| 1 | /* |
|---|---|
| 2 | * Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. |
| 3 | * |
| 4 | * Licensed under the Apache License 2.0 (the "License"). You may not use |
| 5 | * this file except in compliance with the License. You can obtain a copy |
| 6 | * in the file LICENSE in the source distribution or at |
| 7 | * https://www.openssl.org/source/license.html |
| 8 | */ |
| 9 | |
| 10 | #ifndef OPENSSL_STORE_H |
| 11 | # define OPENSSL_STORE_H |
| 12 | # pragma once |
| 13 | |
| 14 | # include <openssl/macros.h> |
| 15 | # ifndef OPENSSL_NO_DEPRECATED_3_0 |
| 16 | # define HEADER_OSSL_STORE_H |
| 17 | # endif |
| 18 | |
| 19 | # include <stdarg.h> |
| 20 | # include <openssl/types.h> |
| 21 | # include <openssl/pem.h> |
| 22 | # include <openssl/storeerr.h> |
| 23 | |
| 24 | # ifdef __cplusplus |
| 25 | extern "C"{ |
| 26 | # endif |
| 27 | |
| 28 | /*- |
| 29 | * The main OSSL_STORE functions. |
| 30 | * ------------------------------ |
| 31 | * |
| 32 | * These allow applications to open a channel to a resource with supported |
| 33 | * data (keys, certs, crls, ...), read the data a piece at a time and decide |
| 34 | * what to do with it, and finally close. |
| 35 | */ |
| 36 | |
| 37 | typedef struct ossl_store_ctx_st OSSL_STORE_CTX; |
| 38 | |
| 39 | /* |
| 40 | * Typedef for the OSSL_STORE_INFO post processing callback. This can be used |
| 41 | * to massage the given OSSL_STORE_INFO, or to drop it entirely (by returning |
| 42 | * NULL). |
| 43 | */ |
| 44 | typedef OSSL_STORE_INFO *(*OSSL_STORE_post_process_info_fn)(OSSL_STORE_INFO *, |
| 45 | void *); |
| 46 | |
| 47 | /* |
| 48 | * Open a channel given a URI. The given UI method will be used any time the |
| 49 | * loader needs extra input, for example when a password or pin is needed, and |
| 50 | * will be passed the same user data every time it's needed in this context. |
| 51 | * |
| 52 | * Returns a context reference which represents the channel to communicate |
| 53 | * through. |
| 54 | */ |
| 55 | OSSL_STORE_CTX *OSSL_STORE_open(const char *uri, const UI_METHOD *ui_method, |
| 56 | void *ui_data, |
| 57 | OSSL_STORE_post_process_info_fn post_process, |
| 58 | void *post_process_data); |
| 59 | |
| 60 | /* |
| 61 | * Control / fine tune the OSSL_STORE channel. |cmd| determines what is to be |
| 62 | * done, and depends on the underlying loader (use OSSL_STORE_get0_scheme to |
| 63 | * determine which loader is used), except for common commands (see below). |
| 64 | * Each command takes different arguments. |
| 65 | */ |
| 66 | int OSSL_STORE_ctrl(OSSL_STORE_CTX *ctx, int cmd, ... /* args */); |
| 67 | int OSSL_STORE_vctrl(OSSL_STORE_CTX *ctx, int cmd, va_list args); |
| 68 | |
| 69 | /* |
| 70 | * Common ctrl commands that different loaders may choose to support. |
| 71 | */ |
| 72 | /* int on = 0 or 1; STORE_ctrl(ctx, STORE_C_USE_SECMEM, &on); */ |
| 73 | # define OSSL_STORE_C_USE_SECMEM 1 |
| 74 | /* Where custom commands start */ |
| 75 | # define OSSL_STORE_C_CUSTOM_START 100 |
| 76 | |
| 77 | /* |
| 78 | * Read one data item (a key, a cert, a CRL) that is supported by the OSSL_STORE |
| 79 | * functionality, given a context. |
