{
    "mode": "man",
    "parameter": "provider-storemgmt",
    "section": "7",
    "url": "https://www.chedong.com/phpMan.php/man/provider-storemgmt/7/json",
    "generated": "2026-06-15T11:38:28Z",
    "synopsis": "#include <openssl/coredispatch.h>\n/*\n* None of these are actual functions, but are displayed like this for\n* the function signatures for functions that are offered as function\n* pointers in OSSLDISPATCH arrays.\n*/\nvoid *OSSLFUNCstoreopen(void *provctx, const char *uri);\nvoid *OSSLFUNCstoreattach(void *provctx, OSSLCOREBIO *bio);\nconst OSSLPARAM *storesettablectxparams(void *provctx);\nint OSSLFUNCstoresetctxparams(void *loaderctx, const OSSLPARAM[]);\nint OSSLFUNCstoreload(void *loaderctx,\nOSSLCALLBACK *objectcb, void *objectcbarg,\nOSSLPASSPHRASECALLBACK *pwcb, void *pwcbarg);\nint OSSLFUNCstoreeof(void *loaderctx);\nint OSSLFUNCstoreclose(void *loaderctx);\nint OSSLFUNCstoreexportobject\n(void *loaderctx, const void *objref, sizet objrefsz,\nOSSLCALLBACK *exportcb, void *exportcbarg);",
    "sections": {
        "NAME": {
            "content": "provider-storemgmt - The OSSLSTORE library <-> provider functions\n",
            "subsections": []
        },
        "SYNOPSIS": {
            "content": "#include <openssl/coredispatch.h>\n\n/*\n* None of these are actual functions, but are displayed like this for\n* the function signatures for functions that are offered as function\n* pointers in OSSLDISPATCH arrays.\n*/\n\nvoid *OSSLFUNCstoreopen(void *provctx, const char *uri);\nvoid *OSSLFUNCstoreattach(void *provctx, OSSLCOREBIO *bio);\nconst OSSLPARAM *storesettablectxparams(void *provctx);\nint OSSLFUNCstoresetctxparams(void *loaderctx, const OSSLPARAM[]);\nint OSSLFUNCstoreload(void *loaderctx,\nOSSLCALLBACK *objectcb, void *objectcbarg,\nOSSLPASSPHRASECALLBACK *pwcb, void *pwcbarg);\nint OSSLFUNCstoreeof(void *loaderctx);\nint OSSLFUNCstoreclose(void *loaderctx);\n\nint OSSLFUNCstoreexportobject\n(void *loaderctx, const void *objref, sizet objrefsz,\nOSSLCALLBACK *exportcb, void *exportcbarg);\n",
            "subsections": []
        },
        "DESCRIPTION": {
            "content": "The STORE operation is the provider side of the osslstore(7) API.\n\nThe primary responsibility of the STORE operation is to load all sorts of objects from a\ncontainer indicated by URI.  These objects are given to the OpenSSL library in provider-\nnative object abstraction form (see provider-object(7)).  The OpenSSL library is then\nresponsible for passing on that abstraction to suitable provided functions.\n\nExamples of functions that the OpenSSL library can pass the abstraction to include\nOSSLFUNCkeymgmtload() (provider-keymgmt(7)), OSSLFUNCstoreexportobject() (which\nexports the object in parameterized form).\n\nAll \"functions\" mentioned here are passed as function pointers between libcrypto and the\nprovider in OSSLDISPATCH arrays via OSSLALGORITHM arrays that are returned by the\nprovider's providerqueryoperation() function (see \"Provider Functions\" in\nprovider-base(7)).\n\nAll these \"functions\" have a corresponding function type definition named\nOSSLFUNC{name}fn, and a helper function to retrieve the function pointer from a\nOSSLDISPATCH element named OSSLget{name}.  For example, the \"function\"\nOSSLFUNCstoreload() has these:\n\ntypedef void *(OSSLOSSLFUNCstoreloadfn)(void *provctx,\nconst OSSLPARAM params[]);\nstatic osslinline OSSLOSSLFUNCstoreloadfn\nOSSLOSSLFUNCstoreload(const OSSLDISPATCH *opf);\n\nOSSLDISPATCH arrays are indexed by numbers that are provided as macros in\nopenssl-coredispatch.h(7), as follows:\n\nOSSLFUNCstoreopen                 OSSLFUNCSTOREOPEN\nOSSLFUNCstoreattach               OSSLFUNCSTOREATTACH\nOSSLFUNCstoresettablectxparams  OSSLFUNCSTORESETTABLECTXPARAMS\nOSSLFUNCstoresetctxparams       OSSLFUNCSTORESETCTXPARAMS\nOSSLFUNCstoreload                 OSSLFUNCSTORELOAD\nOSSLFUNCstoreeof                  OSSLFUNCSTOREEOF\nOSSLFUNCstoreclose                OSSLFUNCSTORECLOSE\nOSSLFUNCstoreexportobject        OSSLFUNCSTOREEXPORTOBJECT\n",
            "subsections": [
                {
                    "name": "Functions",
