mirror of https://github.com/openssl/openssl
Update the provider documentation
Make the documentation match reality. Add lots of missing algorithms. Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tomas@openssl.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/22694)
This commit is contained in:
parent
339e5cb0be
commit
ae14f38cc9
|
@ -72,6 +72,8 @@ The OpenSSL FIPS provider supports these operations and algorithms:
|
|||
|
||||
=item KECCAK-KMAC, see L<EVP_MD-KECCAK-KMAC(7)>
|
||||
|
||||
=item SHAKE, see L<EVP_MD-SHAKE(7)>
|
||||
|
||||
=back
|
||||
|
||||
=head2 Symmetric Ciphers
|
||||
|
@ -80,6 +82,10 @@ The OpenSSL FIPS provider supports these operations and algorithms:
|
|||
|
||||
=item AES, see L<EVP_CIPHER-AES(7)>
|
||||
|
||||
=item 3DES, see L<EVP_CIPHER-DES(7)>
|
||||
|
||||
This is an unapproved algorithm.
|
||||
|
||||
=back
|
||||
|
||||
=head2 Message Authentication Code (MAC)
|
||||
|
@ -134,6 +140,10 @@ The OpenSSL FIPS provider supports these operations and algorithms:
|
|||
|
||||
=item X448, see L<EVP_KEYEXCH-X448(7)>
|
||||
|
||||
=item TLS1-PRF
|
||||
|
||||
=item HKDF
|
||||
|
||||
=back
|
||||
|
||||
=head2 Asymmetric Signature
|
||||
|
@ -142,9 +152,17 @@ The OpenSSL FIPS provider supports these operations and algorithms:
|
|||
|
||||
=item RSA, see L<EVP_SIGNATURE-RSA(7)>
|
||||
|
||||
=item X25519, see L<EVP_SIGNATURE-ED25519(7)>
|
||||
=item DSA, see L<EVP_SIGNATURE-DSA(7)>
|
||||
|
||||
=item X448, see L<EVP_SIGNATURE-ED448(7)>
|
||||
=item ED25519, see L<EVP_SIGNATURE-ED25519(7)>
|
||||
|
||||
This is an unapproved algorithm.
|
||||
|
||||
=item ED448, see L<EVP_SIGNATURE-ED448(7)>
|
||||
|
||||
This is an unapproved algorithm.
|
||||
|
||||
=item ECDSA, see L<EVP_SIGNATURE-ECDSA(7)>
|
||||
|
||||
=item HMAC, see L<EVP_SIGNATURE-HMAC(7)>
|
||||
|
||||
|
@ -180,12 +198,30 @@ The OpenSSL FIPS provider supports these operations and algorithms:
|
|||
|
||||
=item RSA, see L<EVP_KEYMGMT-RSA(7)>
|
||||
|
||||
=item RSA-PSS
|
||||
|
||||
=item EC, see L<EVP_KEYMGMT-EC(7)>
|
||||
|
||||
=item X25519, see L<EVP_KEYMGMT-X25519(7)>
|
||||
|
||||
=item X448, see L<EVP_KEYMGMT-X448(7)>
|
||||
|
||||
=item ED25519, see L<EVP_KEYMGMT-ED25519(7)>
|
||||
|
||||
This is an unapproved algorithm.
|
||||
|
||||
=item ED448, see L<EVP_KEYMGMT-ED448(7)>
|
||||
|
||||
This is an unapproved algorithm.
|
||||
|
||||
=item TLS1-PRF
|
||||
|
||||
=item HKDF
|
||||
|
||||
=item HMAC, see L<EVP_KEYMGMT-HMAC(7)>
|
||||
|
||||
=item CMAC, see L<EVP_KEYMGMT-CMAC(7)>
|
||||
|
||||
=back
|
||||
|
||||
=head2 Random Number Generation
|
||||
|
|
|
@ -57,28 +57,96 @@ currently permitted.
|
|||
|
||||
The OpenSSL base provider supports these operations and algorithms:
|
||||
|
||||
=head2 Asymmetric Key Encoder
|
||||
|
||||
In addition to "provider=base", some of these encoders define the
|
||||
property "fips=yes", to allow them to be used together with the FIPS
|
||||
provider.
|
||||
=head2 Random Number Generation
|
||||
|
||||
=over 4
|
||||
|
||||
=item RSA, see L<OSSL_ENCODER-RSA(7)>
|
||||
|
||||
=item DH, see L<OSSL_ENCODER-DH(7)>
|
||||
|
||||
=item DSA, see L<OSSL_ENCODER-DSA(7)>
|
||||
|
||||
=item EC, see L<OSSL_ENCODER-EC(7)>
|
||||
|
||||
=item X25519, see L<OSSL_ENCODER-X25519(7)>
|
||||
|
||||
=item X448, see L<OSSL_ENCODER-X448(7)>
|
||||
=item SEED-SRC, see L<EVP_RAND-SEED-SRC(7)>
|
||||
|
||||
=back
|
||||
|
||||
In addition to this provider, the "SEED-SRC" algorithm is also available in the
|
||||
default provider.