| 80 | * Returns a OSSL_STORE_INFO pointer, from which OpenSSL typed data can be |
| 81 | * extracted with OSSL_STORE_INFO_get0_PKEY(), OSSL_STORE_INFO_get0_CERT(), ... |
| 82 | * NULL is returned on error, which may include that the data found at the URI |
| 83 | * can't be figured out for certain or is ambiguous. |
| 84 | */ |
| 85 | OSSL_STORE_INFO *OSSL_STORE_load(OSSL_STORE_CTX *ctx); |
| 86 | |
| 87 | /* |
| 88 | * Check if end of data (end of file) is reached |
| 89 | * Returns 1 on end, 0 otherwise. |
| 90 | */ |
| 91 | int OSSL_STORE_eof(OSSL_STORE_CTX *ctx); |
| 92 | |
| 93 | /* |
| 94 | * Check if an error occurred |
| 95 | * Returns 1 if it did, 0 otherwise. |
| 96 | */ |
| 97 | int OSSL_STORE_error(OSSL_STORE_CTX *ctx); |
| 98 | |
| 99 | /* |
| 100 | * Close the channel |
| 101 | * Returns 1 on success, 0 on error. |
| 102 | */ |
| 103 | int OSSL_STORE_close(OSSL_STORE_CTX *ctx); |
| 104 | |
| 105 | |
| 106 | /*- |
| 107 | * Extracting OpenSSL types from and creating new OSSL_STORE_INFOs |
| 108 | * --------------------------------------------------------------- |
| 109 | */ |
| 110 | |
| 111 | /* |
| 112 | * Types of data that can be ossl_stored in a OSSL_STORE_INFO. |
| 113 | * OSSL_STORE_INFO_NAME is typically found when getting a listing of |
| 114 | * available "files" / "tokens" / what have you. |
| 115 | */ |
| 116 | # define OSSL_STORE_INFO_NAME 1 /* char * */ |
| 117 | # define OSSL_STORE_INFO_PARAMS 2 /* EVP_PKEY * */ |
| 118 | # define OSSL_STORE_INFO_PKEY 3 /* EVP_PKEY * */ |
| 119 | # define OSSL_STORE_INFO_CERT 4 /* X509 * */ |
| 120 | # define OSSL_STORE_INFO_CRL 5 /* X509_CRL * */ |
| 121 | |
| 122 | /* |
| 123 | * Functions to generate OSSL_STORE_INFOs, one function for each type we |
| 124 | * support having in them, as well as a generic constructor. |
| 125 | * |
| 126 | * In all cases, ownership of the object is transferred to the OSSL_STORE_INFO |
| 127 | * and will therefore be freed when the OSSL_STORE_INFO is freed. |
| 128 | */ |
| 129 | OSSL_STORE_INFO *OSSL_STORE_INFO_new_NAME(char *name); |
| 130 | int OSSL_STORE_INFO_set0_NAME_description(OSSL_STORE_INFO *info, char *desc); |
| 131 | OSSL_STORE_INFO *OSSL_STORE_INFO_new_PARAMS(EVP_PKEY *params); |
| 132 | OSSL_STORE_INFO *OSSL_STORE_INFO_new_PKEY(EVP_PKEY *pkey); |
| 133 | OSSL_STORE_INFO *OSSL_STORE_INFO_new_CERT(X509 *x509); |
| 134 | OSSL_STORE_INFO *OSSL_STORE_INFO_new_CRL(X509_CRL *crl); |
| 135 | |
| 136 | /* |
| 137 | * Functions to try to extract data from a OSSL_STORE_INFO. |
| 138 | */ |
| 139 | int OSSL_STORE_INFO_get_type(const OSSL_STORE_INFO *info); |
| 140 | const char *OSSL_STORE_INFO_get0_NAME(const OSSL_STORE_INFO *info); |
| 141 | char *OSSL_STORE_INFO_get1_NAME(const OSSL_STORE_INFO *info); |
| 142 | const char *OSSL_STORE_INFO_get0_NAME_description(const OSSL_STORE_INFO *info); |
| 143 | char *OSSL_STORE_INFO_get1_NAME_description(const OSSL_STORE_INFO *info); |
| 144 | EVP_PKEY *OSSL_STORE_INFO_get0_PARAMS(const OSSL_STORE_INFO *info); |
| 145 | EVP_PKEY *OSSL_STORE_INFO_get1_PARAMS(const OSSL_STORE_INFO *info); |
| 146 | EVP_PKEY *OSSL_STORE_INFO_get0_PKEY(const OSSL_STORE_INFO *info); |
| 147 | EVP_PKEY *OSSL_STORE_INFO_get1_PKEY(const OSSL_STORE_INFO *info); |
