5 OSSL_PARAM_construct_from_text, OSSL_PARAM_allocate_from_text
6 - OSSL_PARAM construction utilities
10 #include <openssl/params.h>
12 int OSSL_PARAM_construct_from_text(OSSL_PARAM *to,
13 const OSSL_PARAM *paramdefs,
14 const char *key, const char *value,
16 void *buf, size_t *buf_n)
17 int OSSL_PARAM_allocate_from_text(OSSL_PARAM *to,
18 const OSSL_PARAM *paramdefs,
19 const char *key, const char *value,
24 With OpenSSL before version 3.0, parameters were passed down to or
25 retrieved from algorithm implementations via control functions.
26 Some of these control functions existed in variants that took string
27 parameters, for example L<EVP_PKEY_CTX_ctrl_str(3)>.
29 OpenSSL 3.0 introduces a new mechanism to do the same thing with an
30 array of parameters that contain name, value, value type and value
31 size (see L<OSSL_PARAM(3)> for more information).
33 OSSL_PARAM_construct_from_text() takes a control I<key>, I<value> and
34 value size I<value_n>, and given a parameter descriptor array
35 I<paramdefs>, it converts the value to something suitable for
36 L<OSSL_PARAM(3)> and stores that in the buffer I<buf>, and modifies
37 the parameter I<to> to match.
38 I<buf_n>, if not NULL, will be assigned the number of bytes used in
40 If I<buf> is NULL, only I<buf_n> will be modified, everything else is
41 left untouched, allowing a caller to find out how large the buffer
43 I<buf> needs to be correctly aligned for the type of the B<OSSL_PARAM>
46 OSSL_PARAM_allocate_from_text() works like OSSL_PARAM_construct_from_text(),
47 except it allocates the buffer internally.
48 The caller must remember to free the data of I<to> when it's not
51 For parameters having the type B<OSSL_PARAM_INTEGER>,
52 B<OSSL_PARAM_UNSIGNED_INTEGER>, or B<OSSL_PARAM_OCTET_STRING>, both
53 functions will interpret the I<value> differently if the key starts
55 In that case, the value is decoded first, and the result will be used
60 OSSL_PARAM_construct_from_text() and OSSL_PARAM_allocate_from_text()
61 returns 1 on success, and 0 on error.
65 The parameter descriptor array comes from functions dedicated to
67 The following B<OSSL_PARAM> attributes are used:
79 All other attributes are ignored.
81 The I<data_size> attribute can be zero, meaning that the parameter it
82 describes expects arbitrary length data.
86 Code that looked like this:
88 int mac_ctrl_string(EVP_PKEY_CTX *ctx, const char *value)
91 char *stmp, *vtmp = NULL;
92 stmp = OPENSSL_strdup(value);
95 vtmp = strchr(stmp, ':');
100 rv = EVP_MAC_ctrl_str(ctx, stmp, vtmp);
109 for (i = 0; i < sk_OPENSSL_STRING_num(macopts); i++) {
110 macopt = sk_OPENSSL_STRING_value(macopts, i);
111 if (pkey_ctrl_string(mac_ctx, macopt) <= 0) {
113 "MAC parameter error \"%s\"\n", macopt);
114 ERR_print_errors(bio_err);
119 Can be written like this instead:
122 OPENSSL_zalloc(sizeof(OSSL_PARAM)
123 * (sk_OPENSSL_STRING_num(opts) + 1));
124 const OSSL_PARAM *paramdefs = EVP_MAC_CTX_set_param_types(mac);
127 for (params_n = 0; params_n < (size_t)sk_OPENSSL_STRING_num(opts);
129 char *opt = sk_OPENSSL_STRING_value(opts, (int)params_n);
130 char *stmp, *vtmp = NULL;
132 if ((stmp = OPENSSL_strdup(opt)) == NULL
133 || (vtmp = strchr(stmp, ':')) == NULL
134 || (*vtmp++ = '\0') /* Always zero */
135 || !OSSL_PARAM_allocate_from_text(¶ms[params_n],
137 stmp, vtmp, strlen(vtmp))) {
138 BIO_printf(bio_err, "MAC parameter error '%s'\n", opt);
139 ERR_print_errors(bio_err);
143 params[params_n] = OSSL_PARAM_construct_end();
144 if (!EVP_MAC_CTX_set_params(ctx, params)) {
145 BIO_printf(bio_err, "MAC parameter error\n");
146 ERR_print_errors(bio_err);
149 for (; params_n-- > 0;) {
150 OPENSSL_free(params[params_n].data);
152 OPENSSL_free(params);
156 L<OSSL_PARAM(3)>, L<OSSL_PARAM_TYPE(3)>
160 Copyright 2019 The OpenSSL Project Authors. All Rights Reserved.
162 Licensed under the Apache License 2.0 (the "License"). You may not use
163 this file except in compliance with the License. You can obtain a copy
164 in the file LICENSE in the source distribution or at
165 L<https://www.openssl.org/source/license.html>.