diff options
Diffstat (limited to 'secure/lib/libcrypto/man/man3/OSSL_PROVIDER.3')
| -rw-r--r-- | secure/lib/libcrypto/man/man3/OSSL_PROVIDER.3 | 208 |
1 files changed, 100 insertions, 108 deletions
diff --git a/secure/lib/libcrypto/man/man3/OSSL_PROVIDER.3 b/secure/lib/libcrypto/man/man3/OSSL_PROVIDER.3 index c0a462613e3b..9fcf62126dcd 100644 --- a/secure/lib/libcrypto/man/man3/OSSL_PROVIDER.3 +++ b/secure/lib/libcrypto/man/man3/OSSL_PROVIDER.3 @@ -1,4 +1,5 @@ -.\" Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42) +.\" -*- mode: troff; coding: utf-8 -*- +.\" Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45) .\" .\" Standard preamble: .\" ======================================================================== @@ -15,29 +16,12 @@ .ft R .fi .. -.\" Set up some character translations and predefined strings. \*(-- will -.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. \*(C+ will -.\" give a nicer C++. Capital omega is used to do unbreakable dashes and -.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff, -.\" nothing in troff, for use with C<>. -.tr \(*W- -.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' +.\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>. .ie n \{\ -. ds -- \(*W- -. ds PI pi -. if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch -. if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch -. ds L" "" -. ds R" "" . ds C` "" . ds C' "" 'br\} .el\{\ -. ds -- \|\(em\| -. ds PI \(*p -. ds L" `` -. ds R" '' . ds C` . ds C' 'br\} @@ -68,85 +52,28 @@ . \} .\} .rr rF -.\" Fear. Run. Save yourself. No user-serviceable parts. -. \" fudge factors for nroff and troff -.if n \{\ -. ds #H 0 -. ds #V .8m -. ds #F .3m -. ds #[ \f1 -. ds #] \fP -.\} -.if t \{\ -. ds #H ((1u-(\\\\n(.fu%2u))*.13m) -. ds #V .6m -. ds #F 0 -. ds #[ \& -. ds #] \& -.\} -. \" simple accents for nroff and troff -.if n \{\ -. ds ' \& -. ds ` \& -. ds ^ \& -. ds , \& -. ds ~ ~ -. ds / -.\} -.if t \{\ -. ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" -. ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' -. ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' -. ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' -. ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' -. ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' -.\} -. \" troff and (daisy-wheel) nroff accents -.ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' -.ds 8 \h'\*(#H'\(*b\h'-\*(#H' -.ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] -.ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' -.ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' -.ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] -.ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] -.ds ae a\h'-(\w'a'u*4/10)'e -.ds Ae A\h'-(\w'A'u*4/10)'E -. \" corrections for vroff -.if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' -.if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' -. \" for low resolution devices (crt and lpr) -.if \n(.H>23 .if \n(.V>19 \ -\{\ -. ds : e -. ds 8 ss -. ds o a -. ds d- d\h'-1'\(ga -. ds D- D\h'-1'\(hy -. ds th \o'bp' -. ds Th \o'LP' -. ds ae ae -. ds Ae AE -.\} -.rm #[ #] #H #V #F C .\" ======================================================================== .\" .IX Title "OSSL_PROVIDER 3ossl" -.TH OSSL_PROVIDER 3ossl "2023-09-19" "3.0.11" "OpenSSL" +.TH OSSL_PROVIDER 3ossl 2025-07-01 3.5.1 OpenSSL .