mirror of
https://github.com/openssl/openssl.git
synced 2024-12-27 06:21:43 +08:00
b808665265
Renamed some values in core_names i.e Some DH specific names were changed to use DH instead of FFC. Added some strings values related to RSA keys. Moved set_params related docs out of EVP_PKEY_CTX_ctrl.pod into its own file. Updated Keyexchange and signature code and docs. Moved some common DSA/DH docs into a shared EVP_PKEY-FFC.pod. Moved Ed25519.pod into EVP_SIGNATURE-ED25519.pod and reworked it. Added some usage examples. As a result of the usage examples the following change was also made: ec allows OSSL_PKEY_PARAM_USE_COFACTOR_ECDH as a settable gen parameter. Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11610)
229 lines
4.2 KiB
Plaintext
229 lines
4.2 KiB
Plaintext
=pod
|
|
|
|
=head1 NAME
|
|
|
|
OSSL_PROVIDER-default - OpenSSL default provider
|
|
|
|
=head1 DESCRIPTION
|
|
|
|
The OpenSSL default provider supplies the majority of OpenSSL's diverse
|
|
algorithm implementations. It also acts as a fallback when no other
|
|
provider has been loaded.
|
|
|
|
=head2 Properties
|
|
|
|
The implementations in this provider specifically have this property
|
|
defined:
|
|
|
|
=over 4
|
|
|
|
=item "provider=default"
|
|
|
|
=back
|
|
|
|
It may be used in a property query string with fetching functions such as
|
|
L<EVP_MD_fetch(3)> or L<EVP_CIPHER_fetch(3)>, as well as with other
|
|
functions that take a property query string, such as
|
|
L<EVP_PKEY_CTX_new_from_name(3)>.
|
|
|
|
It isn't mandatory to query for this property, except to make sure to get
|
|
implementations of this provider and none other.
|
|
|
|
Some implementations may define additional properties. Exact information is
|
|
listed below
|
|
|
|
=head1 OPERATIONS AND ALGORITHMS
|
|
|
|
The OpenSSL default provider supports these operations and algorithms:
|
|
|
|
=head2 Hashing Algorithms / Message Digests
|
|
|
|
=over 4
|
|
|
|
=item SHA1, see L<EVP_MD-SHA1(7)>
|
|
|
|
=item SHA2, see L<EVP_MD-SHA2(7)>
|
|
|
|
=item SHA3, see L<EVP_MD-SHA3(7)>
|
|
|
|
=item KECCAK-KMAC, see L<EVP_MD-KECCAK-KMAC(7)>
|
|
|
|
=item SHAKE, see L<EVP_MD-SHAKE(7)>
|
|
|
|
=item BLAKE2, see L<EVP_MD-BLAKE2(7)>
|
|
|
|
=item SM3, see L<EVP_MD-SM3(7)>
|
|
|
|
=item MD5, see L<EVP_MD-MD5(7)>
|
|
|
|
=item MD5-SHA1, see L<EVP_MD-MD5-SHA1(7)>
|
|
|
|
=back
|
|
|
|
=head2 Symmetric Ciphers
|
|
|
|
=over 4
|
|
|
|
=item AES, see L<EVP_CIPHER-AES(7)>
|
|
|
|
=item ARIA, see L<EVP_CIPHER-ARIA(7)>
|
|
|
|
=item CAMELLIA, see L<EVP_CIPHER-CAMELLIA(7)>
|
|
|
|
=item DES, see L<EVP_CIPHER-DES(7)>
|
|
|
|
=item BF, see L<EVP_CIPHER-BF(7)>
|
|
|
|
=item IDEA, see L<EVP_CIPHER-IDEA(7)>
|
|
|
|
=item CAST5, see L<EVP_CIPHER-CAST5(7)>
|
|
|
|
=item SEED, see L<EVP_CIPHER-SEED(7)>
|
|
|
|
=item SM4, see L<EVP_CIPHER-SM4(7)>
|
|
|
|
=item RC2, see L<EVP_CIPHER-RC2(7)>
|
|
|
|
=item RC4, see L<EVP_CIPHER-RC4(7)>
|
|
|
|
=item RC5, see L<EVP_CIPHER-RC5(7)>
|
|
|
