ossl_store.7ossl - Man Page

Store retrieval functions


#include <openssl/store.h>



A STORE is a layer of functionality to retrieve a number of supported objects from a repository of any kind, addressable as a filename or as a URI.

The functionality supports the pattern “open a channel to the repository”, “loop and retrieve one object at a time”, and “finish up by closing the channel”.

The retrieved objects are returned as a wrapper type OSSL_STORE_INFO, from which an OpenSSL type can be retrieved.

URI schemes and loaders

Support for a URI scheme is called a STORE “loader”, and can be added dynamically from the calling application or from a loadable engine.

Support for the 'file' scheme is built into libcrypto. See ossl_store-file(7) for more information.

UI_METHOD and pass phrases

The OSS_STORE API does nothing to enforce any specific format or encoding on the pass phrase that the UI_METHOD provides.  However, the pass phrase is expected to be UTF-8 encoded.  The result of any other encoding is undefined.


A generic call

 OSSL_STORE_CTX *ctx = OSSL_STORE_open("file:/foo/bar/data.pem");

  * OSSL_STORE_eof() simulates file semantics for any repository to signal
  * that no more data can be expected
 while (!OSSL_STORE_eof(ctx)) {
     OSSL_STORE_INFO *info = OSSL_STORE_load(ctx);

      * Do whatever is necessary with the OSSL_STORE_INFO,
      * here just one example
     switch (OSSL_STORE_INFO_get_type(info)) {
     case OSSL_STORE_INFO_X509:
         /* Print the X.509 certificate text */
         X509_print_fp(stdout, OSSL_STORE_INFO_get0_CERT(info));
         /* Print the X.509 certificate PEM output */
         PEM_write_X509(stdout, OSSL_STORE_INFO_get0_CERT(info));


See Also


Referenced By

OSSL_STORE_attach.3ossl(3), OSSL_STORE_expect.3ossl(3), OSSL_STORE_expect.3ssl(3), ossl_store-file.7ossl(7), OSSL_STORE_INFO.3ossl(3), OSSL_STORE_INFO.3ssl(3), OSSL_STORE_LOADER.3ossl(3), OSSL_STORE_LOADER.3ssl(3), OSSL_STORE_open.3ossl(3), OSSL_STORE_open.3ssl(3), OSSL_STORE_SEARCH.3ossl(3), OSSL_STORE_SEARCH.3ssl(3), passphrase-encoding.7ossl(7), provider-storemgmt.7ossl(7), SSL_load_client_CA_file.3ossl(3), X509_LOOKUP_hash_dir.3ossl(3).

2021-09-09 3.0.0 OpenSSL