1=pod 2 3=head1 NAME 4 5OSSL_PROVIDER-default - OpenSSL default provider 6 7=head1 DESCRIPTION 8 9The OpenSSL default provider supplies the majority of OpenSSL's diverse 10algorithm implementations. If an application doesn't specify anything else 11explicitly (e.g. in the application or via config), then this is the 12provider that will be used as fallback: It is loaded automatically the 13first time that an algorithm is fetched from a provider or a function 14acting on providers is called and no other provider has been loaded yet. 15 16If an attempt to load a provider has already been made (whether successful 17or not) then the default provider won't be loaded automatically. Therefore 18if the default provider is to be used in conjunction with other providers 19then it must be loaded explicitly. Automatic loading of the default 20provider only occurs a maximum of once; if the default provider is 21explicitly unloaded then the default provider will not be automatically 22loaded again. 23 24=head2 Properties 25 26The implementations in this provider specifically have this property 27defined: 28 29=over 4 30 31=item "provider=default" 32 33=back 34 35It may be used in a property query string with fetching functions such as 36L<EVP_MD_fetch(3)> or L<EVP_CIPHER_fetch(3)>, as well as with other 37functions that take a property query string, such as 38L<EVP_PKEY_CTX_new_from_name(3)>. 39 40It isn't mandatory to query for this property, except to make sure to get 41implementations of this provider and none other. 42 43Some implementations may define additional properties. Exact information is 44listed below 45 46=head1 OPERATIONS AND ALGORITHMS 47 48The OpenSSL default provider supports these operations and algorithms: 49 50=head2 Hashing Algorithms / Message Digests 51 52=over 4 53 54=item SHA1, see L<EVP_MD-SHA1(7)> 55 56=item SHA2, see L<EVP_MD-SHA2(7)> 57 58=item SHA3, see L<EVP_MD-SHA3(7)> 59 60=item KECCAK-KMAC, see L<EVP_MD-KECCAK-KMAC(7)> 61 62=item SHAKE, see L<EVP_MD-SHAKE(7)> 63 64=item BLAKE2, see L<EVP_MD-BLAKE2(7)> 65 66=item SM3, see L<EVP_MD-SM3(7)> 67 68=item MD5, see L<EVP_MD-MD5(7)> 69 70=item MD5-SHA1, see L<EVP_MD-MD5-SHA1(7)> 71 72=item RIPEMD160, see L<EVP_MD-RIPEMD160(7)> 73 74=back 75 76=head2 Symmetric Ciphers 77 78=over 4 79 80=item AES, see L<EVP_CIPHER-AES(7)> 81 82=item ARIA, see L<EVP_CIPHER-ARIA(7)> 83 84=item CAMELLIA, see L<EVP_CIPHER-CAMELLIA(7)> 85 86=item 3DES, see L<EVP_CIPHER-DES(7)> 87 88=item SEED, see L<EVP_CIPHER-SEED(7)> 89 90=item SM4, see L<EVP_CIPHER-SM4(7)> 91 92=item ChaCha20, see L<EVP_CIPHER-CHACHA(7)> 93 94=item ChaCha20-Poly1305, see L<EVP_CIPHER-CHACHA(7)> 95 96=back 97 98=head2 Message Authentication Code (MAC) 99 100=over 4 101 102=item BLAKE2, see L<EVP_MAC-BLAKE2(7)> 103 104=item CMAC, see L<EVP_MAC-CMAC(7)> 105 106=item GMAC, see L<EVP_MAC-GMAC(7)> 107 108=item HMAC, see L<EVP_MAC-HMAC(7)> 109 110=item KMAC, see L<EVP_MAC-KMAC(7)> 111 112=item SIPHASH, see L<EVP_MAC-Siphash(7)> 113 114=item POLY1305, see L<EVP_MAC-Poly1305(7)> 115 116=back 