1*e71b7053SJung-uk Kim=pod 2*e71b7053SJung-uk Kim 3*e71b7053SJung-uk Kim=head1 NAME 4*e71b7053SJung-uk Kim 5*e71b7053SJung-uk KimOSSL_STORE_CTX, OSSL_STORE_post_process_info_fn, OSSL_STORE_open, 6*e71b7053SJung-uk KimOSSL_STORE_ctrl, OSSL_STORE_load, OSSL_STORE_eof, OSSL_STORE_error, 7*e71b7053SJung-uk KimOSSL_STORE_close - Types and functions to read objects from a URI 8*e71b7053SJung-uk Kim 9*e71b7053SJung-uk Kim=head1 SYNOPSIS 10*e71b7053SJung-uk Kim 11*e71b7053SJung-uk Kim #include <openssl/store.h> 12*e71b7053SJung-uk Kim 13*e71b7053SJung-uk Kim typedef struct ossl_store_ctx_st OSSL_STORE_CTX; 14*e71b7053SJung-uk Kim 15*e71b7053SJung-uk Kim typedef OSSL_STORE_INFO *(*OSSL_STORE_post_process_info_fn)(OSSL_STORE_INFO *, 16*e71b7053SJung-uk Kim void *); 17*e71b7053SJung-uk Kim 18*e71b7053SJung-uk Kim OSSL_STORE_CTX *OSSL_STORE_open(const char *uri, const UI_METHOD *ui_method, 19*e71b7053SJung-uk Kim void *ui_data, 20*e71b7053SJung-uk Kim OSSL_STORE_post_process_info_fn post_process, 21*e71b7053SJung-uk Kim void *post_process_data); 22*e71b7053SJung-uk Kim int OSSL_STORE_ctrl(OSSL_STORE_CTX *ctx, int cmd, ... /* args */); 23*e71b7053SJung-uk Kim OSSL_STORE_INFO *OSSL_STORE_load(OSSL_STORE_CTX *ctx); 24*e71b7053SJung-uk Kim int OSSL_STORE_eof(OSSL_STORE_CTX *ctx); 25*e71b7053SJung-uk Kim int OSSL_STORE_error(OSSL_STORE_CTX *ctx); 26*e71b7053SJung-uk Kim int OSSL_STORE_close(OSSL_STORE_CTX *ctx); 27*e71b7053SJung-uk Kim 28*e71b7053SJung-uk Kim=head1 DESCRIPTION 29*e71b7053SJung-uk Kim 30*e71b7053SJung-uk KimThese functions help the application to fetch supported objects (see 31*e71b7053SJung-uk KimL<OSSL_STORE_INFO(3)/SUPPORTED OBJECTS> for information on which those are) 32*e71b7053SJung-uk Kimfrom a given URI (see L</SUPPORTED SCHEMES> for more information on 33*e71b7053SJung-uk Kimthe supported URI schemes). 34*e71b7053SJung-uk KimThe general method to do so is to "open" the URI using OSSL_STORE_open(), 35*e71b7053SJung-uk Kimread each available and supported object using OSSL_STORE_load() as long as 36*e71b7053SJung-uk KimOSSL_STORE_eof() hasn't been reached, and finish it off with OSSL_STORE_close(). 37*e71b7053SJung-uk Kim 38*e71b7053SJung-uk KimThe retrieved information is stored in a B<OSSL_STORE_INFO>, which is further 39*e71b7053SJung-uk Kimdescribed in L<OSSL_STORE_INFO(3)>. 40*e71b7053SJung-uk Kim 41*e71b7053SJung-uk Kim=head2 Types 42*e71b7053SJung-uk Kim 43*e71b7053SJung-uk KimB<OSSL_STORE_CTX> is a context variable that holds all the internal 44*e71b7053SJung-uk Kiminformation for OSSL_STORE_open(), OSSL_STORE_load(), OSSL_STORE_eof() and 45*e71b7053SJung-uk KimOSSL_STORE_close() to work together. 46*e71b7053SJung-uk Kim 47*e71b7053SJung-uk Kim=head2 Functions 48*e71b7053SJung-uk Kim 49*e71b7053SJung-uk KimOSSL_STORE_open() takes a uri or path B<uri>, password UI method 50*e71b7053SJung-uk KimB<ui_method> with associated data B<ui_data>, and post processing 51*e71b7053SJung-uk Kimcallback B<post_process> with associated data B<post_process_data>, 52*e71b7053SJung-uk Kimopens a channel to the data located at that URI and returns a 53*e71b7053SJung-uk KimB<OSSL_STORE_CTX> with all necessary internal information. 