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l .nh -.SH "NAME" +.SH NAME OSSL_PROVIDER_set_default_search_path, +OSSL_PROVIDER_get0_default_search_path, OSSL_PROVIDER, OSSL_PROVIDER_load, OSSL_PROVIDER_try_load, OSSL_PROVIDER_unload, +OSSL_PROVIDER_load_ex, OSSL_PROVIDER_try_load_ex, OSSL_PROVIDER_available, OSSL_PROVIDER_do_all, OSSL_PROVIDER_gettable_params, OSSL_PROVIDER_get_params, OSSL_PROVIDER_query_operation, OSSL_PROVIDER_unquery_operation, OSSL_PROVIDER_get0_provider_ctx, OSSL_PROVIDER_get0_dispatch, OSSL_PROVIDER_add_builtin, OSSL_PROVIDER_get0_name, OSSL_PROVIDER_get_capabilities, -OSSL_PROVIDER_self_test +OSSL_PROVIDER_add_conf_parameter, OSSL_PROVIDER_get_conf_parameters, +OSSL_PROVIDER_conf_get_bool, OSSL_PROVIDER_self_test \&\- provider routines -.SH "SYNOPSIS" +.SH SYNOPSIS .IX Header "SYNOPSIS" .Vb 1 \& #include <openssl/provider.h> @@ -155,10 +82,16 @@ OSSL_PROVIDER_self_test \& \& int OSSL_PROVIDER_set_default_search_path(OSSL_LIB_CTX *libctx, \& const char *path); +\& const char *OSSL_PROVIDER_get0_default_search_path(OSSL_LIB_CTX *libctx); \& \& OSSL_PROVIDER *OSSL_PROVIDER_load(OSSL_LIB_CTX *libctx, const char *name); +\& OSSL_PROVIDER *OSSL_PROVIDER_load_ex(OSSL_LIB_CTX *, const char *name, +\& OSSL_PARAM *params); \& OSSL_PROVIDER *OSSL_PROVIDER_try_load(OSSL_LIB_CTX *libctx, const char *name, \& int retain_fallbacks); +\& OSSL_PROVIDER *OSSL_PROVIDER_try_load_ex(OSSL_LIB_CTX *, const char *name, +\& OSSL_PARAM *params, +\& int retain_fallbacks); \& int OSSL_PROVIDER_unload(OSSL_PROVIDER *prov); \& int OSSL_PROVIDER_available(OSSL_LIB_CTX *libctx, const char *name); \& int OSSL_PROVIDER_do_all(OSSL_LIB_CTX *ctx, @@ -186,11 +119,17 @@ OSSL_PROVIDER_self_test \& const char *capability, \& OSSL_CALLBACK *cb, \& void *arg); +\& int OSSL_PROVIDER_add_conf_parameter(OSSL_PROVIDER *prov, const char *name, +\& const char *value); +\& int OSSL_PROVIDER_get_conf_parameters(OSSL_PROVIDER *prov, +\& OSSL_PARAM params[]); +\& int OSSL_PROVIDER_conf_get_bool(const OSSL_PROVIDER *prov, +\& const char *name, int defval); \& int OSSL_PROVIDER_self_test(const OSSL_PROVIDER *prov); .Ve -.SH "DESCRIPTION" +.SH DESCRIPTION .IX Header "DESCRIPTION" -\&\fB\s-1OSSL_PROVIDER\s0\fR is a type that holds internal information about +\&\fBOSSL_PROVIDER\fR is a type that holds internal information about implementation providers (see \fBprovider\fR\|(7) for information on what a provider is). A provider can be built in to the application or the OpenSSL @@ -198,16 +137,21 @@ libraries, or can be a loadable module. The functions described here handle both forms. .PP Some of these functions operate within a library context, please see -\&\s-1\fBOSSL_LIB_CTX\s0\fR\|(3) for further details. -.SS "Functions" +\&\fBOSSL_LIB_CTX\fR\|(3) for further details. +.SS Functions .IX Subsection "Functions" \&\fBOSSL_PROVIDER_set_default_search_path()\fR specifies the default search \fIpath\fR that is to be used for looking for providers in the specified \fIlibctx\fR. If left unspecified, an environment variable and a fall back default value will be used instead. .PP +\&\fBOSSL_PROVIDER_get0_default_search_path()\fR retrieves the default search \fIpath\fR +that is to be used for looking for providers in the specified \fIlibctx\fR. +If successful returns the path or empty string; the path is valid until the +context is released or \fBOSSL_PROVIDER_set_default_search_path()\fR is called. +.PP \&\fBOSSL_PROVIDER_add_builtin()\fR is used to add a built in provider to -\&\fB\s-1OSSL_PROVIDER\s0\fR store in the given library context, by associating a +\&\fBOSSL_PROVIDER\fR store in the given library context, by associating a provider name with a provider initialization function. This name can then be used with \fBOSSL_PROVIDER_load()\fR. .PP @@ -219,8 +163,8 @@ entry point, \f(CW\*(C`OSSL_provider_init\*(C'\fR. The \fIname\fR can be a path to a provider module, in that case the provider name as returned by \fBOSSL_PROVIDER_get0_name()\fR will be the path. Interpretation of relative paths is platform dependent and they are relative -to the configured \*(L"\s-1MODULESDIR\*(R"\s0 directory or the path set in -the environment variable \s-1OPENSSL_MODULES\s0 if set. +to the configured "MODULESDIR" directory or the path set in +the environment variable OPENSSL_MODULES if set. .PP \&\fBOSSL_PROVIDER_try_load()\fR functions like \fBOSSL_PROVIDER_load()\fR, except that it does not disable the