1=pod
2
3=head1 NAME
4
5OSSL_PROVIDER-default - OpenSSL default provider
6
7=head1 DESCRIPTION
8
9The OpenSSL default provider supplies the majority of OpenSSL's diverse
10algorithm implementations. If an application doesn't specify anything else
11explicitly (e.g. in the application or via config), then this is the
12provider that will be used as fallback: It is loaded automatically the
13first time that an algorithm is fetched from a provider or a function
14acting on providers is called and no other provider has been loaded yet.
15
16If an attempt to load a provider has already been made (whether successful
17or not) then the default provider won't be loaded automatically. Therefore
18if the default provider is to be used in conjunction with other providers
19then it must be loaded explicitly. Automatic loading of the default
20provider only occurs a maximum of once; if the default provider is
21explicitly unloaded then the default provider will not be automatically
22loaded again.
23
24=head2 Properties
25
26The implementations in this provider specifically have this property
27defined:
28
29=over 4
30
31=item "provider=default"
32
33=back
34
35It may be used in a property query string with fetching functions such as
36L<EVP_MD_fetch(3)> or L<EVP_CIPHER_fetch(3)>, as well as with other
37functions that take a property query string, such as
38L<EVP_PKEY_CTX_new_from_name(3)>.
39
40It isn't mandatory to query for this property, except to make sure to get
41implementations of this provider and none other.
42
43Some implementations may define additional properties.  Exact information is
44listed below
45
46=head1 OPERATIONS AND ALGORITHMS
47
48The OpenSSL default provider supports these operations and algorithms:
49
50=head2 Hashing Algorithms / Message Digests
51
52=over 4
53
54=item SHA1, see L<EVP_MD-SHA1(7)>
55
56=item SHA2, see L<EVP_MD-SHA2(7)>
57
58=item SHA3, see L<EVP_MD-SHA3(7)>
59
60=item KECCAK, see L<EVP_MD-KECCAK(7)>
61
62=item KECCAK-KMAC, see L<EVP_MD-KECCAK-KMAC(7)>
63
64=item SHAKE, see L<EVP_MD-SHAKE(7)>
65
66=item BLAKE2, see L<EVP_MD-BLAKE2(7)>
67
68=item SM3, see L<EVP_MD-SM3(7)>
69
70=item MD5, see L<EVP_MD-MD5(7)>
71
72=item MD5-SHA1, see L<EVP_MD-MD5-SHA1(7)>
73
74=item RIPEMD160, see L<EVP_MD-RIPEMD160(7)>
75
76=item NULL, see L<EVP_MD-NULL(7)>
77
78=back
79
80=head2 Symmetric Ciphers
81
82=over 4
83
84=item AES, see L<EVP_CIPHER-AES(7)>
85
86=item ARIA, see L<EVP_CIPHER-ARIA(7)>
87
88=item CAMELLIA, see L<EVP_CIPHER-CAMELLIA(7)>
89
90=item 3DES, see L<EVP_CIPHER-DES(7)>
91
92=item SM4, see L<EVP_CIPHER-SM4(7)>
93
94=item ChaCha20, see L<EVP_CIPHER-CHACHA(7)>
95
96=item ChaCha20-Poly1305, see L<EVP_CIPHER-CHACHA(7)>
97
98=item NULL, see L<EVP_CIPHER-NULL(7)>
99
100=back
101
102=head2 Message Authentication Code (MAC)
103
104=over 4
105
106=item BLAKE2, see L<EVP_MAC-BLAKE2(7)>
107
108=item CMAC, see L<EVP_MAC-CMAC(7)>
109
110=item GMAC, see L<EVP_MAC-GMAC(7)>
111
112=item HMAC, see L<EVP_MAC-HMAC(7)>
113
114=item KMAC, see L<EVP_MAC-KMAC(7)>
115
116=item SIPHASH, see L<EVP_MAC-Siphash(7)>
117
118=item POLY1305, see L<EVP_MAC-Poly1305(7)>
119
120=back
121
122=head2 Key Derivation Function (KDF)
123
124=over 4
125
126=item HKDF, see L<EVP_KDF-HKDF(7)>
127
128=item TLS13-KDF, see L<EVP_KDF-TLS13_KDF(7)>
129
130=item SSKDF, see L<EVP_KDF-SS(7)>
131
132=item PBKDF2, see L<EVP_KDF-PBKDF2(7)>
133
134=item PKCS12KDF, see L<EVP_KDF-PKCS12KDF(7)>
135
136=item SSHKDF, see L<EVP_KDF-SSHKDF(7)>
137
138=item TLS1-PRF, see L<EVP_KDF-TLS1_PRF(7)>
139
140=item KBKDF, see L<EVP_KDF-KB(7)>
141
142=item X942KDF-ASN1, see L<EVP_KDF-X942-ASN1(7)>
143
144=item X942KDF-CONCAT, see L<EVP_KDF-X942-CONCAT(7)>
145
146=item X963KDF, see L<EVP_KDF-X963(7)>
147
148=item SCRYPT, see L<EVP_KDF-SCRYPT(7)>
149
150=item KRB5KDF, see L<EVP_KDF-KRB5KDF(7)>
151
152=item HMAC-DRBG, see L<EVP_KDF-HMAC-DRBG(7)>
153
154=item ARGON2, see L<EVP_KDF-ARGON2(7)>
155
156=back
157
158=head2 Key Exchange
159
160=over 4
161
162=item DH, see L<EVP_KEYEXCH-DH(7)>
163
164=item ECDH, see L<EVP_KEYEXCH-ECDH(7)>
165
166=item X25519, see L<EVP_KEYEXCH-X25519(7)>
167
168=item X448, see L<EVP_KEYEXCH-X448(7)>
