1*b077aed3SPierre Pronchery=pod 2*b077aed3SPierre Pronchery 3*b077aed3SPierre Pronchery=head1 NAME 4*b077aed3SPierre Pronchery 5*b077aed3SPierre ProncheryOSSL_PROVIDER-default - OpenSSL default provider 6*b077aed3SPierre Pronchery 7*b077aed3SPierre Pronchery=head1 DESCRIPTION 8*b077aed3SPierre Pronchery 9*b077aed3SPierre ProncheryThe OpenSSL default provider supplies the majority of OpenSSL's diverse 10*b077aed3SPierre Proncheryalgorithm implementations. If an application doesn't specify anything else 11*b077aed3SPierre Proncheryexplicitly (e.g. in the application or via config), then this is the 12*b077aed3SPierre Proncheryprovider that will be used as fallback: It is loaded automatically the 13*b077aed3SPierre Proncheryfirst time that an algorithm is fetched from a provider or a function 14*b077aed3SPierre Proncheryacting on providers is called and no other provider has been loaded yet. 15*b077aed3SPierre Pronchery 16*b077aed3SPierre ProncheryIf an attempt to load a provider has already been made (whether successful 17*b077aed3SPierre Proncheryor not) then the default provider won't be loaded automatically. Therefore 18*b077aed3SPierre Proncheryif the default provider is to be used in conjunction with other providers 19*b077aed3SPierre Proncherythen it must be loaded explicitly. Automatic loading of the default 20*b077aed3SPierre Proncheryprovider only occurs a maximum of once; if the default provider is 21*b077aed3SPierre Proncheryexplicitly unloaded then the default provider will not be automatically 22*b077aed3SPierre Proncheryloaded again. 23*b077aed3SPierre Pronchery 24*b077aed3SPierre Pronchery=head2 Properties 25*b077aed3SPierre Pronchery 26*b077aed3SPierre ProncheryThe implementations in this provider specifically have this property 27*b077aed3SPierre Proncherydefined: 28*b077aed3SPierre Pronchery 29*b077aed3SPierre Pronchery=over 4 30*b077aed3SPierre Pronchery 31*b077aed3SPierre Pronchery=item "provider=default" 32*b077aed3SPierre Pronchery 33*b077aed3SPierre Pronchery=back 34*b077aed3SPierre Pronchery 35*b077aed3SPierre ProncheryIt may be used in a property query string with fetching functions such as 36*b077aed3SPierre ProncheryL<EVP_MD_fetch(3)> or L<EVP_CIPHER_fetch(3)>, as well as with other 37*b077aed3SPierre Proncheryfunctions that take a property query string, such as 38*b077aed3SPierre ProncheryL<EVP_PKEY_CTX_new_from_name(3)>. 39*b077aed3SPierre Pronchery 40*b077aed3SPierre ProncheryIt isn't mandatory to query for this property, except to make sure to get 41*b077aed3SPierre Proncheryimplementations of this provider and none other. 