54*e71b7053SJung-uk KimThe given B<ui_method> and B<ui_data_data> will be reused by all 55*e71b7053SJung-uk Kimfunctions that use B<OSSL_STORE_CTX> when interaction is needed. 56*e71b7053SJung-uk KimThe given B<post_process> and B<post_process_data> will be reused by 57*e71b7053SJung-uk KimOSSL_STORE_load() to manipulate or drop the value to be returned. 58*e71b7053SJung-uk KimThe B<post_process> function drops values by returning B<NULL>, which 59*e71b7053SJung-uk Kimwill cause OSSL_STORE_load() to start its process over with loading 60*e71b7053SJung-uk Kimthe next object, until B<post_process> returns something other than 61*e71b7053SJung-uk KimB<NULL>, or the end of data is reached as indicated by OSSL_STORE_eof(). 62*e71b7053SJung-uk Kim 63*e71b7053SJung-uk KimOSSL_STORE_ctrl() takes a B<OSSL_STORE_CTX>, and command number B<cmd> and 64*e71b7053SJung-uk Kimmore arguments not specified here. 65*e71b7053SJung-uk KimThe available loader specific command numbers and arguments they each 66*e71b7053SJung-uk Kimtake depends on the loader that's used and is documented together with 67*e71b7053SJung-uk Kimthat loader. 68*e71b7053SJung-uk Kim 69*e71b7053SJung-uk KimThere are also global controls available: 70*e71b7053SJung-uk Kim 71*e71b7053SJung-uk Kim=over 4 72*e71b7053SJung-uk Kim 73*e71b7053SJung-uk Kim=item B<OSSL_STORE_C_USE_SECMEM> 74*e71b7053SJung-uk Kim 75*e71b7053SJung-uk KimControls if the loader should attempt to use secure memory for any 76*e71b7053SJung-uk Kimallocated B<OSSL_STORE_INFO> and its contents. 77*e71b7053SJung-uk KimThis control expects one argument, a pointer to an B<int> that is expected to 78*e71b7053SJung-uk Kimhave the value 1 (yes) or 0 (no). 79*e71b7053SJung-uk KimAny other value is an error. 80*e71b7053SJung-uk Kim 81*e71b7053SJung-uk Kim=back 82*e71b7053SJung-uk Kim 83*e71b7053SJung-uk KimOSSL_STORE_load() takes a B<OSSL_STORE_CTX>, tries to load the next available 84*e71b7053SJung-uk Kimobject and return it wrapped with B<OSSL_STORE_INFO>. 85*e71b7053SJung-uk Kim 86*e71b7053SJung-uk KimOSSL_STORE_eof() takes a B<OSSL_STORE_CTX> and checks if we've reached the end 87*e71b7053SJung-uk Kimof data. 88*e71b7053SJung-uk Kim 89*e71b7053SJung-uk KimOSSL_STORE_error() takes a B<OSSL_STORE_CTX> and checks if an error occurred in 90*e71b7053SJung-uk Kimthe last OSSL_STORE_load() call. 91*e71b7053SJung-uk KimNote that it may still be meaningful to try and load more objects, unless 92*e71b7053SJung-uk KimOSSL_STORE_eof() shows that the end of data has been reached. 93*e71b7053SJung-uk Kim 94*e71b7053SJung-uk KimOSSL_STORE_close() takes a B<OSSL_STORE_CTX>, closes the channel that was opened 95*e71b7053SJung-uk Kimby OSSL_STORE_open() and frees all other information that was stored in the 96*e71b7053SJung-uk KimB<OSSL_STORE_CTX>, as well as the B<OSSL_STORE_CTX> itself. 97*e71b7053SJung-uk Kim 98*e71b7053SJung-uk Kim=head1 SUPPORTED SCHEMES 99*e71b7053SJung-uk Kim 100*e71b7053SJung-uk KimThe basic supported scheme is B<file:>. 101*e71b7053SJung-uk KimAny other scheme can be added dynamically, using 102*e71b7053SJung-uk KimOSSL_STORE_register_loader(). 103*e71b7053SJung-uk Kim 104*e71b7053SJung-uk Kim=head1 NOTES 105*e71b7053SJung-uk Kim 106*e71b7053SJung-uk KimA string without a scheme prefix (that is, a non-URI string) is 107*e71b7053SJung-uk Kimimplicitly interpreted as using the F<file:> scheme. 