| 148 | X509 *OSSL_STORE_INFO_get0_CERT(const OSSL_STORE_INFO *info); |
| 149 | X509 *OSSL_STORE_INFO_get1_CERT(const OSSL_STORE_INFO *info); |
| 150 | X509_CRL *OSSL_STORE_INFO_get0_CRL(const OSSL_STORE_INFO *info); |
| 151 | X509_CRL *OSSL_STORE_INFO_get1_CRL(const OSSL_STORE_INFO *info); |
| 152 | |
| 153 | const char *OSSL_STORE_INFO_type_string(int type); |
| 154 | |
| 155 | /* |
| 156 | * Free the OSSL_STORE_INFO |
| 157 | */ |
| 158 | void OSSL_STORE_INFO_free(OSSL_STORE_INFO *info); |
| 159 | |
| 160 | |
| 161 | /*- |
| 162 | * Functions to construct a search URI from a base URI and search criteria |
| 163 | * ----------------------------------------------------------------------- |
| 164 | */ |
| 165 | |
| 166 | /* OSSL_STORE search types */ |
| 167 | # define OSSL_STORE_SEARCH_BY_NAME 1 /* subject in certs, issuer in CRLs */ |
| 168 | # define OSSL_STORE_SEARCH_BY_ISSUER_SERIAL 2 |
| 169 | # define OSSL_STORE_SEARCH_BY_KEY_FINGERPRINT 3 |
| 170 | # define OSSL_STORE_SEARCH_BY_ALIAS 4 |
| 171 | |
| 172 | /* To check what search types the scheme handler supports */ |
| 173 | int OSSL_STORE_supports_search(OSSL_STORE_CTX *ctx, int search_type); |
| 174 | |
| 175 | /* Search term constructors */ |
| 176 | /* |
| 177 | * The input is considered to be owned by the caller, and must therefore |
| 178 | * remain present throughout the lifetime of the returned OSSL_STORE_SEARCH |
| 179 | */ |
| 180 | OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_name(X509_NAME *name); |
| 181 | OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_issuer_serial(X509_NAME *name, |
| 182 | const ASN1_INTEGER |
| 183 | *serial); |
| 184 | OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_key_fingerprint(const EVP_MD *digest, |
| 185 | const unsigned char |
| 186 | *bytes, size_t len); |
| 187 | OSSL_STORE_SEARCH *OSSL_STORE_SEARCH_by_alias(const char *alias); |
| 188 | |
| 189 | /* Search term destructor */ |
| 190 | void OSSL_STORE_SEARCH_free(OSSL_STORE_SEARCH *search); |
| 191 | |
| 192 | /* Search term accessors */ |
| 193 | int OSSL_STORE_SEARCH_get_type(const OSSL_STORE_SEARCH *criterion); |
| 194 | X509_NAME *OSSL_STORE_SEARCH_get0_name(const OSSL_STORE_SEARCH *criterion); |
| 195 | const ASN1_INTEGER *OSSL_STORE_SEARCH_get0_serial(const OSSL_STORE_SEARCH |
| 196 | *criterion); |
| 197 | const unsigned char *OSSL_STORE_SEARCH_get0_bytes(const OSSL_STORE_SEARCH |
| 198 | *criterion, size_t *length); |
| 199 | const char *OSSL_STORE_SEARCH_get0_string(const OSSL_STORE_SEARCH *criterion); |
| 200 | const EVP_MD *OSSL_STORE_SEARCH_get0_digest(const OSSL_STORE_SEARCH *criterion); |
| 201 | |
| 202 | /* |
| 203 | * Add search criterion and expected return type (which can be unspecified) |
| 204 | * to the loading channel. This MUST happen before the first OSSL_STORE_load(). |
| 205 | */ |
| 206 | int OSSL_STORE_expect(OSSL_STORE_CTX *ctx, int expected_type); |
| 207 | int OSSL_STORE_find(OSSL_STORE_CTX *ctx, const OSSL_STORE_SEARCH *search); |
| 208 | |
| 209 | |
| 210 | /*- |
| 211 | * Function to register a loader for the given URI scheme. |
| 212 | * ------------------------------------------------------- |
| 213 | * |
