2020-08-16 21:25:08 +02:00
|
|
|
=pod
|
|
|
|
|
|
|
|
|
|
=head1 NAME
|
|
|
|
|
|
|
|
|
|
OSSL_DECODER_CTX_new_by_EVP_PKEY,
|
|
|
|
|
OSSL_DECODER_CTX_set_passphrase,
|
|
|
|
|
OSSL_DECODER_CTX_set_pem_password_cb,
|
2020-08-02 14:29:33 +02:00
|
|
|
OSSL_DECODER_CTX_set_passphrase_ui,
|
|
|
|
|
OSSL_DECODER_CTX_set_passphrase_cb
|
2020-08-16 21:25:08 +02:00
|
|
|
- Decoder routines to decode EVP_PKEYs
|
|
|
|
|
|
|
|
|
|
=head1 SYNOPSIS
|
|
|
|
|
|
|
|
|
|
#include <openssl/decoder.h>
|
|
|
|
|
|
|
|
|
|
OSSL_DECODER_CTX *
|
2020-10-02 14:21:51 +02:00
|
|
|
OSSL_DECODER_CTX_new_by_EVP_PKEY(const EVP_PKEY *pkey,
|
|
|
|
|
const char *input_type, const char *keytype,
|
2020-08-16 21:25:08 +02:00
|
|
|
OPENSSL_CTX *libctx, const char *propquery);
|
|
|
|
|
|
|
|
|
|
int OSSL_DECODER_CTX_set_passphrase(OSSL_DECODER_CTX *ctx,
|
|
|
|
|
const unsigned char *kstr,
|
|
|
|
|
size_t klen);
|
|
|
|
|
int OSSL_DECODER_CTX_set_pem_password_cb(OSSL_DECODER_CTX *ctx,
|
|
|
|
|
pem_password_cb *cb,
|
|
|
|
|
void *cbarg);
|
|
|
|
|
int OSSL_DECODER_CTX_set_passphrase_ui(OSSL_DECODER_CTX *ctx,
|
|
|
|
|
const UI_METHOD *ui_method,
|
|
|
|
|
void *ui_data);
|
2020-08-02 14:29:33 +02:00
|
|
|
int OSSL_DECODER_CTX_set_passphrase_cb(OSSL_DECODER_CTX *ctx,
|
|
|
|
|
OSSL_PASSPHRASE_CALLBACK *cb,
|
|
|
|
|
void *cbarg);
|
2020-08-16 21:25:08 +02:00
|
|
|
|
|
|
|
|
=head1 DESCRIPTION
|
|
|
|
|
|
2020-09-14 11:35:07 +02:00
|
|
|
OSSL_DECODER_CTX_new_by_EVP_PKEY() is a utility function that creates a
|
|
|
|
|
B<OSSL_DECODER_CTX>, finds all applicable decoder implementations and sets
|
|
|
|
|
them up, so all the caller has to do next is call functions like
|
|
|
|
|
OSSL_DECODE_from_bio().
|
|
|
|
|
|
|
|
|
|
Internally OSSL_DECODER_CTX_new_by_EVP_PKEY() searches for all available
|
|
|
|
|
L<EVP_KEYMGMT(3)> implementations, and then builds a list of all potential
|
|
|
|
|
decoder implementations that may be able to process the encoded input into
|
|
|
|
|
data suitable for B<EVP_PKEY>s. All these implementations are implicitly
|
|
|
|
|
fetched using I<libctx> and I<propquery>.
|
|
|
|
|
|
|
|
|
|
The search of decoder implementations can be limited with I<input_type>,
|
2020-10-02 14:21:51 +02:00
|
|
|
which specifies a starting input type. NULL is valid input and signifies
|
|
|
|
|
that the decoder implementations will find out the input type on their own.
|
|
|
|
|
This is further explained in L<OSSL_DECODER_CTX_set_input_type(3)>.
|
|
|
|
|
|
|
|
|
|
The search of decoder implementations can also be limited with I<keytype>,
|
|
|
|
|
which specifies the expected resulting keytype. NULL is valid input and
|
|
|
|
|
signifies that the decoder implementations will find out the keytype on
|
|
|
|
|
their own from the input they get.
