5 OSSL_PROVIDER_set_default_search_path,
6 OSSL_PROVIDER_get0_default_search_path,
7 OSSL_PROVIDER, OSSL_PROVIDER_load, OSSL_PROVIDER_try_load, OSSL_PROVIDER_unload,
8 OSSL_PROVIDER_available, OSSL_PROVIDER_do_all,
9 OSSL_PROVIDER_gettable_params, OSSL_PROVIDER_get_params,
10 OSSL_PROVIDER_query_operation, OSSL_PROVIDER_unquery_operation,
11 OSSL_PROVIDER_get0_provider_ctx, OSSL_PROVIDER_get0_dispatch,
12 OSSL_PROVIDER_add_builtin, OSSL_PROVIDER_get0_name, OSSL_PROVIDER_get_capabilities,
13 OSSL_PROVIDER_self_test
18 #include <openssl/provider.h>
20 typedef struct ossl_provider_st OSSL_PROVIDER;
22 int OSSL_PROVIDER_set_default_search_path(OSSL_LIB_CTX *libctx,
24 const char *OSSL_PROVIDER_get0_default_search_path(OSSL_LIB_CTX *libctx);
26 OSSL_PROVIDER *OSSL_PROVIDER_load(OSSL_LIB_CTX *libctx, const char *name);
27 OSSL_PROVIDER *OSSL_PROVIDER_try_load(OSSL_LIB_CTX *libctx, const char *name,
28 int retain_fallbacks);
29 int OSSL_PROVIDER_unload(OSSL_PROVIDER *prov);
30 int OSSL_PROVIDER_available(OSSL_LIB_CTX *libctx, const char *name);
31 int OSSL_PROVIDER_do_all(OSSL_LIB_CTX *ctx,
32 int (*cb)(OSSL_PROVIDER *provider, void *cbdata),
35 const OSSL_PARAM *OSSL_PROVIDER_gettable_params(OSSL_PROVIDER *prov);
36 int OSSL_PROVIDER_get_params(OSSL_PROVIDER *prov, OSSL_PARAM params[]);
38 const OSSL_ALGORITHM *OSSL_PROVIDER_query_operation(const OSSL_PROVIDER *prov,
41 void OSSL_PROVIDER_unquery_operation(const OSSL_PROVIDER *prov,
43 const OSSL_ALGORITHM *algs);
44 void *OSSL_PROVIDER_get0_provider_ctx(const OSSL_PROVIDER *prov);
45 const OSSL_DISPATCH *OSSL_PROVIDER_get0_dispatch(const OSSL_PROVIDER *prov);
47 int OSSL_PROVIDER_add_builtin(OSSL_LIB_CTX *libctx, const char *name,
48 ossl_provider_init_fn *init_fn);
50 const char *OSSL_PROVIDER_get0_name(const OSSL_PROVIDER *prov);
52 int OSSL_PROVIDER_get_capabilities(const OSSL_PROVIDER *prov,
53 const char *capability,
56 int OSSL_PROVIDER_self_test(const OSSL_PROVIDER *prov);
60 B<OSSL_PROVIDER> is a type that holds internal information about
61 implementation providers (see L<provider(7)> for information on what a
63 A provider can be built in to the application or the OpenSSL
64 libraries, or can be a loadable module.
65 The functions described here handle both forms.
67 Some of these functions operate within a library context, please see
68 L<OSSL_LIB_CTX(3)> for further details.
72 OSSL_PROVIDER_set_default_search_path() specifies the default search I<path>
73 that is to be used for looking for providers in the specified I<libctx>.
74 If left unspecified, an environment variable and a fall back default value will
77 OSSL_PROVIDER_get0_default_search_path() retrieves the default search I<path>
78 that is to be used for looking for providers in the specified I<libctx>.
79 If successful returns the path or empty string; the path is valid until the
80 context is released or OSSL_PROVIDER_set_default_search_path() is called.
82 OSSL_PROVIDER_add_builtin() is used to add a built in provider to
83 B<OSSL_PROVIDER> store in the given library context, by associating a
84 provider name with a provider initialization function.
85 This name can then be used with OSSL_PROVIDER_load().
87 OSSL_PROVIDER_load() loads and initializes a provider.
88 This may simply initialize a provider that was previously added with
89 OSSL_PROVIDER_add_builtin() and run its given initialization function,
90 or load a provider module with the given name and run its provider
91 entry point, C<OSSL_provider_init>. The I<name> can be a path
92 to a provider module, in that case the provider name as returned
93 by OSSL_PROVIDER_get0_name() will be the path. Interpretation
94 of relative paths is platform dependent and they are relative
95 to the configured "MODULESDIR" directory or the path set in
96 the environment variable OPENSSL_MODULES if set.
98 OSSL_PROVIDER_try_load() functions like OSSL_PROVIDER_load(), except that
99 it does not disable the fallback providers if the provider cannot be
100 loaded and initialized or if I<retain_fallbacks> is zero.
101 If the provider loads successfully and I<retain_fallbacks> is nonzero, the
102 fallback providers are disabled.
104 OSSL_PROVIDER_unload() unloads the given provider.
105 For a provider added with OSSL_PROVIDER_add_builtin(), this simply
106 runs its teardown function.