|
||||
|
||||
=head2 Asymmetric Key Encoder
|
||||
|
||||
=over 4
|
||||
|
||||
=item RSA
|
||||
|
||||
=item RSA-PSS
|
||||
|
||||
=item DH
|
||||
|
||||
=item DHX
|
||||
|
||||
=item DSA
|
||||
|
||||
=item EC
|
||||
|
||||
=item ED25519
|
||||
|
||||
=item ED448
|
||||
|
||||
=item X25519
|
||||
|
||||
=item X448
|
||||
|
||||
=item SM2
|
||||
|
||||
=back
|
||||
|
||||
In addition to this provider, all of these encoding algorithms are also
|
||||
available in the default provider. Some of these algorithms may be used in
|
||||
combination with the FIPS provider.
|
||||
|
||||
=head2 Asymmetric Key Decoder
|
||||
|
||||
=over 4
|
||||
|
||||
=item RSA
|
||||
|
||||
=item RSA-PSS
|
||||
|
||||
=item DH
|
||||
|
||||
=item DHX
|
||||
|
||||
=item DSA
|
||||
|
||||
=item EC
|
||||
|
||||
=item ED25519
|
||||
|
||||
=item ED448
|
||||
|
||||
=item X25519
|
||||
|
||||
=item X448
|
||||
|
||||
=item SM2
|
||||
|
||||
=item DER
|
||||
|
||||
=back
|
||||
|
||||
In addition to this provider, all of these decoding algorithms are also
|
||||
available in the default provider. Some of these algorithms may be used in
|
||||
combination with the FIPS provider.
|
||||
|
||||
=head2 Stores
|
||||
|
||||
=over 4
|
||||
|
||||
=item file
|
||||
|
||||
=item org.openssl.winstore
|
||||
|
||||
=back
|
||||
|
||||
In addition to this provider, all of these store algorithms are also
|
||||
available in the default provider.
|
||||
|
||||
=head1 SEE ALSO
|
||||
|
||||
L<OSSL_PROVIDER-default(7)>, L<openssl-core.h(7)>,
|
||||
|
|
|
@ -89,8 +89,6 @@ The OpenSSL default provider supports these operations and algorithms:
|
|||
|
||||
=item 3DES, see L<EVP_CIPHER-DES(7)>
|
||||
|
||||
=item SEED, see L<EVP_CIPHER-SEED(7)>
|
||||
|
||||
=item SM4, see L<EVP_CIPHER-SM4(7)>
|
||||
|
||||
=item ChaCha20, see L<EVP_CIPHER-CHACHA(7)>
|
||||
|
@ -127,6 +125,8 @@ The OpenSSL default provider supports these operations and algorithms:
|
|||
|
||||
=item HKDF, see L<EVP_KDF-HKDF(7)>
|
||||
|
||||
=item TLS13-KDF, see L<EVP_KDF-TLS13_KDF(7)>
|
||||
|
||||
=item SSKDF, see L<EVP_KDF-SS(7)>
|
||||
|
||||
=item PBKDF2, see L<EVP_KDF-PBKDF2(7)>
|
||||
|
@ -167,6 +167,12 @@ The OpenSSL default provider supports these operations and algorithms:
|
|||
|
||||
=item X448, see L<EVP_KEYEXCH-X448(7)>
|
||||
|
||||
=item TLS1-PRF
|
||||
|
||||
=item HKDF
|
||||
|
||||
=item SCRYPT
|
||||
|
||||
=back
|
||||
|
||||
=head2 Asymmetric Signature
|
||||
|
@ -177,6 +183,14 @@ The OpenSSL default provider supports these operations and algorithms:
|
|||
|
||||
=item RSA, see L<EVP_SIGNATURE-RSA(7)>
|
||||
|
||||
=item ED25519, see L<EVP_SIGNATURE-ED25519(7)>
|
||||
|
||||
=item ED448, see L<EVP_SIGNATURE-ED448(7)>
|
||||
|
||||
=item ECDSA, see L<EVP_SIGNATURE-ECDSA(7)>
|
||||
|
||||
=item SM2
|
||||
|
||||
=item HMAC, see L<EVP_SIGNATURE-HMAC(7)>
|
||||
|
||||
=item SIPHASH, see L<EVP_SIGNATURE-Siphash(7)>
|
||||
|
@ -205,6 +219,8 @@ The OpenSSL default provider supports these operations and algorithms:
|
|||
|
||||
=item X25519, see L<EVP_KEM-X25519(7)>
|
||||
|
||||
=item X448, see L<EVP_KEM-X448(7)>
|
||||
|
||||
=item EC, see L<EVP_KEM-EC(7)>
|
||||
|
||||
=back
|
||||
|
@ -221,12 +237,34 @@ The OpenSSL default provider supports these operations and algorithms:
|
|||
|
||||
=item RSA, see L<EVP_KEYMGMT-RSA(7)>
|
||||
|
||||
=item RSA-PSS
|
