xref: /freebsd/crypto/openssl/doc/man7/OSSL_PROVIDER-default.pod (revision f1c4c3daccbaf3820f0e2224de53df12fc952fcc) 
1=pod
2
3=head1 NAME
4
5OSSL_PROVIDER-default - OpenSSL default provider
6
7=head1 DESCRIPTION
8
9The OpenSSL default provider supplies the majority of OpenSSL's diverse
10algorithm implementations. If an application doesn't specify anything else
11explicitly (e.g. in the application or via config), then this is the
12provider that will be used as fallback: It is loaded automatically the
13first time that an algorithm is fetched from a provider or a function
14acting on providers is called and no other provider has been loaded yet.
15
16If an attempt to load a provider has already been made (whether successful
17or not) then the default provider won't be loaded automatically. Therefore
18if the default provider is to be used in conjunction with other providers
19then it must be loaded explicitly. Automatic loading of the default
20provider only occurs a maximum of once; if the default provider is
21explicitly unloaded then the default provider will not be automatically
22loaded again.
23
24=head2 Properties
25
26The implementations in this provider specifically have this property
27defined:
28
29=over 4
30
31=item "provider=default"
32
33=back
34
35It may be used in a property query string with fetching functions such as
36L<EVP_MD_fetch(3)> or L<EVP_CIPHER_fetch(3)>, as well as with other
37functions that take a property query string, such as
38L<EVP_PKEY_CTX_new_from_name(3)>.
39
40It isn't mandatory to query for this property, except to make sure to get
41implementations of this provider and none other.
42
43Some implementations may define additional properties.  Exact information is
44listed below
45
46=head1 OPERATIONS AND ALGORITHMS
47
48The OpenSSL default provider supports these operations and algorithms:
49
50=head2 Hashing Algorithms / Message Digests
51
52=over 4
53
54=item SHA1, see L<EVP_MD-SHA1(7)>
55
56=item SHA2, see L<EVP_MD-SHA2(7)>
57
58=item SHA3, see L<EVP_MD-SHA3(7)>
59
60=item KECCAK, see L<EVP_MD-KECCAK(7)>
61
62=item KECCAK-KMAC, see L<EVP_MD-KECCAK-KMAC(7)>
63
64=item SHAKE, see L<EVP_MD-SHAKE(7)>
65
66=item BLAKE2, see L<EVP_MD-BLAKE2(7)>
67
68=item SM3, see L<EVP_MD-SM3(7)>
69
70=item MD5, see L<EVP_MD-MD5(7)>
71
72=item MD5-SHA1, see L<EVP_MD-MD5-SHA1(7)>
73
74=item RIPEMD160, see L<EVP_MD-RIPEMD160(7)>
75
76=item NULL, see L<EVP_MD-NULL(7)>
77
78=back
79
80=head2 Symmetric Ciphers
81
82=over 4
83
84=item AES, see L<EVP_CIPHER-AES(7)>
85
86=item ARIA, see L<EVP_CIPHER-ARIA(7)>
87
88=item CAMELLIA, see L<EVP_CIPHER-CAMELLIA(7)>
89
90=item 3DES, see L<EVP_CIPHER-DES(7)>
91
92=item SM4, see L<EVP_CIPHER-SM4(7)>
93
94=item ChaCha20, see L<EVP_CIPHER-CHACHA(7)>
95
96=item ChaCha20-Poly1305, see L<EVP_CIPHER-CHACHA(7)>
97
98=item NULL, see L<EVP_CIPHER-NULL(7)>
99
100=back
101
102=head2 Message Authentication Code (MAC)
103
104=over 4
105
106=item BLAKE2, see L<EVP_MAC-BLAKE2(7)>
