1OSSL_PROVIDER(3ossl) OpenSSL OSSL_PROVIDER(3ossl)
2
3
4
6 OSSL_PROVIDER_set_default_search_path, OSSL_PROVIDER,
7 OSSL_PROVIDER_load, OSSL_PROVIDER_try_load, OSSL_PROVIDER_unload,
8 OSSL_PROVIDER_available, OSSL_PROVIDER_do_all,
9 OSSL_PROVIDER_gettable_params, OSSL_PROVIDER_get_params,
10 OSSL_PROVIDER_query_operation, OSSL_PROVIDER_unquery_operation,
11 OSSL_PROVIDER_get0_provider_ctx, OSSL_PROVIDER_get0_dispatch,
12 OSSL_PROVIDER_add_builtin, OSSL_PROVIDER_get0_name,
13 OSSL_PROVIDER_get_capabilities, OSSL_PROVIDER_self_test - provider
14 routines
15
17 #include <openssl/provider.h>
18
19 typedef struct ossl_provider_st OSSL_PROVIDER;
20
21 void OSSL_PROVIDER_set_default_search_path(OSSL_LIB_CTX *libctx,
22 const char *path);
23
24 OSSL_PROVIDER *OSSL_PROVIDER_load(OSSL_LIB_CTX *libctx, const char *name);
25 OSSL_PROVIDER *OSSL_PROVIDER_try_load(OSSL_LIB_CTX *libctx, const char *name,
26 int retain_fallbacks);
27 int OSSL_PROVIDER_unload(OSSL_PROVIDER *prov);
28 int OSSL_PROVIDER_available(OSSL_LIB_CTX *libctx, const char *name);
29 int OSSL_PROVIDER_do_all(OSSL_LIB_CTX *ctx,
30 int (*cb)(OSSL_PROVIDER *provider, void *cbdata),
31 void *cbdata);
32
33 const OSSL_PARAM *OSSL_PROVIDER_gettable_params(OSSL_PROVIDER *prov);
34 int OSSL_PROVIDER_get_params(OSSL_PROVIDER *prov, OSSL_PARAM params[]);
35
36 const OSSL_ALGORITHM *OSSL_PROVIDER_query_operation(const OSSL_PROVIDER *prov,
37 int operation_id,
38 int *no_cache);
39 void OSSL_PROVIDER_unquery_operation(const OSSL_PROVIDER *prov,
40 int operation_id,
41 const OSSL_ALGORITHM *algs);
42 void *OSSL_PROVIDER_get0_provider_ctx(const OSSL_PROVIDER *prov);
43 const OSSL_DISPATCH *OSSL_PROVIDER_get0_dispatch(const OSSL_PROVIDER *prov);
44
45 int OSSL_PROVIDER_add_builtin(OSSL_LIB_CTX *libctx, const char *name,
46 ossl_provider_init_fn *init_fn);
47
48 const char *OSSL_PROVIDER_get0_name(const OSSL_PROVIDER *prov);
49
50 int OSSL_PROVIDER_get_capabilities(const OSSL_PROVIDER *prov,
51 const char *capability,
52 OSSL_CALLBACK *cb,
53 void *arg);
54 int OSSL_PROVIDER_self_test(const OSSL_PROVIDER *prov);
55
57 OSSL_PROVIDER is a type that holds internal information about
58 implementation providers (see provider(7) for information on what a
59 provider is). A provider can be built in to the application or the
60 OpenSSL libraries, or can be a loadable module. The functions
61 described here handle both forms.
62
63 Some of these functions operate within a library context, please see
64 OSSL_LIB_CTX(3) for further details.
65
66 Functions
67 OSSL_PROVIDER_set_default_search_path() specifies the default search
68 path that is to be used for looking for providers in the specified
69 libctx. If left unspecified, an environment variable and a fall back
70 default value will be used instead.
71
72 OSSL_PROVIDER_add_builtin() is used to add a built in provider to
73 OSSL_PROVIDER store in the given library context, by associating a
74 provider name with a provider initialization function. This name can
75 then be used with OSSL_PROVIDER_load().
76
77 OSSL_PROVIDER_load() loads and initializes a provider. This may simply
78 initialize a provider that was previously added with
79 OSSL_PROVIDER_add_builtin() and run its given initialization function,
80 or load a provider module with the given name and run its provider
81 entry point, "OSSL_provider_init". The name can be a path to a provider
82 module, in that case the provider name as returned by
83 OSSL_PROVIDER_get0_name() will be the path. Interpretation of relative
84 paths is platform dependent and they are relative to the configured
85 "MODULESDIR" directory or the path set in the environment variable
86 OPENSSL_MODULES if set.
87
88 OSSL_PROVIDER_try_load() functions like OSSL_PROVIDER_load(), except
89 that it does not disable the fallback providers if the provider cannot
90 be loaded and initialized or if retain_fallbacks is zero. If the
91 provider loads successfully and retain_fallbacks is nonzero, the
92 fallback providers are disabled.
93
94 OSSL_PROVIDER_unload() unloads the given provider. For a provider
95 added with OSSL_PROVIDER_add_builtin(), this simply runs its teardown
96 function.
