1=pod 2 3=head1 NAME 4 5EVP_set_default_properties, EVP_default_properties_enable_fips, 6EVP_default_properties_is_fips_enabled, EVP_get1_default_properties 7- manage default properties for future algorithm fetches 8 9=head1 SYNOPSIS 10 11 #include <openssl/evp.h> 12 13 int EVP_set_default_properties(OSSL_LIB_CTX *libctx, const char *propq); 14 char *EVP_get1_default_properties(OSSL_LIB_CTX *libctx); 15 int EVP_default_properties_enable_fips(OSSL_LIB_CTX *libctx, int enable); 16 int EVP_default_properties_is_fips_enabled(OSSL_LIB_CTX *libctx); 17 18=head1 DESCRIPTION 19 20EVP_set_default_properties() sets the default properties for all 21future EVP algorithm fetches, implicit as well as explicit. See 22L<crypto(7)/ALGORITHM FETCHING> for information about implicit and explicit 23fetching. 24 25EVP_set_default_properties stores the properties given with the string 26I<propq> among the EVP data that's been stored in the library context 27given with I<libctx> (NULL signifies the default library context). 28 29Any previous default property for the specified library context will 30be dropped. 31 32EVP_get1_default_properties() gets the default properties set for all future EVP 33algorithm fetches, implicit as well as explicit, for the specific library 34context. 35 36EVP_default_properties_enable_fips() sets the 'fips=yes' to be a default property 37if I<enable> is non zero, otherwise it clears 'fips' from the default property 38query for the given I<libctx>. It merges the fips default property query with any 39existing query strings that have been set via EVP_set_default_properties(). 40 41EVP_default_properties_is_fips_enabled() indicates if 'fips=yes' is a default 42property for the given I<libctx>. 43 44=head1 NOTES 45 46EVP_set_default_properties() and EVP_default_properties_enable_fips() are not 47thread safe. They are intended to be called only during the initialisation 48phase of a I<libctx>. 49 50EVP_get1_default_properties() is not thread safe. The application must ensure 51that the context reference is valid and default fetching properties are not 52being modified by a different thread. 53 54=head1 RETURN VALUES 55 56EVP_set_default_properties() and EVP_default_properties_enable_fips() return 1 57on success, or 0 on failure. An error is placed on the error stack if a 58failure occurs. 59 60EVP_default_properties_is_fips_enabled() returns 1 if the 'fips=yes' default 61property is set for the given I<libctx>, otherwise it returns 0. 62 63EVP_get1_default_properties() returns allocated memory that must be freed by 64L<OPENSSL_free(3)> on success and NULL on failure. 65 66=head1 SEE ALSO 67 68L<EVP_MD_fetch(3)> 69 70=head1 HISTORY 71 72The functions EVP_set_default_properties(), EVP_default_properties_enable_fips(), 73EVP_default_properties_is_fips_enabled() were added in OpenSSL 3.0. 74 75The function EVP_get1_default_properties() was added in OpenSSL 3.5. 76 77 78=head1 COPYRIGHT 79 80Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved. 81 82Licensed under the Apache License 2.0 (the "License"). You may not use 83this file except in compliance with the License. You can obtain a copy 84in the file LICENSE in the source distribution or at 85L<https://www.openssl.org/source/license.html>. 86 87=cut 88
