STORE for providers: define libcrypto <-> provider interface

Reviewed-by: Shane Lontis <shane.lontis@oracle.com> (Merged from https://github.com/openssl/openssl/pull/12512)
author: Richard Levitte <levitte@openssl.org> 2020-07-22 22:54:42 +0200
committer: Richard Levitte <levitte@openssl.org> 2020-08-24 10:02:25 +0200
commit: 8704b6bf32ccc24570b57fbdfef685fbd3572635 (patch)
tree: ca3b98c02dde761a504a02efae5821aab95768c9 /include/openssl
parent: faa64bca9f59b4390aed93dca75e53c3cacddc4a (diff)
download: openssl-new-8704b6bf32ccc24570b57fbdfef685fbd3572635.tar.gz
2 files changed, 68 insertions, 3 deletions
diff --git a/include/openssl/core_dispatch.h b/include/openssl/core_dispatch.h
index ee589eae6b..b21fe559f7 100644
--- a/include/openssl/core_dispatch.h
+++ b/include/openssl/core_dispatch.h
@@ -191,10 +191,11 @@ OSSL_CORE_MAKE_FUNC(int, provider_self_test, (void *provctx))
 # define OSSL_OP_SIGNATURE                          12
 # define OSSL_OP_ASYM_CIPHER                        13
 /* New section for non-EVP operations */
-# define OSSL_OP_ENCODER                         20
-# define OSSL_OP_DECODER                       21
+# define OSSL_OP_ENCODER                            20
+# define OSSL_OP_DECODER                            21
+# define OSSL_OP_STORE                              22
 /* Highest known operation number */
-# define OSSL_OP__HIGHEST                           21
+# define OSSL_OP__HIGHEST                           22
 
 /* Digests */
 
@@ -760,6 +761,42 @@ OSSL_CORE_MAKE_FUNC(int, decoder_export_object,
                     (void *ctx, const void *objref, size_t objref_sz,
                      OSSL_CALLBACK *export_cb, void *export_cbarg))
 
+/*-
+ * Store
+ *
+ * Objects are scanned by using the 'open', 'load', 'eof' and 'close'
+ * functions, which implement an OSSL_STORE loader.
+ *
+ * store_load() works in a way that's very similar to the decoders, in
+ * that they pass an abstract object through a callback, either as a DER
+ * octet string or as an object reference, which libcrypto will have to
+ * deal with.
+ */
+
+#define OSSL_FUNC_STORE_OPEN                        1
+#define OSSL_FUNC_STORE_ATTACH                      2
+#define OSSL_FUNC_STORE_SETTABLE_CTX_PARAMS         3
+#define OSSL_FUNC_STORE_SET_CTX_PARAMS              4
+#define OSSL_FUNC_STORE_LOAD                        5
+#define OSSL_FUNC_STORE_EOF                         6
+#define OSSL_FUNC_STORE_CLOSE                       7
+#define OSSL_FUNC_STORE_EXPORT_OBJECT               8
+OSSL_CORE_MAKE_FUNC(void *, store_open, (void *provctx, const char *uri))
+OSSL_CORE_MAKE_FUNC(void *, store_attach, (void *provctx, OSSL_CORE_BIO *in))
+OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, store_settable_ctx_params,
+                    (void *provctx))
+OSSL_CORE_MAKE_FUNC(int, store_set_ctx_params,
+                    (void *loaderctx, const OSSL_PARAM params[]))
+OSSL_CORE_MAKE_FUNC(int, store_load,
+                    (void *loaderctx,
+                     OSSL_CALLBACK *object_cb, void *object_cbarg,
+                     OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg))
+OSSL_CORE_MAKE_FUNC(int, store_eof, (void *loaderctx))
+OSSL_CORE_MAKE_FUNC(int, store_close, (void *loaderctx))
+OSSL_CORE_MAKE_FUNC(int, store_export_object,
+                    (void *loaderctx, const void *objref, size_t objref_sz,
+                     OSSL_CALLBACK *export_cb, void *export_cbarg))
+
 # ifdef __cplusplus
 }
 # endif
diff --git a/include/openssl/core_names.h b/include/openssl/core_names.h
index 9944206b84..4ca794fd50 100644
--- a/include/openssl/core_names.h
+++ b/include/openssl/core_names.h
@@ -484,6 +484,34 @@ extern "C" {
 #define OSSL_CAPABILITY_TLS_GROUP_MIN_DTLS          "tls-min-dtls"
 #define OSSL_CAPABILITY_TLS_GROUP_MAX_DTLS          "tls-max-dtls"
 
+/*-
+ * storemgmt parameters
+ */
+
+/*
+ * Used by storemgmt_ctx_set_params():
+ *
+ * - OSSL_STORE_PARAM_EXPECT is an INTEGER, and the value is any of the
+ *   OSSL_STORE_INFO numbers.  This is used to set the expected type of
+ *   object loaded.
+ *
+ * - OSSL_STORE_PARAM_SUBJECT, OSSL_STORE_PARAM_ISSUER,
+ *   OSSL_STORE_PARAM_SERIAL, OSSL_STORE_PARAM_FINGERPRINT,
+ *   OSSL_STORE_PARAM_DIGEST, OSSL_STORE_PARAM_ALIAS
+ *   are used as search criteria.
+ *   (OSSL_STORE_PARAM_DIGEST is used with OSSL_STORE_PARAM_FINGERPRINT)
+ */
+#define OSSL_STORE_PARAM_EXPECT     "expect"       /* INTEGER */
+#define OSSL_STORE_PARAM_SUBJECT    "subject" /* DER blob => OCTET_STRING */
+#define OSSL_STORE_PARAM_ISSUER     "name" /* DER blob => OCTET_STRING */
+#define OSSL_STORE_PARAM_SERIAL     "serial"       /* INTEGER */
+#define OSSL_STORE_PARAM_DIGEST     "digest"       /* UTF8_STRING */
+#define OSSL_STORE_PARAM_FINGERPRINT "fingerprint" /* OCTET_STRING */
+#define OSSL_STORE_PARAM_ALIAS      "alias"        /* UTF8_STRING */
+
+/* You may want to pass properties for the provider implementation to use */
+#define OSSL_STORE_PARAM_PROPERTIES "properties"   /* utf8_string */
+
 # ifdef __cplusplus
 }
 # endif
author	Richard Levitte <levitte@openssl.org>	2020-07-22 22:54:42 +0200
committer	Richard Levitte <levitte@openssl.org>	2020-08-24 10:02:25 +0200
commit	8704b6bf32ccc24570b57fbdfef685fbd3572635 (patch)
tree	ca3b98c02dde761a504a02efae5821aab95768c9 /include/openssl
parent	faa64bca9f59b4390aed93dca75e53c3cacddc4a (diff)
download	openssl-new-8704b6bf32ccc24570b57fbdfef685fbd3572635.tar.gz