|
=item ChaCha20, see L<EVP_CIPHER-ChaCha20(7)>
|
|
|
|
=item ChaCha20-Poly1305, see L<EVP_CIPHER-ChaCha20-Poly1305(7)>
|
|
|
|
=back
|
|
|
|
=head2 Message Authentication Code (MAC)
|
|
|
|
=over 4
|
|
|
|
=item BLAKE2, see L<EVP_MAC-BLAKE2(7)>
|
|
|
|
=item CMAC, see L<EVP_MAC-CMAC(7)>
|
|
|
|
=item GMAC, see L<EVP_MAC-GMAC(7)>
|
|
|
|
=item HMAC, see L<EVP_MAC-HMAC(7)>
|
|
|
|
=item KMAC, see L<EVP_MAC-KMAC(7)>
|
|
|
|
=item SIPHASH, see L<EVP_MAC-Siphash(7)>
|
|
|
|
=item POLY1305, see L<EVP_MAC-Poly1305(7)>
|
|
|
|
=back
|
|
|
|
=head2 Key Derivation Function (KDF)
|
|
|
|
=over 4
|
|
|
|
=item HKDF, see L<EVP_KDF-HKDF(7)>
|
|
|
|
=item SSKDF, see L<EVP_KDF-SS(7)>
|
|
|
|
=item PBKDF2, see L<EVP_KDF-PBKDF2(7)>
|
|
|
|
=item SSHKDF, see L<EVP_KDF-SSHKDF(7)>
|
|
|
|
=item TLS1-PRF, see L<EVP_KDF-TLS1_PRF(7)>
|
|
|
|
=item KBKDF, see L<EVP_KDF-KB(7)>
|
|
|
|
=item X942KDF, see L<EVP_KDF-X942(7)>
|
|
|
|
=item SCRYPT, see L<EVP_KDF-SCRYPT(7)>
|
|
|
|
=item KRB5KDF, see L<EVP_KDF-KRB5KDF(7)>
|
|
|
|
=item X963KDF, see L<EVP_KDF-X963(7)>
|
|
|
|
=back
|
|
|
|
=head2 Key Exchange
|
|
|
|
=over 4
|
|
|
|
=item DH, see L<EVP_KEYEXCH-DH(7)>
|
|
|
|
=item ECDH, see L<EVP_KEYEXCH-ECDH(7)>
|
|
|
|
=item X25519, see L<EVP_KEYEXCH-X25519(7)>
|
|
|
|
=item X448, see L<EVP_KEYEXCH-X448(7)>
|
|
|
|
=back
|
|
|
|
=head2 Asymmetric Signature
|
|
|
|
=over 4
|
|
|
|
=item DSA, see L<EVP_SIGNATURE-DSA(7)>
|
|
|
|
=item RSA, see L<EVP_SIGNATURE-RSA(7)>
|
|
|
|
=back
|
|
|
|
=head2 Asymmetric Cipher
|
|
|
|
=over 4
|
|
|
|
=item RSA, see L<EVP_ASYM_CIPHER-RSA(7)>
|
|
|
|
=back
|
|
|
|
=head2 Asymmetric Key Management
|
|
|
|
=over 4
|
|
|
|
=item DH, see L<EVP_KEYMGMT-DH(7)>
|
|
|
|
=item DSA, see L<EVP_KEYMGMT-DSA(7)>
|
|
|
|
=item RSA, see L<EVP_KEYMGMT-RSA(7)>
|
|
|
|
=item EC, see L<EVP_KEYMGMT-EC(7)>
|
|
|
|
=item X25519, see L<EVP_KEYMGMT-X25519(7)>
|
|
|
|
=item X448, see L<EVP_KEYMGMT-X448(7)>
|
|
|
|
=back
|
|
|
|
=head2 Asymmetric Key Serializer
|
|
|
|
In addition to "provider=default", this set of implementations define the
|
|
property "fips=yes", to allow them to be used together with the FIPS
|
|
provider.
|
|
|
|
=over 4
|
|
|
|
=item RSA, see L<OSSL_SERIALIZER-RSA(7)>
|
|
|
|
=item DH, see L<OSSL_SERIALIZER-DH(7)>
|
|
|
|
=item DSA, see L<OSSL_SERIALIZER-DSA(7)>
|
|
|
|
=item EC, see L<OSSL_SERIALIZER-EC(7)>
|
|
|
|
=item X25519, see L<OSSL_SERIALIZER-X25519(7)>
|
|
|
|
=item X448, see L<OSSL_SERIALIZER-X448(7)>
|
|
|
|
=back
|
|
|
|
=head1 SEE ALSO
|
|
|
|
L<openssl-core.h(7)>, L<openssl-core_numbers.h(7)>, L<provider(7)>
|
|
|
|
=head1 COPYRIGHT
|
|
|
|
Copyright 2020 The OpenSSL Project Authors. All Rights Reserved.
|
|
|
|
Licensed under the Apache License 2.0 (the "License"). You may not use
|
|
this file except in compliance with the License. You can obtain a copy
|
|
in the file LICENSE in the source distribution or at
|
|
L<https://www.openssl.org/source/license.html>.
|
|
|
|
=cut
|