1=pod 2 3=head1 NAME 4 5OSSL_PROVIDER-default - OpenSSL default provider 6 7=head1 DESCRIPTION 8 9The OpenSSL default provider supplies the majority of OpenSSL's diverse 10algorithm implementations. If an application doesn't specify anything else 11explicitly (e.g. in the application or via config), then this is the 12provider that will be used as fallback: It is loaded automatically the 13first time that an algorithm is fetched from a provider or a function 14acting on providers is called and no other provider has been loaded yet. 15 16If an attempt to load a provider has already been made (whether successful 17or not) then the default provider won't be loaded automatically. Therefore 18if the default provider is to be used in conjunction with other providers 19then it must be loaded explicitly. Automatic loading of the default 20provider only occurs a maximum of once; if the default provider is 21explicitly unloaded then the default provider will not be automatically 22loaded again. 23 24=head2 Properties 25 26The implementations in this provider specifically have this property 27defined: 28 29=over 4 30 31=item "provider=default" 32 33=back 34 35It may be used in a property query string with fetching functions such as 36L<EVP_MD_fetch(3)> or L<EVP_CIPHER_fetch(3)>, as well as with other 37functions that take a property query string, such as 38L<EVP_PKEY_CTX_new_from_name(3)>. 39 40It isn't mandatory to query for this property, except to make sure to get 41implementations of this provider and none other. 42 43Some implementations may define additional properties. Exact information is 44listed below 45 46=head1 OPERATIONS AND ALGORITHMS 47 48The OpenSSL default provider supports these operations and algorithms: 49 50=head2 Hashing Algorithms / Message Digests 51 52=over 4 53 54=item SHA1, see L<EVP_MD-SHA1(7)> 55 56=item SHA2, see L<EVP_MD-SHA2(7)> 57 58=item SHA3, see L<EVP_MD-SHA3(7)> 59 60=item KECCAK, see L<EVP_MD-KECCAK(7)> 61 62=item KECCAK-KMAC, see L<EVP_MD-KECCAK-KMAC(7)> 63 64=item SHAKE, see L<EVP_MD-SHAKE(7)> 65 66=item BLAKE2, see L<EVP_MD-BLAKE2(7)> 67 68=item SM3, see L<EVP_MD-SM3(7)> 69 70=item MD5, see L<EVP_MD-MD5(7)> 71 72=item MD5-SHA1, see L<EVP_MD-MD5-SHA1(7)> 73 74=item RIPEMD160, see L<EVP_MD-RIPEMD160(7)> 75 76=item NULL, see L<EVP_MD-NULL(7)> 77 78=back 79 80=head2 Symmetric Ciphers 81 82=over 4 83 84=item AES, see L<EVP_CIPHER-AES(7)> 85 86=item ARIA, see L<EVP_CIPHER-ARIA(7)> 87 88=item CAMELLIA, see L<EVP_CIPHER-CAMELLIA(7)> 89 90=item 3DES, see L<EVP_CIPHER-DES(7)> 91 92=item SM4, see L<EVP_CIPHER-SM4(7)> 93 94=item ChaCha20, see L<EVP_CIPHER-CHACHA(7)> 95 96=item ChaCha20-Poly1305, see L<EVP_CIPHER-CHACHA(7)> 97 98=item NULL, see L<EVP_CIPHER-NULL(7)> 99 100=back 101 102=head2 Message Authentication Code (MAC) 103 104=over 4 105 106=item BLAKE2, see L<EVP_MAC-BLAKE2(7)> 107 108=item CMAC, see L<EVP_MAC-CMAC(7)> 109 110=item GMAC, see L<EVP_MAC-GMAC(7)> 111 112=item HMAC, see L<EVP_MAC-HMAC(7)> 113 114=item KMAC, see L<EVP_MAC-KMAC(7)> 115 116=item SIPHASH, see L<EVP_MAC-Siphash(7)> 117 118=item POLY1305, see L<EVP_MAC-Poly1305(7)> 119 120=back 121 122=head2 Key Derivation Function (KDF) 123 124=over 4 125 126=item HKDF, see L<EVP_KDF-HKDF(7)> 127 128=item TLS13-KDF, see L<EVP_KDF-TLS13_KDF(7)> 129 130=item SSKDF, see L<EVP_KDF-SS(7)> 131 132=item PBKDF2, see L<EVP_KDF-PBKDF2(7)> 133 134=item PKCS12KDF, see L<EVP_KDF-PKCS12KDF(7)> 135 136=item SSHKDF, see L<EVP_KDF-SSHKDF(7)> 137 138=item TLS1-PRF, see L<EVP_KDF-TLS1_PRF(7)> 139 140=item KBKDF, see L<EVP_KDF-KB(7)> 141 142=item X942KDF-ASN1, see L<EVP_KDF-X942-ASN1(7)> 143 144=item X942KDF-CONCAT, see L<EVP_KDF-X942-CONCAT(7)> 145 146=item X963KDF, see L<EVP_KDF-X963(7)> 147 148=item SCRYPT, see L<EVP_KDF-SCRYPT(7)> 149 150=item KRB5KDF, see L<EVP_KDF-KRB5KDF(7)> 151 152=item HMAC-DRBG, see L<EVP_KDF-HMAC-DRBG(7)> 153 154=item ARGON2, see L<EVP_KDF-ARGON2(7)> 155 156=back 157 158=head2 Key Exchange 159 160=over 4 161 162=item DH, see L<EVP_KEYEXCH-DH(7)> 163 164=item ECDH, see L<EVP_KEYEXCH-ECDH(7)> 165 166=item X25519, see L<EVP_KEYEXCH-X25519(7)> 167 