[thirdparty/openssl.git] / doc / man3 / OSSL_PARAM_construct_from_text.pod

=pod

=head1 NAME

OSSL_PARAM_construct_from_text, OSSL_PARAM_allocate_from_text
- OSSL_PARAM construction utilities

=head1 SYNOPSIS

 #include <openssl/params.h>

 int OSSL_PARAM_construct_from_text(OSSL_PARAM *to,
                                    const OSSL_PARAM *paramdefs,
                                    const char *key, const char *value,
                                    size_t value_n,
                                    void *buf, size_t *buf_n)
 int OSSL_PARAM_allocate_from_text(OSSL_PARAM *to,
                                   const OSSL_PARAM *paramdefs,
                                   const char *key, const char *value,
                                   size_t value_n);

=head1 DESCRIPTION

With OpenSSL before version 3.0, parameters were passed down to or
retrieved from algorithm implementations via control functions.
Some of these control functions existed in variants that took string
parameters, for example L<EVP_PKEY_CTX_ctrl_str(3)>.

OpenSSL 3.0 introduces a new mechanism to do the same thing with an
array of parameters that contain name, value, value type and value
size (see L<OSSL_PARAM(3)> for more information).

OSSL_PARAM_construct_from_text() takes a control I<key>, I<value> and
value size I<value_n>, and given a parameter descriptor array
I<paramdefs>, it converts the value to something suitable for
L<OSSL_PARAM(3)> and stores that in the buffer I<buf>, and modifies
the parameter I<to> to match.
I<buf_n>, if not NULL, will be assigned the number of bytes used in
I<buf>.
If I<buf> is NULL, only I<buf_n> will be modified, everything else is
left untouched, allowing a caller to find out how large the buffer
should be.
I<buf> needs to be correctly aligned for the type of the B<OSSL_PARAM>
I<key>.

OSSL_PARAM_allocate_from_text() works like OSSL_PARAM_construct_from_text(),
except it allocates the buffer internally.
The caller must remember to free the data of I<to> when it's not
useful any more.

For parameters having the type B<OSSL_PARAM_INTEGER>,
B<OSSL_PARAM_UNSIGNED_INTEGER>, or B<OSSL_PARAM_OCTET_STRING>, both
functions will interpret the I<value> differently if the key starts
with "hex".
In that case, the value is decoded first, and the result will be used
as parameter value.

=head1 RETURN VALUES

OSSL_PARAM_construct_from_text() and OSSL_PARAM_allocate_from_text()
returns 1 on success, and 0 on error.

=head1 NOTES

The parameter descriptor array comes from functions dedicated to
return them.
The following B<OSSL_PARAM> attributes are used:

=over 4

=item I<key>

=item I<data>

=item I<data_size>

=back

All other attributes are ignored.

The I<data_size> attribute can be zero, meaning that the parameter it
describes expects arbitrary length data.

=head1 EXAMPLES

Code that looked like this:

  int mac_ctrl_string(EVP_PKEY_CTX *ctx, const char *value)
  {
      int rv;
      char *stmp, *vtmp = NULL;

      stmp = OPENSSL_strdup(value);
      if (stmp == NULL)
          return -1;
      vtmp = strchr(stmp, ':');
      if (vtmp != NULL)
          *vtmp++ = '\0';
      rv = EVP_MAC_ctrl_str(ctx, stmp, vtmp);
      OPENSSL_free(stmp);
      return rv;
  }

  ...


  for (i = 0; i < sk_OPENSSL_STRING_num(macopts); i++) {
      char *macopt = sk_OPENSSL_STRING_value(macopts, i);

      if (pkey_ctrl_string(mac_ctx, macopt) <= 0) {
          BIO_printf(bio_err,
                     "MAC parameter error \"%s\"\n", macopt);
          ERR_print_errors(bio_err);
          goto mac_end;
      }
  }

Can be written like this instead:

  OSSL_PARAM *params =
      OPENSSL_zalloc(sizeof(*params)
                     * (sk_OPENSSL_STRING_num(opts) + 1));
  const OSSL_PARAM *paramdefs = EVP_MAC_settable_ctx_params(mac);
  size_t params_n;
  char *opt = "<unknown>";

  for (params_n = 0; params_n < (size_t)sk_OPENSSL_STRING_num(opts);
       params_n++) {
      char *stmp, *vtmp = NULL;

      opt = sk_OPENSSL_STRING_value(opts, (int)params_n);
      if ((stmp = OPENSSL_strdup(opt)) == NULL
              || (vtmp = strchr(stmp, ':')) == NULL)
          goto err;

      *vtmp++ = '\0';
      if (!OSSL_PARAM_allocate_from_text(&params[params_n],
                                         paramdefs, stmp,
                                         vtmp, strlen(vtmp)))
          goto err;
  }
  params[params_n] = OSSL_PARAM_construct_end();
  if (!EVP_MAC_CTX_set_params(ctx, params))
      goto err;
  while (params_n-- > 0)
      OPENSSL_free(params[params_n].data);
  OPENSSL_free(params);
  /* ... */
  return;

 err:
  BIO_printf(bio_err, "MAC parameter error '%s'\n", opt);
  ERR_print_errors(bio_err);


=head1 SEE ALSO

L<OSSL_PARAM(3)>, L<OSSL_PARAM_int(3)>

=head1 COPYRIGHT

Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.

Licensed under the Apache License 2.0 (the "License").  You may not use
this file except in compliance with the License.  You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.