108 OSSL_PROVIDER_available() checks if a named provider is available
111 OSSL_PROVIDER_do_all() iterates over all loaded providers, calling
112 I<cb> for each one, with the current provider in I<provider> and the
113 I<cbdata> that comes from the caller. If no other provider has been loaded
114 before calling this function, the default provider is still available as
116 See L<OSSL_PROVIDER-default(7)> for more information on this fallback
119 OSSL_PROVIDER_gettable_params() is used to get a provider parameter
120 descriptor set as a constant L<OSSL_PARAM(3)> array.
122 OSSL_PROVIDER_get_params() is used to get provider parameter values.
123 The caller must prepare the L<OSSL_PARAM(3)> array before calling this
124 function, and the variables acting as buffers for this parameter array
125 should be filled with data when it returns successfully.
127 OSSL_PROVIDER_self_test() is used to run a provider's self tests on demand.
128 If the self tests fail then the provider will fail to provide any further
129 services and algorithms. L<OSSL_SELF_TEST_set_callback(3)> may be called
130 beforehand in order to display diagnostics for the running self tests.
132 OSSL_PROVIDER_query_operation() calls the provider's I<query_operation>
133 function (see L<provider(7)>), if the provider has one. It returns an
134 array of I<OSSL_ALGORITHM> for the given I<operation_id> terminated by an all
135 NULL OSSL_ALGORITHM entry. This is considered a low-level function that most
136 applications should not need to call.
138 OSSL_PROVIDER_unquery_operation() calls the provider's I<unquery_operation>
139 function (see L<provider(7)>), if the provider has one. This is considered a
140 low-level function that most applications should not need to call.
142 OSSL_PROVIDER_get0_provider_ctx() returns the provider context for the given
143 provider. The provider context is an opaque handle set by the provider itself
144 and is passed back to the provider by libcrypto in various function calls.
146 OSSL_PROVIDER_get0_dispatch() returns the provider's dispatch table as it was
147 returned in the I<out> parameter from the provider's init function. See
150 If it is permissible to cache references to this array then I<*no_store> is set
151 to 0 or 1 otherwise. If the array is not cacheable then it is assumed to
152 have a short lifetime.
154 OSSL_PROVIDER_get0_name() returns the name of the given provider.
156 OSSL_PROVIDER_get_capabilities() provides information about the capabilities
157 supported by the provider specified in I<prov> with the capability name
158 I<capability>. For each capability of that name supported by the provider it
159 will call the callback I<cb> and supply a set of L<OSSL_PARAM(3)>s describing the
160 capability. It will also pass back the argument I<arg>. For more details about
161 capabilities and what they can be used for please see
162 L<provider-base(7)/CAPABILTIIES>.
166 OSSL_PROVIDER_set_default_search_path(), OSSL_PROVIDER_add(),
167 OSSL_PROVIDER_unload(), OSSL_PROVIDER_get_params() and
168 OSSL_PROVIDER_get_capabilities() return 1 on success, or 0 on error.
170 OSSL_PROVIDER_get0_default_search_path() returns a pointer to a path on success,
171 or NULL on error or if the path has not previously been set.
173 OSSL_PROVIDER_load() and OSSL_PROVIDER_try_load() return a pointer to a
174 provider object on success, or NULL on error.
176 OSSL_PROVIDER_do_all() returns 1 if the callback I<cb> returns 1 for every
177 provider it is called with, or 0 if any provider callback invocation returns 0;
178 callback processing stops at the first callback invocation on a provider
181 OSSL_PROVIDER_available() returns 1 if the named provider is available,
184 OSSL_PROVIDER_gettable_params() returns a pointer to an array
185 of constant L<OSSL_PARAM(3)>, or NULL if none is provided.
187 OSSL_PROVIDER_get_params() and returns 1 on success, or 0 on error.
189 OSSL_PROVIDER_query_operation() returns an array of OSSL_ALGORITHM or NULL on
192 OSSL_PROVIDER_self_test() returns 1 if the self tests pass, or 0 on error.
196 This demonstrates how to load the provider module "foo" and ask for
197 its build information.
199 #include <openssl/params.h>
200 #include <openssl/provider.h>
201 #include <openssl/err.h>
203 OSSL_PROVIDER *prov = NULL;
204 const char *build = NULL;
205 OSSL_PARAM request[] = {
206 { "buildinfo", OSSL_PARAM_UTF8_PTR, &build, 0, 0 },
207 { NULL, 0, NULL, 0, 0 }
210 if ((prov = OSSL_PROVIDER_load(NULL, "foo")) != NULL
211 && OSSL_PROVIDER_get_params(prov, request))
212 printf("Provider 'foo' buildinfo: %s\n", build);
214 ERR_print_errors_fp(stderr);
218 L<openssl-core.h(7)>, L<OSSL_LIB_CTX(3)>, L<provider(7)>
222 The type and functions described here were added in OpenSSL 3.0.
226 Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
228 Licensed under the Apache License 2.0 (the "License"). You may not use
229 this file except in compliance with the License. You can obtain a copy
230 in the file LICENSE in the source distribution or at
231 L<https://www.openssl.org/source/license.html>.