1e71b7053SJung-uk Kim=pod 2e71b7053SJung-uk Kim 3e71b7053SJung-uk Kim=begin comment 4e71b7053SJung-uk Kim 5e71b7053SJung-uk KimThis is a recommended way to describe OSSL_STORE loaders, 6e71b7053SJung-uk Kim"ossl_store-{name}", where {name} is replaced with the name of the 7e71b7053SJung-uk Kimscheme it implements, in man section 7. 8e71b7053SJung-uk Kim 9e71b7053SJung-uk Kim=end comment 10e71b7053SJung-uk Kim 11e71b7053SJung-uk Kim=head1 NAME 12e71b7053SJung-uk Kim 13e71b7053SJung-uk Kimossl_store-file - The store 'file' scheme loader 14e71b7053SJung-uk Kim 15e71b7053SJung-uk Kim=head1 SYNOPSIS 16e71b7053SJung-uk Kim 17*b077aed3SPierre Pronchery=for openssl generic 18e71b7053SJung-uk Kim 19e71b7053SJung-uk Kim#include <openssl/store.h> 20e71b7053SJung-uk Kim 21e71b7053SJung-uk Kim=head1 DESCRIPTION 22e71b7053SJung-uk Kim 23e71b7053SJung-uk KimSupport for the 'file' scheme is built into C<libcrypto>. 24e71b7053SJung-uk KimSince files come in all kinds of formats and content types, the 'file' 25e71b7053SJung-uk Kimscheme has its own layer of functionality called "file handlers", 26e71b7053SJung-uk Kimwhich are used to try to decode diverse types of file contents. 27e71b7053SJung-uk Kim 28e71b7053SJung-uk KimIn case a file is formatted as PEM, each called file handler receives 29e71b7053SJung-uk Kimthe PEM name (everything following any 'C<-----BEGIN >') as well as 30e71b7053SJung-uk Kimpossible PEM headers, together with the decoded PEM body. Since PEM 31e71b7053SJung-uk Kimformatted files can contain more than one object, the file handlers 32e71b7053SJung-uk Kimare called upon for each such object. 33e71b7053SJung-uk Kim 34e71b7053SJung-uk KimIf the file isn't determined to be formatted as PEM, the content is 35e71b7053SJung-uk Kimloaded in raw form in its entirety and passed to the available file 36e71b7053SJung-uk Kimhandlers as is, with no PEM name or headers. 37e71b7053SJung-uk Kim 38e71b7053SJung-uk KimEach file handler is expected to handle PEM and non-PEM content as 39e71b7053SJung-uk Kimappropriate. Some may refuse non-PEM content for the sake of 40e71b7053SJung-uk Kimdeterminism (for example, there are keys out in the wild that are 41e71b7053SJung-uk Kimrepresented as an ASN.1 OCTET STRING. In raw form, it's not easily 42e71b7053SJung-uk Kimpossible to distinguish those from any other data coming as an ASN.1 43e71b7053SJung-uk KimOCTET STRING, so such keys would naturally be accepted as PEM files 44e71b7053SJung-uk Kimonly). 45e71b7053SJung-uk Kim 46e71b7053SJung-uk Kim=head1 NOTES 47e71b7053SJung-uk Kim 48e71b7053SJung-uk KimWhen needed, the 'file' scheme loader will require a pass phrase by 49*b077aed3SPierre Proncheryusing the B<UI_METHOD> that was passed via OSSL_STORE_open(). 50e71b7053SJung-uk KimThis pass phrase is expected to be UTF-8 encoded, anything else will 51e71b7053SJung-uk Kimgive an undefined result. 52e71b7053SJung-uk KimThe files made accessible through this loader are expected to be 53e71b7053SJung-uk Kimstandard compliant with regards to pass phrase encoding. 54e71b7053SJung-uk KimFiles that aren't should be re-generated with a correctly encoded pass 55e71b7053SJung-uk Kimphrase. 56e71b7053SJung-uk KimSee L<passphrase-encoding(7)> for more information. 57e71b7053SJung-uk Kim 58e71b7053SJung-uk Kim=head1 SEE ALSO 59e71b7053SJung-uk Kim 60e71b7053SJung-uk KimL<ossl_store(7)>, L<passphrase-encoding(7)> 61e71b7053SJung-uk Kim 62e71b7053SJung-uk Kim=head1 COPYRIGHT 63e71b7053SJung-uk Kim 64e71b7053SJung-uk KimCopyright 2018 The OpenSSL Project Authors. All Rights Reserved. 65e71b7053SJung-uk Kim 66*b077aed3SPierre ProncheryLicensed under the Apache License 2.0 (the "License"). You may not use 67e71b7053SJung-uk Kimthis file except in compliance with the License. You can obtain a copy 68e71b7053SJung-uk Kimin the file LICENSE in the source distribution or at 69e71b7053SJung-uk KimL<https://www.openssl.org/source/license.html>. 70e71b7053SJung-uk Kim 71e71b7053SJung-uk Kim=cut 72