EVP_set_default_properties, EVP_default_properties_enable_fips, EVP_default_properties_is_fips_enabled - Set default properties for future algorithm fetches

#include <openssl/evp.h>
int EVP_set_default_properties(OSSL_LIB_CTX *libctx, const char *propq);
int EVP_default_properties_enable_fips(OSSL_LIB_CTX *libctx, int enable);
int EVP_default_properties_is_fips_enabled(OSSL_LIB_CTX *libctx);

EVP_set_default_properties() sets the default properties for all future EVP algorithm fetches, implicit as well as explicit. See "ALGORITHM FETCHING" in crypto(7) for information about implicit and explicit fetching.

EVP_set_default_properties stores the properties given with the string propq among the EVP data that's been stored in the library context given with libctx (NULL signifies the default library context).

Any previous default property for the specified library context will be dropped.

EVP_default_properties_enable_fips() sets the 'fips=yes' to be a default property if enable is non zero, otherwise it clears 'fips' from the default property query for the given libctx. It merges the fips default property query with any existing query strings that have been set via EVP_set_default_properties().

EVP_default_properties_is_fips_enabled() indicates if 'fips=yes' is a default property for the given libctx.

EVP_set_default_properties() and EVP_default_properties_enable_fips() are not thread safe. They are intended to be called only during the initialisation phase of a libctx.

EVP_set_default_properties() and EVP_default_properties_enable_fips() return 1 on success, or 0 on failure. An error is placed on the error stack if a failure occurs.

EVP_default_properties_is_fips_enabled() returns 1 if the 'fips=yes' default property is set for the given libctx, otherwise it returns 0.


The functions described here were added in OpenSSL 3.0.

Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.

Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at https://www.openssl.org/source/license.html.

2024-06-04 3.3.1