fallback providers if the provider cannot be @@ -228,6 +172,13 @@ loaded and initialized or if \fIretain_fallbacks\fR is nonzero. If the provider loads successfully and \fIretain_fallbacks\fR is zero, the fallback providers are disabled. .PP +\&\fBOSSL_PROVIDER_load_ex()\fR and \fBOSSL_PROVIDER_try_load_ex()\fR are the variants +of the previous functions accepting an \f(CW\*(C`OSSL_PARAM\*(C'\fR array of the parameters +that are passed as the configuration of the loaded provider. The parameters +of any type but \f(CW\*(C`OSSL_PARAM_UTF8_STRING\*(C'\fR are silently ignored. If the +parameters are provided, they replace \fBall\fR the ones specified in the +configuration file. +.PP \&\fBOSSL_PROVIDER_unload()\fR unloads the given provider. For a provider added with \fBOSSL_PROVIDER_add_builtin()\fR, this simply runs its teardown function. @@ -244,13 +195,40 @@ See \fBOSSL_PROVIDER\-default\fR\|(7) for more information on this fallback behaviour. .PP \&\fBOSSL_PROVIDER_gettable_params()\fR is used to get a provider parameter -descriptor set as a constant \s-1\fBOSSL_PARAM\s0\fR\|(3) array. +descriptor set as a constant \fBOSSL_PARAM\fR\|(3) array. .PP \&\fBOSSL_PROVIDER_get_params()\fR is used to get provider parameter values. -The caller must prepare the \s-1\fBOSSL_PARAM\s0\fR\|(3) array before calling this +The caller must prepare the \fBOSSL_PARAM\fR\|(3) array before calling this function, and the variables acting as buffers for this parameter array should be filled with data when it returns successfully. .PP +\&\fBOSSL_PROVIDER_add_conf_parameter()\fR sets the provider configuration parameter +\&\fIname\fR to \fIvalue\fR. +Provider configuration parameters are managed by the OpenSSL core and normally +set in the configuration file, but can also be set early in the main program +before a provider is in use by multiple threads. +Parameters that only affect provider initialisation must, for now, be set in +the configuration file, only parameters that are also queried later have any +affect when set via this interface. +Only text parameters can be given, and it's up to the provider to +interpret them. +.PP +\&\fBOSSL_PROVIDER_get_conf_parameters()\fR retrieves global configuration parameters +associated with \fIprov\fR. +These configuration parameters are stored for each provider by the OpenSSL core, +not the provider itself, parameters managed by the provider are queried via +\&\fBOSSL_PROVIDER_get_params()\fR described above. +The parameters are returned by reference, not as copies, and so the elements of +the \fIparam\fR array must have \fBOSSL_PARAM_UTF8_PTR\fR as their \fBdata_type\fR. +.PP +\&\fBOSSL_PROVIDER_conf_get_bool()\fR parses the global configuration parameter \fIname\fR +associated with provider \fIprov\fR as a boolean value, returning a default value +\&\fIdefval\fR when unable to retrieve or parse the parameter. +Parameter values equal (case-insensitively) to \f(CW1\fR, \f(CW\*(C`on\*(C'\fR, \f(CW\*(C`yes\*(C'\fR, or \f(CW\*(C`true\*(C'\fR +yield a true (nonzero) result. +Parameter values equal (case-insensitively) to \f(CW0\fR, \f(CW\*(C`off\*(C'\fR, \f(CW\*(C`no\*(C'\fR, or \f(CW\*(C`false\*(C'\fR +yield a false (zero) result. +.PP \&\fBOSSL_PROVIDER_self_test()\fR is used to run a provider's self tests on demand. If the self tests fail then the provider will fail to provide any further services and algorithms. \fBOSSL_SELF_TEST_set_callback\fR\|(3) may be called @@ -258,8 +236,8 @@ beforehand in order to display diagnostics for the running self tests. .PP \&\fBOSSL_PROVIDER_query_operation()\fR calls the provider's \fIquery_operation\fR function (see \fBprovider\fR\|(7)), if the provider has one. It returns an -array of \fI\s-1OSSL_ALGORITHM\s0\fR for the given \fIoperation_id\fR terminated by an all -\&\s-1NULL OSSL_ALGORITHM\s0 entry. This is considered a low-level function that most +array of \fIOSSL_ALGORITHM\fR for