107
108=item CMAC, see L<EVP_MAC-CMAC(7)>
109
110=item GMAC, see L<EVP_MAC-GMAC(7)>
111
112=item HMAC, see L<EVP_MAC-HMAC(7)>
113
114=item KMAC, see L<EVP_MAC-KMAC(7)>
115
116=item SIPHASH, see L<EVP_MAC-Siphash(7)>
117
118=item POLY1305, see L<EVP_MAC-Poly1305(7)>
119
120=back
121
122=head2 Key Derivation Function (KDF)
123
124=over 4
125
126=item HKDF, see L<EVP_KDF-HKDF(7)>
127
128=item TLS13-KDF, see L<EVP_KDF-TLS13_KDF(7)>
129
130=item SSKDF, see L<EVP_KDF-SS(7)>
131
132=item PBKDF2, see L<EVP_KDF-PBKDF2(7)>
133
134=item PKCS12KDF, see L<EVP_KDF-PKCS12KDF(7)>
135
136=item SSHKDF, see L<EVP_KDF-SSHKDF(7)>
137
138=item TLS1-PRF, see L<EVP_KDF-TLS1_PRF(7)>
139
140=item KBKDF, see L<EVP_KDF-KB(7)>
141
142=item X942KDF-ASN1, see L<EVP_KDF-X942-ASN1(7)>
143
144=item X942KDF-CONCAT, see L<EVP_KDF-X942-CONCAT(7)>
145
146=item X963KDF, see L<EVP_KDF-X963(7)>
147
148=item SCRYPT, see L<EVP_KDF-SCRYPT(7)>
149
150=item KRB5KDF, see L<EVP_KDF-KRB5KDF(7)>
151
152=item HMAC-DRBG, see L<EVP_KDF-HMAC-DRBG(7)>
153
154=item ARGON2, see L<EVP_KDF-ARGON2(7)>
155
156=back
157
158=head2 Key Exchange
159
160=over 4
161
162=item DH, see L<EVP_KEYEXCH-DH(7)>
163
164=item ECDH, see L<EVP_KEYEXCH-ECDH(7)>
165
166=item X25519, see L<EVP_KEYEXCH-X25519(7)>
167
168=item X448, see L<EVP_KEYEXCH-X448(7)>
169
170=item ML-KEM-512, see L<EVP_KEM-ML-KEM-512(7)>
171
172=item ML-KEM-768, see L<EVP_KEM-ML-KEM-768(7)>
173
174=item ML-KEM-1024, see L<EVP_KEM-ML-KEM-1024(7)>
175
176=item TLS1-PRF
177
178=item HKDF
179
180=item SCRYPT
181
182=back
183
184=head2 Asymmetric Signature
185
186=over 4
187
188=item DSA, see L<EVP_SIGNATURE-DSA(7)>
189
190=item RSA, see L<EVP_SIGNATURE-RSA(7)>
191
192=item ED25519, see L<EVP_SIGNATURE-ED25519(7)>
193
194=item ED448, see L<EVP_SIGNATURE-ED448(7)>
195
196=item ECDSA, see L<EVP_SIGNATURE-ECDSA(7)>
197
198=item SM2
199
200=item ML-DSA-44, see L<EVP_SIGNATURE-ML-DSA(7)>
201
202=item ML-DSA-65, see L<EVP_SIGNATURE-ML-DSA(7)>
203
204=item ML-DSA-87, see L<EVP_SIGNATURE-ML-DSA(7)>
205
206=item HMAC, see L<EVP_SIGNATURE-HMAC(7)>
207
208=item SIPHASH, see L<EVP_SIGNATURE-Siphash(7)>
209
210=item POLY1305, see L<EVP_SIGNATURE-Poly1305(7)>
211
212=item CMAC, see L<EVP_SIGNATURE-CMAC(7)>
213
214=item SLH-DSA-SHA2-128s, see L<EVP_SIGNATURE-SLH-DSA(7)>
215
216=item SLH-DSA-SHA2-128f, see L<EVP_SIGNATURE-SLH-DSA(7)>
217
218=item SLH-DSA-SHA2-192s, see L<EVP_SIGNATURE-SLH-DSA(7)>
219
220=item SLH-DSA-SHA2-192f, see L<EVP_SIGNATURE-SLH-DSA(7)>
221
222=item SLH-DSA-SHA2-256s, see L<EVP_SIGNATURE-SLH-DSA(7)>
223
224=item SLH-DSA-SHA2-256f, see L<EVP_SIGNATURE-SLH-DSA(7)>
225
226=item SLH-DSA-SHAKE-128s, see L<EVP_SIGNATURE-SLH-DSA(7)>
227
228=item SLH-DSA-SHAKE-128f, see L<EVP_SIGNATURE-SLH-DSA(7)>
229
230=item SLH-DSA-SHAKE-192s, see L<EVP_SIGNATURE-SLH-DSA(7)>
231
232=item SLH-DSA-SHAKE-192f, see L<EVP_SIGNATURE-SLH-DSA(7)>
233
234=item SLH-DSA-SHAKE-256s, see L<EVP_SIGNATURE-SLH-DSA(7)>
235
236=item SLH-DSA-SHAKE-256f, see L<EVP_SIGNATURE-SLH-DSA(7)>
