diff options
author | Richard Levitte <levitte@openssl.org> | 2020-07-22 22:54:42 +0200 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2020-08-24 10:02:25 +0200 |
commit | 8704b6bf32ccc24570b57fbdfef685fbd3572635 (patch) | |
tree | ca3b98c02dde761a504a02efae5821aab95768c9 /include/openssl | |
parent | faa64bca9f59b4390aed93dca75e53c3cacddc4a (diff) | |
download | openssl-new-8704b6bf32ccc24570b57fbdfef685fbd3572635.tar.gz |
STORE for providers: define libcrypto <-> provider interface
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/12512)
Diffstat (limited to 'include/openssl')
-rw-r--r-- | include/openssl/core_dispatch.h | 43 | ||||
-rw-r--r-- | include/openssl/core_names.h | 28 |
2 files changed, 68 insertions, 3 deletions
diff --git a/include/openssl/core_dispatch.h b/include/openssl/core_dispatch.h index ee589eae6b..b21fe559f7 100644 --- a/include/openssl/core_dispatch.h +++ b/include/openssl/core_dispatch.h @@ -191,10 +191,11 @@ OSSL_CORE_MAKE_FUNC(int, provider_self_test, (void *provctx)) # define OSSL_OP_SIGNATURE 12 # define OSSL_OP_ASYM_CIPHER 13 /* New section for non-EVP operations */ -# define OSSL_OP_ENCODER 20 -# define OSSL_OP_DECODER 21 +# define OSSL_OP_ENCODER 20 +# define OSSL_OP_DECODER 21 +# define OSSL_OP_STORE 22 /* Highest known operation number */ -# define OSSL_OP__HIGHEST 21 +# define OSSL_OP__HIGHEST 22 /* Digests */ @@ -760,6 +761,42 @@ OSSL_CORE_MAKE_FUNC(int, decoder_export_object, (void *ctx, const void *objref, size_t objref_sz, OSSL_CALLBACK *export_cb, void *export_cbarg)) +/*- + * Store + * + * Objects are scanned by using the 'open', 'load', 'eof' and 'close' + * functions, which implement an OSSL_STORE loader. + * + * store_load() works in a way that's very similar to the decoders, in + * that they pass an abstract object through a callback, either as a DER + * octet string or as an object reference, which libcrypto will have to + * deal with. + */ + +#define OSSL_FUNC_STORE_OPEN 1 +#define OSSL_FUNC_STORE_ATTACH 2 +#define OSSL_FUNC_STORE_SETTABLE_CTX_PARAMS 3 +#define OSSL_FUNC_STORE_SET_CTX_PARAMS 4 +#define OSSL_FUNC_STORE_LOAD 5 +#define OSSL_FUNC_STORE_EOF 6 +#define OSSL_FUNC_STORE_CLOSE 7 +#define OSSL_FUNC_STORE_EXPORT_OBJECT 8 +OSSL_CORE_MAKE_FUNC(void *, store_open, (void *provctx, const char *uri)) +OSSL_CORE_MAKE_FUNC(void *, store_attach, (void *provctx, OSSL_CORE_BIO *in)) +OSSL_CORE_MAKE_FUNC(const OSSL_PARAM *, store_settable_ctx_params, + (void *provctx)) +OSSL_CORE_MAKE_FUNC(int, store_set_ctx_params, + (void *loaderctx, const OSSL_PARAM params[])) +OSSL_CORE_MAKE_FUNC(int, store_load, + (void *loaderctx, + OSSL_CALLBACK *object_cb, void *object_cbarg, + OSSL_PASSPHRASE_CALLBACK *pw_cb, void *pw_cbarg)) +OSSL_CORE_MAKE_FUNC(int, store_eof, (void *loaderctx)) +OSSL_CORE_MAKE_FUNC(int, store_close, (void *loaderctx)) +OSSL_CORE_MAKE_FUNC(int, store_export_object, + (void *loaderctx, const void *objref, size_t objref_sz, + OSSL_CALLBACK *export_cb, void *export_cbarg)) + # ifdef __cplusplus } # endif diff --git a/include/openssl/core_names.h b/include/openssl/core_names.h index 9944206b84..4ca794fd50 100644 --- a/include/openssl/core_names.h +++ b/include/openssl/core_names.h @@ -484,6 +484,34 @@ extern "C" { #define OSSL_CAPABILITY_TLS_GROUP_MIN_DTLS "tls-min-dtls" #define OSSL_CAPABILITY_TLS_GROUP_MAX_DTLS "tls-max-dtls" +/*- + * storemgmt parameters + */ + +/* + * Used by storemgmt_ctx_set_params(): + * + * - OSSL_STORE_PARAM_EXPECT is an INTEGER, and the value is any of the + * OSSL_STORE_INFO numbers. This is used to set the expected type of + * object loaded. + * + * - OSSL_STORE_PARAM_SUBJECT, OSSL_STORE_PARAM_ISSUER, + * OSSL_STORE_PARAM_SERIAL, OSSL_STORE_PARAM_FINGERPRINT, + * OSSL_STORE_PARAM_DIGEST, OSSL_STORE_PARAM_ALIAS + * are used as search criteria. + * (OSSL_STORE_PARAM_DIGEST is used with OSSL_STORE_PARAM_FINGERPRINT) + */ +#define OSSL_STORE_PARAM_EXPECT "expect" /* INTEGER */ +#define OSSL_STORE_PARAM_SUBJECT "subject" /* DER blob => OCTET_STRING */ +#define OSSL_STORE_PARAM_ISSUER "name" /* DER blob => OCTET_STRING */ +#define OSSL_STORE_PARAM_SERIAL "serial" /* INTEGER */ +#define OSSL_STORE_PARAM_DIGEST "digest" /* UTF8_STRING */ +#define OSSL_STORE_PARAM_FINGERPRINT "fingerprint" /* OCTET_STRING */ +#define OSSL_STORE_PARAM_ALIAS "alias" /* UTF8_STRING */ + +/* You may want to pass properties for the provider implementation to use */ +#define OSSL_STORE_PARAM_PROPERTIES "properties" /* utf8_string */ + # ifdef __cplusplus } # endif |