42*b077aed3SPierre Pronchery 43*b077aed3SPierre ProncherySome implementations may define additional properties. Exact information is 44*b077aed3SPierre Proncherylisted below 45*b077aed3SPierre Pronchery 46*b077aed3SPierre Pronchery=head1 OPERATIONS AND ALGORITHMS 47*b077aed3SPierre Pronchery 48*b077aed3SPierre ProncheryThe OpenSSL default provider supports these operations and algorithms: 49*b077aed3SPierre Pronchery 50*b077aed3SPierre Pronchery=head2 Hashing Algorithms / Message Digests 51*b077aed3SPierre Pronchery 52*b077aed3SPierre Pronchery=over 4 53*b077aed3SPierre Pronchery 54*b077aed3SPierre Pronchery=item SHA1, see L<EVP_MD-SHA1(7)> 55*b077aed3SPierre Pronchery 56*b077aed3SPierre Pronchery=item SHA2, see L<EVP_MD-SHA2(7)> 57*b077aed3SPierre Pronchery 58*b077aed3SPierre Pronchery=item SHA3, see L<EVP_MD-SHA3(7)> 59*b077aed3SPierre Pronchery 60*b077aed3SPierre Pronchery=item KECCAK-KMAC, see L<EVP_MD-KECCAK-KMAC(7)> 61*b077aed3SPierre Pronchery 62*b077aed3SPierre Pronchery=item SHAKE, see L<EVP_MD-SHAKE(7)> 63*b077aed3SPierre Pronchery 64*b077aed3SPierre Pronchery=item BLAKE2, see L<EVP_MD-BLAKE2(7)> 65*b077aed3SPierre Pronchery 66*b077aed3SPierre Pronchery=item SM3, see L<EVP_MD-SM3(7)> 67*b077aed3SPierre Pronchery 68*b077aed3SPierre Pronchery=item MD5, see L<EVP_MD-MD5(7)> 69*b077aed3SPierre Pronchery 70*b077aed3SPierre Pronchery=item MD5-SHA1, see L<EVP_MD-MD5-SHA1(7)> 71*b077aed3SPierre Pronchery 72*b077aed3SPierre Pronchery=item RIPEMD160, see L<EVP_MD-RIPEMD160(7)> 73*b077aed3SPierre Pronchery 74*b077aed3SPierre Pronchery=item NULL, see L<EVP_MD-NULL(7)> 75*b077aed3SPierre Pronchery 76*b077aed3SPierre Pronchery=back 77*b077aed3SPierre Pronchery 78*b077aed3SPierre Pronchery=head2 Symmetric Ciphers 79*b077aed3SPierre Pronchery 80*b077aed3SPierre Pronchery=over 4 81*b077aed3SPierre Pronchery 82*b077aed3SPierre Pronchery=item AES, see L<EVP_CIPHER-AES(7)> 83*b077aed3SPierre Pronchery 84*b077aed3SPierre Pronchery=item ARIA, see L<EVP_CIPHER-ARIA(7)> 85*b077aed3SPierre Pronchery 86*b077aed3SPierre Pronchery=item CAMELLIA, see L<EVP_CIPHER-CAMELLIA(7)> 87*b077aed3SPierre Pronchery 88*b077aed3SPierre Pronchery=item 3DES, see L<EVP_CIPHER-DES(7)> 89*b077aed3SPierre Pronchery 90*b077aed3SPierre Pronchery=item SEED, see L<EVP_CIPHER-SEED(7)> 91*b077aed3SPierre Pronchery 92*b077aed3SPierre Pronchery=item SM4, see L<EVP_CIPHER-SM4(7)> 93*b077aed3SPierre Pronchery 94*b077aed3SPierre Pronchery=item ChaCha20, see L<EVP_CIPHER-CHACHA(7)> 95*b077aed3SPierre Pronchery 96*b077aed3SPierre Pronchery=item ChaCha20-Poly1305, see L<EVP_CIPHER-CHACHA(7)> 97*b077aed3SPierre Pronchery 98*b077aed3SPierre Pronchery=item NULL, see L<EVP_CIPHER-NULL(7)> 99*b077aed3SPierre Pronchery 100*b077aed3SPierre Pronchery=back 101*b077aed3SPierre Pronchery 102*b077aed3SPierre Pronchery=head2 Message Authentication Code (MAC) 103*b077aed3SPierre Pronchery 104*b077aed3SPierre Pronchery=over 4 105*b077aed3SPierre Pronchery 