/openssl/ |
H A D | README-PROVIDERS.md | 5 - [The Default Provider](#the-default-provider) 6 - [The Legacy Provider](#the-legacy-provider) 7 - [The FIPS Provider](#the-fips-provider) 8 - [The Base Provider](#the-base-provider) 9 - [The Null Provider](#the-null-provider) 23 [provider(7)]: https://www.openssl.org/docs/manmaster/man7/provider.html 32 get an algorithm from a provider if no other provider has been loaded yet. 49 legacy provider explicitly. 72 you are using the FIPS provider). 120 #include <openssl/provider.h> [all …]
|
H A D | README-FIPS.md | 5 FIPS validated. The module is implemented as an OpenSSL provider. 6 A provider is essentially a dynamically loadable module which implements 31 Installing the FIPS provider 89 Installing the FIPS provider and using it with the latest release 94 Download and build a validated FIPS provider 118 Use the OpenSSL FIPS provider for testing 122 Note that the OpenSSL 3.1.0 FIPS provider has not been validated 132 // OpenSSL 3.0.0 FIPS provider 134 -provider fips -providers 145 Check that the correct FIPS provider is being used [all …]
|
/openssl/doc/man3/ |
H A D | OSSL_PROVIDER.pod | 15 - provider routines 19 #include <openssl/provider.h> 68 provider is). 90 provider name with a provider initialization function. 96 or load a provider module with the given name and run its provider 98 to a provider module, in that case the provider name as returned 125 I<cb> for each one, with the current provider in I<provider> and the 146 function (see L<provider(7)>), if the provider has one. It returns an 152 function (see L<provider(7)>), if the provider has one. This is considered a 156 provider. The provider context is an opaque handle set by the provider itself [all …]
|
/openssl/doc/internal/man3/ |
H A D | ossl_provider_new.pod | 23 - internal provider routines 110 A provider object is always stored in a set of provider objects 123 ossl_provider_find() finds an existing provider object in the provider 162 provider module given the provider object I<prov>. 177 ossl_provider_set_child() marks this provider as a child of a provider in the 187 provider. If I<deactivate> is nonzero then the parent provider is also 217 then the provider will only be activated if it is a child provider. Otherwise 262 the provider has one. 267 parameters that the provider has for the provider object. 328 provider module. [all …]
|
/openssl/doc/man7/ |
H A D | provider.pod | 11 #include <openssl/provider.h> 53 the provider. 59 L<provider-base(7)>. 70 the provider. 118 L<provider-digest(7)>. 126 L<provider-cipher(7)>. 134 L<provider-mac(7)>. 142 L<provider-kdf(7)>. 164 The functions the provider can offer are described in L<provider-kem(7)>. 257 L<provider-base(7)>, [all …]
|
H A D | OSSL_PROVIDER-base.pod | 5 OSSL_PROVIDER-base - OpenSSL base provider 9 The OpenSSL base provider supplies the encoding for OpenSSL's 14 The implementations in this provider specifically have this property 19 =item "provider=base" 26 implementations of this provider and none other. 58 The OpenSSL base provider supports these operations and algorithms: 71 are also available in the default provider. 103 combination with the FIPS provider. 137 combination with the FIPS provider. 150 available in the default provider. [all …]
|
H A D | OSSL_PROVIDER-default.pod | 5 OSSL_PROVIDER-default - OpenSSL default provider 9 The OpenSSL default provider supplies the majority of OpenSSL's diverse 12 provider that will be used as fallback: It is loaded automatically the 13 first time that an algorithm is fetched from a provider or a function 20 provider only occurs a maximum of once; if the default provider is 31 =item "provider=default" 41 implementations of this provider and none other. 289 are also available in the base provider. 321 combination with the FIPS provider. 355 combination with the FIPS provider. [all …]
