1OSSL_PROVIDER(3ossl)                OpenSSL               OSSL_PROVIDER(3ossl)
2
3
4

NAME

6       OSSL_PROVIDER_set_default_search_path, OSSL_PROVIDER,
7       OSSL_PROVIDER_load, OSSL_PROVIDER_try_load, OSSL_PROVIDER_unload,
8       OSSL_PROVIDER_available, OSSL_PROVIDER_do_all,
9       OSSL_PROVIDER_gettable_params, OSSL_PROVIDER_get_params,
10       OSSL_PROVIDER_query_operation, OSSL_PROVIDER_unquery_operation,
11       OSSL_PROVIDER_get0_provider_ctx, OSSL_PROVIDER_get0_dispatch,
12       OSSL_PROVIDER_add_builtin, OSSL_PROVIDER_get0_name,
13       OSSL_PROVIDER_get_capabilities, OSSL_PROVIDER_self_test - provider
14       routines
15

SYNOPSIS

17        #include <openssl/provider.h>
18
19        typedef struct ossl_provider_st OSSL_PROVIDER;
20
21        void OSSL_PROVIDER_set_default_search_path(OSSL_LIB_CTX *libctx,
22                                                   const char *path);
23
24        OSSL_PROVIDER *OSSL_PROVIDER_load(OSSL_LIB_CTX *libctx, const char *name);
25        OSSL_PROVIDER *OSSL_PROVIDER_try_load(OSSL_LIB_CTX *libctx, const char *name,
26                                              int retain_fallbacks);
27        int OSSL_PROVIDER_unload(OSSL_PROVIDER *prov);
28        int OSSL_PROVIDER_available(OSSL_LIB_CTX *libctx, const char *name);
29        int OSSL_PROVIDER_do_all(OSSL_LIB_CTX *ctx,
30                                 int (*cb)(OSSL_PROVIDER *provider, void *cbdata),
31                                 void *cbdata);
32
33        const OSSL_PARAM *OSSL_PROVIDER_gettable_params(OSSL_PROVIDER *prov);
34        int OSSL_PROVIDER_get_params(OSSL_PROVIDER *prov, OSSL_PARAM params[]);
35
36        const OSSL_ALGORITHM *OSSL_PROVIDER_query_operation(const OSSL_PROVIDER *prov,
37                                                            int operation_id,
38                                                            int *no_cache);
39        void OSSL_PROVIDER_unquery_operation(const OSSL_PROVIDER *prov,
40                                             int operation_id,
41                                             const OSSL_ALGORITHM *algs);
42        void *OSSL_PROVIDER_get0_provider_ctx(const OSSL_PROVIDER *prov);
43        const OSSL_DISPATCH *OSSL_PROVIDER_get0_dispatch(const OSSL_PROVIDER *prov);
44
45        int OSSL_PROVIDER_add_builtin(OSSL_LIB_CTX *libctx, const char *name,
46                                      ossl_provider_init_fn *init_fn);
47
48        const char *OSSL_PROVIDER_get0_name(const OSSL_PROVIDER *prov);
49
50        int OSSL_PROVIDER_get_capabilities(const OSSL_PROVIDER *prov,
51                                           const char *capability,
52                                           OSSL_CALLBACK *cb,
53                                           void *arg);
54        int OSSL_PROVIDER_self_test(const OSSL_PROVIDER *prov);
55

