xref: /openssl/doc/man7/OSSL_PROVIDER-legacy.pod (revision ae14f38c) 
1=pod
2
3=head1 NAME
4
5OSSL_PROVIDER-legacy - OpenSSL legacy provider
6
7=head1 DESCRIPTION
8
9The OpenSSL legacy provider supplies OpenSSL implementations of algorithms
10that have been deemed legacy.  Such algorithms have commonly fallen out of
11use, have been deemed insecure by the cryptography community, or something
12similar.
13
14We can consider this the retirement home of cryptographic algorithms.
15
16=head2 Properties
17
18The implementations in this provider specifically has this property
19defined:
20
21=over 4
22
23=item "provider=legacy"
24
25=back
26
27It may be used in a property query string with fetching functions such as
28L<EVP_MD_fetch(3)> or L<EVP_CIPHER_fetch(3)>, as well as with other
29functions that take a property query string, such as
30L<EVP_PKEY_CTX_new_from_name(3)>.
31
32It isn't mandatory to query for any of these properties, except to
33make sure to get implementations of this provider and none other.
34
35=head1 OPERATIONS AND ALGORITHMS
36
37The OpenSSL legacy provider supports these operations and algorithms:
38
39=head2 Hashing Algorithms / Message Digests
40
41=over 4
42
43=item MD2, see L<EVP_MD-MD2(7)>
44
45Disabled by default. Use I<enable-md2> config option to enable.
46
47=item MD4, see L<EVP_MD-MD4(7)>
48
49=item MDC2, see L<EVP_MD-MDC2(7)>
50
51=item WHIRLPOOL, see L<EVP_MD-WHIRLPOOL(7)>
52
53=item RIPEMD160, see L<EVP_MD-RIPEMD160(7)>
54
55=back
56
57=head2 Symmetric Ciphers
58
59Not all of these symmetric cipher algorithms are enabled by default.
60
61=over 4
62
63=item Blowfish, see L<EVP_CIPHER-BLOWFISH(7)>
64
65=item CAST, see L<EVP_CIPHER-CAST(7)>
66
67=item DES, see L<EVP_CIPHER-DES(7)>
68
69The algorithm names are: DES_ECB, DES_CBC, DES_OFB, DES_CFB, DES_CFB1, DES_CFB8
70and DESX_CBC.
71
72=item IDEA, see L<EVP_CIPHER-IDEA(7)>
73
74=item RC2, see L<EVP_CIPHER-RC2(7)>
75
76=item RC4, see L<EVP_CIPHER-RC4(7)>
77
78=item RC5, see L<EVP_CIPHER-RC5(7)>
79
80Disabled by default. Use I<enable-rc5> config option to enable.
81
82=item SEED, see L<EVP_CIPHER-SEED(7)>
83
84=back
85
86=head2 Key Derivation Function (KDF)
87
88=over 4
89
90=item PBKDF1
91
92=item PVKKDF
93
94=back
95
96=begin comment
97
98When algorithms for other operations start appearing, the
99following =head2 titles are appropriate to use:
100
101- Message Authentication Code (MAC)
102
103- Key Derivation Function (KDF)
104
105- Key Exchange
106
107- Signature
108
109- Asymmetric Cipher
110
111- Asymmetric Key Management
112
113=end comment
114
115=head1 SEE ALSO
116
117L<OSSL_PARAM(3)>,
118L<openssl-core.h(7)>,
119L<openssl-core_dispatch.h(7)>,
120L<provider(7)>
121
122=head1 HISTORY
123
124This functionality was added in OpenSSL 3.0.
125
126=head1 COPYRIGHT
127
128Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.
129
130Licensed under the Apache License 2.0 (the "License").  You may not use
131this file except in compliance with the License.  You can obtain a copy
132in the file LICENSE in the source distribution or at
133L<https://www.openssl.org/source/license.html>.
134
135=cut
136