openssl/doc/man7/OSSL_PROVIDER-default.pod
Shane Lontis b808665265 Update core_names.h fields and document most fields.
Renamed some values in core_names i.e Some DH specific names were changed to use DH instead of FFC.
Added some strings values related to RSA keys.
Moved set_params related docs out of EVP_PKEY_CTX_ctrl.pod into its own file.
Updated Keyexchange and signature code and docs.
Moved some common DSA/DH docs into a shared EVP_PKEY-FFC.pod.
Moved Ed25519.pod into EVP_SIGNATURE-ED25519.pod and reworked it.

Added some usage examples. As a result of the usage examples the following change was also made:
ec allows OSSL_PKEY_PARAM_USE_COFACTOR_ECDH as a settable gen parameter.

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11610)
2020-05-26 13:53:07 +10:00

229 lines
4.2 KiB
Plaintext

=pod
=head1 NAME
OSSL_PROVIDER-default - OpenSSL default provider
=head1 DESCRIPTION
The OpenSSL default provider supplies the majority of OpenSSL's diverse
algorithm implementations. It also acts as a fallback when no other
provider has been loaded.
=head2 Properties
The implementations in this provider specifically have this property
defined:
=over 4
=item "provider=default"
=back
It may be used in a property query string with fetching functions such as
L<EVP_MD_fetch(3)> or L<EVP_CIPHER_fetch(3)>, as well as with other
functions that take a property query string, such as
L<EVP_PKEY_CTX_new_from_name(3)>.
It isn't mandatory to query for this property, except to make sure to get
implementations of this provider and none other.
Some implementations may define additional properties. Exact information is
listed below
=head1 OPERATIONS AND ALGORITHMS
The OpenSSL default provider supports these operations and algorithms:
=head2 Hashing Algorithms / Message Digests
=over 4
=item SHA1, see L<EVP_MD-SHA1(7)>
=item SHA2, see L<EVP_MD-SHA2(7)>
=item SHA3, see L<EVP_MD-SHA3(7)>
=item KECCAK-KMAC, see L<EVP_MD-KECCAK-KMAC(7)>
=item SHAKE, see L<EVP_MD-SHAKE(7)>
=item BLAKE2, see L<EVP_MD-BLAKE2(7)>
=item SM3, see L<EVP_MD-SM3(7)>
=item MD5, see L<EVP_MD-MD5(7)>
=item MD5-SHA1, see L<EVP_MD-MD5-SHA1(7)>
=back
=head2 Symmetric Ciphers
=over 4
=item AES, see L<EVP_CIPHER-AES(7)>
=item ARIA, see L<EVP_CIPHER-ARIA(7)>
=item CAMELLIA, see L<EVP_CIPHER-CAMELLIA(7)>
=item DES, see L<EVP_CIPHER-DES(7)>
=item BF, see L<EVP_CIPHER-BF(7)>
=item IDEA, see L<EVP_CIPHER-IDEA(7)>
=item CAST5, see L<EVP_CIPHER-CAST5(7)>
=item SEED, see L<EVP_CIPHER-SEED(7)>
=item SM4, see L<EVP_CIPHER-SM4(7)>
=item RC2, see L<EVP_CIPHER-RC2(7)>
=item RC4, see L<EVP_CIPHER-RC4(7)>
=item RC5, see L<EVP_CIPHER-RC5(7)>
=item ChaCha20, see L<EVP_CIPHER-ChaCha20(7)>
=item ChaCha20-Poly1305, see L<EVP_CIPHER-ChaCha20-Poly1305(7)>
=back
=head2 Message Authentication Code (MAC)
=over 4
=item BLAKE2, see L<EVP_MAC-BLAKE2(7)>
=item CMAC, see L<EVP_MAC-CMAC(7)>
=item GMAC, see L<EVP_MAC-GMAC(7)>
=item HMAC, see L<EVP_MAC-HMAC(7)>
=item KMAC, see L<EVP_MAC-KMAC(7)>
=item SIPHASH, see L<EVP_MAC-Siphash(7)>
=item POLY1305, see L<EVP_MAC-Poly1305(7)>
=back
=head2 Key Derivation Function (KDF)
=over 4
=item HKDF, see L<EVP_KDF-HKDF(7)>
=item SSKDF, see L<EVP_KDF-SS(7)>
=item PBKDF2, see L<EVP_KDF-PBKDF2(7)>
=item SSHKDF, see L<EVP_KDF-SSHKDF(7)>
=item TLS1-PRF, see L<EVP_KDF-TLS1_PRF(7)>
=item KBKDF, see L<EVP_KDF-KB(7)>
=item X942KDF, see L<EVP_KDF-X942(7)>
=item SCRYPT, see L<EVP_KDF-SCRYPT(7)>
=item KRB5KDF, see L<EVP_KDF-KRB5KDF(7)>
=item X963KDF, see L<EVP_KDF-X963(7)>
=back
=head2 Key Exchange
=over 4
=item DH, see L<EVP_KEYEXCH-DH(7)>
=item ECDH, see L<EVP_KEYEXCH-ECDH(7)>
=item X25519, see L<EVP_KEYEXCH-X25519(7)>
=item X448, see L<EVP_KEYEXCH-X448(7)>
=back
=head2 Asymmetric Signature
=over 4
=item DSA, see L<EVP_SIGNATURE-DSA(7)>
=item RSA, see L<EVP_SIGNATURE-RSA(7)>
=back
=head2 Asymmetric Cipher
=over 4
=item RSA, see L<EVP_ASYM_CIPHER-RSA(7)>
=back
=head2 Asymmetric Key Management
=over 4
=item DH, see L<EVP_KEYMGMT-DH(7)>
=item DSA, see L<EVP_KEYMGMT-DSA(7)>
=item RSA, see L<EVP_KEYMGMT-RSA(7)>
=item EC, see L<EVP_KEYMGMT-EC(7)>
=item X25519, see L<EVP_KEYMGMT-X25519(7)>
=item X448, see L<EVP_KEYMGMT-X448(7)>
=back
=head2 Asymmetric Key Serializer
In addition to "provider=default", this set of implementations define the
property "fips=yes", to allow them to be used together with the FIPS
provider.
=over 4
=item RSA, see L<OSSL_SERIALIZER-RSA(7)>
=item DH, see L<OSSL_SERIALIZER-DH(7)>
=item DSA, see L<OSSL_SERIALIZER-DSA(7)>
=item EC, see L<OSSL_SERIALIZER-EC(7)>
=item X25519, see L<OSSL_SERIALIZER-X25519(7)>
=item X448, see L<OSSL_SERIALIZER-X448(7)>
=back
=head1 SEE ALSO
L<openssl-core.h(7)>, L<openssl-core_numbers.h(7)>, L<provider(7)>
=head1 COPYRIGHT
Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.
=cut