summaryrefslogtreecommitdiffstats
path: root/doc
diff options
context:
space:
mode:
authorRichard Levitte <levitte@openssl.org>2020-07-22 22:55:00 +0200
committerRichard Levitte <levitte@openssl.org>2020-08-24 10:02:26 +0200
commit34b80d0622924d112b145fd36bfaad18616f2546 (patch)
treef80e34178246e6114674817080d9dbff149a8a03 /doc
parentDECODER: Add function to set an OSSL_PASSPHRASE_CALLBACK type callback (diff)
downloadopenssl-34b80d0622924d112b145fd36bfaad18616f2546.tar.xz
openssl-34b80d0622924d112b145fd36bfaad18616f2546.zip
STORE: Modify to support loading with provider based loaders
This adds the needed code to make the OSSL_STORE API functions handle provided STORE implementations. This also modifies OSSL_STORE_attach() for have the URI, the library context and the properties in the same order as OSSL_STORE_open_with_libctx(). The most notable change, though, is how this creates a division of labor between libcrypto and any storemgmt implementation that wants to pass X.509, X.509 CRL, etc structures back to libcrypto. Since those structures aren't directly supported in the libcrypto <-> provider interface (asymmetric keys being the only exception so far), we resort to a libcrypto object callback that can handle passed data in DER form and does its part of figuring out what the DER content actually is. This also adds the internal x509_crl_set0_libctx(), which works just like x509_set0_libctx(), but for X509_CRL. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12512)
Diffstat (limited to 'doc')
-rw-r--r--doc/man3/OSSL_STORE_open.pod19
1 files changed, 11 insertions, 8 deletions
diff --git a/doc/man3/OSSL_STORE_open.pod b/doc/man3/OSSL_STORE_open.pod
index ee885012f8..0f7bf9c0d3 100644
--- a/doc/man3/OSSL_STORE_open.pod
+++ b/doc/man3/OSSL_STORE_open.pod
@@ -21,11 +21,12 @@ OSSL_STORE_error, OSSL_STORE_close
void *ui_data,
OSSL_STORE_post_process_info_fn post_process,
void *post_process_data);
- OSSL_STORE_CTX *OSSL_STORE_open_with_libctx
- (const char *uri, OPENSSL_CTX *libctx, const char *propq,
- const UI_METHOD *ui_method, void *ui_data,
- OSSL_STORE_post_process_info_fn post_process, void *post_process_data);
-
+ OSSL_STORE_CTX *
+ OSSL_STORE_open_with_libctx(const char *uri,
+ OPENSSL_CTX *libctx, const char *propq,
+ const UI_METHOD *ui_method, void *ui_data,
+ OSSL_STORE_post_process_info_fn post_process,
+ void *post_process_data);
int OSSL_STORE_ctrl(OSSL_STORE_CTX *ctx, int cmd, ... /* args */);
OSSL_STORE_INFO *OSSL_STORE_load(OSSL_STORE_CTX *ctx);
int OSSL_STORE_eof(OSSL_STORE_CTX *ctx);
@@ -57,7 +58,7 @@ together.
OSSL_STORE_open_with_libctx() takes a uri or path I<uri>, password UI method
I<ui_method> with associated data I<ui_data>, and post processing
callback I<post_process> with associated data I<post_process_data>,
-a library context I<libctx> with an associated property query <propq>,
+a library context I<libctx> with an associated property query I<propq>,
and opens a channel to the data located at the URI and returns a
B<OSSL_STORE_CTX> with all necessary internal information.
The given I<ui_method> and I<ui_data> will be reused by all
@@ -71,7 +72,7 @@ the next object, until I<post_process> returns something other than
NULL, or the end of data is reached as indicated by OSSL_STORE_eof().
OSSL_STORE_open() is similar to OSSL_STORE_open_with_libctx() but uses NULL for
-the library context I<libctx> and property query <propq>.
+the library context I<libctx> and property query I<propq>.
OSSL_STORE_ctrl() takes a B<OSSL_STORE_CTX>, and command number I<cmd> and
more arguments not specified here.
@@ -87,7 +88,7 @@ There are also global controls available:
Controls if the loader should attempt to use secure memory for any
allocated B<OSSL_STORE_INFO> and its contents.
-This control expects one argument, a pointer to an B<int> that is expected to
+This control expects one argument, a pointer to an I<int> that is expected to
have the value 1 (yes) or 0 (no).
Any other value is an error.
@@ -168,6 +169,8 @@ were added in OpenSSL 1.1.1.
Handling of NULL I<ctx> argument for OSSL_STORE_close()
was introduced in OpenSSL 1.1.1h.
+OSSL_STORE_open_with_libctx() was added in OpenSSL 3.0.
+
=head1 COPYRIGHT
Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.