the given \fIoperation_id\fR terminated by an all +NULL OSSL_ALGORITHM entry. This is considered a low-level function that most applications should not need to call. .PP \&\fBOSSL_PROVIDER_unquery_operation()\fR calls the provider's \fIunquery_operation\fR @@ -283,18 +261,23 @@ have a short lifetime. \&\fBOSSL_PROVIDER_get_capabilities()\fR provides information about the capabilities supported by the provider specified in \fIprov\fR with the capability name \&\fIcapability\fR. For each capability of that name supported by the provider it -will call the callback \fIcb\fR and supply a set of \s-1\fBOSSL_PARAM\s0\fR\|(3)s describing the +will call the callback \fIcb\fR and supply a set of \fBOSSL_PARAM\fR\|(3)s describing the capability. It will also pass back the argument \fIarg\fR. For more details about capabilities and what they can be used for please see -\&\*(L"\s-1CAPABILTIIES\*(R"\s0 in \fBprovider\-base\fR\|(7). +"CAPABILTIIES" in \fBprovider\-base\fR\|(7). .SH "RETURN VALUES" .IX Header "RETURN VALUES" \&\fBOSSL_PROVIDER_set_default_search_path()\fR, \fBOSSL_PROVIDER_add()\fR, -\&\fBOSSL_PROVIDER_unload()\fR, \fBOSSL_PROVIDER_get_params()\fR and +\&\fBOSSL_PROVIDER_unload()\fR, \fBOSSL_PROVIDER_get_params()\fR, +\&\fBOSSL_PROVIDER_add_conf_parameter()\fR, \fBOSSL_PROVIDER_get_conf_parameters()\fR +and \&\fBOSSL_PROVIDER_get_capabilities()\fR return 1 on success, or 0 on error. .PP +\&\fBOSSL_PROVIDER_get0_default_search_path()\fR returns a pointer to a path on success, +or NULL on error or if the path has not previously been set. +.PP \&\fBOSSL_PROVIDER_load()\fR and \fBOSSL_PROVIDER_try_load()\fR return a pointer to a -provider object on success, or \s-1NULL\s0 on error. +provider object on success, or NULL on error. .PP \&\fBOSSL_PROVIDER_do_all()\fR returns 1 if the callback \fIcb\fR returns 1 for every provider it is called with, or 0 if any provider callback invocation returns 0; @@ -305,17 +288,17 @@ that returns 0. otherwise 0. .PP \&\fBOSSL_PROVIDER_gettable_params()\fR returns a pointer to an array -of constant \s-1\fBOSSL_PARAM\s0\fR\|(3), or \s-1NULL\s0 if none is provided. +of constant \fBOSSL_PARAM\fR\|(3), or NULL if none is provided. .PP \&\fBOSSL_PROVIDER_get_params()\fR and returns 1 on success, or 0 on error. .PP -\&\fBOSSL_PROVIDER_query_operation()\fR returns an array of \s-1OSSL_ALGORITHM\s0 or \s-1NULL\s0 on +\&\fBOSSL_PROVIDER_query_operation()\fR returns an array of OSSL_ALGORITHM or NULL on error. .PP \&\fBOSSL_PROVIDER_self_test()\fR returns 1 if the self tests pass, or 0 on error. -.SH "EXAMPLES" +.SH EXAMPLES .IX Header "EXAMPLES" -This demonstrates how to load the provider module \*(L"foo\*(R" and ask for +This demonstrates how to load the provider module "foo" and ask for its build information. .PP .Vb 3 @@ -338,15 +321,24 @@ its build information. .Ve .SH "SEE ALSO" .IX Header "SEE ALSO" -\&\fBopenssl\-core.h\fR\|(7), \s-1\fBOSSL_LIB_CTX\s0\fR\|(3), \fBprovider\fR\|(7) -.SH "HISTORY" +\&\fBopenssl\-core.h\fR\|(7), \fBOSSL_LIB_CTX\fR\|(3), \fBprovider\fR\|(7) +.SH HISTORY .IX Header "HISTORY" The type and functions described here were added in OpenSSL 3.0. -.SH "COPYRIGHT" +.PP +The \fIOSSL_PROVIDER_load_ex\fR and \fIOSSL_PROVIDER_try_load_ex\fR functions were +added in OpenSSL 3.2. +.PP +The +\&\fIOSSL_PROVIDER_add_conf_parameter\fR, +\&\fIOSSL_PROVIDER_get_conf_parameters\fR, and +\&\fIOSSL_PROVIDER_conf_get_bool\fR functions +were added in OpenSSL 3.5. +.SH COPYRIGHT .IX Header "COPYRIGHT" -Copyright 2019\-2023 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2019\-2025 The OpenSSL Project Authors. All Rights Reserved. .PP -Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use +Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy -in the file \s-1LICENSE\s0 in the source distribution or at +in the file LICENSE in the source distribution or at <https://www.openssl.org/source/license.html>. |