106*b077aed3SPierre Pronchery=item BLAKE2, see L<EVP_MAC-BLAKE2(7)> 107*b077aed3SPierre Pronchery 108*b077aed3SPierre Pronchery=item CMAC, see L<EVP_MAC-CMAC(7)> 109*b077aed3SPierre Pronchery 110*b077aed3SPierre Pronchery=item GMAC, see L<EVP_MAC-GMAC(7)> 111*b077aed3SPierre Pronchery 112*b077aed3SPierre Pronchery=item HMAC, see L<EVP_MAC-HMAC(7)> 113*b077aed3SPierre Pronchery 114*b077aed3SPierre Pronchery=item KMAC, see L<EVP_MAC-KMAC(7)> 115*b077aed3SPierre Pronchery 116*b077aed3SPierre Pronchery=item SIPHASH, see L<EVP_MAC-Siphash(7)> 117*b077aed3SPierre Pronchery 118*b077aed3SPierre Pronchery=item POLY1305, see L<EVP_MAC-Poly1305(7)> 119*b077aed3SPierre Pronchery 120*b077aed3SPierre Pronchery=back 121*b077aed3SPierre Pronchery 122*b077aed3SPierre Pronchery=head2 Key Derivation Function (KDF) 123*b077aed3SPierre Pronchery 124*b077aed3SPierre Pronchery=over 4 125*b077aed3SPierre Pronchery 126*b077aed3SPierre Pronchery=item HKDF, see L<EVP_KDF-HKDF(7)> 127*b077aed3SPierre Pronchery 128*b077aed3SPierre Pronchery=item SSKDF, see L<EVP_KDF-SS(7)> 129*b077aed3SPierre Pronchery 130*b077aed3SPierre Pronchery=item PBKDF2, see L<EVP_KDF-PBKDF2(7)> 131*b077aed3SPierre Pronchery 132*b077aed3SPierre Pronchery=item PKCS12KDF, see L<EVP_KDF-PKCS12KDF(7)> 133*b077aed3SPierre Pronchery 134*b077aed3SPierre Pronchery=item SSHKDF, see L<EVP_KDF-SSHKDF(7)> 135*b077aed3SPierre Pronchery 136*b077aed3SPierre Pronchery=item TLS1-PRF, see L<EVP_KDF-TLS1_PRF(7)> 137*b077aed3SPierre Pronchery 138*b077aed3SPierre Pronchery=item KBKDF, see L<EVP_KDF-KB(7)> 139*b077aed3SPierre Pronchery 140*b077aed3SPierre Pronchery=item X942KDF-ASN1, see L<EVP_KDF-X942-ASN1(7)> 141*b077aed3SPierre Pronchery 142*b077aed3SPierre Pronchery=item X942KDF-CONCAT, see L<EVP_KDF-X942-CONCAT(7)> 143*b077aed3SPierre Pronchery 144*b077aed3SPierre Pronchery=item X963KDF, see L<EVP_KDF-X963(7)> 145*b077aed3SPierre Pronchery 146*b077aed3SPierre Pronchery=item SCRYPT, see L<EVP_KDF-SCRYPT(7)> 147*b077aed3SPierre Pronchery 148*b077aed3SPierre Pronchery=item KRB5KDF, see L<EVP_KDF-KRB5KDF(7)> 149*b077aed3SPierre Pronchery 150*b077aed3SPierre Pronchery 151*b077aed3SPierre Pronchery=back 152*b077aed3SPierre Pronchery 153*b077aed3SPierre Pronchery=head2 Key Exchange 154*b077aed3SPierre Pronchery 155*b077aed3SPierre Pronchery=over 4 156*b077aed3SPierre Pronchery 157*b077aed3SPierre Pronchery=item DH, see L<EVP_KEYEXCH-DH(7)> 158*b077aed3SPierre Pronchery 159*b077aed3SPierre Pronchery=item ECDH, see L<EVP_KEYEXCH-ECDH(7)> 160*b077aed3SPierre Pronchery 161*b077aed3SPierre Pronchery=item X25519, see L<EVP_KEYEXCH-X25519(7)> 162*b077aed3SPierre Pronchery 163*b077aed3SPierre Pronchery=item X448, see L<EVP_KEYEXCH-X448(7)> 164*b077aed3SPierre Pronchery 165*b077aed3SPierre Pronchery=back 166*b077aed3SPierre