DESCRIPTION

57       OSSL_PROVIDER is a type that holds internal information about
58       implementation providers (see provider(7) for information on what a
59       provider is).  A provider can be built in to the application or the
60       OpenSSL libraries, or can be a loadable module.  The functions
61       described here handle both forms.
62
63       Some of these functions operate within a library context, please see
64       OSSL_LIB_CTX(3) for further details.
65
66   Functions
67       OSSL_PROVIDER_set_default_search_path() specifies the default search
68       path that is to be used for looking for providers in the specified
69       libctx.  If left unspecified, an environment variable and a fall back
70       default value will be used instead.
71
72       OSSL_PROVIDER_add_builtin() is used to add a built in provider to
73       OSSL_PROVIDER store in the given library context, by associating a
74       provider name with a provider initialization function.  This name can
75       then be used with OSSL_PROVIDER_load().
76
77       OSSL_PROVIDER_load() loads and initializes a provider.  This may simply
78       initialize a provider that was previously added with
79       OSSL_PROVIDER_add_builtin() and run its given initialization function,
80       or load a provider module with the given name and run its provider
81       entry point, "OSSL_provider_init". The name can be a path to a provider
82       module, in that case the provider name as returned by
83       OSSL_PROVIDER_get0_name() will be the path. Interpretation of relative
84       paths is platform dependent and they are relative to the configured
85       "MODULESDIR" directory or the path set in the environment variable
86       OPENSSL_MODULES if set.
87
88       OSSL_PROVIDER_try_load() functions like OSSL_PROVIDER_load(), except
89       that it does not disable the fallback providers if the provider cannot
90       be loaded and initialized or if retain_fallbacks is zero.  If the
91       provider loads successfully and retain_fallbacks is nonzero, the
92       fallback providers are disabled.
93
94       OSSL_PROVIDER_unload() unloads the given provider.  For a provider
95       added with OSSL_PROVIDER_add_builtin(), this simply runs its teardown
96       function.
97
98       OSSL_PROVIDER_available() checks if a named provider is available for
99       use.
100
101       OSSL_PROVIDER_do_all() iterates over all loaded providers, calling cb
102       for each one, with the current provider in provider and the cbdata that
103       comes from the caller. If no other provider has been loaded before
104       calling this function, the default provider is still available as
105       fallback.  See OSSL_PROVIDER-default(7) for more information on this
106       fallback behaviour.
107
108       OSSL_PROVIDER_gettable_params() is used to get a provider parameter
109       descriptor set as a constant OSSL_PARAM array.  See OSSL_PARAM(3) for
110       more information.
111
112       OSSL_PROVIDER_get_params() is used to get provider parameter values.
113       The caller must prepare the OSSL_PARAM array before calling this
114       function, and the variables acting as buffers for this parameter array
115       should be filled with data when it returns successfully.
116
117       OSSL_PROVIDER_self_test() is used to run a provider's self tests on
118       demand.  If the self tests fail then the provider will fail to provide
119       any further services and algorithms. OSSL_SELF_TEST_set_callback(3) may
120       be called beforehand in order to display diagnostics for the running
121       self tests.
122
123       OSSL_PROVIDER_query_operation() calls the provider's query_operation
124       function (see provider(7)), if the provider has one. It returns an
125       array of OSSL_ALGORITHM for the given operation_id terminated by an all
126       NULL OSSL_ALGORITHM entry. This is considered a low-level function that
127       most applications should not need to call.
128
129       OSSL_PROVIDER_unquery_operation() calls the provider's
130       unquery_operation function (see provider(7)), if the provider has one.
131       This is considered a low-level function that most applications should
132       not need to call.
133
134       OSSL_PROVIDER_get0_provider_ctx() returns the provider context for the
135       given provider. The provider context is an opaque handle set by the
136       provider itself and is passed back to the provider by libcrypto in
137       various function calls.
138
139       OSSL_PROVIDER_get0_dispatch() returns the provider's dispatch table as
140       it was returned in the out parameter from the provider's init function.
141       See provider-base(7).
142
143       If it is permissible to cache references to this array then *no_store
144       is set to 0 or 1 otherwise. If the array is not cacheable then it is
145       assumed to have a short lifetime.
146
147       OSSL_PROVIDER_get0_name() returns the name of the given provider.
148
149       OSSL_PROVIDER_get_capabilities() provides information about the
150       capabilities supported by the provider specified in prov with the
151       capability name capability. For each capability of that name supported
152       by the provider it will call the callback cb and supply a set of
153       OSSL_PARAMs describing the capability. It will also pass back the
154       argument arg. For more details about capabilities and what they can be
155       used for please see "CAPABILTIIES" in provider-base(7).
156

RETURN VALUES

158       OSSL_PROVIDER_add(), OSSL_PROVIDER_unload(), OSSL_PROVIDER_get_params()
159       and OSSL_PROVIDER_get_capabilities() return 1 on success, or 0 on
160       error.
161
162       OSSL_PROVIDER_load() and OSSL_PROVIDER_try_load() return a pointer to a
163       provider object on success, or NULL on error.
164
165       OSSL_PROVIDER_do_all() returns 1 if the callback cb returns 1 for every
166       provider it is called with, or 0 if any provider callback invocation
167       returns 0; callback processing stops at the first callback invocation
168       on a provider that returns 0.
169
170       OSSL_PROVIDER_available() returns 1 if the named provider is available,
171       otherwise 0.
172
173       OSSL_PROVIDER_gettable_params() returns a pointer to an array of
174       constant OSSL_PARAM, or NULL if none is provided.
175
176       OSSL_PROVIDER_get_params() and returns 1 on success, or 0 on error.
177
178       OSSL_PROVIDER_query_operation() returns an array of OSSL_ALGORITHM or
179       NULL on error.
180
181       OSSL_PROVIDER_self_test() returns 1 if the self tests pass, or 0 on
182       error.
183

EXAMPLES

185       This demonstrates how to load the provider module "foo" and ask for its
186       build information.
187
188        #include <openssl/params.h>
189        #include <openssl/provider.h>
190        #include <openssl/err.h>
191
192        OSSL_PROVIDER *prov = NULL;
193        const char *build = NULL;
194        OSSL_PARAM request[] = {
195            { "buildinfo", OSSL_PARAM_UTF8_PTR, &build, 0, 0 },
196            { NULL, 0, NULL, 0, 0 }
197        };
198
199        if ((prov = OSSL_PROVIDER_load(NULL, "foo")) != NULL
200            && OSSL_PROVIDER_get_params(prov, request))
201            printf("Provider 'foo' buildinfo: %s\n", build);
202        else
203            ERR_print_errors_fp(stderr);
204

SEE ALSO

206       openssl-core.h(7), OSSL_LIB_CTX(3), provider(7)
207

HISTORY

209       The type and functions described here were added in OpenSSL 3.0.
210
212       Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
213
214       Licensed under the Apache License 2.0 (the "License").  You may not use
215       this file except in compliance with the License.  You can obtain a copy
216       in the file LICENSE in the source distribution or at
217       <https://www.openssl.org/source/license.html>.
218
219
220
2213.0.5                             2022-07-05              OSSL_PROVIDER(3ossl)
Impressum