its size.  In this case, I<*pdata> will be set to point
    38. 

  38. after the encoded bytes, and I<*pdata_len> will be assigned the number of
    39. 

  39. remaining bytes.
    40. 

  40. 

  41. OSSL_ENCODER_to_bio() runs the encoding process for the context I<ctx>, with
    42. 

  42. the output going to the B<BIO> I<out>.
    43. 

  43. 

  44. OSSL_ENCODER_to_fp() does the same thing as OSSL_ENCODER_to_bio(), except
    45. 

  45. that the output is going to the B<FILE> I<fp>.
    46. 

  46. 

  47. =for comment Know your encoder!
    48. 

  48. 

  49. For OSSL_ENCODER_to_bio() and OSSL_ENCODER_to_fp(), the application is
    50. 

  50. required to set up the B<BIO> or B<FILE> properly, for example to have
    51. 

  51. it in text or binary mode as is appropriate for the encoder output type.
    52. 

  52. 

  53. =head1 RETURN VALUES
    54. 

  54. 

  55. OSSL_ENCODER_to_bio(), OSSL_ENCODER_to_fp() and OSSL_ENCODER_to_data()
    56. 

  56. return 1 on success, or 0 on failure.
    57. 

  57. 

  58. =head1 EXAMPLES
    59. 

  59. 

  60. To encode a pkey as PKCS#8 with PEM format into a bio:
    61. 

  61. 

  62.  OSSL_ENCODER_CTX *ectx;
    63. 

  63.  const char *format = "PEM";
    64. 

  64.  const char *structure = "PrivateKeyInfo"; /* PKCS#8 structure */
    65. 

  65.  const unsigned char *pass = "my password";
    66. 

  66. 

  67.  ectx = OSSL_ENCODER_CTX_new_for_pkey(pkey,
    68. 

  68.                                       OSSL_KEYMGMT_SELECT_KEYPAIR
    69. 

  69.                                       | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
    70. 

  70.                                       format, structure,
    71. 

  71.                                       NULL);
    72. 

  72.  if (ectx == NULL) {
    73. 

  73.      /* error: no suitable potential encoders found */
    74. 

  74.  }
    75. 

  75.  if (pass != NULL)
    76. 

  76.      OSSL_ENCODER_CTX_set_passphrase(ectx, pass, strlen(pass));
    77. 

  77.  if (OSSL_ENCODER_to_bio(ectx, bio)) {
    78. 

  78.      /* pkey was successfully encoded into the bio */
    79. 

  79.  } else {
    80. 

  80.      /* encoding failure */
    81. 

  81.  }
    82. 

  82.  OSSL_ENCODER_CTX_free(ectx);
    83. 

  83. 

  84. To encode a pkey as PKCS#8 with DER format encrypted with
    85. 

  85. AES-256-CBC into a buffer:
    86. 

  86. 

  87.  OSSL_ENCODER_CTX *ectx;
    88. 

  88.  const char *format = "DER";
    89. 

  89.  const char *structure = "PrivateKeyInfo"; /* PKCS#8 structure */
    90. 

  90.  const unsigned char *pass = "my password";
    91. 

  91.  unsigned char *data = NULL;
    92. 

  92.  size_t datalen;
    93. 

  93. 

  94.  ectx = OSSL_ENCODER_CTX_new_for_pkey(pkey,
    95. 

  95.                                       OSSL_KEYMGMT_SELECT_KEYPAIR
    96. 

  96.                                       | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
    97. 

  97.                                       format, structure,
    98. 

  98.                                       NULL);
    99. 

  99.  if (ectx == NULL) {
    100. 

  100.      /* error: no suitable potential encoders found */
    101. 

  101.  }
    102. 

  102.  if (pass != NULL) {
    103. 

  103.      OSSL_ENCODER_CTX_set_passphrase(ectx, pass, strlen(pass));
    104. 

  104.      OSSL_ENCODER_CTX_set_cipher(ctx, "AES-256-CBC", NULL);
    105. 

  105.  }
    106. 

  106.  if (OSSL_ENCODER_to_data(ectx, &data, &datalen)) {
    107. 

  107.      /*
    108. 

  108.       * pkey was successfully encoded into a newly allocated
    109. 

  109.       * data buffer
    110. 

  110.       */
    111. 

  111.  } else {
    112. 

  112.      /* encoding failure */
    113. 

  113.  }
    114. 

  114.  OSSL_ENCODER_CTX_free(ectx);
    115. 

  115. 

  116. =head1 SEE ALSO
    117. 

  117. 

  118. L<provider(7)>, L<OSSL_ENCODER_CTX(3)>
    119. 

  119. 

  120. =head1 HISTORY
    121. 

  121. 

  122. The functions described here were added in OpenSSL 3.0.
    123. 

  123. 

  124. =head1 COPYRIGHT
    125. 

  125. 

  126. Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
    127. 

  127. 

  128. Licensed under the Apache License 2.0 (the "License").  You may not use
    129. 

  129. this file except in compliance with the License.  You can obtain a copy
    130. 

  130. in the file LICENSE in the source distribution or at
    131. 

  131. L<https://www.openssl.org/source/license.html>.
    132. 

  132. 

  133. =cut
    134.