169
170=item TLS1-PRF
171
172=item HKDF
173
174=item SCRYPT
175
176=back
177
178=head2 Asymmetric Signature
179
180=over 4
181
182=item DSA, see L<EVP_SIGNATURE-DSA(7)>
183
184=item RSA, see L<EVP_SIGNATURE-RSA(7)>
185
186=item ED25519, see L<EVP_SIGNATURE-ED25519(7)>
187
188=item ED448, see L<EVP_SIGNATURE-ED448(7)>
189
190=item ECDSA, see L<EVP_SIGNATURE-ECDSA(7)>
191
192=item SM2
193
194=item HMAC, see L<EVP_SIGNATURE-HMAC(7)>
195
196=item SIPHASH, see L<EVP_SIGNATURE-Siphash(7)>
197
198=item POLY1305, see L<EVP_SIGNATURE-Poly1305(7)>
199
200=item CMAC, see L<EVP_SIGNATURE-CMAC(7)>
201
202=back
203
204=head2 Asymmetric Cipher
205
206=over 4
207
208=item RSA, see L<EVP_ASYM_CIPHER-RSA(7)>
209
210=item SM2, see L<EVP_ASYM_CIPHER-SM2(7)>
211
212=back
213
214=head2 Asymmetric Key Encapsulation
215
216=over 4
217
218=item RSA, see L<EVP_KEM-RSA(7)>
219
220=item X25519, see L<EVP_KEM-X25519(7)>
221
222=item X448, see L<EVP_KEM-X448(7)>
223
224=item EC, see L<EVP_KEM-EC(7)>
225
226=back
227
228=head2 Asymmetric Key Management
229
230=over 4
231
232=item DH, see L<EVP_KEYMGMT-DH(7)>
233
234=item DHX, see L<EVP_KEYMGMT-DHX(7)>
235
236=item DSA, see L<EVP_KEYMGMT-DSA(7)>
237
238=item RSA, see L<EVP_KEYMGMT-RSA(7)>
239
240=item RSA-PSS
241
242=item EC, see L<EVP_KEYMGMT-EC(7)>
243
244=item X25519, see L<EVP_KEYMGMT-X25519(7)>
245
246=item X448, see L<EVP_KEYMGMT-X448(7)>
247
248=item ED25519, see L<EVP_KEYMGMT-ED25519(7)>
249
250=item ED448, see L<EVP_KEYMGMT-ED448(7)>
251
252=item TLS1-PRF
253
254=item HKDF
255
256=item SCRYPT
257
258=item HMAC, see L<EVP_KEYMGMT-HMAC(7)>
259
260=item SIPHASH, see L<EVP_KEYMGMT-Siphash(7)>
261
262=item POLY1305, see L<EVP_KEYMGMT-Poly1305(7)>
263
264=item CMAC, see L<EVP_KEYMGMT-CMAC(7)>
265
266=item SM2, see L<EVP_KEYMGMT-SM2(7)>
267
268=back
269
270=head2 Random Number Generation
271
272=over 4
273
274=item CTR-DRBG, see L<EVP_RAND-CTR-DRBG(7)>
275
276=item HASH-DRBG, see L<EVP_RAND-HASH-DRBG(7)>
277
278=item HMAC-DRBG, see L<EVP_RAND-HMAC-DRBG(7)>
279
280=item SEED-SRC,  see L<EVP_RAND-SEED-SRC(7)>
281
282=item JITTER,  see L<EVP_RAND-JITTER(7)>
283
284=item TEST-RAND, see L<EVP_RAND-TEST-RAND(7)>
285
286=back
287
288In addition to this provider, the "SEED-SRC" and "JITTER" algorithms
289are also available in the base provider.
290
291=head2 Asymmetric Key Encoder
292
293=over 4
294
295=item RSA
296
297=item RSA-PSS
298
299=item DH
300
301=item DHX
302
303=item DSA
304
305=item EC
306
307=item ED25519
308
309=item ED448
310
311=item X25519
312
313=item X448
314
315=item SM2
316
317=back
318
319In addition to this provider, all of these encoding algorithms are also
320available in the base provider. Some of these algorithms may be used in
321combination with the FIPS provider.
322
323=head2 Asymmetric Key Decoder
324
325=over 4
326
327=item RSA
328
329=item RSA-PSS
330
331=item DH
332
333=item DHX
334
335=item DSA
336
337=item EC
338
339=item ED25519
340
341=item ED448
342
343=item X25519
344
345=item X448
346
347=item SM2
348
349=item DER
350
351=back
352
353In addition to this provider, all of these decoding algorithms are also
354available in the base provider. Some of these algorithms may be used in
355combination with the FIPS provider.
356
357=head2 Stores
358
359=over 4
360
361=item file
362
363=item org.openssl.winstore, see L<OSSL_STORE-winstore(7)>
364
365=back
366
367In addition to this provider, all of these store algorithms are also
368available in the base provider.
369
370=head1 SEE ALSO
371
372L<openssl-core.h(7)>, L<openssl-core_dispatch.h(7)>, L<provider(7)>,
373L<OSSL_PROVIDER-base(7)>
374
375=head1 HISTORY
376
377The RIPEMD160 digest was added to the default provider in OpenSSL 3.0.7.
378
379All other functionality was added in OpenSSL 3.0.
380
381=head1 COPYRIGHT
382
383Copyright 2020-2024 The OpenSSL Project Authors. All Rights Reserved.
384
385Licensed under the Apache License 2.0 (the "License").  You may not use
386this file except in compliance with the License.  You can obtain a copy
387in the file LICENSE in the source distribution or at
388L<https://www.openssl.org/source/license.html>.
389
390=cut
391