5 provider-object - A specification for a provider-native object abstraction
16 The provider-native object abstraction is a set of L<OSSL_PARAM(3)> keys and
22 of object that belong with other operations, or with OpenSSL library code.
24 An object may be passed in the following manners:
32 This means that the I<object data> is passed as an octet string or an UTF8
34 The encoding of the object depends on the context it's used in; for example,
37 B<must> be encoded in DER for all object types except for B<OSSL_OBJECT_NAME>
47 This means that the I<object data> isn't passed directly, an I<object
57 implementation where the object originated (let's call it X) and its target
64 I<An object loading function in the target implementation>
66 The target implementation (Y) may have a function that can take an I<object
68 same provider as the one originating the object abstraction in question (X).
70 The exact target implementation to use is determined from the I<object type>
71 and possibly the I<object data type>.
72 For example, when the OpenSSL library receives an object abstraction with the
73 I<object type> B<OSSL_OBJECT_PKEY>, it will fetch a L<provider-keymgmt(7)>
74 using the I<object data type> as its key type (the second argument in
79 I<An object exporter in the originating implementation>
82 exporter function can be used to export the object in L<OSSL_PARAM(3)> form,
92 A provider-native object abstraction is an L<OSSL_PARAM(3)> with a selection
99 The object data I<passed by value>.
103 The object data I<passed by reference>.
107 The I<object type>, a number that may have any of the following values (all
114 The object data may only be I<passed by value>, and should be a UTF8
122 The object data is suitable as provider-native B<EVP_PKEY> key data.  The
123 object data may be I<passed by value> or I<passed by reference>.
127 The object data is suitable as B<X509> data.  The object data for this
128 object type can only be I<passed by value>, and should be an octet string.
130 Since there's no provider-native X.509 object, OpenSSL libraries that
131 receive this object abstraction are expected to convert the data to a
132 B<X509> object with d2i_X509().
136 The object data is suitable as B<X509_CRL> data.  The object data can
139 Since there's no provider-native X.509 CRL object, OpenSSL libraries that
140 receive this object abstraction are expected to convert the data to a
141 B<X509_CRL> object with d2i_X509_CRL().
147 The specific type of the object content.  Legitimate values depend on the
148 object type; if it is B<OSSL_OBJECT_PKEY>, the data type is expected to be a
152 =for comment For objects with an unknown object type (OSSL_OBJECT_PARAM_TYPE
154 interprets the object data type as the input type for a decoder.
158 The outermost structure of the object content.  Legitimate values depend on
159 the object type.
163 A human readable text that describes extra details on the object.
167 When a provider-native object abstraction is used, it I<must> contain object
168 data in at least one form (object data I<passed by value>, i.e. the "data"
169 item, or object data I<passed by reference>, i.e. the "reference" item).
173 For objects with the object type B<OSSL_OBJECT_NAME>, that object type

Last Index update Fri Nov 22 14:03:13 UTC 2024

Dedicated to & Maintained by Room-11