1e71b7053SJung-uk Kim=pod 2e71b7053SJung-uk Kim 3e71b7053SJung-uk Kim=head1 NAME 4e71b7053SJung-uk Kim 5e71b7053SJung-uk KimOSSL_STORE_CTX, OSSL_STORE_post_process_info_fn, OSSL_STORE_open, 6e71b7053SJung-uk KimOSSL_STORE_ctrl, OSSL_STORE_load, OSSL_STORE_eof, OSSL_STORE_error, 7e71b7053SJung-uk KimOSSL_STORE_close - Types and functions to read objects from a URI 8e71b7053SJung-uk Kim 9e71b7053SJung-uk Kim=head1 SYNOPSIS 10e71b7053SJung-uk Kim 11e71b7053SJung-uk Kim #include <openssl/store.h> 12e71b7053SJung-uk Kim 13e71b7053SJung-uk Kim typedef struct ossl_store_ctx_st OSSL_STORE_CTX; 14e71b7053SJung-uk Kim 15e71b7053SJung-uk Kim typedef OSSL_STORE_INFO *(*OSSL_STORE_post_process_info_fn)(OSSL_STORE_INFO *, 16e71b7053SJung-uk Kim void *); 17e71b7053SJung-uk Kim 18e71b7053SJung-uk Kim OSSL_STORE_CTX *OSSL_STORE_open(const char *uri, const UI_METHOD *ui_method, 19e71b7053SJung-uk Kim void *ui_data, 20e71b7053SJung-uk Kim OSSL_STORE_post_process_info_fn post_process, 21e71b7053SJung-uk Kim void *post_process_data); 22e71b7053SJung-uk Kim int OSSL_STORE_ctrl(OSSL_STORE_CTX *ctx, int cmd, ... /* args */); 23e71b7053SJung-uk Kim OSSL_STORE_INFO *OSSL_STORE_load(OSSL_STORE_CTX *ctx); 24e71b7053SJung-uk Kim int OSSL_STORE_eof(OSSL_STORE_CTX *ctx); 25e71b7053SJung-uk Kim int OSSL_STORE_error(OSSL_STORE_CTX *ctx); 26e71b7053SJung-uk Kim int OSSL_STORE_close(OSSL_STORE_CTX *ctx); 27e71b7053SJung-uk Kim 28e71b7053SJung-uk Kim=head1 DESCRIPTION 29e71b7053SJung-uk Kim 30e71b7053SJung-uk KimThese functions help the application to fetch supported objects (see 31e71b7053SJung-uk KimL<OSSL_STORE_INFO(3)/SUPPORTED OBJECTS> for information on which those are) 32e71b7053SJung-uk Kimfrom a given URI (see L</SUPPORTED SCHEMES> for more information on 33e71b7053SJung-uk Kimthe supported URI schemes). 34e71b7053SJung-uk KimThe general method to do so is to "open" the URI using OSSL_STORE_open(), 35e71b7053SJung-uk Kimread each available and supported object using OSSL_STORE_load() as long as 36e71b7053SJung-uk KimOSSL_STORE_eof() hasn't been reached, and finish it off with OSSL_STORE_close(). 37e71b7053SJung-uk Kim 38e71b7053SJung-uk KimThe retrieved information is stored in a B<OSSL_STORE_INFO>, which is further 39e71b7053SJung-uk Kimdescribed in L<OSSL_STORE_INFO(3)>. 40e71b7053SJung-uk Kim 41e71b7053SJung-uk Kim=head2 Types 42e71b7053SJung-uk Kim 43e71b7053SJung-uk KimB<OSSL_STORE_CTX> is a context variable that holds all the internal 44e71b7053SJung-uk Kiminformation for OSSL_STORE_open(), OSSL_STORE_load(), OSSL_STORE_eof() and 45e71b7053SJung-uk KimOSSL_STORE_close() to work together. 46e71b7053SJung-uk Kim 47e71b7053SJung-uk Kim=head2 Functions 48e71b7053SJung-uk Kim 49*58f35182SJung-uk KimOSSL_STORE_open() takes a uri or path I<uri>, password UI method 50*58f35182SJung-uk KimI<ui_method> with associated data I<ui_data>, and post processing 51*58f35182SJung-uk Kimcallback I<post_process> with associated data I<post_process_data>, 52e71b7053SJung-uk Kimopens a channel to the data located at that URI and returns a 53e71b7053SJung-uk KimB<OSSL_STORE_CTX> with all necessary internal information. 54*58f35182SJung-uk KimThe given I<ui_method> and I<ui_data> will be reused by all 55*58f35182SJung-uk Kimfunctions that use B<OSSL_STORE_CTX> when interaction is needed, 56*58f35182SJung-uk Kimfor instance to provide a password. 