1OSSL_PROVIDER(3ossl) OpenSSL OSSL_PROVIDER(3ossl)
2
3
4
6 OSSL_PROVIDER_set_default_search_path, OSSL_PROVIDER,
7 OSSL_PROVIDER_load, OSSL_PROVIDER_try_load, OSSL_PROVIDER_unload,
8 OSSL_PROVIDER_available, OSSL_PROVIDER_do_all,
9 OSSL_PROVIDER_gettable_params, OSSL_PROVIDER_get_params,
10 OSSL_PROVIDER_query_operation, OSSL_PROVIDER_unquery_operation,
11 OSSL_PROVIDER_get0_provider_ctx, OSSL_PROVIDER_get0_dispatch,
12 OSSL_PROVIDER_add_builtin, OSSL_PROVIDER_get0_name,
13 OSSL_PROVIDER_get_capabilities, OSSL_PROVIDER_self_test - provider
14 routines
15
17 #include <openssl/provider.h>
18
19 typedef struct ossl_provider_st OSSL_PROVIDER;
20
21 int OSSL_PROVIDER_set_default_search_path(OSSL_LIB_CTX *libctx,
22 const char *path);
23
24 OSSL_PROVIDER *OSSL_PROVIDER_load(OSSL_LIB_CTX *libctx, const char *name);
25 OSSL_PROVIDER *OSSL_PROVIDER_try_load(OSSL_LIB_CTX *libctx, const char *name,
26 int retain_fallbacks);
27 int OSSL_PROVIDER_unload(OSSL_PROVIDER *prov);
28 int OSSL_PROVIDER_available(OSSL_LIB_CTX *libctx, const char *name);
29 int OSSL_PROVIDER_do_all(OSSL_LIB_CTX *ctx,
30 int (*cb)(OSSL_PROVIDER *provider, void *cbdata),
31 void *cbdata);
32
33 const OSSL_PARAM *OSSL_PROVIDER_gettable_params(OSSL_PROVIDER *prov);
34 int OSSL_PROVIDER_get_params(OSSL_PROVIDER *prov, OSSL_PARAM params[]);
35
36 const OSSL_ALGORITHM *OSSL_PROVIDER_query_operation(const OSSL_PROVIDER *prov,
37 int operation_id,
38 int *no_cache);
39 void OSSL_PROVIDER_unquery_operation(const OSSL_PROVIDER *prov,
40 int operation_id,
41 const OSSL_ALGORITHM *algs);
42 void *OSSL_PROVIDER_get0_provider_ctx(const OSSL_PROVIDER *prov);
43 const OSSL_DISPATCH *OSSL_PROVIDER_get0_dispatch(const OSSL_PROVIDER *prov);
44
45 int OSSL_PROVIDER_add_builtin(OSSL_LIB_CTX *libctx, const char *name,
46 ossl_provider_init_fn *init_fn);
47
48 const char *OSSL_PROVIDER_get0_name(const OSSL_PROVIDER *prov);
49
50 int OSSL_PROVIDER_get_capabilities(const OSSL_PROVIDER *prov,
51 const char *capability,
52 OSSL_CALLBACK *cb,
53 void *arg);
54 int OSSL_PROVIDER_self_test(const OSSL_PROVIDER *prov);
55
57 OSSL_PROVIDER is a type that holds internal information about
58 implementation providers (see provider(7) for information on what a
59 provider is). A provider can be built in to the application or the
60 OpenSSL libraries, or can be a loadable module. The functions
61 described here handle both forms.
62
63 Some of these functions operate within a library context, please see
64 OSSL_LIB_CTX(3) for further details.
65
66 Functions
67 OSSL_PROVIDER_set_default_search_path() specifies the default search
68 path that is to be used for looking for providers in the specified
69 libctx. If left unspecified, an environment variable and a fall back
70 default value will be used instead.
71
72 OSSL_PROVIDER_add_builtin() is used to add a built in provider to
73 OSSL_PROVIDER store in the given library context, by associating a
74 provider name with a provider initialization function. This name can
75 then be used with OSSL_PROVIDER_load().
76
77 OSSL_PROVIDER_load() loads and initializes a provider. This may simply
78 initialize a provider that was previously added with
79 OSSL_PROVIDER_add_builtin() and run its given initialization function,
80 or load a provider module with the given name and run its provider
81 entry point, "OSSL_provider_init". The name can be a path to a provider
82 module, in that case the provider name as returned by
83 OSSL_PROVIDER_get0_name() will be the path. Interpretation of relative
84 paths is platform dependent and they are relative to the configured
85 "MODULESDIR" directory or the path set in the environment variable
86 OPENSSL_MODULES if set.
87
88 OSSL_PROVIDER_try_load() functions like OSSL_PROVIDER_load(), except
89 that it does not disable the fallback providers if the provider cannot
90 be loaded and initialized or if retain_fallbacks is zero. If the
91 provider loads successfully and retain_fallbacks is nonzero, the
92 fallback providers are disabled.
93
94 OSSL_PROVIDER_unload() unloads the given provider. For a provider
95 added with OSSL_PROVIDER_add_builtin(), this simply runs its teardown
96 function.