|
H A D | provider-digest.pod | 5 provider-digest - The digest library E<lt>-E<gt> provider functions 50 This documentation is primarily aimed at provider authors. See L<provider(7)> 61 (see L<provider-base(7)/Provider Functions>). 104 The parameter I<provctx> is the provider context generated during provider 105 initialisation (see L<provider(7)>). 117 provider side digest context in the I<dctx> parameter. 137 No provider side digest context is used. 138 Instead the provider context that was created during provider initialisation is 153 provider side digest context I<dctx> to I<params>. 170 the provider side context if I<dctx> is not NULL and on the provider [all …]
|
H A D | provider-kem.pod | 5 provider-kem - The kem library E<lt>-E<gt> provider functions 50 This documentation is primarily aimed at provider authors. See L<provider(7)> 59 F<libcrypto> and the provider in L<OSSL_DISPATCH(3)> arrays via 62 (see L<provider-base(7)/Provider Functions>). 110 See L<provider-keymgmt(7)> for further details. 118 The parameter I<provctx> is the provider context generated during provider 119 initialisation (see L<provider(7)>). 138 provider-keymgmt(7)>. 166 provider-keymgmt(7)>. 239 L<provider(7)> [all …]
|
H A D | OSSL_PROVIDER-null.pod | 5 OSSL_PROVIDER-null - OpenSSL null provider 9 The OpenSSL null provider supplies no algorithms. 12 provider will not be accidentally accessed. 16 The null provider defines no properties. 20 The OpenSSL null provider supports no operations and algorithms. 24 L<provider(7)>
|
H A D | provider-mac.pod | 5 provider-mac - The mac library E<lt>-E<gt> provider functions 43 This documentation is primarily aimed at provider authors. See L<provider(7)> 54 (see L<provider-base(7)/Provider Functions>). 97 The parameter I<provctx> is the provider context generated during provider 98 initialisation (see L<provider(7)>). 135 provider algorithm and stores them in I<params>. 138 provider side mac context I<mctx> to I<params>. 155 provider side algorithm I<provctx>. 235 provider side mac context, or NULL on failure. 247 L<provider(7)>, [all …]
|
H A D | provider-keyexch.pod | 5 provider-keyexch - The keyexch library E<lt>-E<gt> provider functions 42 This documentation is primarily aimed at provider authors. See L<provider(7)> 51 F<libcrypto> and the provider in L<OSSL_DISPATCH(3)> arrays via 54 (see L<provider-base(7)/Provider Functions>). 89 See L<provider-keymgmt(7)> for further details. 97 The parameter I<provctx> is the provider context generated during provider 98 initialisation (see L<provider(7)>). 116 (OSSL_OP_KEYMGMT) operation (see provider-keymgmt(7)>. 124 provider-keymgmt(7)>. 242 provider side key exchange context, or NULL on failure. [all …]
|
H A D | provider-base.pod | 5 provider-base 130 of the provider initialization function. See L<provider(7)/Provider> 148 provider): 232 provider. Never cast this to OSSL_LIB_CTX in a provider that is not 311 passed into a provider. This may be ignored by a provider. 353 I<handle> is this provider's handle and I<cbdata> is this provider's data 367 the provider being unloaded and this provider's data in I<cbdata>. It should 399 from the core's provider store. 612 L<provider-keyexch(7)>. 619 described in L<provider-kem(7)>. [all …]
|