Pronchery 167*b077aed3SPierre Pronchery=head2 Asymmetric Signature 168*b077aed3SPierre Pronchery 169*b077aed3SPierre Pronchery=over 4 170*b077aed3SPierre Pronchery 171*b077aed3SPierre Pronchery=item DSA, see L<EVP_SIGNATURE-DSA(7)> 172*b077aed3SPierre Pronchery 173*b077aed3SPierre Pronchery=item RSA, see L<EVP_SIGNATURE-RSA(7)> 174*b077aed3SPierre Pronchery 175*b077aed3SPierre Pronchery=item HMAC, see L<EVP_SIGNATURE-HMAC(7)> 176*b077aed3SPierre Pronchery 177*b077aed3SPierre Pronchery=item SIPHASH, see L<EVP_SIGNATURE-Siphash(7)> 178*b077aed3SPierre Pronchery 179*b077aed3SPierre Pronchery=item POLY1305, see L<EVP_SIGNATURE-Poly1305(7)> 180*b077aed3SPierre Pronchery 181*b077aed3SPierre Pronchery=item CMAC, see L<EVP_SIGNATURE-CMAC(7)> 182*b077aed3SPierre Pronchery 183*b077aed3SPierre Pronchery=back 184*b077aed3SPierre Pronchery 185*b077aed3SPierre Pronchery=head2 Asymmetric Cipher 186*b077aed3SPierre Pronchery 187*b077aed3SPierre Pronchery=over 4 188*b077aed3SPierre Pronchery 189*b077aed3SPierre Pronchery=item RSA, see L<EVP_ASYM_CIPHER-RSA(7)> 190*b077aed3SPierre Pronchery 191*b077aed3SPierre Pronchery=item SM2, see L<EVP_ASYM_CIPHER-SM2(7)> 192*b077aed3SPierre Pronchery 193*b077aed3SPierre Pronchery=back 194*b077aed3SPierre Pronchery 195*b077aed3SPierre Pronchery=head2 Asymmetric Key Encapsulation 196*b077aed3SPierre Pronchery 197*b077aed3SPierre Pronchery=over 4 198*b077aed3SPierre Pronchery 199*b077aed3SPierre Pronchery=item RSA, see L<EVP_KEM-RSA(7)> 200*b077aed3SPierre Pronchery 201*b077aed3SPierre Pronchery=back 202*b077aed3SPierre Pronchery 203*b077aed3SPierre Pronchery=head2 Asymmetric Key Management 204*b077aed3SPierre Pronchery 205*b077aed3SPierre Pronchery=over 4 206*b077aed3SPierre Pronchery 207*b077aed3SPierre Pronchery=item DH, see L<EVP_KEYMGMT-DH(7)> 208*b077aed3SPierre Pronchery 209*b077aed3SPierre Pronchery=item DHX, see L<EVP_KEYMGMT-DHX(7)> 210*b077aed3SPierre Pronchery 211*b077aed3SPierre Pronchery=item DSA, see L<EVP_KEYMGMT-DSA(7)> 212*b077aed3SPierre Pronchery 213*b077aed3SPierre Pronchery=item RSA, see L<EVP_KEYMGMT-RSA(7)> 214*b077aed3SPierre Pronchery 215*b077aed3SPierre Pronchery=item EC, see L<EVP_KEYMGMT-EC(7)> 216*b077aed3SPierre Pronchery 217*b077aed3SPierre Pronchery=item X25519, see L<EVP_KEYMGMT-X25519(7)> 218*b077aed3SPierre Pronchery 219*b077aed3SPierre Pronchery=item X448, see L<EVP_KEYMGMT-X448(7)> 220*b077aed3SPierre Pronchery 221*b077aed3SPierre Pronchery=back 222*b077aed3SPierre Pronchery 223*b077aed3SPierre Pronchery=head2 Random Number Generation 224*b077aed3SPierre Pronchery 225*b077aed3SPierre Pronchery=over 4 226*b077aed3SPierre Pronchery 227*b077aed3SPierre Pronchery=item CTR-DRBG, see L<EVP_RAND-CTR-DRBG(7)> 228*b077aed3SPierre Pronchery 229*b077aed3SPierre Pronchery=item