X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=doc%2Fman7%2Fossl_store.pod;h=68503cd0929df1a832a6837ca6cc4410d7843e25;hp=cda5ce47d6e0facd087e2e8b67cb0a4512b205ff;hb=HEAD;hpb=1fb2993d9e3db38c7c681ea3eecaad458e956f80 diff --git a/doc/man7/ossl_store.pod b/doc/man7/ossl_store.pod index cda5ce47d6..a2c6260061 100644 --- a/doc/man7/ossl_store.pod +++ b/doc/man7/ossl_store.pod @@ -6,7 +6,7 @@ ossl_store - Store retrieval functions =head1 SYNOPSIS -=for comment generic +=for openssl generic #include @@ -15,7 +15,7 @@ ossl_store - Store retrieval functions =head2 General A STORE is a layer of functionality to retrieve a number of supported -objects from a repository of any kind, addressable as a file name or +objects from a repository of any kind, addressable as a filename or as a URI. The functionality supports the pattern "open a channel to the @@ -30,30 +30,15 @@ from which an OpenSSL type can be retrieved. Support for a URI scheme is called a STORE "loader", and can be added dynamically from the calling application or from a loadable engine. -=head2 The 'file' scheme +Support for the 'file' scheme is built into C. +See L for more information. -Support for the 'file' scheme is already built into C. -Since files come in all kinds of formats and content types, the 'file' -scheme has its own layer of functionality called "file handlers", -which are used to try to decode diverse types of file contents. +=head2 UI_METHOD and pass phrases -In case a file is formatted as PEM, each called file handler receives -the PEM name (everything following any 'C<-----BEGIN >') as well as -possible PEM headers, together with the decoded PEM body. Since PEM -formatted files can contain more than one object, the file handlers -are called upon for each such object. - -If the file isn't determined to be formatted as PEM, the content is -loaded in raw form in its entirety and passed to the available file -handlers as is, with no PEM name or headers. - -Each file handler is expected to handle PEM and non-PEM content as -appropriate. Some may refuse non-PEM content for the sake of -determinism (for example, there are keys out in the wild that are -represented as an ASN.1 OCTET STRING. In raw form, it's not easily -possible to distinguish those from any other data coming as an ASN.1 -OCTET STRING, so such keys would naturally be accepted as PEM files -only). +The B API does nothing to enforce any specific format or +encoding on the pass phrase that the B provides. However, +the pass phrase is expected to be UTF-8 encoded. The result of any +other encoding is undefined. =head1 EXAMPLES @@ -64,7 +49,7 @@ only). /* * OSSL_STORE_eof() simulates file semantics for any repository to signal * that no more data can be expected - */ + */ while (!OSSL_STORE_eof(ctx)) { OSSL_STORE_INFO *info = OSSL_STORE_load(ctx); @@ -73,7 +58,7 @@ only). * here just one example */ switch (OSSL_STORE_INFO_get_type(info)) { - case OSSL_STORE_INFO_X509: + case OSSL_STORE_INFO_CERT: /* Print the X.509 certificate text */ X509_print_fp(stdout, OSSL_STORE_INFO_get0_CERT(info)); /* Print the X.509 certificate PEM output */ @@ -86,13 +71,15 @@ only). =head1 SEE ALSO -L, L, L +L, L, +L, L, +L =head1 COPYRIGHT -Copyright 2016-2017 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2016-2018 The OpenSSL Project Authors. All Rights Reserved. -Licensed under the OpenSSL license (the "License"). You may not use +Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at L.