237
238=back
239
240=head2 Asymmetric Cipher
241
242=over 4
243
244=item RSA, see L<EVP_ASYM_CIPHER-RSA(7)>
245
246=item SM2, see L<EVP_ASYM_CIPHER-SM2(7)>
247
248=back
249
250=head2 Asymmetric Key Encapsulation
251
252=over 4
253
254=item RSA, see L<EVP_KEM-RSA(7)>
255
256=item X25519, see L<EVP_KEM-X25519(7)>
257
258=item X448, see L<EVP_KEM-X448(7)>
259
260=item EC, see L<EVP_KEM-EC(7)>
261
262=item ML-KEM-512, see L<EVP_KEM-ML-KEM-512(7)>
263
264=item ML-KEM-768, see L<EVP_KEM-ML-KEM-768(7)>
265
266=item ML-KEM-1024, see L<EVP_KEM-ML-KEM-1024(7)>
267
268=back
269
270=head2 Asymmetric Key Management
271
272=over 4
273
274=item DSA, see L<EVP_KEYMGMT-DSA(7)>
275
276=item RSA, see L<EVP_KEYMGMT-RSA(7)>
277
278=item RSA-PSS
279
280=item EC, see L<EVP_KEYMGMT-EC(7)>
281
282=item ED25519, see L<EVP_KEYMGMT-ED25519(7)>
283
284=item ED448, see L<EVP_KEYMGMT-ED448(7)>
285
286=item SM2, see L<EVP_KEYMGMT-SM2(7)>
287
288=item DH, see L<EVP_KEYMGMT-DH(7)>
289
290=item DHX, see L<EVP_KEYMGMT-DHX(7)>
291
292=item X25519, see L<EVP_KEYMGMT-X25519(7)>
293
294=item X448, see L<EVP_KEYMGMT-X448(7)>
295
296=item ML-DSA-44, see L<EVP_KEYMGMT-ML-DSA(7)>
297
298=item ML-DSA-65, see L<EVP_KEYMGMT-ML-DSA(7)>
299
300=item ML-DSA-87, see L<EVP_KEYMGMT-ML-DSA(7)>
301
302=item MK-KEM-512, see L<EVP_KEYMGMT-ML-KEM-512(7)>
303
304=item MK-KEM-768, see L<EVP_KEYMGMT-ML-KEM-768(7)>
305
306=item MK-KEM-1024, see L<EVP_KEYMGMT-ML-KEM-1024(7)>
307
308=item SLH-DSA-SHA2-128s, see L<EVP_KEYMGMT-SLH-DSA(7)>
309
310=item SLH-DSA-SHA2-128f, see L<EVP_KEYMGMT-SLH-DSA(7)>
311
312=item SLH-DSA-SHA2-192s, see L<EVP_KEYMGMT-SLH-DSA(7)>
313
314=item SLH-DSA-SHA2-192f, see L<EVP_KEYMGMT-SLH-DSA(7)>
315
316=item SLH-DSA-SHA2-256s, see L<EVP_KEYMGMT-SLH-DSA(7)>
317
318=item SLH-DSA-SHA2-256f, see L<EVP_KEYMGMT-SLH-DSA(7)>
319
320=item SLH-DSA-SHAKE-128s, see L<EVP_KEYMGMT-SLH-DSA(7)>
321
322=item SLH-DSA-SHAKE-128f, see L<EVP_KEYMGMT-SLH-DSA(7)>
323
324=item SLH-DSA-SHAKE-192s, see L<EVP_KEYMGMT-SLH-DSA(7)>
325
326=item SLH-DSA-SHAKE-192f, see L<EVP_KEYMGMT-SLH-DSA(7)>
327
328=item SLH-DSA-SHAKE-256s, see L<EVP_KEYMGMT-SLH-DSA(7)>
329
330=item SLH-DSA-SHAKE-256f, see L<EVP_KEYMGMT-SLH-DSA(7)>
331
332=item TLS1-PRF
333
334=item HKDF
335
336=item SCRYPT
337
338=item HMAC, see L<EVP_KEYMGMT-HMAC(7)>
339
340=item SIPHASH, see L<EVP_KEYMGMT-Siphash(7)>
341
342=item POLY1305, see L<EVP_KEYMGMT-Poly1305(7)>
343
344=item CMAC, see L<EVP_KEYMGMT-CMAC(7)>
345
346=back
347
348=head2 Random Number Generation
349
350=over 4
351
352=item CTR-DRBG, see L<EVP_RAND-CTR-DRBG(7)>
353
354=item HASH-DRBG, see L<EVP_RAND-HASH-DRBG(7)>
355
356=item HMAC-DRBG, see L<EVP_RAND-HMAC-DRBG(7)>
357
358=item SEED-SRC,  see L<EVP_RAND-SEED-SRC(7)>
359
360=item JITTER,  see L<EVP_RAND-JITTER(7)>
361
362=item TEST-RAND, see L<EVP_RAND-TEST-RAND(7)>
363
364=back
365
366In addition to this provider, the "SEED-SRC" and "JITTER" algorithms
367are also available in the base provider.