| 214 | * The loader receives all the main components of an URI except for the |
| 215 | * scheme. |
| 216 | */ |
| 217 | |
| 218 | typedef struct ossl_store_loader_st OSSL_STORE_LOADER; |
| 219 | OSSL_STORE_LOADER *OSSL_STORE_LOADER_new(ENGINE *e, const char *scheme); |
| 220 | const ENGINE *OSSL_STORE_LOADER_get0_engine(const OSSL_STORE_LOADER *loader); |
| 221 | const char *OSSL_STORE_LOADER_get0_scheme(const OSSL_STORE_LOADER *loader); |
| 222 | /* struct ossl_store_loader_ctx_st is defined differently by each loader */ |
| 223 | typedef struct ossl_store_loader_ctx_st OSSL_STORE_LOADER_CTX; |
| 224 | typedef OSSL_STORE_LOADER_CTX *(*OSSL_STORE_open_fn)(const OSSL_STORE_LOADER |
| 225 | *loader, |
| 226 | const char *uri, |
| 227 | const UI_METHOD *ui_method, |
| 228 | void *ui_data); |
| 229 | int OSSL_STORE_LOADER_set_open(OSSL_STORE_LOADER *loader, |
| 230 | OSSL_STORE_open_fn open_function); |
| 231 | typedef int (*OSSL_STORE_ctrl_fn)(OSSL_STORE_LOADER_CTX *ctx, int cmd, |
| 232 | va_list args); |
| 233 | int OSSL_STORE_LOADER_set_ctrl(OSSL_STORE_LOADER *loader, |
| 234 | OSSL_STORE_ctrl_fn ctrl_function); |
| 235 | typedef int (*OSSL_STORE_expect_fn)(OSSL_STORE_LOADER_CTX *ctx, int expected); |
| 236 | int OSSL_STORE_LOADER_set_expect(OSSL_STORE_LOADER *loader, |
| 237 | OSSL_STORE_expect_fn expect_function); |
| 238 | typedef int (*OSSL_STORE_find_fn)(OSSL_STORE_LOADER_CTX *ctx, |
| 239 | const OSSL_STORE_SEARCH *criteria); |
| 240 | int OSSL_STORE_LOADER_set_find(OSSL_STORE_LOADER *loader, |
| 241 | OSSL_STORE_find_fn find_function); |
| 242 | typedef OSSL_STORE_INFO *(*OSSL_STORE_load_fn)(OSSL_STORE_LOADER_CTX *ctx, |
| 243 | const UI_METHOD *ui_method, |
| 244 | void *ui_data); |
| 245 | int OSSL_STORE_LOADER_set_load(OSSL_STORE_LOADER *loader, |
| 246 | OSSL_STORE_load_fn load_function); |
| 247 | typedef int (*OSSL_STORE_eof_fn)(OSSL_STORE_LOADER_CTX *ctx); |
| 248 | int OSSL_STORE_LOADER_set_eof(OSSL_STORE_LOADER *loader, |
| 249 | OSSL_STORE_eof_fn eof_function); |
| 250 | typedef int (*OSSL_STORE_error_fn)(OSSL_STORE_LOADER_CTX *ctx); |
| 251 | int OSSL_STORE_LOADER_set_error(OSSL_STORE_LOADER *loader, |
| 252 | OSSL_STORE_error_fn error_function); |
| 253 | typedef int (*OSSL_STORE_close_fn)(OSSL_STORE_LOADER_CTX *ctx); |
| 254 | int OSSL_STORE_LOADER_set_close(OSSL_STORE_LOADER *loader, |
| 255 | OSSL_STORE_close_fn close_function); |
| 256 | void OSSL_STORE_LOADER_free(OSSL_STORE_LOADER *loader); |
| 257 | |
| 258 | int OSSL_STORE_register_loader(OSSL_STORE_LOADER *loader); |
| 259 | OSSL_STORE_LOADER *OSSL_STORE_unregister_loader(const char *scheme); |
| 260 | |
| 261 | /*- |
| 262 | * Functions to list STORE loaders |
| 263 | * ------------------------------- |
| 264 | */ |
| 265 | int OSSL_STORE_do_all_loaders(void (*do_function) (const OSSL_STORE_LOADER |
| 266 | *loader, void *do_arg), |
| 267 | void *do_arg); |
| 268 | |
| 269 | # ifdef __cplusplus |
| 270 | } |
| 271 | # endif |
| 272 | #endif |
| 273 |
Generated while processing ClickHouse/contrib/openssl/crypto/init.c
Generated on 2020-Jan-04 from project ClickHouse revision 19.17.6
Powered by 
Code Browser 2.1
Generator usage only permitted with license.