H A D | provider-asym_cipher.pod | 5 provider-asym_cipher - The asym_cipher library E<lt>-E<gt> provider functions 47 This documentation is primarily aimed at provider authors. See L<provider(7)> 57 F<libcrypto> and the provider in L<OSSL_DISPATCH(3)> arrays via 60 (see L<provider-base(7)/Provider Functions>). 104 See L<provider-keymgmt(7)> for further details. 112 The parameter I<provctx> is the provider context generated during provider 113 initialisation (see L<provider(7)>). 130 the provider using the key management (OSSL_OP_KEYMGMT) operation (see L<provider-keymgmt(7)>). 152 L<provider-keymgmt(7)>). 244 free manner. Set by default. Requires provider support. [all …]
|
H A D | ossl-guide-libraries-introduction.pod | 92 available in the OpenSSL default provider. 98 consider algorithm implementations in the default provider. 180 For information on writing a provider see L<provider(7)>. 182 =head2 Default provider 189 of the functionality in the base provider below. 197 =head2 Base provider 211 =head2 FIPS provider 220 provider can also be selected with the property "fips=yes". The FIPS provider 229 =head2 Legacy provider 241 =head2 Null provider [all …]
|
H A D | provider-cipher.pod | 5 provider-cipher - The cipher library E<lt>-E<gt> provider functions 57 This documentation is primarily aimed at provider authors. See L<provider(7)> 66 F<libcrypto> and the provider in L<OSSL_DISPATCH(3)> arrays via 67 L<OSSL_ALGORITHM(3)> arrays that are returned by the provider's 69 (see L<provider-base(7)/Provider Functions>). 116 The parameter I<provctx> is the provider context generated during provider 117 initialisation (see L<provider(7)>). 191 provider side cipher context I<cctx> to I<params>. 207 provider side algorithm I<provctx>. 216 provider side cipher context, or NULL on failure. [all …]
|
H A D | EVP_ASYM_CIPHER-RSA.pod | 18 The default provider understands these RSA padding modes in string form: 28 This padding mode is no longer supported by the FIPS provider for key 38 The default provider understands these RSA padding modes in integer form: 44 This padding mode is no longer supported by the FIPS provider for key 76 See L<provider-asym_cipher(7)/Asymmetric Cipher Parameters> for more information. 80 The OpenSSL FIPS provider also supports the following parameters: 88 See L<provider-asym_cipher(7)/Asymmetric Cipher Parameters> for more information. 105 L<provider-asym_cipher(7)>, 106 L<provider-keymgmt(7)>,
|
H A D | provider-storemgmt.pod | 5 provider-storemgmt - The OSSL_STORE library E<lt>-E<gt> provider functions 41 The STORE operation is the provider side of the L<ossl_store(7)> API. 46 L<provider-object(7)>). The OpenSSL library is then responsible for 50 include OSSL_FUNC_keymgmt_load() (L<provider-keymgmt(7)>), 55 F<libcrypto> and the provider in L<OSSL_DISPATCH(3)> arrays via 56 L<OSSL_ALGORITHM(3)> arrays that are returned by the provider's 58 (see L<provider-base(7)/Provider Functions>). 106 L<provider-object(7)>), and calls I<object_cb> with it as well as 116 OSSL_FUNC_store_close() frees the provider side context I<ctx>. 120 exporting the object to that foreign provider if the foreign provider [all …]
|
/openssl/doc/designs/ |
H A D | ossl-provider-load-ex.md | 4 Currently any provider run-time activation requires the presence of the 6 provider will be activated with some default settings, that may or may not 15 also usable for FIPS provider. 24 intended to configure the provider at load time. 27 provider can be initialized from the config file where the values are 28 represented as strings and provider init function has to deal with it. 38 provider <https://github.com/latchset/pkcs11-provider> also provides a set of 42 1. Configure a provider in the config file, activate on demand 43 2. Load/activate a provider run-time with parameters 55 Separate instances of the provider can be loaded in the separate library [all …]
|
/openssl/crypto/ |
