5 OSSL_PARAM - a structure to pass or request object parameters
9 #include <openssl/core.h>
11 typedef struct ossl_param_st OSSL_PARAM;
12 struct ossl_param_st {
13 const char *key; /* the name of the parameter */
14 unsigned char data_type; /* declare what kind of content is in data */
15 void *data; /* value being passed in or out */
16 size_t data_size; /* data size */
17 size_t *return_size; /* OPTIONAL: address to content size */
22 C<OSSL_PARAM> is a type that allows passing arbitrary data for some
23 object between two parties that have no or very little shared
24 knowledge about their respective internal structures for that object.
26 A typical usage example could be an application that wants to set some
27 parameters for an object, or wants to find out some parameters of an
30 Arrays of this type can be used for two purposes:
36 Setting parameters for some object.
37 The caller sets up the C<OSSL_PARAM> array and calls some function
38 (the I<setter>) that has intimate knowledge about the object that can
39 take the data from the C<OSSL_PARAM> array and assign them in a
40 suitable form for the internal structure of the object.
44 Request parameters of some object.
45 The caller (the I<requestor>) sets up the C<OSSL_PARAM> array and
46 calls some function (the I<responder>) that has intimate knowledge
47 about the object, which can take the internal data of the object and
48 copy (possibly convert) that to the memory prepared by the
49 I<requestor> and pointed at with the C<OSSL_PARAM> C<data>.
53 =head2 C<OSSL_PARAM> fields
59 The identity of the parameter in the form of a string.
63 =for comment It's still debated if this field should be present, or if
64 the type should always be implied by how it's used.
65 Either way, these data types will have to be passed together with the
66 names as an array of OSSL_ITEM, for discovery purposes.
68 The C<data_type> is a value that describes the type and organization of
70 See L</Supported types> below for a description of the types.
76 C<data> is a pointer to the memory where the parameter data is (when
77 setting parameters) or shall (when requesting parameters) be stored,
78 and C<data_size> is its size in bytes.
79 The organization of the data depends on the parameter type and flag.
83 When an array of C<OSSL_PARAM> is used to request data, the
84 I<responder> must set this field to indicate the actual size of the
86 In case the C<data_size> is too small for the data, the I<responder>
87 must still set this field to indicate the minimum data size required.
93 The key names and associated types are defined by the entity that
94 offers these parameters, i.e. names for parameters provided by the
95 OpenSSL libraries are defined by the libraries, and names for
96 parameters provided by providers are defined by those providers,
97 except for the pointer form of strings (see data type descriptions
99 Entities that want to set or request parameters need to know what
100 those keys are and of what type, any functionality between those two
101 entities should remain oblivious and just pass the C<OSSL_PARAM> array
104 =head2 Supported types
106 The C<data_type> field can be one of the following types:
110 =item C<OSSL_PARAM_INTEGER>
112 =item C<OSSL_PARAM_UNSIGNED_INTEGER>
114 The parameter data is an integer (signed or unsigned) of arbitrary
115 length, organized in native form, i.e. most significant byte first on
116 Big-Endian systems, and least significant byte first on Little-Endian
119 =item C<OSSL_PARAM_REAL>
121 The parameter data is a floating point value in native form.
123 =item C<OSSL_PARAM_UTF8_STRING>
125 The parameter data is a printable string.
127 =item C<OSSL_PARAM_OCTET_STRING>
129 The parameter data is an arbitrary string of bytes.
131 =item C<OSSL_PARAM_UTF8_PTR>
133 The parameter data is a pointer to a printable string.
135 The difference between this and C<OSSL_PARAM_UTF8_STRING> is that C<data>
136 doesn't point directly at the data, but to a pointer that points to the data.
138 This is used to indicate that constant data is or will be passed,
139 and there is therefore no need to copy the data that is passed, just
142 C<data_size> must be set to the size of the data, not the size of the
144 If this is used in a parameter request,
145 C<data_size> is not relevant. However, the I<responder> will set
146 C<*return_size> to the size of the data.
148 Note that the use of this type is B<fragile> and can only be safely
149 used for data that remains constant and in a constant location for a
150 long enough duration (such as the life-time of the entity that
151 offers these parameters).