=cut
Commit	Line	Data
246a1f3d RL	1	=pod
	2
	3	=head1 NAME
	4
	5	OSSL_PARAM_construct_from_text, OSSL_PARAM_allocate_from_text
	6	- OSSL_PARAM construction utilities
	7
	8	=head1 SYNOPSIS
	9
	10	#include <openssl/params.h>
	11
	12	int OSSL_PARAM_construct_from_text(OSSL_PARAM *to,
	13	const OSSL_PARAM *paramdefs,
	14	const char key, const char value,
	15	size_t value_n,
	16	void buf, size_t buf_n)
	17	int OSSL_PARAM_allocate_from_text(OSSL_PARAM *to,
	18	const OSSL_PARAM *paramdefs,
	19	const char key, const char value,
	20	size_t value_n);
	21
	22	=head1 DESCRIPTION
	23
	24	With OpenSSL before version 3.0, parameters were passed down to or
	25	retrieved from algorithm implementations via control functions.
	26	Some of these control functions existed in variants that took string
	27	parameters, for example L<EVP_PKEY_CTX_ctrl_str(3)>.
	28
	29	OpenSSL 3.0 introduces a new mechanism to do the same thing with an
	30	array of parameters that contain name, value, value type and value
	31	size (see L<OSSL_PARAM(3)> for more information).
	32
	33	OSSL_PARAM_construct_from_text() takes a control I<key>, I<value> and
	34	value size I<value_n>, and given a parameter descriptor array
	35	I<paramdefs>, it converts the value to something suitable for
	36	L<OSSL_PARAM(3)> and stores that in the buffer I<buf>, and modifies
	37	the parameter I<to> to match.
	38	I<buf_n>, if not NULL, will be assigned the number of bytes used in
	39	I<buf>.
	40	If I<buf> is NULL, only I<buf_n> will be modified, everything else is
	41	left untouched, allowing a caller to find out how large the buffer
	42	should be.
	43	I<buf> needs to be correctly aligned for the type of the B<OSSL_PARAM>
	44	I<key>.
	45
	46	OSSL_PARAM_allocate_from_text() works like OSSL_PARAM_construct_from_text(),
	47	except it allocates the buffer internally.
	48	The caller must remember to free the data of I<to> when it's not
	49	useful any more.
	50
	51	For parameters having the type B<OSSL_PARAM_INTEGER>,
	52	B<OSSL_PARAM_UNSIGNED_INTEGER>, or B<OSSL_PARAM_OCTET_STRING>, both
	53	functions will interpret the I<value> differently if the key starts
	54	with "hex".
	55	In that case, the value is decoded first, and the result will be used
	56	as parameter value.
	57
	58	=head1 RETURN VALUES
	59
	60	OSSL_PARAM_construct_from_text() and OSSL_PARAM_allocate_from_text()
	61	returns 1 on success, and 0 on error.
	62
	63	=head1 NOTES
	64
65	The parameter descriptor array comes from functions dedicated to
66	return them.
67	The following B<OSSL_PARAM> attributes are used:
68
69	=over 4
70
71	=item I<key>
72
73	=item I<data>
74
75	=item I<data_size>
76
77	=back
78
79	All other attributes are ignored.
80
81	The I<data_size> attribute can be zero, meaning that the parameter it
82	describes expects arbitrary length data.
83
cda77422	84	=head1 EXAMPLES
246a1f3d RL	85
	86	Code that looked like this:
	87
	88	int mac_ctrl_string(EVP_PKEY_CTX ctx, const char value)
	89	{
	90	int rv;
	91	char stmp, vtmp = NULL;
697b0c51	92
246a1f3d	93	stmp = OPENSSL_strdup(value);
697b0c51	94	if (stmp == NULL)
246a1f3d RL	95	return -1;
246a1f3d RL	96	vtmp = strchr(stmp, ':');
697b0c51 RS	97	if (vtmp != NULL)
697b0c51 RS	98	*vtmp++ = '\0';
246a1f3d RL	99	rv = EVP_MAC_ctrl_str(ctx, stmp, vtmp);
	100	OPENSSL_free(stmp);
	101	return rv;
	102	}
	103
	104	...
	105
	106
246a1f3d	107	for (i = 0; i < sk_OPENSSL_STRING_num(macopts); i++) {
697b0c51 RS	108	char *macopt = sk_OPENSSL_STRING_value(macopts, i);
697b0c51 RS	109
246a1f3d RL	110	if (pkey_ctrl_string(mac_ctx, macopt) <= 0) {
	111	BIO_printf(bio_err,
	112	"MAC parameter error \"%s\"\n", macopt);
	113	ERR_print_errors(bio_err);
	114	goto mac_end;
	115	}
	116	}
	117
	118	Can be written like this instead:
	119
	120	OSSL_PARAM *params =
697b0c51	121	OPENSSL_zalloc(sizeof(*params)
246a1f3d	122	* (sk_OPENSSL_STRING_num(opts) + 1));
41f7ecf3	123	const OSSL_PARAM *paramdefs = EVP_MAC_settable_ctx_params(mac);
246a1f3d	124	size_t params_n;
697b0c51	125	char *opt = "<unknown>";
246a1f3d RL	126
	127	for (params_n = 0; params_n < (size_t)sk_OPENSSL_STRING_num(opts);
	128	params_n++) {
246a1f3d RL	129	char stmp, vtmp = NULL;
246a1f3d RL	130
697b0c51	131	opt = sk_OPENSSL_STRING_value(opts, (int)params_n);
246a1f3d	132	if ((stmp = OPENSSL_strdup(opt)) == NULL
697b0c51 RS	133	\|\| (vtmp = strchr(stmp, ':')) == NULL)
	134	goto err;
	135
	136	*vtmp++ = '\0';
	137	if (!OSSL_PARAM_allocate_from_text(&params[params_n],
	138	paramdefs, stmp,
	139	vtmp, strlen(vtmp)))
246a1f3d	140	goto err;
246a1f3d RL	141	}
246a1f3d RL	142	params[params_n] = OSSL_PARAM_construct_end();
697b0c51	143	if (!EVP_MAC_CTX_set_params(ctx, params))
246a1f3d	144	goto err;
697b0c51	145	while (params_n-- > 0)
246a1f3d	146	OPENSSL_free(params[params_n].data);
246a1f3d	147	OPENSSL_free(params);
697b0c51 RS	148	/* ... */
	149	return;
	150
	151	err:
	152	BIO_printf(bio_err, "MAC parameter error '%s'\n", opt);
	153	ERR_print_errors(bio_err);
	154
246a1f3d RL	155
	156	=head1 SEE ALSO
	157
1b0d1bf7	158	L<OSSL_PARAM(3)>, L<OSSL_PARAM_int(3)>
246a1f3d RL	159
	160	=head1 COPYRIGHT
	161
	162	Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
	163
	164	Licensed under the Apache License 2.0 (the "License"). You may not use
	165	this file except in compliance with the License. You can obtain a copy
	166	in the file LICENSE in the source distribution or at
	167	L<https://www.openssl.org/source/license.html>.
	168
	169	=cut