fips_module.pod - OpenGrok cross reference for /openssl-master/doc/man7/fips

Lines Matching refs:provider
102 also activates the "base" provider. The base provider does not include any
163 Applications may choose to load the FIPS provider explicitly rather than relying
166 in this case we do not automatically activate the FIPS provider via that config
175 FIPS provider can then be loaded programmatically like this:
177     #include <openssl/provider.h>
186             printf("Failed to load FIPS provider\n");
192             printf("Failed to load base provider\n");
205 cryptographic functions before this occurs then, if no provider has yet been
206 loaded, then the default provider will be automatically loaded. If you then
207 later explicitly load the FIPS provider then you will have both the FIPS and the
208 default provider loaded at the same time. It is undefined which implementation
213 Also note that in this example we have additionally loaded the "base" provider.
215 provider - specifically non cryptographic ones which may be used in conjunction
216 with the FIPS provider. For example this contains algorithms for encoding and
217 decoding keys. If you decide not to load the default provider then you
218 will usually want to load the base provider instead.
227 It is possible to have the FIPS provider and other providers (such as the
228 default provider) all loaded at the same time into the same library context. You
244 default provider:
248     sha256 = EVP_MD_fetch(NULL, "SHA2-256", "provider=default");
263 The "provider" property enables you to specify which provider you want an
264 implementation to be fetched from, e.g. C<provider=default> or C<provider=fips>.
265 All algorithms implemented in a provider have this property set on them.
271 can (for example) be used to write out a key generated in the FIPS provider to a
278 does not load the "base" provider. All supporting algorithms that are in "base"
306 base providers. The other library context will just use the default provider.
335      * provider into nonfips_libctx. This happens automatically if no
367 Note that we have made use of the special "null" provider here which we load
376 provider into the default library context. Because a provider has been
377 explicitly loaded, the default provider will not automatically load. This means
399 You should ensure that either the default or base provider is loaded into the
409 provider then you can supply this to libssl using the function
420      * provider loaded has been created called fips_libctx.
425      * provider loaded has been created called non_fips_libctx.
435      * as well as encoders from the default provider that are allowed
441      * The "provider!=fips" property allows algorithms from any
442      * provider except the FIPS provider
444     SSL_CTX *non_fips_ssl_ctx = SSL_CTX_new_ex(NULL, "provider!=fips",
450 provider that implements it. The process is similar for all algorithms. Here the