57*58f35182SJung-uk KimThe given I<post_process> and I<post_process_data> will be reused by 58e71b7053SJung-uk KimOSSL_STORE_load() to manipulate or drop the value to be returned. 59*58f35182SJung-uk KimThe I<post_process> function drops values by returning NULL, which 60e71b7053SJung-uk Kimwill cause OSSL_STORE_load() to start its process over with loading 61*58f35182SJung-uk Kimthe next object, until I<post_process> returns something other than 62*58f35182SJung-uk KimNULL, or the end of data is reached as indicated by OSSL_STORE_eof(). 63e71b7053SJung-uk Kim 64*58f35182SJung-uk KimOSSL_STORE_ctrl() takes a B<OSSL_STORE_CTX>, and command number I<cmd> and 65e71b7053SJung-uk Kimmore arguments not specified here. 66e71b7053SJung-uk KimThe available loader specific command numbers and arguments they each 67e71b7053SJung-uk Kimtake depends on the loader that's used and is documented together with 68e71b7053SJung-uk Kimthat loader. 69e71b7053SJung-uk Kim 70e71b7053SJung-uk KimThere are also global controls available: 71e71b7053SJung-uk Kim 72e71b7053SJung-uk Kim=over 4 73e71b7053SJung-uk Kim 74e71b7053SJung-uk Kim=item B<OSSL_STORE_C_USE_SECMEM> 75e71b7053SJung-uk Kim 76e71b7053SJung-uk KimControls if the loader should attempt to use secure memory for any 77e71b7053SJung-uk Kimallocated B<OSSL_STORE_INFO> and its contents. 78e71b7053SJung-uk KimThis control expects one argument, a pointer to an B<int> that is expected to 79e71b7053SJung-uk Kimhave the value 1 (yes) or 0 (no). 80e71b7053SJung-uk KimAny other value is an error. 81e71b7053SJung-uk Kim 82e71b7053SJung-uk Kim=back 83e71b7053SJung-uk Kim 84e71b7053SJung-uk KimOSSL_STORE_load() takes a B<OSSL_STORE_CTX>, tries to load the next available 85e71b7053SJung-uk Kimobject and return it wrapped with B<OSSL_STORE_INFO>. 86e71b7053SJung-uk Kim 87e71b7053SJung-uk KimOSSL_STORE_eof() takes a B<OSSL_STORE_CTX> and checks if we've reached the end 88e71b7053SJung-uk Kimof data. 89e71b7053SJung-uk Kim 90e71b7053SJung-uk KimOSSL_STORE_error() takes a B<OSSL_STORE_CTX> and checks if an error occurred in 91e71b7053SJung-uk Kimthe last OSSL_STORE_load() call. 92e71b7053SJung-uk KimNote that it may still be meaningful to try and load more objects, unless 93e71b7053SJung-uk KimOSSL_STORE_eof() shows that the end of data has been reached. 94e71b7053SJung-uk Kim 95e71b7053SJung-uk KimOSSL_STORE_close() takes a B<OSSL_STORE_CTX>, closes the channel that was opened 96e71b7053SJung-uk Kimby OSSL_STORE_open() and frees all other information that was stored in the 97e71b7053SJung-uk KimB<OSSL_STORE_CTX>, as well as the B<OSSL_STORE_CTX> itself. 98*58f35182SJung-uk KimIf I<ctx> is NULL it does nothing. 99e71b7053SJung-uk Kim 100e71b7053SJung-uk Kim=head1 SUPPORTED SCHEMES 101e71b7053SJung-uk Kim 102e71b7053SJung-uk KimThe basic supported scheme is B<file:>. 103e71b7053SJung-uk KimAny other scheme can be added dynamically, using 104e71b7053SJung-uk KimOSSL_STORE_register_loader(). 105e71b7053SJung-uk Kim 106e71b7053SJung-uk Kim=head1 NOTES 107e71b7053SJung-uk Kim 108e71b7053SJung-uk KimA string without a scheme prefix (that is, a non-URI string) is 109e71b7053SJung-uk Kimimplicitly interpreted as using the F<file:> scheme. 