OSSL_ENCODER_to_bio.pod 4.1 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133
  1. =pod
  2. =head1 NAME
  3. OSSL_ENCODER_to_data,
  4. OSSL_ENCODER_to_bio,
  5. OSSL_ENCODER_to_fp
  6. - Routines to perform an encoding
  7. =head1 SYNOPSIS
  8. #include <openssl/encoder.h>
  9. int OSSL_ENCODER_to_data(OSSL_ENCODER_CTX *ctx, unsigned char **pdata,
  10. size_t *pdata_len);
  11. int OSSL_ENCODER_to_bio(OSSL_ENCODER_CTX *ctx, BIO *out);
  12. int OSSL_ENCODER_to_fp(OSSL_ENCODER_CTX *ctx, FILE *fp);
  13. Feature availability macros:
  14. =over 4
  15. =item OSSL_ENCODER_to_fp() is only available when B<OPENSSL_NO_STDIO>
  16. is undefined.
  17. =back
  18. =head1 DESCRIPTION
  19. OSSL_ENCODER_to_data() runs the encoding process for the context I<ctx>,
  20. with the output going to the I<*pdata> and I<*pdata_len>.
  21. If I<*pdata> is NULL when OSSL_ENCODER_to_data() is called, a buffer will be
  22. allocated using L<OPENSSL_zalloc(3)>, and I<*pdata> will be set to point at
  23. the start of that buffer, and I<*pdata_len> will be assigned its length when
  24. OSSL_ENCODER_to_data() returns.
  25. If I<*pdata> is non-NULL when OSSL_ENCODER_to_data() is called, I<*pdata_len>
  26. is assumed to have its size. In this case, I<*pdata> will be set to point
  27. after the encoded bytes, and I<*pdata_len> will be assigned the number of
  28. remaining bytes.
  29. OSSL_ENCODER_to_bio() runs the encoding process for the context I<ctx>, with
  30. the output going to the B<BIO> I<out>.
  31. OSSL_ENCODER_to_fp() does the same thing as OSSL_ENCODER_to_bio(), except
  32. that the output is going to the B<FILE> I<fp>.
  33. =for comment Know your encoder!
  34. For OSSL_ENCODER_to_bio() and OSSL_ENCODER_to_fp(), the application is
  35. required to set up the B<BIO> or B<FILE> properly, for example to have
  36. it in text or binary mode as is appropriate for the encoder output type.
  37. =head1 RETURN VALUES
  38. OSSL_ENCODER_to_bio(), OSSL_ENCODER_to_fp() and OSSL_ENCODER_to_data()
  39. return 1 on success, or 0 on failure.
  40. =head1 EXAMPLES
  41. To encode a pkey as PKCS#8 with PEM format into a bio:
  42. OSSL_ENCODER_CTX *ectx;
  43. const char *format = "PEM";
  44. const char *structure = "PrivateKeyInfo"; /* PKCS#8 structure */
  45. const unsigned char *pass = "my password";
  46. ectx = OSSL_ENCODER_CTX_new_for_pkey(pkey,
  47. OSSL_KEYMGMT_SELECT_KEYPAIR
  48. | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
  49. format, structure,
  50. NULL);
  51. if (ectx == NULL) {
  52. /* error: no suitable potential encoders found */
  53. }
  54. if (pass != NULL)
  55. OSSL_ENCODER_CTX_set_passphrase(ectx, pass, strlen(pass));
  56. if (OSSL_ENCODER_to_bio(ectx, bio)) {
  57. /* pkey was successfully encoded into the bio */
  58. } else {
  59. /* encoding failure */
  60. }
  61. OSSL_ENCODER_CTX_free(ectx);
  62. To encode a pkey as PKCS#8 with DER format encrypted with
  63. AES-256-CBC into a buffer:
  64. OSSL_ENCODER_CTX *ectx;
  65. const char *format = "DER";
  66. const char *structure = "PrivateKeyInfo"; /* PKCS#8 structure */
  67. const unsigned char *pass = "my password";
  68. unsigned char *data = NULL;
  69. size_t datalen;
  70. ectx = OSSL_ENCODER_CTX_new_for_pkey(pkey,
  71. OSSL_KEYMGMT_SELECT_KEYPAIR
  72. | OSSL_KEYMGMT_SELECT_DOMAIN_PARAMETERS,
  73. format, structure,
  74. NULL);
  75. if (ectx == NULL) {
  76. /* error: no suitable potential encoders found */
  77. }
  78. if (pass != NULL) {
  79. OSSL_ENCODER_CTX_set_passphrase(ectx, pass, strlen(pass));
  80. OSSL_ENCODER_CTX_set_cipher(ctx, "AES-256-CBC", NULL);
  81. }
  82. if (OSSL_ENCODER_to_data(ectx, &data, &datalen)) {
  83. /*
  84. * pkey was successfully encoded into a newly allocated
  85. * data buffer
  86. */
  87. } else {
  88. /* encoding failure */
  89. }
  90. OSSL_ENCODER_CTX_free(ectx);
  91. =head1 SEE ALSO
  92. L<provider(7)>, L<OSSL_ENCODER_CTX(3)>
  93. =head1 HISTORY
  94. The functions described here were added in OpenSSL 3.0.
  95. =head1 COPYRIGHT
  96. Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
  97. Licensed under the Apache License 2.0 (the "License"). You may not use
  98. this file except in compliance with the License. You can obtain a copy
  99. in the file LICENSE in the source distribution or at
  100. L<https://www.openssl.org/source/license.html>.
  101. =cut