153 =item C<OSSL_PARAM_OCTET_PTR>
155 The parameter data is a pointer to an arbitrary string of bytes.
157 The difference between this and C<OSSL_PARAM_OCTET_STRING> is that
158 C<data> doesn't point directly at the data, but to a pointer that
161 This is used to indicate that constant data is or will be passed, and
162 there is therefore no need to copy the data that is passed, just the
165 C<data_size> must be set to the size of the data, not the size of the
167 If this is used in a parameter request,
168 C<data_size> is not relevant. However, the I<responder> will set
169 C<*return_size> to the size of the data.
171 Note that the use of this type is B<fragile> and can only be safely
172 used for data that remains constant and in a constant location for a
173 long enough duration (such as the life-time of the entity that
174 offers these parameters).
180 Both when setting and requesting parameters, the functions that are
181 called will have to decide what is and what is not an error.
182 The recommended behaviour is:
188 Keys that a I<setter> or I<responder> doesn't recognise should simply
190 That in itself isn't an error.
194 If the keys that a called I<setter> recognises form a consistent
195 enough set of data, that call should succeed.
199 A I<responder> must never change the fields of an C<OSSL_PARAM>, it
200 may only change the contents of the memory that C<data> and
201 C<return_size> point at.
205 If the data type for a key that it's associated with is incorrect,
206 the called function may return an error.
208 The called function may also try to convert the data to a suitable
209 form (for example, it's plausible to pass a large number as an octet
210 string, so even though a given key is defined as an
211 C<OSSL_PARAM_UNSIGNED_INTEGER>, is plausible to pass the value as an
212 C<OSSL_PARAM_OCTET_STRING>), but this is in no way mandatory.
216 If a I<responder> finds that some data sizes are too small for the
217 requested data, it must set C<*return_size> for each such
218 C<OSSL_PARAM> item to the required size, and eventually return an
223 =begin comment RETURN VALUES doesn't make sense for a manual that only
224 describes a type, but document checkers still want that section, and
225 to have more than just the section title.
235 A couple of examples to just show how C<OSSL_PARAM> arrays could be
240 This example is for setting parameters on some object:
242 #include <openssl/core.h>
244 const char *foo = "some string";
245 size_t foo_l = strlen(foo) + 1;
246 const char bar[] = "some other string";
247 const OSSL_PARAM set[] = {
248 { "foo", OSSL_PARAM_UTF8_STRING_PTR, &foo, foo_l, NULL },
249 { "bar", OSSL_PARAM_UTF8_STRING, &bar, sizeof(bar), NULL },
250 { NULL, 0, NULL, 0, NULL }
255 This example is for requesting parameters on some object:
257 const char *foo = NULL;
261 const OSSL_PARAM request[] = {
262 { "foo", OSSL_PARAM_UTF8_STRING_PTR, &foo, 0 /*irrelevant*/, &foo_l },
263 { "bar", OSSL_PARAM_UTF8_STRING, &bar, sizeof(bar), &bar_l },
264 { NULL, 0, NULL, 0, NULL }
267 A I<responder> that receives this array (as C<params> in this example)
268 could fill in the parameters like this:
270 /* const OSSL_PARAM *params */
274 for (i = 0; params[i].key != NULL; i++) {
275 if (strcmp(params[i].key, "foo") == 0) {
276 *(char **)params[i].data = "foo value";
277 *params[i].return_size = 10; /* size of "foo value" */
278 } else if (strcmp(params[i].key, "bar") == 0) {
279 memcpy(params[1].data, "bar value", 10);
280 *params[1].return_size = 10; /* size of "bar value" */
282 /* Ignore stuff we don't know */
287 L<openssl-core.h(7)>, L<OSSL_PARAM_get_int32_t(3)>
291 C<OSSL_PARAM> was added in OpenSSL 3.0.
295 Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
297 Licensed under the Apache License 2.0 (the "License"). You may not use
298 this file except in compliance with the License. You can obtain a copy
299 in the file LICENSE in the source distribution or at
300 L<https://www.openssl.org/source/license.html>.