||||
|
||||
=item EC, see L<EVP_KEYMGMT-EC(7)>
|
||||
|
||||
=item X25519, see L<EVP_KEYMGMT-X25519(7)>
|
||||
|
||||
=item X448, see L<EVP_KEYMGMT-X448(7)>
|
||||
|
||||
=item ED25519, see L<EVP_KEYMGMT-ED25519(7)>
|
||||
|
||||
=item ED448, see L<EVP_KEYMGMT-ED448(7)>
|
||||
|
||||
=item TLS1-PRF
|
||||
|
||||
=item HKDF
|
||||
|
||||
=item SCRYPT
|
||||
|
||||
=item HMAC, see L<EVP_KEYMGMT-HMAC(7)>
|
||||
|
||||
=item SIPHASH, see L<EVP_KEYMGMT-Siphash(7)>
|
||||
|
||||
=item POLY1305, see L<EVP_KEYMGMT-Poly1305(7)>
|
||||
|
||||
=item CMAC, see L<EVP_KEYMGMT-CMAC(7)>
|
||||
|
||||
=item SM2, see L<EVP_KEYMGMT-SM2(7)>
|
||||
|
||||
=back
|
||||
|
||||
=head2 Random Number Generation
|
||||
|
@ -245,28 +283,88 @@ The OpenSSL default provider supports these operations and algorithms:
|
|||
|
||||
=back
|
||||
|
||||
=head2 Asymmetric Key Encoder
|
||||
In addition to this provider, the "SEED-SRC" algorithm is also available in the
|
||||
base provider.
|
||||
|
||||
The default provider also includes all of the encoding algorithms
|
||||
present in the base provider. Some of these have the property "fips=yes",
|
||||
to allow them to be used together with the FIPS provider.
|
||||
=head2 Asymmetric Key Encoder
|
||||
|
||||
=over 4
|
||||
|
||||
=item RSA, see L<OSSL_ENCODER-RSA(7)>
|
||||
=item RSA
|
||||
|
||||
=item DH, see L<OSSL_ENCODER-DH(7)>
|
||||
=item RSA-PSS
|
||||
|
||||
=item DSA, see L<OSSL_ENCODER-DSA(7)>
|
||||
=item DH
|
||||
|
||||
=item EC, see L<OSSL_ENCODER-EC(7)>
|
||||
=item DHX
|
||||
|
||||
=item X25519, see L<OSSL_ENCODER-X25519(7)>
|
||||
=item DSA
|
||||
|
||||
=item X448, see L<OSSL_ENCODER-X448(7)>
|
||||
=item EC
|
||||
|
||||
=item ED25519
|
||||
|
||||
=item ED448
|
||||
|
||||
=item X25519
|
||||
|
||||
=item X448
|
||||
|
||||
=item SM2
|
||||
|
||||
=back
|
||||
|
||||
In addition to this provider, all of these encoding algorithms are also
|
||||
available in the base provider. Some of these algorithms may be used in
|
||||
combination with the FIPS provider.
|
||||
|
||||
=head2 Asymmetric Key Decoder
|
||||
|
||||
=over 4
|
||||
|
||||
=item RSA
|
||||
|
||||
=item RSA-PSS
|
||||
|
||||
=item DH
|
||||
|
||||
=item DHX
|
||||
|
||||
=item DSA
|
||||
|
||||
=item EC
|
||||
|
||||
=item ED25519
|
||||
|
||||
=item ED448
|
||||
|
||||
=item X25519
|
||||
|
||||
=item X448
|
||||
|
||||
=item SM2
|
||||
|
||||
=item DER
|
||||
|
||||
=back
|
||||
|
||||
In addition to this provider, all of these decoding algorithms are also
|
||||
available in the base provider. Some of these algorithms may be used in
|
||||
combination with the FIPS provider.
|
||||
|
||||
=head2 Stores
|
||||
|
||||
=over 4
|
||||
|
||||
=item file
|
||||
|
||||
=item org.openssl.winstore
|
||||
|
||||
=back
|
||||
|
||||
In addition to this provider, all of these store algorithms are also
|
||||
available in the base provider.
|
||||
|
||||
=head1 SEE ALSO
|
||||
|
||||
L<openssl-core.h(7)>, L<openssl-core_dispatch.h(7)>, L<provider(7)>,
|
||||
|
|
|
@ -42,6 +42,8 @@ The OpenSSL legacy provider supports these operations and algorithms:
|
|||
|
||||
=item MD2, see L<EVP_MD-MD2(7)>
|
||||
|
||||
Disabled by default. Use I<enable-md2> config option to enable.
|
||||
|
||||
=item MD4, see L<EVP_MD-MD4(7)>
|
||||
|
||||
=item MDC2, see L<EVP_MD-MDC2(7)>
|
||||
|
|
Loading…
Reference in New Issue