368
369=head2 Asymmetric Key Encoder
370
371=over 4
372
373=item RSA
374
375=item RSA-PSS
376
377=item DH
378
379=item DHX
380
381=item DSA
382
383=item EC
384
385=item ED25519
386
387=item ED448
388
389=item X25519
390
391=item X448
392
393=item SM2
394
395=item ML-DSA-44
396
397=item ML-DSA-65
398
399=item ML-DSA-87
400
401=item ML-KEM-512
402
403=item ML-KEM-768
404
405=item ML-KEM-1024
406
407=item SLH-DSA-SHA2-128s
408
409=item SLH-DSA-SHA2-128f
410
411=item SLH-DSA-SHA2-192s
412
413=item SLH-DSA-SHA2-192f
414
415=item SLH-DSA-SHA2-256s
416
417=item SLH-DSA-SHA2-256f
418
419=item SLH-DSA-SHAKE-128s
420
421=item SLH-DSA-SHAKE-128f
422
423=item SLH-DSA-SHAKE-192s
424
425=item SLH-DSA-SHAKE-192f
426
427=item SLH-DSA-SHAKE-256s
428
429=item SLH-DSA-SHAKE-256f
430
431=back
432
433In addition to this provider, all of these encoding algorithms are also
434available in the base provider. Some of these algorithms may be used in
435combination with the FIPS provider.
436
437=head2 Asymmetric Key Decoder
438
439=over 4
440
441=item RSA
442
443=item RSA-PSS
444
445=item DH
446
447=item DHX
448
449=item DSA
450
451=item EC
452
453=item ED25519
454
455=item ED448
456
457=item X25519
458
459=item X448
460
461=item SM2
462
463=item ML-DSA-44
464
465=item ML-DSA-65
466
467=item ML-DSA-87
468
469=item ML-KEM-512
470
471=item ML-KEM-768
472
473=item ML-KEM-1024
474
475=item SLH-DSA-SHA2-128s
476
477=item SLH-DSA-SHA2-128f
478
479=item SLH-DSA-SHA2-192s
480
481=item SLH-DSA-SHA2-192f
482
483=item SLH-DSA-SHA2-256s
484
485=item SLH-DSA-SHA2-256f
486
487=item SLH-DSA-SHAKE-128s
488
489=item SLH-DSA-SHAKE-128f
490
491=item SLH-DSA-SHAKE-192s
492
493=item SLH-DSA-SHAKE-192f
494
495=item SLH-DSA-SHAKE-256s
496
497=item SLH-DSA-SHAKE-256f
498
499=back
500
501In addition to this provider, all of these decoding algorithms are also
502available in the base provider. Some of these algorithms may be used in
503combination with the FIPS provider.
504
505=head2 Stores
506
507=over 4
508
509=item file
510
511=item org.openssl.winstore, see L<OSSL_STORE-winstore(7)>
512
513=back
514
515In addition to this provider, all of these store algorithms are also
516available in the base provider.
517
518=head1 SEE ALSO
519
520L<openssl-core.h(7)>, L<openssl-core_dispatch.h(7)>, L<provider(7)>,
521L<OSSL_PROVIDER-base(7)>
522
523=head1 HISTORY
524
525The RIPEMD160 digest was added to the default provider in OpenSSL 3.0.7.
526
527All other functionality was added in OpenSSL 3.0.
528
529=head1 COPYRIGHT
530
531Copyright 2020-2025 The OpenSSL Project Authors. All Rights Reserved.
532
533Licensed under the Apache License 2.0 (the "License").  You may not use
534this file except in compliance with the License.  You can obtain a copy
535in the file LICENSE in the source distribution or at
536L<https://www.openssl.org/source/license.html>.
537
538=cut
539