ossl-guide-libraries-introduction.7 - OpenGrok cross reference for /freebsd/secure/lib/libcrypto/man/man7/ossl-guide-libraries-introduction.7

Lines Matching +full:many +full:- +full:to +full:- +full:one
1 .\" -*- mode: troff; coding: utf-8 -*-
35 .\" entries marked with X<> in POD.  Of course, you'll have to process the
57 .IX Title "OSSL-GUIDE-LIBRARIES-INTRODUCTION 7ossl"
58 .TH OSSL-GUIDE-LIBRARIES-INTRODUCTION 7ossl 2025-09-30 3.5.4 OpenSSL
60 .\" way too many mistakes in technical documents.
64 ossl\-guide\-libraries\-introduction
65 \&\- OpenSSL Guide: An introduction to the OpenSSL libraries
80 The \f(CW\*(C`libssl\*(C'\fR library provides functions to perform secure communication between
84 The \f(CW\*(C`libssl\*(C'\fR library depends on and uses many of the capabilities supplied by
97 algorithm AES). In order to use an algorithm you must have at least one
101 Providers may either be "built-in" or in the form of a separate loadable module
102 file (typically one ending in ".so" or ".dll" dependent on the platform). A
103 built-in provider is one that is either already present in \f(CW\*(C`libcrypto\*(C'\fR or one
108 then the OpenSSL built-in "default" provider will be automatically loaded.
118 Many OpenSSL API functions make use of a library context. A library context can
122 application to each use a different library context and have different providers
128 Library contexts are represented by the \fBOSSL_LIB_CTX\fR type. Many OpenSSL API
130 \&\fBNULL\fR for this parameter to just use the default library context.
134 initialise OpenSSL for use. Unlike in earlier versions of OpenSSL (prior to
135 1.1.0) no explicit initialisation steps need to be taken.
138 automatically destroyed. No explicit de-initialisation steps need to be taken.
141 See also "ALGORITHM FETCHING" in \fBossl\-guide\-libcrypto\-introduction\fR\|(7).
144 In some cases the available providers may mean that more than one implementation
146 supplies alternative implementations of many of the same algorithms that are
150 When OpenSSL fetches an algorithm to use it is possible to specify a "property
151 query string" to guide the selection process. For example a property query
152 string of "provider=default" could be used to force the selection to only
155 Property query strings can be specified explicitly as an argument to a function.
156 It is also possible to specify a default property query string for the whole
163 See "ALGORITHM FETCHING" in \fBossl\-guide\-libcrypto\-introduction\fR\|(7) for more
166 .SH "MULTI-THREADED APPLICATIONS"
167 .IX Header "MULTI-THREADED APPLICATIONS"
169 on most platforms) then most OpenSSL \fIfunctions\fR are thread-safe in the sense
170 that it is safe to call the same function from multiple threads at the same
171 time. However most OpenSSL \fIdata structures\fR are not thread-safe. For example
173 would not be thread safe to call \fBBIO_write()\fR from one thread while calling
175 since both of them may attempt to make changes to the same \fBBIO\fR object.
177 There are exceptions to these rules. A small number of functions are not thread
180 or fully thread safe. For example it is always safe to use an \fBOSSL_LIB_CTX\fR in
183 See \fBopenssl\-threads\fR\|(7) for a more detailed discussion on OpenSSL threading
188 function has been successful or not. It is considered best practice to always
189 check the return value from OpenSSL functions (where one is available).
195 success. Some of these functions will return 0 to indicate failure. Others may
199 small number of functions that do not conform to the above conventions (e.g.
200 they may return 0 to indicate success).
202 Due to the above variations in behaviour it is important to check the
203 documentation for each function for information about how to interpret the
206 It is sometimes necessary to get further information about the cause of a
207 failure (e.g. for debugging or logging purposes). Many (but not all) functions
208 will add further information about a failure to the OpenSSL error stack. By
213 OpenSSL supplies a set of error handling functions to query the error stack. See
217 for how to clear old errors from the error stack.
222 The algorithms available in each of these providers may vary due to build time
223 configuration options. The \fBopenssl\-list\fR\|(1) command can be used to list the
226 The names of the algorithms shown from \fBopenssl\-list\fR\|(1) can be used as an
227 algorithm identifier to the appropriate fetching function. Also see the provider
235 The default provider is built-in as part of the \fIlibcrypto\fR library and
244 provider would also need to be explicitly loaded if it is required.
246 See \fBOSSL_PROVIDER\-default\fR\|(7).
257 used to select such algorithms.
259 See \fBOSSL_PROVIDER\-base\fR\|(7).
265 validated according to FIPS standards. Should it be needed (if other
270 may also contain non-approved algorithm implementations and these can be
273 Typically the "Base provider" will also need to be loaded because the FIPS
276 See \fBOSSL_PROVIDER\-FIPS\fR\|(7) and \fBfips_module\fR\|(7).
287 See \fBOSSL_PROVIDER\-legacy\fR\|(7).
292 be automatically loaded if no other provider has been explicitly loaded. To
295 You can use this if you create your own library context and want to ensure that
301 See \fBOSSL_PROVIDER\-null\fR\|(7).
309 The configuration file can be used to automatically load providers and set up
315 Many OpenSSL functions that "get" or "set" a value follow a naming convention
317 can also apply to some functions that "add" a value to an existing set, i.e.
327 In the \fB0\fR version the ownership of the object is passed to (for an add or set)
333 In the \fB1\fR version the ownership of the object is not passed to or retained by
338 Many OpenSSL functions conform to a naming convention of the form
346 examples of how to use the various API functions. To look at them download the
350 \&\fBdemos\fR sub-directory.
352 The Makefiles in the subdirectories give instructions on how to build and run
356 See \fBossl\-guide\-libcrypto\-introduction\fR\|(7) for a more detailed introduction to
357 using \f(CW\*(C`libcrypto\*(C'\fR and \fBossl\-guide\-libssl\-introduction\fR\|(7) for more informa…
361 \&\fBopenssl\fR\|(1), \fBssl\fR\|(7), \fBevp\fR\|(7), \fBOSSL_LIB_CTX\fR\|(3), \fBopenssl\-threads\…
362 \&\fBproperty\fR\|(7), \fBOSSL_PROVIDER\-default\fR\|(7), \fBOSSL_PROVIDER\-base\fR\|(7),
363 \&\fBOSSL_PROVIDER\-FIPS\fR\|(7), \fBOSSL_PROVIDER\-legacy\fR\|(7), \fBOSSL_PROVIDER\-null\fR\|(7),
364 \&\fBopenssl\-glossary\fR\|(7), \fBprovider\fR\|(7)
367 Copyright 2000\-2023 The OpenSSL Project Authors. All Rights Reserved.