DragonFly On-Line Manual Pages
OSSL_STORE_OPEN(3) OpenSSL OSSL_STORE_OPEN(3)
OSSL_STORE_CTX, OSSL_STORE_post_process_info_fn, OSSL_STORE_open,
OSSL_STORE_ctrl, OSSL_STORE_load, OSSL_STORE_eof, OSSL_STORE_error,
OSSL_STORE_close - Types and functions to read objects from a URI
typedef struct ossl_store_ctx_st OSSL_STORE_CTX;
typedef OSSL_STORE_INFO *(*OSSL_STORE_post_process_info_fn)(OSSL_STORE_INFO *,
OSSL_STORE_CTX *OSSL_STORE_open(const char *uri, const UI_METHOD *ui_method,
int OSSL_STORE_ctrl(OSSL_STORE_CTX *ctx, int cmd, ... /* args */);
OSSL_STORE_INFO *OSSL_STORE_load(OSSL_STORE_CTX *ctx);
int OSSL_STORE_eof(OSSL_STORE_CTX *ctx);
int OSSL_STORE_error(OSSL_STORE_CTX *ctx);
int OSSL_STORE_close(OSSL_STORE_CTX *ctx);
These functions help the application to fetch supported objects (see
"SUPPORTED OBJECTS" in OSSL_STORE_INFO(3) for information on which
those are) from a given URI (see "SUPPORTED SCHEMES" for more
information on the supported URI schemes). The general method to do so
is to "open" the URI using OSSL_STORE_open(), read each available and
supported object using OSSL_STORE_load() as long as OSSL_STORE_eof()
hasn't been reached, and finish it off with OSSL_STORE_close().
The retrieved information is stored in a OSSL_STORE_INFO, which is
further described in OSSL_STORE_INFO(3).
OSSL_STORE_CTX is a context variable that holds all the internal
information for OSSL_STORE_open(), OSSL_STORE_load(), OSSL_STORE_eof()
and OSSL_STORE_close() to work together.
OSSL_STORE_open() takes a uri or path uri, password UI method ui_method
with associated data ui_data, and post processing callback post_process
with associated data post_process_data, opens a channel to the data
located at that URI and returns a OSSL_STORE_CTX with all necessary
internal information. The given ui_method and ui_data will be reused
by all functions that use OSSL_STORE_CTX when interaction is needed,
for instance to provide a password. The given post_process and
post_process_data will be reused by OSSL_STORE_load() to manipulate or
drop the value to be returned. The post_process function drops values
by returning NULL, which will cause OSSL_STORE_load() to start its
process over with loading the next object, until post_process returns
something other than NULL, or the end of data is reached as indicated
OSSL_STORE_ctrl() takes a OSSL_STORE_CTX, and command number cmd and
more arguments not specified here. The available loader specific
command numbers and arguments they each take depends on the loader
that's used and is documented together with that loader.
There are also global controls available:
Controls if the loader should attempt to use secure memory for any
allocated OSSL_STORE_INFO and its contents. This control expects
one argument, a pointer to an int that is expected to have the
value 1 (yes) or 0 (no). Any other value is an error.
OSSL_STORE_load() takes a OSSL_STORE_CTX, tries to load the next
available object and return it wrapped with OSSL_STORE_INFO.
OSSL_STORE_eof() takes a OSSL_STORE_CTX and checks if we've reached the
end of data.
OSSL_STORE_error() takes a OSSL_STORE_CTX and checks if an error
occurred in the last OSSL_STORE_load() call. Note that it may still be
meaningful to try and load more objects, unless OSSL_STORE_eof() shows
that the end of data has been reached.
OSSL_STORE_close() takes a OSSL_STORE_CTX, closes the channel that was
opened by OSSL_STORE_open() and frees all other information that was
stored in the OSSL_STORE_CTX, as well as the OSSL_STORE_CTX itself. If
ctx is NULL it does nothing.
The basic supported scheme is file:. Any other scheme can be added
dynamically, using OSSL_STORE_register_loader().
A string without a scheme prefix (that is, a non-URI string) is
implicitly interpreted as using the file: scheme.
There are some tools that can be used together with OSSL_STORE_open()
to determine if any failure is caused by an unparsable URI, or if it's
a different error (such as memory allocation failures); if the URI was
parsable but the scheme unregistered, the top error will have the
These functions make no direct assumption regarding the pass phrase
received from the password callback. The loaders may make assumptions,
however. For example, the file: scheme loader inherits the assumptions
made by OpenSSL functionality that handles the different file types;
this is mostly relevant for PKCS#12 objects. See
passphrase-encoding(7) for further information.
OSSL_STORE_open() returns a pointer to a OSSL_STORE_CTX on success, or
NULL on failure.
OSSL_STORE_load() returns a pointer to a OSSL_STORE_INFO on success, or
NULL on error or when end of data is reached. Use OSSL_STORE_error()
and OSSL_STORE_eof() to determine the meaning of a returned NULL.
OSSL_STORE_eof() returns 1 if the end of data has been reached,
OSSL_STORE_error() returns 1 if an error occurred in an
OSSL_STORE_load() call, otherwise 0.
OSSL_STORE_ctrl() and OSSL_STORE_close() returns 1 on success, or 0 on
ossl_store(7), OSSL_STORE_INFO(3), OSSL_STORE_register_loader(3),
OSSL_STORE_CTX(), OSSL_STORE_post_process_info_fn(), OSSL_STORE_open(),
OSSL_STORE_ctrl(), OSSL_STORE_load(), OSSL_STORE_eof() and
OSSL_STORE_close() were added in OpenSSL 1.1.1.
Handling of NULL ctx argument for OSSL_STORE_close() was introduced in
Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file LICENSE in the source distribution or at
1.1.1q 2022-07-05 OSSL_STORE_OPEN(3)