108*e71b7053SJung-uk Kim 109*e71b7053SJung-uk KimThere are some tools that can be used together with 110*e71b7053SJung-uk KimOSSL_STORE_open() to determine if any failure is caused by an unparsable 111*e71b7053SJung-uk KimURI, or if it's a different error (such as memory allocation 112*e71b7053SJung-uk Kimfailures); if the URI was parsable but the scheme unregistered, the 113*e71b7053SJung-uk Kimtop error will have the reason C<OSSL_STORE_R_UNREGISTERED_SCHEME>. 114*e71b7053SJung-uk Kim 115*e71b7053SJung-uk KimThese functions make no direct assumption regarding the pass phrase received 116*e71b7053SJung-uk Kimfrom the password callback. 117*e71b7053SJung-uk KimThe loaders may make assumptions, however. 118*e71b7053SJung-uk KimFor example, the B<file:> scheme loader inherits the assumptions made by 119*e71b7053SJung-uk KimOpenSSL functionality that handles the different file types; this is mostly 120*e71b7053SJung-uk Kimrelevant for PKCS#12 objects. 121*e71b7053SJung-uk KimSee L<passphrase-encoding(7)> for further information. 122*e71b7053SJung-uk Kim 123*e71b7053SJung-uk Kim=head1 RETURN VALUES 124*e71b7053SJung-uk Kim 125*e71b7053SJung-uk KimOSSL_STORE_open() returns a pointer to a B<OSSL_STORE_CTX> on success, or 126*e71b7053SJung-uk KimB<NULL> on failure. 127*e71b7053SJung-uk Kim 128*e71b7053SJung-uk KimOSSL_STORE_load() returns a pointer to a B<OSSL_STORE_INFO> on success, or 129*e71b7053SJung-uk KimB<NULL> on error or when end of data is reached. 130*e71b7053SJung-uk KimUse OSSL_STORE_error() and OSSL_STORE_eof() to determine the meaning of a 131*e71b7053SJung-uk Kimreturned B<NULL>. 132*e71b7053SJung-uk Kim 133*e71b7053SJung-uk KimOSSL_STORE_eof() returns 1 if the end of data has been reached, otherwise 134*e71b7053SJung-uk Kim0. 135*e71b7053SJung-uk Kim 136*e71b7053SJung-uk KimOSSL_STORE_error() returns 1 if an error occurred in an OSSL_STORE_load() call, 137*e71b7053SJung-uk Kimotherwise 0. 138*e71b7053SJung-uk Kim 139*e71b7053SJung-uk KimOSSL_STORE_ctrl() and OSSL_STORE_close() returns 1 on success, or 0 on failure. 140*e71b7053SJung-uk Kim 141*e71b7053SJung-uk Kim=head1 SEE ALSO 142*e71b7053SJung-uk Kim 143*e71b7053SJung-uk KimL<ossl_store(7)>, L<OSSL_STORE_INFO(3)>, L<OSSL_STORE_register_loader(3)>, 144*e71b7053SJung-uk KimL<passphrase-encoding(7)> 145*e71b7053SJung-uk Kim 146*e71b7053SJung-uk Kim=head1 HISTORY 147*e71b7053SJung-uk Kim 148*e71b7053SJung-uk KimOSSL_STORE_CTX(), OSSL_STORE_post_process_info_fn(), OSSL_STORE_open(), 149*e71b7053SJung-uk KimOSSL_STORE_ctrl(), OSSL_STORE_load(), OSSL_STORE_eof() and OSSL_STORE_close() 150*e71b7053SJung-uk Kimwere added to OpenSSL 1.1.1. 151*e71b7053SJung-uk Kim 152*e71b7053SJung-uk Kim=head1 COPYRIGHT 153*e71b7053SJung-uk Kim 154*e71b7053SJung-uk KimCopyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. 155*e71b7053SJung-uk Kim 156*e71b7053SJung-uk KimLicensed under the OpenSSL license (the "License"). You may not use 157*e71b7053SJung-uk Kimthis file except in compliance with the License. You can obtain a copy 158*e71b7053SJung-uk Kimin the file LICENSE in the source distribution or at 159*e71b7053SJung-uk KimL<https://www.openssl.org/source/license.html>. 160*e71b7053SJung-uk Kim 161*e71b7053SJung-uk Kim=cut 162