diff options
author | Richard Levitte <levitte@openssl.org> | 2020-07-22 22:55:00 +0200 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2020-08-24 10:02:26 +0200 |
commit | 34b80d0622924d112b145fd36bfaad18616f2546 (patch) | |
tree | f80e34178246e6114674817080d9dbff149a8a03 /doc | |
parent | DECODER: Add function to set an OSSL_PASSPHRASE_CALLBACK type callback (diff) | |
download | openssl-34b80d0622924d112b145fd36bfaad18616f2546.tar.xz openssl-34b80d0622924d112b145fd36bfaad18616f2546.zip |
STORE: Modify to support loading with provider based loaders
This adds the needed code to make the OSSL_STORE API functions handle
provided STORE implementations.
This also modifies OSSL_STORE_attach() for have the URI, the
library context and the properties in the same order as
OSSL_STORE_open_with_libctx().
The most notable change, though, is how this creates a division of
labor between libcrypto and any storemgmt implementation that wants to
pass X.509, X.509 CRL, etc structures back to libcrypto. Since those
structures aren't directly supported in the libcrypto <-> provider
interface (asymmetric keys being the only exception so far), we resort
to a libcrypto object callback that can handle passed data in DER form
and does its part of figuring out what the DER content actually is.
This also adds the internal x509_crl_set0_libctx(), which works just
like x509_set0_libctx(), but for X509_CRL.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12512)
Diffstat (limited to 'doc')
-rw-r--r-- | doc/man3/OSSL_STORE_open.pod | 19 |
1 files changed, 11 insertions, 8 deletions
diff --git a/doc/man3/OSSL_STORE_open.pod b/doc/man3/OSSL_STORE_open.pod index ee885012f8..0f7bf9c0d3 100644 --- a/doc/man3/OSSL_STORE_open.pod +++ b/doc/man3/OSSL_STORE_open.pod @@ -21,11 +21,12 @@ OSSL_STORE_error, OSSL_STORE_close void *ui_data, OSSL_STORE_post_process_info_fn post_process, void *post_process_data); - OSSL_STORE_CTX *OSSL_STORE_open_with_libctx - (const char *uri, OPENSSL_CTX *libctx, const char *propq, - const UI_METHOD *ui_method, void *ui_data, - OSSL_STORE_post_process_info_fn post_process, void *post_process_data); - + OSSL_STORE_CTX * + OSSL_STORE_open_with_libctx(const char *uri, + OPENSSL_CTX *libctx, const char *propq, + const UI_METHOD *ui_method, void *ui_data, + OSSL_STORE_post_process_info_fn post_process, + void *post_process_data); int OSSL_STORE_ctrl(OSSL_STORE_CTX *ctx, int cmd, ... /* args */); OSSL_STORE_INFO *OSSL_STORE_load(OSSL_STORE_CTX *ctx); int OSSL_STORE_eof(OSSL_STORE_CTX *ctx); @@ -57,7 +58,7 @@ together. OSSL_STORE_open_with_libctx() takes a uri or path I<uri>, password UI method I<ui_method> with associated data I<ui_data>, and post processing callback I<post_process> with associated data I<post_process_data>, -a library context I<libctx> with an associated property query <propq>, +a library context I<libctx> with an associated property query I<propq>, and opens a channel to the data located at the URI and returns a B<OSSL_STORE_CTX> with all necessary internal information. The given I<ui_method> and I<ui_data> will be reused by all @@ -71,7 +72,7 @@ the next object, until I<post_process> returns something other than NULL, or the end of data is reached as indicated by OSSL_STORE_eof(). OSSL_STORE_open() is similar to OSSL_STORE_open_with_libctx() but uses NULL for -the library context I<libctx> and property query <propq>. +the library context I<libctx> and property query I<propq>. OSSL_STORE_ctrl() takes a B<OSSL_STORE_CTX>, and command number I<cmd> and more arguments not specified here. @@ -87,7 +88,7 @@ There are also global controls available: Controls if the loader should attempt to use secure memory for any allocated B<OSSL_STORE_INFO> and its contents. -This control expects one argument, a pointer to an B<int> that is expected to +This control expects one argument, a pointer to an I<int> that is expected to have the value 1 (yes) or 0 (no). Any other value is an error. @@ -168,6 +169,8 @@ were added in OpenSSL 1.1.1. Handling of NULL I<ctx> argument for OSSL_STORE_close() was introduced in OpenSSL 1.1.1h. +OSSL_STORE_open_with_libctx() was added in OpenSSL 3.0. + =head1 COPYRIGHT Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved. |