pub struct LibCtx { /* private fields */ }Expand description
An OpenSSL library context (OSSL_LIB_CTX*).
Wrap in Arc<LibCtx> before passing to algorithm descriptors; they will
clone the Arc to keep the context alive.
Implementations§
Source§impl LibCtx
impl LibCtx
Sourcepub fn new() -> Result<Self, ErrorStack>
pub fn new() -> Result<Self, ErrorStack>
Create a new, empty library context.
No providers are loaded by default. Call load_provider at least once
before using algorithms.
§Errors
Returns Err if OpenSSL cannot allocate the context.
Sourcepub fn load_provider(&self, name: &CStr) -> Result<Provider, ErrorStack>
pub fn load_provider(&self, name: &CStr) -> Result<Provider, ErrorStack>
Load a provider into this library context.
Common provider names:
c"default"— standard algorithms.c"fips"— FIPS 140-3 validated algorithms (requires OpenSSL FIPS module).c"base"— must be loaded alongside"fips"for PEM/DER encoders.
The returned Provider keeps the provider loaded until dropped.
§Errors
Returns Err if the provider cannot be loaded.
Sourcepub fn as_ptr(&self) -> *mut OSSL_LIB_CTX
pub fn as_ptr(&self) -> *mut OSSL_LIB_CTX
Return the raw OSSL_LIB_CTX* pointer. Valid while self is alive.
Sourcepub fn load_config(&self, path: &Path) -> Result<(), ErrorStack>
pub fn load_config(&self, path: &Path) -> Result<(), ErrorStack>
Load an openssl.cnf-format configuration file into this context.
Providers and algorithm configuration declared in the file are activated within this context only — the global default context is not affected.
§Errors
Returns Err if path contains a null byte, the file cannot be read,
or the configuration is syntactically invalid.
Sourcepub fn load_pkcs11_provider(
&self,
module: &Path,
) -> Result<Provider, ErrorStack>
pub fn load_pkcs11_provider( &self, module: &Path, ) -> Result<Provider, ErrorStack>
Load and activate the pkcs11 provider, pointing it at module.
Writes a minimal openssl.cnf snippet to a temporary file, calls
load_config on it, then loads the pkcs11
provider into this context. The temporary file is deleted before this
function returns.
The returned Provider keeps the provider active until dropped.
§Errors
Returns Err if module cannot be represented as a valid path string,
if the temporary file cannot be written, or if the provider fails to load.
Sourcepub unsafe fn from_raw_unowned(ptr: *mut OSSL_LIB_CTX) -> Self
pub unsafe fn from_raw_unowned(ptr: *mut OSSL_LIB_CTX) -> Self
Wrap a raw OSSL_LIB_CTX* that is owned and managed externally.
The resulting LibCtx will NOT call OSSL_LIB_CTX_free when dropped.
Use this only when the raw pointer’s lifetime is guaranteed to exceed the
LibCtx (e.g. a context received from a FIPS provider callback).
§Safety
The caller must ensure that ptr is a valid, non-null OSSL_LIB_CTX*
that remains valid for as long as the returned LibCtx is alive.