123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255 |
- =pod
- =head1 NAME
- OSSL_PROVIDER-default - OpenSSL default provider
- =head1 DESCRIPTION
- The OpenSSL default provider supplies the majority of OpenSSL's diverse
- algorithm implementations. If an application doesn't specify anything else
- explicitly (e.g. in the application or via config), then this is the
- provider that will be used as fallback: It is loaded automatically the
- first time that an algorithm is fetched from a provider or a function
- acting on providers is called and no other provider has been loaded yet.
- If an attempt to load a provider has already been made (whether successful
- or not) then the default provider won't be loaded automatically. Therefore
- if the default provider is to be used in conjunction with other providers
- then it must be loaded explicitly. Automatic loading of the default
- provider only occurs a maximum of once; if the default provider is
- explicitly unloaded then the default provider will not be automatically
- loaded again.
- =head2 Properties
- The implementations in this provider specifically have this property
- defined:
- =over 4
- =item "provider=default"
- =back
- It may be used in a property query string with fetching functions such as
- L<EVP_MD_fetch(3)> or L<EVP_CIPHER_fetch(3)>, as well as with other
- functions that take a property query string, such as
- L<EVP_PKEY_CTX_new_from_name(3)>.
- It isn't mandatory to query for this property, except to make sure to get
- implementations of this provider and none other.
- Some implementations may define additional properties. Exact information is
- listed below
- =head1 OPERATIONS AND ALGORITHMS
- The OpenSSL default provider supports these operations and algorithms:
- =head2 Hashing Algorithms / Message Digests
- =over 4
- =item SHA1, see L<EVP_MD-SHA1(7)>
- =item SHA2, see L<EVP_MD-SHA2(7)>
- =item SHA3, see L<EVP_MD-SHA3(7)>
- =item KECCAK, see L<EVP_MD-KECCAK(7)>
- =item KECCAK-KMAC, see L<EVP_MD-KECCAK-KMAC(7)>
- =item SHAKE, see L<EVP_MD-SHAKE(7)>
- =item BLAKE2, see L<EVP_MD-BLAKE2(7)>
- =item SM3, see L<EVP_MD-SM3(7)>
- =item MD5, see L<EVP_MD-MD5(7)>
- =item MD5-SHA1, see L<EVP_MD-MD5-SHA1(7)>
- =back
- =head2 Symmetric Ciphers
- =over 4
- =item AES, see L<EVP_CIPHER-AES(7)>
- =item ARIA, see L<EVP_CIPHER-ARIA(7)>
- =item CAMELLIA, see L<EVP_CIPHER-CAMELLIA(7)>
- =item 3DES, see L<EVP_CIPHER-DES(7)>
- =item SEED, see L<EVP_CIPHER-SEED(7)>
- =item SM4, see L<EVP_CIPHER-SM4(7)>
- =item ChaCha20, see L<EVP_CIPHER-CHACHA(7)>
- =item ChaCha20-Poly1305, see L<EVP_CIPHER-CHACHA(7)>
- =back
- =head2 Message Authentication Code (MAC)
- =over 4
- =item BLAKE2, see L<EVP_MAC-BLAKE2(7)>
- =item CMAC, see L<EVP_MAC-CMAC(7)>
- =item GMAC, see L<EVP_MAC-GMAC(7)>
- =item HMAC, see L<EVP_MAC-HMAC(7)>
- =item KMAC, see L<EVP_MAC-KMAC(7)>
- =item SIPHASH, see L<EVP_MAC-Siphash(7)>
- =item POLY1305, see L<EVP_MAC-Poly1305(7)>
- =back
- =head2 Key Derivation Function (KDF)
- =over 4
- =item HKDF, see L<EVP_KDF-HKDF(7)>
- =item SSKDF, see L<EVP_KDF-SS(7)>
- =item PBKDF2, see L<EVP_KDF-PBKDF2(7)>
- =item PKCS12KDF, see L<EVP_KDF-PKCS12KDF(7)>
- =item SSHKDF, see L<EVP_KDF-SSHKDF(7)>
- =item TLS1-PRF, see L<EVP_KDF-TLS1_PRF(7)>
- =item KBKDF, see L<EVP_KDF-KB(7)>
- =item X942KDF-ASN1, see L<EVP_KDF-X942-ASN1(7)>
- =item X942KDF-CONCAT, see L<EVP_KDF-X942-CONCAT(7)>
- =item X963KDF, see L<EVP_KDF-X963(7)>
- =item SCRYPT, see L<EVP_KDF-SCRYPT(7)>
- =item KRB5KDF, see L<EVP_KDF-KRB5KDF(7)>
- =back
- =head2 Key Exchange
- =over 4
- =item DH, see L<EVP_KEYEXCH-DH(7)>
- =item ECDH, see L<EVP_KEYEXCH-ECDH(7)>
- =item X25519, see L<EVP_KEYEXCH-X25519(7)>
- =item X448, see L<EVP_KEYEXCH-X448(7)>
- =back
- =head2 Asymmetric Signature
- =over 4
- =item DSA, see L<EVP_SIGNATURE-DSA(7)>
- =item RSA, see L<EVP_SIGNATURE-RSA(7)>
- =item HMAC, see L<EVP_SIGNATURE-HMAC(7)>
- =item SIPHASH, see L<EVP_SIGNATURE-Siphash(7)>
- =item POLY1305, see L<EVP_SIGNATURE-Poly1305(7)>
- =item CMAC, see L<EVP_SIGNATURE-CMAC(7)>
- =back
- =head2 Asymmetric Cipher
- =over 4
- =item RSA, see L<EVP_ASYM_CIPHER-RSA(7)>
- =item SM2, see L<EVP_ASYM_CIPHER-SM2(7)>
- =back
- =head2 Asymmetric Key Encapsulation
- =over 4
- =item RSA, see L<EVP_KEM-RSA(7)>
- =back
- =head2 Asymmetric Key Management
- =over 4
- =item DH, see L<EVP_KEYMGMT-DH(7)>
- =item DHX, see L<EVP_KEYMGMT-DHX(7)>
- =item DSA, see L<EVP_KEYMGMT-DSA(7)>
- =item RSA, see L<EVP_KEYMGMT-RSA(7)>
- =item EC, see L<EVP_KEYMGMT-EC(7)>
- =item X25519, see L<EVP_KEYMGMT-X25519(7)>
- =item X448, see L<EVP_KEYMGMT-X448(7)>
- =back
- =head2 Asymmetric Key Encoder
- The default provider also includes all of the encoding algorithms
- present in the base provider. Some of these have the property "fips=yes",
- to allow them to be used together with the FIPS provider.
- =over 4
- =item RSA, see L<OSSL_ENCODER-RSA(7)>
- =item DH, see L<OSSL_ENCODER-DH(7)>
- =item DSA, see L<OSSL_ENCODER-DSA(7)>
- =item EC, see L<OSSL_ENCODER-EC(7)>
- =item X25519, see L<OSSL_ENCODER-X25519(7)>
- =item X448, see L<OSSL_ENCODER-X448(7)>
- =back
- =head1 SEE ALSO
- L<openssl-core.h(7)>, L<openssl-core_dispatch.h(7)>, L<provider(7)>,
- L<OSSL_PROVIDER-base(7)>
- =head1 COPYRIGHT
- Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
- Licensed under the Apache License 2.0 (the "License"). You may not use
- this file except in compliance with the License. You can obtain a copy
- in the file LICENSE in the source distribution or at
- L<https://www.openssl.org/source/license.html>.
- =cut
|