97
98 OSSL_PROVIDER_available() checks if a named provider is available for
99 use.
100
101 OSSL_PROVIDER_do_all() iterates over all loaded providers, calling cb
102 for each one, with the current provider in provider and the cbdata that
103 comes from the caller. If no other provider has been loaded before
104 calling this function, the default provider is still available as
105 fallback. See OSSL_PROVIDER-default(7) for more information on this
106 fallback behaviour.
107
108 OSSL_PROVIDER_gettable_params() is used to get a provider parameter
109 descriptor set as a constant OSSL_PARAM(3) array.
110
111 OSSL_PROVIDER_get_params() is used to get provider parameter values.
112 The caller must prepare the OSSL_PARAM(3) array before calling this
113 function, and the variables acting as buffers for this parameter array
114 should be filled with data when it returns successfully.
115
116 OSSL_PROVIDER_self_test() is used to run a provider's self tests on
117 demand. If the self tests fail then the provider will fail to provide
118 any further services and algorithms. OSSL_SELF_TEST_set_callback(3) may
119 be called beforehand in order to display diagnostics for the running
120 self tests.
121
122 OSSL_PROVIDER_query_operation() calls the provider's query_operation
123 function (see provider(7)), if the provider has one. It returns an
124 array of OSSL_ALGORITHM for the given operation_id terminated by an all
125 NULL OSSL_ALGORITHM entry. This is considered a low-level function that
126 most applications should not need to call.
127
128 OSSL_PROVIDER_unquery_operation() calls the provider's
129 unquery_operation function (see provider(7)), if the provider has one.
130 This is considered a low-level function that most applications should
131 not need to call.
132
133 OSSL_PROVIDER_get0_provider_ctx() returns the provider context for the
134 given provider. The provider context is an opaque handle set by the
135 provider itself and is passed back to the provider by libcrypto in
136 various function calls.
137
138 OSSL_PROVIDER_get0_dispatch() returns the provider's dispatch table as
139 it was returned in the out parameter from the provider's init function.
140 See provider-base(7).
141
142 If it is permissible to cache references to this array then *no_store
143 is set to 0 or 1 otherwise. If the array is not cacheable then it is
144 assumed to have a short lifetime.
145
146 OSSL_PROVIDER_get0_name() returns the name of the given provider.
147
148 OSSL_PROVIDER_get_capabilities() provides information about the
149 capabilities supported by the provider specified in prov with the
150 capability name capability. For each capability of that name supported
151 by the provider it will call the callback cb and supply a set of
152 OSSL_PARAM(3)s describing the capability. It will also pass back the
153 argument arg. For more details about capabilities and what they can be
154 used for please see "CAPABILTIIES" in provider-base(7).
155
157 OSSL_PROVIDER_set_default_search_path(), OSSL_PROVIDER_add(),
158 OSSL_PROVIDER_unload(), OSSL_PROVIDER_get_params() and
159 OSSL_PROVIDER_get_capabilities() return 1 on success, or 0 on error.
160
161 OSSL_PROVIDER_load() and OSSL_PROVIDER_try_load() return a pointer to a
162 provider object on success, or NULL on error.
163
164 OSSL_PROVIDER_do_all() returns 1 if the callback cb returns 1 for every
165 provider it is called with, or 0 if any provider callback invocation
166 returns 0; callback processing stops at the first callback invocation
167 on a provider that returns 0.
168
169 OSSL_PROVIDER_available() returns 1 if the named provider is available,
170 otherwise 0.
171
172 OSSL_PROVIDER_gettable_params() returns a pointer to an array of
173 constant OSSL_PARAM(3), or NULL if none is provided.
174
175 OSSL_PROVIDER_get_params() and returns 1 on success, or 0 on error.
176
177 OSSL_PROVIDER_query_operation() returns an array of OSSL_ALGORITHM or
178 NULL on error.
179
180 OSSL_PROVIDER_self_test() returns 1 if the self tests pass, or 0 on
181 error.
182
184 This demonstrates how to load the provider module "foo" and ask for its
185 build information.
186
187 #include <openssl/params.h>
188 #include <openssl/provider.h>
189 #include <openssl/err.h>
190
191 OSSL_PROVIDER *prov = NULL;
192 const char *build = NULL;
193 OSSL_PARAM request[] = {
194 { "buildinfo", OSSL_PARAM_UTF8_PTR, &build, 0, 0 },
195 { NULL, 0, NULL, 0, 0 }
196 };
197
198 if ((prov = OSSL_PROVIDER_load(NULL, "foo")) != NULL
199 && OSSL_PROVIDER_get_params(prov, request))
200 printf("Provider 'foo' buildinfo: %s\n", build);
201 else
202 ERR_print_errors_fp(stderr);
203
205 openssl-core.h(7), OSSL_LIB_CTX(3), provider(7)
206
208 The type and functions described here were added in OpenSSL 3.0.
209
211 Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved.
212
213 Licensed under the Apache License 2.0 (the "License"). You may not use
214 this file except in compliance with the License. You can obtain a copy
215 in the file LICENSE in the source distribution or at
216 <https://www.openssl.org/source/license.html>.
217
218
219
2203.0.9 2023-07-27 OSSL_PROVIDER(3ossl)