                    "content": "OSSLFUNCstoreopen() should create a provider side context with data based on the input\nuri.  The implementation is entirely responsible for the interpretation of the URI.\n\nOSSLFUNCstoreattach() should create a provider side context with the core BIO bio\nattached.  This is an alternative to using a URI to find storage, supporting\nOSSLSTOREattach(3).\n\nOSSLFUNCstoresettablectxparams() should return a constant array of descriptor\nOSSLPARAM, for parameters that OSSLFUNCstoresetctxparams() can handle.\n\nOSSLFUNCstoresetctxparams() should set additional parameters, such as what kind of data\nto expect, search criteria, and so on.  More on those below, in \"Load Parameters\".  Whether\nunrecognised parameters are an error or simply ignored is at the implementation's discretion.\nPassing NULL for params should return true.\n\nOSSLFUNCstoreload() loads the next object from the URI opened by OSSLFUNCstoreopen(),\ncreates an object abstraction for it (see provider-object(7)), and calls objectcb with it as\nwell as objectcbarg.  objectcb will then interpret the object abstraction and do what it\ncan to wrap it or decode it into an OpenSSL structure.  In case a passphrase needs to be\nprompted to unlock an object, pwcb should be called.\n\nOSSLFUNCstoreeof() indicates if the end of the set of objects from the URI has been\nreached.  When that happens, there's no point trying to do any further loading.\n\nOSSLFUNCstoreclose() frees the provider side context ctx.\n"
                },
                {
                    "name": "Load Parameters",
                    "content": "\"expect\" (OSSLSTOREPARAMEXPECT) <integer>\nIs a hint of what type of data the OpenSSL library expects to get.  This is only useful\nfor optimization, as the library will check that the object types match the expectation\ntoo.\n\nThe number that can be given through this parameter is found in <openssl/store.h>, with\nthe macros having names starting with \"OSSLSTOREINFO\".  These are further described in\n\"SUPPORTED OBJECTS\" in OSSLSTOREINFO(3).\n\n\"subject\" (OSSLSTOREPARAMSUBJECT) <octet string>\nIndicates that the caller wants to search for an object with the given subject\nassociated.  This can be used to select specific certificates by subject.\n\nThe contents of the octet string is expected to be in DER form.\n\n\"issuer\" (OSSLSTOREPARAMISSUER) <octet string>\nIndicates that the caller wants to search for an object with the given issuer associated.\nThis can be used to select specific certificates by issuer.\n\nThe contents of the octet string is expected to be in DER form.\n\n\"serial\" (OSSLSTOREPARAMSERIAL) <integer>\nIndicates that the caller wants to search for an object with the given serial number\nassociated.\n\n\"digest\" (OSSLSTOREPARAMDIGEST) <UTF8 string>\n\"fingerprint\" (OSSLSTOREPARAMFINGERPRINT) <octet string>\nIndicates that the caller wants to search for an object with the given fingerprint,\ncomputed with the given digest.\n\n\"alias\" (OSSLSTOREPARAMALIAS) <UTF8 string>\nIndicates that the caller wants to search for an object with the given alias (some call\nit a \"friendly name\").\n\n\"properties\" (OSSLSTOREPARAMPROPERTIES) <utf8 string\nProperty string to use when querying for algorithms such as the OSSLDECODER decoder\nimplementations.\n\n\"input-type\" (OSSLSTOREPARAMINPUTTYPE) <utf8 string\nType of the input format as a hint to use when decoding the objects in the store.\n\nSeveral of these search criteria may be combined.  For example, to search for a certificate\nby issuer+serial, both the \"issuer\" and the \"serial\" parameters will be given.\n"
                }
            ]
        },
        "SEE ALSO": {
            "content": "provider(7)\n",
            "subsections": []
        },
        "HISTORY": {
            "content": "The STORE interface was introduced in OpenSSL 3.0.\n",
            "subsections": []
        },
        "COPYRIGHT": {
            "content": "Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.\n\nLicensed under the Apache License 2.0 (the \"License\").  You may not use this file except in\ncompliance with the License.  You can obtain a copy in the file LICENSE in the source\ndistribution or at <https://www.openssl.org/source/license.html>.\n\n\n\n3.0.2                                        2026-06-02                     PROVIDER-STOREMGMT(7SSL)",
            "subsections": []
        }
    },
    "summary": "provider-storemgmt - The OSSLSTORE library <-> provider functions",
    "flags": [],
    "examples": [],
    "see_also": [
        {
            "name": "provider",
            "section": "7",
            "url": "https://www.chedong.com/phpMan.php/man/provider/7/json"
        }
    ]
}