#include <openssl/store.h> typedef struct ossl_store_ctx_st OSSL_STORE_CTX; typedef OSSL_STORE_INFO *(*OSSL_STORE_post_process_info_fn)(OSSL_STORE_INFO *, void *); OSSL_STORE_CTX *OSSL_STORE_open(const char *uri, const UI_METHOD *ui_method, void *ui_data, OSSL_STORE_post_process_info_fn post_process, void *post_process_data); int OSSL_STORE_ctrl(OSSL_STORE_CTX *ctx, int cmd, ... /* args */); OSSL_STORE_INFO *OSSL_STORE_load(OSSL_STORE_CTX *ctx); int OSSL_STORE_eof(OSSL_STORE_CTX *ctx); int OSSL_STORE_error(OSSL_STORE_CTX *ctx); int OSSL_STORE_close(OSSL_STORE_CTX *ctx);
The retrieved information is stored in a OSSL_STORE_INFO, which is further described in OSSL_STORE_INFO(3).
OSSL_STORE_ctrl() takes a OSSL_STORE_CTX, and command number cmd and more arguments not specified here. The available loader specific command numbers and arguments they each take depends on the loader that's used and is documented together with that loader.
There are also global controls available:
- Controls if the loader should attempt to use secure memory for any allocated OSSL_STORE_INFO and its contents. This control expects one argument, a pointer to an int that is expected to have the value 1 (yes) or 0 (no). Any other value is an error.
OSSL_STORE_load() takes a OSSL_STORE_CTX, tries to load the next available object and return it wrapped with OSSL_STORE_INFO.
OSSL_STORE_eof() takes a OSSL_STORE_CTX and checks if we've reached the end of data.
OSSL_STORE_error() takes a OSSL_STORE_CTX and checks if an error occurred in the last OSSL_STORE_load() call. Note that it may still be meaningful to try and load more objects, unless OSSL_STORE_eof() shows that the end of data has been reached.
OSSL_STORE_close() takes a OSSL_STORE_CTX, closes the channel that was opened by OSSL_STORE_open() and frees all other information that was stored in the OSSL_STORE_CTX, as well as the OSSL_STORE_CTX itself. If ctx is NULL it does nothing.
There are some tools that can be used together with OSSL_STORE_open() to determine if any failure is caused by an unparsable URI, or if it's a different error (such as memory allocation failures); if the URI was parsable but the scheme unregistered, the top error will have the reason "OSSL_STORE_R_UNREGISTERED_SCHEME".
These functions make no direct assumption regarding the pass phrase received from the password callback. The loaders may make assumptions, however. For example, the file: scheme loader inherits the assumptions made by OpenSSL functionality that handles the different file types; this is mostly relevant for PKCS#12 objects. See passphrase-encoding(7) for further information.
OSSL_STORE_load() returns a pointer to a OSSL_STORE_INFO on success, or NULL on error or when end of data is reached. Use OSSL_STORE_error() and OSSL_STORE_eof() to determine the meaning of a returned NULL.
OSSL_STORE_eof() returns 1 if the end of data has been reached, otherwise 0.
OSSL_STORE_error() returns 1 if an error occurred in an OSSL_STORE_load() call, otherwise 0.
OSSL_STORE_ctrl() and OSSL_STORE_close() returns 1 on success, or 0 on failure.
Handling of NULL ctx argument for OSSL_STORE_close() was introduced in OpenSSL 1.1.1h.
Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at https://www.openssl.org/source/license.html.