H A D | core_algorithm.c | 56 } else if (!data->pre(provider, cur_operation, no_store, data->data, in algorithm_do_map() 77 data->fn(provider, thismap, no_store, data->data); in algorithm_do_map() 84 } else if (!data->post(provider, cur_operation, no_store, data->data, in algorithm_do_map() 102 static int algorithm_do_this(OSSL_PROVIDER *provider, void *cbdata) in algorithm_do_this() argument 120 map = ossl_provider_query_operation(provider, cur_operation, in algorithm_do_this() 123 ossl_provider_unquery_operation(provider, cur_operation, map); in algorithm_do_this() 138 OSSL_PROVIDER *provider, in ossl_algorithm_do_all() argument 142 void (*fn)(OSSL_PROVIDER *provider, in ossl_algorithm_do_all() argument 161 if (provider == NULL) { in ossl_algorithm_do_all() 164 OSSL_LIB_CTX *libctx2 = ossl_provider_libctx(provider); in ossl_algorithm_do_all() [all …]
|
H A D | core_fetch.c | 59 static int ossl_method_construct_precondition(OSSL_PROVIDER *provider, in ossl_method_construct_precondition() argument 73 && !ossl_provider_test_operation_bit(provider, operation_id, result)) in ossl_method_construct_precondition() 86 static int ossl_method_construct_postcondition(OSSL_PROVIDER *provider, in ossl_method_construct_postcondition() argument 99 || ossl_provider_set_operation_bit(provider, operation_id); in ossl_method_construct_postcondition() 102 static void ossl_method_construct_this(OSSL_PROVIDER *provider, in ossl_method_construct_this() argument 109 if ((method = data->mcm->construct(algo, provider, data->mcm_data)) in ossl_method_construct_this() 123 data->mcm->put(data->store, method, provider, algo->algorithm_names, in ossl_method_construct_this() 135 OSSL_PROVIDER *provider = provider_rw != NULL ? *provider_rw : NULL; in ossl_method_construct() local 153 ossl_algorithm_do_all(libctx, operation_id, provider, in ossl_method_construct()
|
/openssl/test/recipes/95-test_external_oqsprovider_data/ |
H A D | oqsprovider.sh | 48 if [ ! -d $SRCTOP/oqs-provider/.local ]; then 54 cd $SRCTOP/oqs-provider \ 59 … cmake -DOPENSSL_ROOT_DIR=$OPENSSL_ROOT_DIR -DCMAKE_INSTALL_PREFIX=$SRCTOP/oqs-provider/.local .. \ 66 liboqs_DIR=$SRCTOP/oqs-provider/.local cmake $SRCTOP/oqs-provider -DOPENSSL_ROOT_DIR="$OPENSSL_ROOT… 71 export OQS_PROVIDER_TESTSCRIPTS=$SRCTOP/oqs-provider/scripts 75 …ipes/95-test_external_oqsprovider_data/oqsprovider-externalinterop.sh $SRCTOP/oqs-provider/scripts/ 76 $SRCTOP/oqs-provider/scripts/runtests.sh -V
|
/openssl/doc/internal/man7/ |
H A D | EVP_PKEY.pod | 43 =item provider-native origin 46 key data (see L<provider-keymgmt(7)>). The internal key in the 71 copy are not reflected back in the provider key. 93 in L</Export cache for provider operations>. 104 =head2 Export cache for provider operations 123 "provider native origin".> 132 (see L<provider-keymgmt(7)>). 138 (ENGINE for legacy origin keys, provider for provider side origin 179 the provider that's to perform the operation, using its 197 reflected back in the provider key. [all …]
|
/openssl/test/ |
H A D | generate_ssl_tests.pl | 27 my $provider; 33 $provider = shift // ''; 138 my $provider = shift; 139 local $ssltests::fips_mode = $provider eq "fips"; 141 $provider eq "default" || $provider eq "fips"; 152 read_config($input_file, $provider);
|
/openssl/test/recipes/ |
H A D | 80-test_ssl_new.t | 160 my ($conf, $check_source, $skip, $provider) = @_; 164 my $output_file = $conf . "." . $provider; 170 ok(run(perltest(["generate_ssl_tests.pl", $input_file, $provider], 187 … skip "Dsa not allowed in FIPS 140-3 provider", 1 if ($provider eq "fips") && ($dsaallow eq '0'); 191 " test/ssl_test test/ssl-tests/$conf $provider"; 192 if ($provider eq "fips") { 193 ok(run(test(["ssl_test", $output_file, $provider, 196 ok(run(test(["ssl_test", $output_file, $provider])), $msg);
|