xref: /openssl/doc/man7/ossl_store-file.pod (revision bb82531f)
1=pod
2
3=begin comment
4
5This is a recommended way to describe OSSL_STORE loaders,
6"ossl_store-{name}", where {name} is replaced with the name of the
7scheme it implements, in man section 7.
8
9=end comment
10
11=head1 NAME
12
13ossl_store-file - The store 'file' scheme loader
14
15=head1 SYNOPSIS
16
17=for openssl generic
18
19#include <openssl/store.h>
20
21=head1 DESCRIPTION
22
23Support for the 'file' scheme is built into C<libcrypto>.
24Since files come in all kinds of formats and content types, the 'file'
25scheme has its own layer of functionality called "file handlers",
26which are used to try to decode diverse types of file contents.
27
28In case a file is formatted as PEM, each called file handler receives
29the PEM name (everything following any 'C<-----BEGIN >') as well as
30possible PEM headers, together with the decoded PEM body.  Since PEM
31formatted files can contain more than one object, the file handlers
32are called upon for each such object.
33
34If the file isn't determined to be formatted as PEM, the content is
35loaded in raw form in its entirety and passed to the available file
36handlers as is, with no PEM name or headers.
37
38Each file handler is expected to handle PEM and non-PEM content as
39appropriate.  Some may refuse non-PEM content for the sake of
40determinism (for example, there are keys out in the wild that are
41represented as an ASN.1 OCTET STRING.  In raw form, it's not easily
42possible to distinguish those from any other data coming as an ASN.1
43OCTET STRING, so such keys would naturally be accepted as PEM files
44only).
45
46=head1 NOTES
47
48When needed, the 'file' scheme loader will require a pass phrase by
49using the B<UI_METHOD> that was passed via OSSL_STORE_open().
50This pass phrase is expected to be UTF-8 encoded, anything else will
51give an undefined result.
52The files made accessible through this loader are expected to be
53standard compliant with regards to pass phrase encoding.
54Files that aren't should be re-generated with a correctly encoded pass
55phrase.
56See L<passphrase-encoding(7)> for more information.
57
58=head1 SEE ALSO
59
60L<ossl_store(7)>, L<passphrase-encoding(7)>
61
62=head1 COPYRIGHT
63
64Copyright 2018 The OpenSSL Project Authors. All Rights Reserved.
65
66Licensed under the Apache License 2.0 (the "License").  You may not use
67this file except in compliance with the License.  You can obtain a copy
68in the file LICENSE in the source distribution or at
69L<https://www.openssl.org/source/license.html>.
70
71=cut
72