1=pod 2 3=head1 NAME 4 5OSSL_PROVIDER_set_default_search_path, 6OSSL_PROVIDER, OSSL_PROVIDER_load, OSSL_PROVIDER_try_load, OSSL_PROVIDER_unload, 7OSSL_PROVIDER_available, OSSL_PROVIDER_do_all, 8OSSL_PROVIDER_gettable_params, OSSL_PROVIDER_get_params, 9OSSL_PROVIDER_query_operation, OSSL_PROVIDER_unquery_operation, 10OSSL_PROVIDER_get0_provider_ctx, OSSL_PROVIDER_get0_dispatch, 11OSSL_PROVIDER_add_builtin, OSSL_PROVIDER_get0_name, OSSL_PROVIDER_get_capabilities, 12OSSL_PROVIDER_self_test 13- provider routines 14 15=head1 SYNOPSIS 16 17 #include <openssl/provider.h> 18 19 typedef struct ossl_provider_st OSSL_PROVIDER; 20 21 int OSSL_PROVIDER_set_default_search_path(OSSL_LIB_CTX *libctx, 22 const char *path); 23 24 OSSL_PROVIDER *OSSL_PROVIDER_load(OSSL_LIB_CTX *libctx, const char *name); 25 OSSL_PROVIDER *OSSL_PROVIDER_try_load(OSSL_LIB_CTX *libctx, const char *name, 26 int retain_fallbacks); 27 int OSSL_PROVIDER_unload(OSSL_PROVIDER *prov); 28 int OSSL_PROVIDER_available(OSSL_LIB_CTX *libctx, const char *name); 29 int OSSL_PROVIDER_do_all(OSSL_LIB_CTX *ctx, 30 int (*cb)(OSSL_PROVIDER *provider, void *cbdata), 31 void *cbdata); 32 33 const OSSL_PARAM *OSSL_PROVIDER_gettable_params(OSSL_PROVIDER *prov); 34 int OSSL_PROVIDER_get_params(OSSL_PROVIDER *prov, OSSL_PARAM params[]); 35 36 const OSSL_ALGORITHM *OSSL_PROVIDER_query_operation(const OSSL_PROVIDER *prov, 37 int operation_id, 38 int *no_cache); 39 void OSSL_PROVIDER_unquery_operation(const OSSL_PROVIDER *prov, 40 int operation_id, 41 const OSSL_ALGORITHM *algs); 42 void *OSSL_PROVIDER_get0_provider_ctx(const OSSL_PROVIDER *prov); 43 const OSSL_DISPATCH *OSSL_PROVIDER_get0_dispatch(const OSSL_PROVIDER *prov); 44 45 int OSSL_PROVIDER_add_builtin(OSSL_LIB_CTX *libctx, const char *name, 46 ossl_provider_init_fn *init_fn); 47 48 const char *OSSL_PROVIDER_get0_name(const OSSL_PROVIDER *prov); 49 50 int OSSL_PROVIDER_get_capabilities(const OSSL_PROVIDER *prov, 51 const char *capability, 52 OSSL_CALLBACK *cb, 53 void *arg); 54 int OSSL_PROVIDER_self_test(const OSSL_PROVIDER *prov); 55 56=head1 DESCRIPTION 57 58B<OSSL_PROVIDER> is a type that holds internal information about 59implementation providers (see L<provider(7)> for information on what a 60provider is). 61A provider can be built in to the application or the OpenSSL 62libraries, or can be a loadable module. 63The functions described here handle both forms. 64 65Some of these functions operate within a library context, please see 66L<OSSL_LIB_CTX(3)> for further details. 67 68=head2 Functions 69 70OSSL_PROVIDER_set_default_search_path() specifies the default search I<path> 71that is to be used for looking for providers in the specified I<libctx>. 72If left unspecified, an environment variable and a fall back default value will 73be used instead. 74 75OSSL_PROVIDER_add_builtin() is used to add a built in provider to 76B<OSSL_PROVIDER> store in the given library context, by associating a 77provider name with a provider initialization function. 78This name can then be used with OSSL_PROVIDER_load(). 79 80OSSL_PROVIDER_load() loads and initializes a provider. 81This may simply initialize a provider that was previously added with 82OSSL_PROVIDER_add_builtin() and run its given initialization function, 83or load a provider module with the given name and run its provider 84entry point, C<OSSL_provider_init>. The I<name> can be a path 85to a provider module, in that case the provider name as returned 86by OSSL_PROVIDER_get0_name() will be the path. Interpretation 87of relative paths is platform dependent and they are relative 88to the configured "MODULESDIR" directory or the path set in 89the environment variable OPENSSL_MODULES if set. 90 91OSSL_PROVIDER_try_load() functions like OSSL_PROVIDER_load(), except that 92it does not disable the fallback providers if the provider cannot be 93loaded and initialized or if I<retain_fallbacks> is zero. 94If the provider loads successfully and I<retain_fallbacks> is nonzero, the 95fallback providers are disabled. 96 97OSSL_PROVIDER_unload() unloads the given provider. 98For a provider added with OSSL_PROVIDER_add_builtin(), this simply 99runs its teardown function. 100 101OSSL_PROVIDER_available() checks if a named provider is available 102for use. 103 104OSSL_PROVIDER_do_all() iterates over all loaded providers, calling 105I<cb> for each one, with the current provider in I<provider> and the 106I<cbdata> that comes from the caller. If no other provider has been loaded 107before calling this function, the default provider is still available as 108fallback. 109See L<OSSL_PROVIDER-default(7)> for more information on this fallback 110behaviour. 