110e71b7053SJung-uk Kim 111e71b7053SJung-uk KimThere are some tools that can be used together with 112e71b7053SJung-uk KimOSSL_STORE_open() to determine if any failure is caused by an unparsable 113e71b7053SJung-uk KimURI, or if it's a different error (such as memory allocation 114e71b7053SJung-uk Kimfailures); if the URI was parsable but the scheme unregistered, the 115e71b7053SJung-uk Kimtop error will have the reason C<OSSL_STORE_R_UNREGISTERED_SCHEME>. 116e71b7053SJung-uk Kim 117e71b7053SJung-uk KimThese functions make no direct assumption regarding the pass phrase received 118e71b7053SJung-uk Kimfrom the password callback. 119e71b7053SJung-uk KimThe loaders may make assumptions, however. 120e71b7053SJung-uk KimFor example, the B<file:> scheme loader inherits the assumptions made by 121e71b7053SJung-uk KimOpenSSL functionality that handles the different file types; this is mostly 122e71b7053SJung-uk Kimrelevant for PKCS#12 objects. 123e71b7053SJung-uk KimSee L<passphrase-encoding(7)> for further information. 124e71b7053SJung-uk Kim 125e71b7053SJung-uk Kim=head1 RETURN VALUES 126e71b7053SJung-uk Kim 127e71b7053SJung-uk KimOSSL_STORE_open() returns a pointer to a B<OSSL_STORE_CTX> on success, or 128*58f35182SJung-uk KimNULL on failure. 129e71b7053SJung-uk Kim 130e71b7053SJung-uk KimOSSL_STORE_load() returns a pointer to a B<OSSL_STORE_INFO> on success, or 131*58f35182SJung-uk KimNULL on error or when end of data is reached. 132e71b7053SJung-uk KimUse OSSL_STORE_error() and OSSL_STORE_eof() to determine the meaning of a 133*58f35182SJung-uk Kimreturned NULL. 134e71b7053SJung-uk Kim 135e71b7053SJung-uk KimOSSL_STORE_eof() returns 1 if the end of data has been reached, otherwise 136e71b7053SJung-uk Kim0. 137e71b7053SJung-uk Kim 138e71b7053SJung-uk KimOSSL_STORE_error() returns 1 if an error occurred in an OSSL_STORE_load() call, 139e71b7053SJung-uk Kimotherwise 0. 140e71b7053SJung-uk Kim 141e71b7053SJung-uk KimOSSL_STORE_ctrl() and OSSL_STORE_close() returns 1 on success, or 0 on failure. 142e71b7053SJung-uk Kim 143e71b7053SJung-uk Kim=head1 SEE ALSO 144e71b7053SJung-uk Kim 145e71b7053SJung-uk KimL<ossl_store(7)>, L<OSSL_STORE_INFO(3)>, L<OSSL_STORE_register_loader(3)>, 146e71b7053SJung-uk KimL<passphrase-encoding(7)> 147e71b7053SJung-uk Kim 148e71b7053SJung-uk Kim=head1 HISTORY 149e71b7053SJung-uk Kim 150e71b7053SJung-uk KimOSSL_STORE_CTX(), OSSL_STORE_post_process_info_fn(), OSSL_STORE_open(), 151e71b7053SJung-uk KimOSSL_STORE_ctrl(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close() 1526935a639SJung-uk Kimwere added in OpenSSL 1.1.1. 153e71b7053SJung-uk Kim 154*58f35182SJung-uk KimHandling of NULL I<ctx> argument for OSSL_STORE_close() 155*58f35182SJung-uk Kimwas introduced in OpenSSL 1.1.1h. 156*58f35182SJung-uk Kim 157e71b7053SJung-uk Kim=head1 COPYRIGHT 158e71b7053SJung-uk Kim 159*58f35182SJung-uk KimCopyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved. 160e71b7053SJung-uk Kim 161e71b7053SJung-uk KimLicensed under the OpenSSL license (the "License"). You may not use 162e71b7053SJung-uk Kimthis file except in compliance with the License. You can obtain a copy 163e71b7053SJung-uk Kimin the file LICENSE in the source distribution or at 164e71b7053SJung-uk KimL<https://www.openssl.org/source/license.html>. 165e71b7053SJung-uk Kim 166e71b7053SJung-uk Kim=cut 167