117 118=head2 Key Derivation Function (KDF) 119 120=over 4 121 122=item HKDF, see L<EVP_KDF-HKDF(7)> 123 124=item SSKDF, see L<EVP_KDF-SS(7)> 125 126=item PBKDF2, see L<EVP_KDF-PBKDF2(7)> 127 128=item PKCS12KDF, see L<EVP_KDF-PKCS12KDF(7)> 129 130=item SSHKDF, see L<EVP_KDF-SSHKDF(7)> 131 132=item TLS1-PRF, see L<EVP_KDF-TLS1_PRF(7)> 133 134=item KBKDF, see L<EVP_KDF-KB(7)> 135 136=item X942KDF-ASN1, see L<EVP_KDF-X942-ASN1(7)> 137 138=item X942KDF-CONCAT, see L<EVP_KDF-X942-CONCAT(7)> 139 140=item X963KDF, see L<EVP_KDF-X963(7)> 141 142=item SCRYPT, see L<EVP_KDF-SCRYPT(7)> 143 144=item KRB5KDF, see L<EVP_KDF-KRB5KDF(7)> 145 146 147=back 148 149=head2 Key Exchange 150 151=over 4 152 153=item DH, see L<EVP_KEYEXCH-DH(7)> 154 155=item ECDH, see L<EVP_KEYEXCH-ECDH(7)> 156 157=item X25519, see L<EVP_KEYEXCH-X25519(7)> 158 159=item X448, see L<EVP_KEYEXCH-X448(7)> 160 161=back 162 163=head2 Asymmetric Signature 164 165=over 4 166 167=item DSA, see L<EVP_SIGNATURE-DSA(7)> 168 169=item RSA, see L<EVP_SIGNATURE-RSA(7)> 170 171=item HMAC, see L<EVP_SIGNATURE-HMAC(7)> 172 173=item SIPHASH, see L<EVP_SIGNATURE-Siphash(7)> 174 175=item POLY1305, see L<EVP_SIGNATURE-Poly1305(7)> 176 177=item CMAC, see L<EVP_SIGNATURE-CMAC(7)> 178 179=back 180 181=head2 Asymmetric Cipher 182 183=over 4 184 185=item RSA, see L<EVP_ASYM_CIPHER-RSA(7)> 186 187=item SM2, see L<EVP_ASYM_CIPHER-SM2(7)> 188 189=back 190 191=head2 Asymmetric Key Encapsulation 192 193=over 4 194 195=item RSA, see L<EVP_KEM-RSA(7)> 196 197=back 198 199=head2 Asymmetric Key Management 200 201=over 4 202 203=item DH, see L<EVP_KEYMGMT-DH(7)> 204 205=item DHX, see L<EVP_KEYMGMT-DHX(7)> 206 207=item DSA, see L<EVP_KEYMGMT-DSA(7)> 208 209=item RSA, see L<EVP_KEYMGMT-RSA(7)> 210 211=item EC, see L<EVP_KEYMGMT-EC(7)> 212 213=item X25519, see L<EVP_KEYMGMT-X25519(7)> 214 215=item X448, see L<EVP_KEYMGMT-X448(7)> 216 217=back 218 219=head2 Asymmetric Key Encoder 220 221The default provider also includes all of the encoding algorithms 222present in the base provider. Some of these have the property "fips=yes", 223to allow them to be used together with the FIPS provider. 224 225=over 4 226 227=item RSA, see L<OSSL_ENCODER-RSA(7)> 228 229=item DH, see L<OSSL_ENCODER-DH(7)> 230 231=item DSA, see L<OSSL_ENCODER-DSA(7)> 232 233=item EC, see L<OSSL_ENCODER-EC(7)> 234 235=item X25519, see L<OSSL_ENCODER-X25519(7)> 236 237=item X448, see L<OSSL_ENCODER-X448(7)> 238 239=back 240 241=head1 SEE ALSO 242 243L<openssl-core.h(7)>, L<openssl-core_dispatch.h(7)>, L<provider(7)>, 244L<OSSL_PROVIDER-base(7)> 245 246=head1 HISTORY 247 248The RIPEMD160 digest was added to the default provider in OpenSSL 3.0.7. 249 250=head1 COPYRIGHT 251 252Copyright 2020-2022 The OpenSSL Project Authors. All Rights Reserved. 253 254Licensed under the Apache License 2.0 (the "License"). You may not use 255this file except in compliance with the License. You can obtain a copy 256in the file LICENSE in the source distribution or at 257L<https://www.openssl.org/source/license.html>. 258 259=cut 260