|
2020-09-14 11:35:07 +02:00
|
|
|
|
|
|
|
|
If no suitable decoder implementation is found,
|
|
|
|
|
OSSL_DECODER_CTX_new_by_EVP_PKEY() still creates a B<OSSL_DECODER_CTX>, but
|
|
|
|
|
with no associated decoder (L<OSSL_DECODER_CTX_get_num_decoders(3)> returns
|
|
|
|
|
zero). This helps the caller to distinguish between an error when creating
|
|
|
|
|
the B<OSSL_ENCODER_CTX> and missing encoder implementation, and allows it to
|
|
|
|
|
act accordingly.
|
|
|
|
|
|
|
|
|
|
OSSL_DECODER_CTX_set_passphrase() gives the implementation a pass phrase to
|
|
|
|
|
use when decrypting the encoded private key. Alternatively, a pass phrase
|
|
|
|
|
callback may be specified with the following functions.
|
|
|
|
|
|
|
|
|
|
OSSL_DECODER_CTX_set_pem_password_cb(), OSSL_DECODER_CTX_set_passphrase_ui()
|
|
|
|
|
and OSSL_DECODER_CTX_set_passphrase_cb() set up a callback method that the
|
|
|
|
|
implementation can use to prompt for a pass phrase, giving the caller the
|
|
|
|
|
choice of prefered pass phrase callback form. These are called indirectly,
|
|
|
|
|
through an internal B<OSSL_PASSPHRASE_CALLBACK> function.
|
|
|
|
|
|
|
|
|
|
The internal B<OSSL_PASSPHRASE_CALLBACK> function caches the pass phrase, to
|
|
|
|
|
be re-used in all decodings that are performed in the same decoding run (for
|
|
|
|
|
example, within one L<OSSL_DECODER_from_bio(3)> call).
|
2020-08-16 21:25:08 +02:00
|
|
|
|
|
|
|
|
=head1 RETURN VALUES
|
|
|
|
|
|
|
|
|
|
OSSL_DECODER_CTX_new_by_EVP_PKEY() returns a pointer to a
|
|
|
|
|
B<OSSL_DECODER_CTX>, or NULL if it couldn't be created.
|
|
|
|
|
|
2020-09-14 11:35:07 +02:00
|
|
|
OSSL_DECODER_CTX_set_passphrase(), OSSL_DECODER_CTX_set_pem_password_cb(),
|
2020-08-02 14:29:33 +02:00
|
|
|
OSSL_DECODER_CTX_set_passphrase_ui() and
|
2020-09-14 11:35:07 +02:00
|
|
|
OSSL_DECODER_CTX_set_passphrase_cb() all return 1 on success, or 0 on
|
|
|
|
|
failure.
|
2020-08-16 21:25:08 +02:00
|
|
|
|
|
|
|
|
=head1 NOTES
|
|
|
|
|
|
|
|
|
|
Parts of the function names are made to match already existing OpenSSL
|
|
|
|
|
names.
|
|
|
|
|
|
2020-09-14 11:35:07 +02:00
|
|
|
B<EVP_PKEY> in OSSL_DECODER_CTX_new_by_EVP_PKEY() matches the type name,
|
|
|
|
|
thus making for the naming pattern B<OSSL_DECODER_CTX_new_by_I<TYPE>>() when
|
|
|
|
|
new types are handled.
|
2020-08-16 21:25:08 +02:00
|
|
|
|
|
|
|
|
=head1 SEE ALSO
|
|
|
|
|
|
|
|
|
|
L<provider(7)>, L<OSSL_DECODER(3)>, L<OSSL_DECODER_CTX(3)>
|
|
|
|
|
|
|
|
|
|
=head1 HISTORY
|
|
|
|
|
|
|
|
|
|
The functions described here were added in OpenSSL 3.0.
|
|
|
|
|
|
|
|
|
|
=head1 COPYRIGHT
|
|
|
|
|
|
|
|
|
|
Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
|
|
|
|
|
|
|
|
|
|
Licensed under the Apache License 2.0 (the "License"). You may not use
|
|
|
|
|
this file except in compliance with the License. You can obtain a copy
|
|
|
|
|
in the file LICENSE in the source distribution or at
|
|
|
|
|
L<https://www.openssl.org/source/license.html>.
|
|
|
|
|
|
|
|
|
|
=cut
|
