Skip to content

OSSL_PROVIDER-legacy

NAME

OSSL_PROVIDER-legacy - OpenSSL legacy provider

DESCRIPTION

The OpenSSL legacy provider supplies OpenSSL implementations of algorithms that have been deemed legacy. Such algorithms have commonly fallen out of use, have been deemed insecure by the cryptography community, or something similar.

We can consider this the retirement home of cryptographic algorithms.

Properties

The implementations in this provider specifically has this property defined:

  • "provider=legacy"

It may be used in a property query string with fetching functions such as EVP_MD_fetch(3) or EVP_CIPHER_fetch(3), as well as with other functions that take a property query string, such as EVP_PKEY_CTX_new_from_name(3).

It isn't mandatory to query for any of these properties, except to make sure to get implementations of this provider and none other.

OPERATIONS AND ALGORITHMS

The OpenSSL legacy provider supports these operations and algorithms:

Hashing Algorithms / Message Digests

Symmetric Ciphers

Not all of these symmetric cipher algorithms are enabled by default.

Key Derivation Function (KDF)

  • PBKDF1
  • PVKKDF

SEE ALSO

OSSL_PARAM(3), openssl-core.h(7), openssl-core_dispatch.h(7), provider(7)

HISTORY

This functionality was added in OpenSSL 3.0.

Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved.

Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at https://www.openssl.org/source/license.html.