/* Encoder parameter accessor and descriptor */
const OSSL_PARAM *OSSL_FUNC_encoder_gettable_params(void *provctx);
- int encoder_get_params(OSSL_PARAM params[]);
+ int OSSL_FUNC_encoder_get_params(OSSL_PARAM params[]);
/* Functions to construct / destruct / manipulate the encoder context */
void *OSSL_FUNC_encoder_newctx(void *provctx);
void OSSL_FUNC_encoder_freectx(void *ctx);
int OSSL_FUNC_encoder_set_ctx_params(void *ctx, const OSSL_PARAM params[]);
- const OSSL_PARAM *OSSL_FUNC_encoder_settable_ctx_params(void *provctx)
+ const OSSL_PARAM *OSSL_FUNC_encoder_settable_ctx_params(void *provctx);
/* Functions to check selection support */
int OSSL_FUNC_encoder_does_selection(void *provctx, int selection);
void *cbarg);
/* Functions to import and free a temporary object to be encoded */
- void *encoder_import_object(void *ctx, int selection,
- const OSSL_PARAM params[]);
- void encoder_free_object(void *obj);
+ void *OSSL_FUNC_encoder_import_object(void *ctx, int selection,
+ const OSSL_PARAM params[]);
+ void OSSL_FUNC_encoder_free_object(void *obj);
=head1 DESCRIPTION
object (I<obj_raw>) or an object abstraction (I<object_abstract>, see
L<provider-object(7)>) into an encoded form, and write the result to
the given OSSL_CORE_BIO. If the caller wants to get the encoded
-stream to memory, it should provide a L<BIO_s_membuf(3)>.
+stream to memory, it should provide a L<BIO_s_mem(3)> B<BIO>.
The encoder doesn't need to know more about the B<OSSL_CORE_BIO>
pointer than being able to pass it to the appropriate BIO upcalls (see
with the L<KEYMGMT|provider-keymgmt(7)> provider.
All "functions" mentioned here are passed as function pointers between
-F<libcrypto> and the provider in B<OSSL_DISPATCH> arrays via
-B<OSSL_ALGORITHM> arrays that are returned by the provider's
+F<libcrypto> and the provider in L<OSSL_DISPATCH(3)> arrays via
+L<OSSL_ALGORITHM(3)> arrays that are returned by the provider's
provider_query_operation() function
(see L<provider-base(7)/Provider Functions>).
All these "functions" have a corresponding function type definition
-named B<OSSL_{name}_fn>, and a helper function to retrieve the
-function pointer from a B<OSSL_DISPATCH> element named
+named B<OSSL_FUNC_{name}_fn>, and a helper function to retrieve the
+function pointer from an L<OSSL_DISPATCH(3)> element named
B<OSSL_FUNC_{name}>.
-For example, the "function" OSSL_FUNC_encoder_encode_data() has these:
+For example, the "function" OSSL_FUNC_encoder_encode() has these:
typedef int
(OSSL_FUNC_encoder_encode_fn)(void *ctx, OSSL_CORE_BIO *out,
int selection,
OSSL_PASSPHRASE_CALLBACK *cb, void *cbarg);
static ossl_inline OSSL_FUNC_encoder_encode_fn
- OSSL_FUNC_encoder_encode_data(const OSSL_DISPATCH *opf);
+ OSSL_FUNC_encoder_encode(const OSSL_DISPATCH *opf);
-B<OSSL_DISPATCH> arrays are indexed by numbers that are provided as
+L<OSSL_DISPATCH(3)> arrays are indexed by numbers that are provided as
macros in L<openssl-core_dispatch.h(7)>, as follows:
OSSL_FUNC_encoder_get_params OSSL_FUNC_ENCODER_GET_PARAMS
OSSL_FUNC_encoder_does_selection OSSL_FUNC_ENCODER_DOES_SELECTION
- OSSL_FUNC_encoder_encode OSSL_FUNC_ENCODER_ENCODE_DATA
+ OSSL_FUNC_encoder_encode OSSL_FUNC_ENCODER_ENCODE
OSSL_FUNC_encoder_import_object OSSL_FUNC_ENCODER_IMPORT_OBJECT
OSSL_FUNC_encoder_free_object OSSL_FUNC_ENCODER_FREE_OBJECT
For example, an implementation that encodes an RSA key should be named "RSA".
Likewise, an implementation that further encodes DER should be named "DER".
