5 OSSL_PROVIDER_set_default_search_path,
6 OSSL_PROVIDER, OSSL_PROVIDER_load, OSSL_PROVIDER_unload,
7 OSSL_PROVIDER_available, OSSL_PROVIDER_do_all,
8 OSSL_PROVIDER_gettable_params, OSSL_PROVIDER_get_params,
9 OSSL_PROVIDER_query_operation, OSSL_PROVIDER_get0_provider_ctx,
10 OSSL_PROVIDER_add_builtin, OSSL_PROVIDER_name,
11 OSSL_PROVIDER_get_capabilities - provider routines
15 #include <openssl/provider.h>
17 typedef struct ossl_provider_st OSSL_PROVIDER;
19 void OSSL_PROVIDER_set_default_search_path(OPENSSL_CTX *libctx,
22 OSSL_PROVIDER *OSSL_PROVIDER_load(OPENSSL_CTX *libctx, const char *name);
23 int OSSL_PROVIDER_unload(OSSL_PROVIDER *prov);
24 int OSSL_PROVIDER_available(OPENSSL_CTX *libctx, const char *name);
25 int OSSL_PROVIDER_do_all(OPENSSL_CTX *ctx,
26 int (*cb)(OSSL_PROVIDER *provider, void *cbdata),
29 const OSSL_PARAM *OSSL_PROVIDER_gettable_params(OSSL_PROVIDER *prov);
30 int OSSL_PROVIDER_get_params(OSSL_PROVIDER *prov, OSSL_PARAM params[]);
32 const OSSL_ALGORITHM *OSSL_PROVIDER_query_operation(const OSSL_PROVIDER *prov,
35 void *OSSL_PROVIDER_get0_provider_ctx(const OSSL_PROVIDER *prov);
37 int OSSL_PROVIDER_add_builtin(OPENSSL_CTX *libctx, const char *name,
38 ossl_provider_init_fn *init_fn);
40 const char *OSSL_PROVIDER_name(const OSSL_PROVIDER *prov);
42 int OSSL_PROVIDER_get_capabilities(const OSSL_PROVIDER *prov,
43 const char *capability,
50 B<OSSL_PROVIDER> is a type that holds internal information about
51 implementation providers (see L<provider(7)> for information on what a
53 A provider can be built in to the application or the OpenSSL
54 libraries, or can be a loadable module.
55 The functions described here handle both forms.
57 Some of these functions operate within a library context, please see
58 L<OPENSSL_CTX(3)> for further details.
62 OSSL_PROVIDER_set_default_search_path() specifies the default search B<path>
63 that is to be used for looking for providers in the specified B<libctx>.
64 If left unspecified, an environment variable and a fall back default value will
67 OSSL_PROVIDER_add_builtin() is used to add a built in provider to
68 B<OSSL_PROVIDER> store in the given library context, by associating a
69 provider name with a provider initialization function.
70 This name can then be used with OSSL_PROVIDER_load().
72 OSSL_PROVIDER_load() loads and initializes a provider.
73 This may simply initialize a provider that was previously added with
74 OSSL_PROVIDER_add_builtin() and run its given initialization function,
75 or load a provider module with the given name and run its provider
76 entry point, C<OSSL_provider_init>.
78 OSSL_PROVIDER_unload() unloads the given provider.
79 For a provider added with OSSL_PROVIDER_add_builtin(), this simply
80 runs its teardown function.
82 OSSL_PROVIDER_available() checks if a named provider is available
85 OSSL_PROVIDER_do_all() iterates over all loaded providers, calling
86 I<cb> for each one, with the current provider in I<provider> and the
87 I<cbdata> that comes from the caller.
89 OSSL_PROVIDER_gettable_params() is used to get a provider parameter
90 descriptor set as a constant B<OSSL_PARAM> array.
91 See L<OSSL_PARAM(3)> for more information.
93 OSSL_PROVIDER_get_params() is used to get provider parameter values.
94 The caller must prepare the B<OSSL_PARAM> array before calling this
95 function, and the variables acting as buffers for this parameter array
96 should be filled with data when it returns successfully.
98 OSSL_PROVIDER_query_operation() calls the provider's I<query_operation>
99 function (see L<provider(7)>), if the provider has one. It returns an
100 array of I<OSSL_ALGORITHM> for the given I<operation_id> terminated by an all
101 NULL OSSL_ALGORITHM entry. This is considered a low-level function that most
102 applications should not need to call.
104 OSSL_PROVIDER_get0_provider_ctx() returns the provider context for the given
105 provider. The provider context is an opaque handle set by the provider itself
106 and is passed back to the provider by libcrypto in various function calls.
108 If it is permissible to cache references to this array then I<*no_store> is set
109 to 0 or 1 otherwise. If the array is not cacheable then it is assumed to
110 have a short lifetime.
112 OSSL_PROVIDER_name() returns the name of the given provider.
114 OSSL_PROVIDER_get_capabilities() provides information about the capabilities
115 supported by the provider specified in I<prov> with the capability name
116 I<capability>. For each capability of that name supported by the provider it
117 will call the callback I<cb> and supply a set of B<OSSL_PARAM>s describing the
118 capability. It will also pass back the argument I<arg>. For more details about
119 capabilities and what they can be used for please see
120 L<provider-base(7)/CAPABILTIIES>.
124 OSSL_PROVIDER_add(), OSSL_PROVIDER_unload(), OSSL_PROVIDER_get_params() and
125 OSSL_PROVIDER_get_capabilities() return 1 on success, or 0 on error.
127 OSSL_PROVIDER_load() returns a pointer to a provider object on
128 success, or B<NULL> on error.
130 OSSL_PROVIDER_available() returns 1 if the named provider is available,
133 OSSL_PROVIDER_gettable_params() returns a pointer to an array
134 of constant B<OSSL_PARAM>, or NULL if none is provided.
136 OSSL_PROVIDER_get_params() returns 1 on success, or 0 on error.
138 OSSL_PROVIDER_query_operation() returns an array of OSSL_ALGORITHM or NULL on
143 This demonstrates how to load the provider module "foo" and ask for
146 OSSL_PROVIDER *prov = NULL;
147 const char *build = NULL;
149 OSSL_PARAM request[] = {
150 { "build", OSSL_PARAM_UTF8_STRING_PTR, &build, 0, &build_l },
151 { NULL, 0, NULL, 0, NULL }
154 if ((prov = OSSL_PROVIDER_load(NULL, "foo")) != NULL
155 && OSSL_PROVIDER_get_params(prov, request))
156 printf("Provider 'foo' build %s\n", build);
158 ERR_print_errors_fp(stderr);
162 L<openssl-core.h(7)>, L<OPENSSL_CTX(3)>, L<provider(7)>
166 The type and functions described here were added in OpenSSL 3.0.
170 Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
172 Licensed under the Apache License 2.0 (the "License"). You may not use
173 this file except in compliance with the License. You can obtain a copy
174 in the file LICENSE in the source distribution or at
175 L<https://www.openssl.org/source/license.html>.