111 112OSSL_PROVIDER_gettable_params() is used to get a provider parameter 113descriptor set as a constant L<OSSL_PARAM(3)> array. 114 115OSSL_PROVIDER_get_params() is used to get provider parameter values. 116The caller must prepare the L<OSSL_PARAM(3)> array before calling this 117function, and the variables acting as buffers for this parameter array 118should be filled with data when it returns successfully. 119 120OSSL_PROVIDER_self_test() is used to run a provider's self tests on demand. 121If the self tests fail then the provider will fail to provide any further 122services and algorithms. L<OSSL_SELF_TEST_set_callback(3)> may be called 123beforehand in order to display diagnostics for the running self tests. 124 125OSSL_PROVIDER_query_operation() calls the provider's I<query_operation> 126function (see L<provider(7)>), if the provider has one. It returns an 127array of I<OSSL_ALGORITHM> for the given I<operation_id> terminated by an all 128NULL OSSL_ALGORITHM entry. This is considered a low-level function that most 129applications should not need to call. 130 131OSSL_PROVIDER_unquery_operation() calls the provider's I<unquery_operation> 132function (see L<provider(7)>), if the provider has one. This is considered a 133low-level function that most applications should not need to call. 134 135OSSL_PROVIDER_get0_provider_ctx() returns the provider context for the given 136provider. The provider context is an opaque handle set by the provider itself 137and is passed back to the provider by libcrypto in various function calls. 138 139OSSL_PROVIDER_get0_dispatch() returns the provider's dispatch table as it was 140returned in the I<out> parameter from the provider's init function. See 141L<provider-base(7)>. 142 143If it is permissible to cache references to this array then I<*no_store> is set 144to 0 or 1 otherwise. If the array is not cacheable then it is assumed to 145have a short lifetime. 146 147OSSL_PROVIDER_get0_name() returns the name of the given provider. 148 149OSSL_PROVIDER_get_capabilities() provides information about the capabilities 150supported by the provider specified in I<prov> with the capability name 151I<capability>. For each capability of that name supported by the provider it 152will call the callback I<cb> and supply a set of L<OSSL_PARAM(3)>s describing the 153capability. It will also pass back the argument I<arg>. For more details about 154capabilities and what they can be used for please see 155L<provider-base(7)/CAPABILTIIES>. 156 157=head1 RETURN VALUES 158 159OSSL_PROVIDER_set_default_search_path(), OSSL_PROVIDER_add(), 160OSSL_PROVIDER_unload(), OSSL_PROVIDER_get_params() and 161OSSL_PROVIDER_get_capabilities() return 1 on success, or 0 on error. 162 163OSSL_PROVIDER_load() and OSSL_PROVIDER_try_load() return a pointer to a 164provider object on success, or NULL on error. 165 166OSSL_PROVIDER_do_all() returns 1 if the callback I<cb> returns 1 for every 167provider it is called with, or 0 if any provider callback invocation returns 0; 168callback processing stops at the first callback invocation on a provider 169that returns 0. 170 171OSSL_PROVIDER_available() returns 1 if the named provider is available, 172otherwise 0. 173 174OSSL_PROVIDER_gettable_params() returns a pointer to an array 175of constant L<OSSL_PARAM(3)>, or NULL if none is provided. 176 177OSSL_PROVIDER_get_params() and returns 1 on success, or 0 on error. 178 179OSSL_PROVIDER_query_operation() returns an array of OSSL_ALGORITHM or NULL on 180error. 181 182OSSL_PROVIDER_self_test() returns 1 if the self tests pass, or 0 on error. 183 184=head1 EXAMPLES 185 186This demonstrates how to load the provider module "foo" and ask for 187its build information. 188 189 #include <openssl/params.h> 190 #include <openssl/provider.h> 191 #include <openssl/err.h> 192 193 OSSL_PROVIDER *prov = NULL; 194 const char *build = NULL; 195 OSSL_PARAM request[] = { 196 { "buildinfo", OSSL_PARAM_UTF8_PTR, &build, 0, 0 }, 197 { NULL, 0, NULL, 0, 0 } 198 }; 199 200 if ((prov = OSSL_PROVIDER_load(NULL, "foo")) != NULL 201 && OSSL_PROVIDER_get_params(prov, request)) 202 printf("Provider 'foo' buildinfo: %s\n", build); 203 else 204 ERR_print_errors_fp(stderr); 205 206=head1 SEE ALSO 207 208L<openssl-core.h(7)>, L<OSSL_LIB_CTX(3)>, L<provider(7)> 209 210=head1 HISTORY 211 212The type and functions described here were added in OpenSSL 3.0. 213 214=head1 COPYRIGHT 215 216Copyright 2019-2022 The OpenSSL Project Authors. All Rights Reserved. 217 218Licensed under the Apache License 2.0 (the "License"). You may not use 219this file except in compliance with the License. You can obtain a copy 220in the file LICENSE in the source distribution or at 221L<https://www.openssl.org/source/license.html>. 222 223=cut 224