-Properties can be use to further specify details about an implementation:
+Properties can be used to further specify details about an implementation:
=over 4
=item output
-This property is used to specify what type of output implementation
-produces. Currently known output types are:
+This property is used to specify what type of output the implementation
+produces.
+
+This property is I<mandatory>.
+
+OpenSSL providers recognize the following output types:
=over 4
An implementation with that output type outputs DER formatted data.
+=item msblob
+
+An implementation with that output type outputs MSBLOB formatted data.
+
+=item pvk
+
+An implementation with that output type outputs PVK formatted data.
+
=back
=item structure
(presumably an asymmetric key pair, in this case) will be wrapped in a
PKCS#8 structure as part of the encoding.
+This property is I<optional>.
+
=back
The possible values of both these properties is open ended. A provider may
ignored.
Passing NULL for I<params> should return true.
-OSSL_FUNC_encoder_settable_ctx_params() returns a constant B<OSSL_PARAM>
+OSSL_FUNC_encoder_settable_ctx_params() returns a constant L<OSSL_PARAM(3)>
array describing the parameters that OSSL_FUNC_encoder_set_ctx_params()
can handle.
=head2 Encoding functions
-OSSL_FUNC_encoder_encode() should take an provider-native object (in
+OSSL_FUNC_encoder_encode() should take a provider-native object (in
I<obj_raw>) or an object abstraction (in I<obj_abstract>), and should output
the object in encoded form to the B<OSSL_CORE_BIO>. The I<selection> bits,
if relevant, should determine in greater detail what will be output.
-The encoding functions also take an B<OSSL_PASSPHRASE_CALLBACK> function
+The encoding functions also take an L<OSSL_PASSPHRASE_CALLBACK(3)> function
pointer along with a pointer to application data I<cbarg>, which should be
used when a pass phrase prompt is needed.
-=head2 Encoder parameters
-
-The ENCODER implementation itself has parameters that can be used to
-determine how it fits in a chain of encoders:
-
-=over 4
-
-=item "input-type" (B<OSSL_ENCODER_PARAM_INPUT_TYPE>) <UTF8 string>
-
-This is used to specify a distinct type name for the object passed as
-I<obj_raw> to OSSL_FUNC_encoder_encode.
-
-This parameter is an optional parameter, to be used if the name of the
-implementation can be ambiguous because of aliases, and something more
-deterministic is needed.
-
-=item "output-type" (B<OSSL_ENCODER_PARAM_OUTPUT_TYPE>) <UTF8 string>
-
-This is used to specify the output type for an ENCODER implementation.
-
-This parameter is I<mandatory>.
-
-=for comment If we had functionality to get the value of a specific property
-in a set of properties, it would be possible to determine the output type
-from the C<output> property.
-
-=item "output-structure" (B<OSSL_ENCODER_PARAM_OUTPUT_STRUCTURE>) <UTF8 string>
-
-This is used to specify the outermost output structure for an ENCODER
-implementation.
-
-For example, an output of type "DER" for a key pair could be structured
-using PKCS#8, or a key type specific structure, such as PKCS#1 for RSA
-keys.
-
-=for comment If we had functionality to get the value of a specific property
-in a set of properties, it would be possible to determine the output
-structure from the C<structure> property.
-
-=back
-
=head2 Encoder operation parameters
Operation parameters currently recognised by built-in encoders are as
property strings return an error on receiving this parameter unless
its value NULL or the empty string.
+=item "save-parameters" (B<OSSL_ENCODER_PARAM_SAVE_PARAMETERS>) <integer>
+
+If set to 0 disables saving of key domain parameters. Default is 1.
+It currently has an effect only on DSA keys.
+
=back
Parameters currently recognised by the built-in pass phrase callback:
failure.
OSSL_FUNC_encoder_set_ctx_params() returns 1, unless a recognised
-parameters was invalid or caused an error, for which 0 is returned.
+parameter was invalid or caused an error, for which 0 is returned.
OSSL_FUNC_encoder_settable_ctx_params() returns a pointer to an array of
-constant B<OSSL_PARAM> elements.
+constant L<OSSL_PARAM(3)> elements.
OSSL_FUNC_encoder_does_selection() returns 1 if the encoder implementation
supports any of the I<selection> bits, otherwise 0.
-OSSL_FUNC_encoder_encode() return 1 on success, or 0 on failure.
+OSSL_FUNC_encoder_encode() returns 1 on success, or 0 on failure.
=head1 SEE ALSO
=head1 COPYRIGHT
-Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy