OpenSSL 3.0的重要更新
OpenSSL 3.0作为OpenSSL的下一重大更新,是引入了 提供者概念(Provider Concept) 。
Providers collect together and make available algorithm implementations. With OpenSSL 3.0 it is possible to specify, either programmatically or via a config file, which providers you want to use for any given application.
OpenSSL 3.0 comes with 5 different providers as standard. Over time third parties may distribute additional providers that can be plugged into OpenSSL. All algorithm implementations available via providers are accessed through the “high” level APIs (for example those functions prefixed with “EVP”). They cannot be accessed using the “low level” APIs (see below).
One of the standard providers available is the FIPS provider. This makes available FIPS validated cryptographic algorithms.