97
98 OSSL_PROVIDER_available() checks if a named provider is available for
99 use.
100
101 OSSL_PROVIDER_do_all() iterates over all loaded providers, calling cb
102 for each one, with the current provider in provider and the cbdata that
103 comes from the caller. If no other provider has been loaded before
104 calling this function, the default provider is still available as
105 fallback. See OSSL_PROVIDER-default(7) for more information on this
106 fallback behaviour.
107
108 OSSL_PROVIDER_gettable_params() is used to get a provider parameter
109 descriptor set as a constant OSSL_PARAM array. See OSSL_PARAM(3) for
110 more information.
111
112 OSSL_PROVIDER_get_params() is used to get provider parameter values.
113 The caller must prepare the OSSL_PARAM array before calling this
114 function, and the variables acting as buffers for this parameter array
115 should be filled with data when it returns successfully.
116
117 OSSL_PROVIDER_self_test() is used to run a provider's self tests on
118 demand. If the self tests fail then the provider will fail to provide
119 any further services and algorithms. OSSL_SELF_TEST_set_callback(3) may
120 be called beforehand in order to display diagnostics for the running
121 self tests.
122
123 OSSL_PROVIDER_query_operation() calls the provider's query_operation
124 function (see provider(7)), if the provider has one. It returns an
125 array of OSSL_ALGORITHM for the given operation_id terminated by an all
126 NULL OSSL_ALGORITHM entry. This is considered a low-level function that
127 most applications should not need to call.
128
129 OSSL_PROVIDER_unquery_operation() calls the provider's
130 unquery_operation function (see provider(7)), if the provider has one.
131 This is considered a low-level function that most applications should
132 not need to call.
133
134 OSSL_PROVIDER_get0_provider_ctx() returns the provider context for the
135 given provider. The provider context is an opaque handle set by the
136 provider itself and is passed back to the provider by libcrypto in
137 various function calls.
138
139 OSSL_PROVIDER_get0_dispatch() returns the provider's dispatch table as
140 it was returned in the out parameter from the provider's init function.
141 See provider-base(7).
142
143 If it is permissible to cache references to this array then *no_store
144 is set to 0 or 1 otherwise. If the array is not cacheable then it is
145 assumed to have a short lifetime.
146
147 OSSL_PROVIDER_get0_name() returns the name of the given provider.
148
149 OSSL_PROVIDER_get_capabilities() provides information about the
150 capabilities supported by the provider specified in prov with the
151 capability name capability. For each capability of that name supported
152 by the provider it will call the callback cb and supply a set of
153 OSSL_PARAMs describing the capability. It will also pass back the
154 argument arg. For more details about capabilities and what they can be
155 used for please see "CAPABILTIIES" in provider-base(7).
156
158 OSSL_PROVIDER_add(), OSSL_PROVIDER_unload(), OSSL_PROVIDER_get_params()
159 and OSSL_PROVIDER_get_capabilities() return 1 on success, or 0 on
160 error.
161
162 OSSL_PROVIDER_load() and OSSL_PROVIDER_try_load() return a pointer to a
163 provider object on success, or NULL on error.
164
165 OSSL_PROVIDER_do_all() returns 1 if the callback cb returns 1 for every
166 provider it is called with, or 0 if any provider callback invocation
167 returns 0; callback processing stops at the first callback invocation
168 on a provider that returns 0.
169
170 OSSL_PROVIDER_available() returns 1 if the named provider is available,
171 otherwise 0.
172
173 OSSL_PROVIDER_gettable_params() returns a pointer to an array of
174 constant OSSL_PARAM, or NULL if none is provided.
175
176 OSSL_PROVIDER_get_params() and returns 1 on success, or 0 on error.
177
178 OSSL_PROVIDER_query_operation() returns an array of OSSL_ALGORITHM or
179 NULL on error.
180
181 OSSL_PROVIDER_self_test() returns 1 if the self tests pass, or 0 on
182 error.
183
185 This demonstrates how to load the provider module "foo" and ask for its
186 build information.
187
188 #include <openssl/params.h>
189 #include <openssl/provider.h>
190 #include <openssl/err.h>
191
192 OSSL_PROVIDER *prov = NULL;
193 const char *build = NULL;
194 OSSL_PARAM request[] = {
195 { "buildinfo", OSSL_PARAM_UTF8_PTR, &build, 0, 0 },
196 { NULL, 0, NULL, 0, 0 }
197 };
198
199 if ((prov = OSSL_PROVIDER_load(NULL, "foo")) != NULL
200 && OSSL_PROVIDER_get_params(prov, request))
201 printf("Provider 'foo' buildinfo: %s\n", build);
202 else
203 ERR_print_errors_fp(stderr);
204
206 openssl-core.h(7), OSSL_LIB_CTX(3), provider(7)
207
209 The type and functions described here were added in OpenSSL 3.0.
210
212 Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
213
214 Licensed under the Apache License 2.0 (the "License"). You may not use
215 this file except in compliance with the License. You can obtain a copy
216 in the file LICENSE in the source distribution or at
217 <https://www.openssl.org/source/license.html>.
218
219
220
2213.0.5 2022-11-01 OSSL_PROVIDER(3ossl)