1OSSL_ALGORITHM(3ossl)               OpenSSL              OSSL_ALGORITHM(3ossl)
2
3
4

NAME

6       OSSL_ALGORITHM - OpenSSL Core type to define a fetchable algorithm
7

SYNOPSIS

9        #include <openssl/core.h>
10
11        typedef struct ossl_algorithm_st OSSL_ALGORITHM;
12        struct ossl_algorithm_st {
13            const char *algorithm_names;     /* key */
14            const char *property_definition; /* key */
15            const OSSL_DISPATCH *implementation;
16            const char *algorithm_description;
17        };
18

DESCRIPTION

20       The OSSL_ALGORITHM type is a public structure that describes an
21       algorithm that a provider(7) provides.  Arrays of this type are
22       returned by providers on demand from the OpenSSL libraries to describe
23       what algorithms the providers provide implementations of, and with what
24       properties.
25
26       Arrays of this type must be terminated with a tuple where
27       algorithm_names is NULL.
28
29       This type of array is typically returned by the provider's operation
30       querying function, further described in "Provider Functions" in
31       provider-base(7).
32
33   OSSL_ALGORITHM fields
34       algorithm_names
35           This string is a colon separated set of names / identities, and is
36           used by the appropriate fetching functionality (such as
37           EVP_CIPHER_fetch(3), EVP_MD_fetch(3), etc) to find the desired
38           algorithm.
39
40           Multiple names / identities allow a specific algorithm
41           implementation to be fetched multiple ways.  For example, the RSA
42           algorithm has the following known identities:
43
44           •   "RSA"
45
46           •   "rsaEncryption"
47
48               This is the name of the algorithm's OBJECT IDENTIFIER (OID), as
49               given by the PKCS#1 RFC's ASN.1 module <https://www.rfc-
50               editor.org/rfc/rfc8017#appendix-C>
51
52           •   1.2.840.113549.1.1.1
53
54               This is the OID itself for "rsaEncryption", in canonical
55               decimal text form.
56
57           The resulting algorithm_names string would look like this:
58
59            "RSA:rsaEncryption:1.2.840.113549.1.1.1"
60
61           The OpenSSL libraries use the first of the algorithm names as the
62           main or canonical name, on a per algorithm implementation basis.
63
64           See the notes "On the subject of algorithm names" below for a more
65           in depth discussion on algorithm_names and how that may interact
66           with applications and libraries, including OpenSSL's.
67
68       property_definition
69           This string defines a set of properties associated with a
70           particular algorithm implementation, and is used by the appropriate
71           fetching functionality (such as EVP_CIPHER_fetch(3),
72           EVP_MD_fetch(3), etc) for a finer grained lookup of an algorithm
73           implementation, which is useful in case multiple implementations of
74           the same algorithm are available.
75
76           See property(7) for a further description of the contents of this
77           string.
78
79       implementation
80           Pointer to an OSSL_DISPATCH(3) array, containing pointers to the
81           functions of a particular algorithm implementation.
82
83       algorithm_description
84           A string with a short human-readable description of the algorithm.
85

NOTES

87   On the subject of algorithm names
88       Providers may find the need to register ASN.1 OIDs for algorithms using
89       OBJ_create(3) (via the core_obj_create upcall described in
90       provider-base(7), because some application or library -- possibly still
91       the OpenSSL libraries, even -- use NIDs to look up algorithms.
92
93       In that scenario, you must make sure that the corresponding
94       OSSL_ALGORITHM's algorithm_names includes both the short and the long
95       name.
96
97       Most of the time, registering ASN.1 OIDs like this shouldn't be
98       necessary, and applications and libraries are encouraged to use
99       OBJ_obj2txt(3) to get a text representation of the OID, which may be a
100       long or short name for OIDs that are registered, or the OID itself in
101       canonical decimal text form if not (or if OBJ_obj2txt(3) is called with
102       no_name = 1).
103
104       It's recommended to make sure that the corresponding OSSL_ALGORITHM's
105       algorithm_names include known names as well as the OID itself in
106       canonical decimal text form.  That should cover all scenarios.
107

SEE ALSO

109       crypto(7), provider-base(7), openssl-core.h(7),
110       openssl-core_dispatch.h(7), OSSL_DISPATCH(3)
111

HISTORY

113       OSSL_ALGORITHM was added in OpenSSL 3.0
114
116       Copyright 2022 The OpenSSL Project Authors. All Rights Reserved.
117
118       Licensed under the Apache License 2.0 (the "License").  You may not use
119       this file except in compliance with the License.  You can obtain a copy
120       in the file LICENSE in the source distribution or at
121       <https://www.openssl.org/source/license.html>.
122
123
124
1253.1.1                             2023-08-31             OSSL_ALGORITHM(3ossl)
Impressum