168=item X448, see L<EVP_KEYEXCH-X448(7)> 169 170=item TLS1-PRF 171 172=item HKDF 173 174=item SCRYPT 175 176=back 177 178=head2 Asymmetric Signature 179 180=over 4 181 182=item DSA, see L<EVP_SIGNATURE-DSA(7)> 183 184=item RSA, see L<EVP_SIGNATURE-RSA(7)> 185 186=item ED25519, see L<EVP_SIGNATURE-ED25519(7)> 187 188=item ED448, see L<EVP_SIGNATURE-ED448(7)> 189 190=item ECDSA, see L<EVP_SIGNATURE-ECDSA(7)> 191 192=item SM2 193 194=item HMAC, see L<EVP_SIGNATURE-HMAC(7)> 195 196=item SIPHASH, see L<EVP_SIGNATURE-Siphash(7)> 197 198=item POLY1305, see L<EVP_SIGNATURE-Poly1305(7)> 199 200=item CMAC, see L<EVP_SIGNATURE-CMAC(7)> 201 202=back 203 204=head2 Asymmetric Cipher 205 206=over 4 207 208=item RSA, see L<EVP_ASYM_CIPHER-RSA(7)> 209 210=item SM2, see L<EVP_ASYM_CIPHER-SM2(7)> 211 212=back 213 214=head2 Asymmetric Key Encapsulation 215 216=over 4 217 218=item RSA, see L<EVP_KEM-RSA(7)> 219 220=item X25519, see L<EVP_KEM-X25519(7)> 221 222=item X448, see L<EVP_KEM-X448(7)> 223 224=item EC, see L<EVP_KEM-EC(7)> 225 226=back 227 228=head2 Asymmetric Key Management 229 230=over 4 231 232=item DH, see L<EVP_KEYMGMT-DH(7)> 233 234=item DHX, see L<EVP_KEYMGMT-DHX(7)> 235 236=item DSA, see L<EVP_KEYMGMT-DSA(7)> 237 238=item RSA, see L<EVP_KEYMGMT-RSA(7)> 239 240=item RSA-PSS 241 242=item EC, see L<EVP_KEYMGMT-EC(7)> 243 244=item X25519, see L<EVP_KEYMGMT-X25519(7)> 245 246=item X448, see L<EVP_KEYMGMT-X448(7)> 247 248=item ED25519, see L<EVP_KEYMGMT-ED25519(7)> 249 250=item ED448, see L<EVP_KEYMGMT-ED448(7)> 251 252=item TLS1-PRF 253 254=item HKDF 255 256=item SCRYPT 257 258=item HMAC, see L<EVP_KEYMGMT-HMAC(7)> 259 260=item SIPHASH, see L<EVP_KEYMGMT-Siphash(7)> 261 262=item POLY1305, see L<EVP_KEYMGMT-Poly1305(7)> 263 264=item CMAC, see L<EVP_KEYMGMT-CMAC(7)> 265 266=item SM2, see L<EVP_KEYMGMT-SM2(7)> 267 268=back 269 270=head2 Random Number Generation 271 272=over 4 273 274=item CTR-DRBG, see L<EVP_RAND-CTR-DRBG(7)> 275 276=item HASH-DRBG, see L<EVP_RAND-HASH-DRBG(7)> 277 278=item HMAC-DRBG, see L<EVP_RAND-HMAC-DRBG(7)> 279 280=item SEED-SRC, see L<EVP_RAND-SEED-SRC(7)> 281 282=item TEST-RAND, see L<EVP_RAND-TEST-RAND(7)> 283 284=back 285 286In addition to this provider, the "SEED-SRC" algorithm is also available in the 287base provider. 288 289=head2 Asymmetric Key Encoder 290 291=over 4 292 293=item RSA 294 295=item RSA-PSS 296 297=item DH 298 299=item DHX 300 301=item DSA 302 303=item EC 304 305=item ED25519 306 307=item ED448 308 309=item X25519 310 311=item X448 312 313=item SM2 314 315=back 316 317In addition to this provider, all of these encoding algorithms are also 318available in the base provider. Some of these algorithms may be used in 319combination with the FIPS provider. 320 321=head2 Asymmetric Key Decoder 322 323=over 4 324 325=item RSA 326 327=item RSA-PSS 328 329=item DH 330 331=item DHX 332 333=item DSA 334 335=item EC 336 337=item ED25519 338 339=item ED448 340 341=item X25519 342 343=item X448 344 345=item SM2 346 347=item DER 348 349=back 350 351In addition to this provider, all of these decoding algorithms are also 352available in the base provider. Some of these algorithms may be used in 353combination with the FIPS provider. 354 355=head2 Stores 356 357=over 4 358 359=item file 360 361=item org.openssl.winstore, see L<OSSL_STORE-winstore(7)> 362 363=back 364 365In addition to this provider, all of these store algorithms are also 366available in the base provider. 367 368=head1 SEE ALSO 369 370L<openssl-core.h(7)>, L<openssl-core_dispatch.h(7)>, L<provider(7)>, 371L<OSSL_PROVIDER-base(7)> 372 373=head1 HISTORY 374 375The RIPEMD160 digest was added to the default provider in OpenSSL 3.0.7. 376 377All other functionality was added in OpenSSL 3.0. 378 379=head1 COPYRIGHT 380 381Copyright 2020-2024 The OpenSSL Project Authors. All Rights Reserved. 382 383Licensed under the Apache License 2.0 (the "License"). You may not use 384this file except in compliance with the License. You can obtain a copy 385in the file LICENSE in the source distribution or at 386L<https://www.openssl.org/source/license.html>. 387 388=cut 389