HASH-DRBG, see L<EVP_RAND-HASH-DRBG(7)> 230*b077aed3SPierre Pronchery 231*b077aed3SPierre Pronchery=item HMAC-DRBG, see L<EVP_RAND-HMAC-DRBG(7)> 232*b077aed3SPierre Pronchery 233*b077aed3SPierre Pronchery=item SEED-SRC, see L<EVP_RAND-SEED-SRC(7)> 234*b077aed3SPierre Pronchery 235*b077aed3SPierre Pronchery=item TEST-RAND, see L<EVP_RAND-TEST-RAND(7)> 236*b077aed3SPierre Pronchery 237*b077aed3SPierre Pronchery=back 238*b077aed3SPierre Pronchery 239*b077aed3SPierre Pronchery=head2 Asymmetric Key Encoder 240*b077aed3SPierre Pronchery 241*b077aed3SPierre ProncheryThe default provider also includes all of the encoding algorithms 242*b077aed3SPierre Proncherypresent in the base provider. Some of these have the property "fips=yes", 243*b077aed3SPierre Proncheryto allow them to be used together with the FIPS provider. 244*b077aed3SPierre Pronchery 245*b077aed3SPierre Pronchery=over 4 246*b077aed3SPierre Pronchery 247*b077aed3SPierre Pronchery=item RSA, see L<OSSL_ENCODER-RSA(7)> 248*b077aed3SPierre Pronchery 249*b077aed3SPierre Pronchery=item DH, see L<OSSL_ENCODER-DH(7)> 250*b077aed3SPierre Pronchery 251*b077aed3SPierre Pronchery=item DSA, see L<OSSL_ENCODER-DSA(7)> 252*b077aed3SPierre Pronchery 253*b077aed3SPierre Pronchery=item EC, see L<OSSL_ENCODER-EC(7)> 254*b077aed3SPierre Pronchery 255*b077aed3SPierre Pronchery=item X25519, see L<OSSL_ENCODER-X25519(7)> 256*b077aed3SPierre Pronchery 257*b077aed3SPierre Pronchery=item X448, see L<OSSL_ENCODER-X448(7)> 258*b077aed3SPierre Pronchery 259*b077aed3SPierre Pronchery=back 260*b077aed3SPierre Pronchery 261*b077aed3SPierre Pronchery=head1 SEE ALSO 262*b077aed3SPierre Pronchery 263*b077aed3SPierre ProncheryL<openssl-core.h(7)>, L<openssl-core_dispatch.h(7)>, L<provider(7)>, 264*b077aed3SPierre ProncheryL<OSSL_PROVIDER-base(7)> 265*b077aed3SPierre Pronchery 266*b077aed3SPierre Pronchery=head1 HISTORY 267*b077aed3SPierre Pronchery 268*b077aed3SPierre ProncheryThe RIPEMD160 digest was added to the default provider in OpenSSL 3.0.7. 269*b077aed3SPierre Pronchery 270*b077aed3SPierre ProncheryAll other functionality was added in OpenSSL 3.0. 271*b077aed3SPierre Pronchery 272*b077aed3SPierre Pronchery=head1 COPYRIGHT 273*b077aed3SPierre Pronchery 274*b077aed3SPierre ProncheryCopyright 2020-2023 The OpenSSL Project Authors. All Rights Reserved. 275*b077aed3SPierre Pronchery 276*b077aed3SPierre ProncheryLicensed under the Apache License 2.0 (the "License"). You may not use 277*b077aed3SPierre Proncherythis file except in compliance with the License. You can obtain a copy 278*b077aed3SPierre Proncheryin the file LICENSE in the source distribution or at 279*b077aed3SPierre ProncheryL<https://www.openssl.org/source/license.html>. 280*b077aed3SPierre Pronchery 281*b077aed3SPierre Pronchery=cut 282