[openssl] master update

Richard Levitte levitte at openssl.org
Fri Apr 2 06:59:13 UTC 2021


The branch master has been updated
       via  baf02793fc5b5095ad8929b8e2aae679e113f457 (commit)
       via  03888233290bf3b8410e8dc2acbef8950fffef60 (commit)
       via  b638dad970c65e311e9a724b89972441268adc9f (commit)
       via  1010884e0a6d391d3628ffdb057f1812ef08ed73 (commit)
       via  309a78aa305ee14878e453c78ccf9a7dc91264cf (commit)
      from  650c66873793bed505802f316b15772a0f887743 (commit)


- Log -----------------------------------------------------------------
commit baf02793fc5b5095ad8929b8e2aae679e113f457
Author: Richard Levitte <levitte at openssl.org>
Date:   Tue Mar 16 14:45:07 2021 +0100

    APPS: Replace the use of OBJ_nid2ln() with name or description calls
    
    With new provided algorithms added, we'd rather rely on the names and
    descriptions that we get from the providers.
    
    Specifically with the 'openssl list' command, we now display the
    description of all algorithms.  For '-public-key-algorithms', we
    additionally print key type information a bit more like we do for
    legacy methods.
    
    We also add descriptions to all our keymgmt functions, because the
    built in EVP_PKEY_ASN1_METHODs had them.
    
    Reviewed-by: Tomas Mraz <tomas at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/14656)

commit 03888233290bf3b8410e8dc2acbef8950fffef60
Author: Richard Levitte <levitte at openssl.org>
Date:   Tue Mar 16 14:23:54 2021 +0100

    EVP: Add EVP_<TYPE>_description()
    
    The following operation types are covered:
    
    EVP_MD, EVP_CIPHER, EVP_MAC, EVP_RAND, EVP_KEYMGMT, EVP_SIGNATURE,
    EVP_ASYM_CIPHER, EVP_KEM, EVP_KEYEXCH, EVP_KDF.  Also EVP_PKEY.
    
    For EVP_MD and EVP_CIPHER, OBJ_nid2ln() is used as a fallback for
    legacy implementations.
    
    For EVP_PKEY, the info field of the EVP_PKEY_ASN1_METHOD is used as a
    fallback for legacy implementations.
    
    Fixes #14514
    
    Reviewed-by: Tomas Mraz <tomas at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/14656)

commit b638dad970c65e311e9a724b89972441268adc9f
Author: Richard Levitte <levitte at openssl.org>
Date:   Tue Mar 16 14:30:59 2021 +0100

    Add OSSL_STORE_LOADER_description()
    
    Fixes #14514
    
    Reviewed-by: Tomas Mraz <tomas at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/14656)

commit 1010884e0a6d391d3628ffdb057f1812ef08ed73
Author: Richard Levitte <levitte at openssl.org>
Date:   Tue Mar 16 14:21:42 2021 +0100

    Add OSSL_DECODER_description() and OSSL_ENCODER_description()
    
    Fixes #14514
    
    Reviewed-by: Tomas Mraz <tomas at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/14656)

commit 309a78aa305ee14878e453c78ccf9a7dc91264cf
Author: Richard Levitte <levitte at openssl.org>
Date:   Tue Mar 16 14:14:43 2021 +0100

    CORE: Add an algorithm_description field to OSSL_ALGORITHM
    
    This corresponds to the |info| field in EVP_PKEY_ASN1_METHOD, as well
    as the generic use of OBJ_nid2ln() as a one line description.
    
    We also add the base functionality to make use of this field.
    
    Fixes #14514
    
    Reviewed-by: Tomas Mraz <tomas at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/14656)

-----------------------------------------------------------------------

Summary of changes:
 apps/list.c                                        | 64 ++++++++++++++++++++--
 crypto/encode_decode/decoder_meth.c                | 16 ++++--
 crypto/encode_decode/encoder_local.h               |  1 +
 crypto/encode_decode/encoder_meth.c                | 16 ++++--
 crypto/evp/asymcipher.c                            | 17 ++++--
 crypto/evp/digest.c                                | 12 ++--
 crypto/evp/evp_enc.c                               | 12 ++--
 crypto/evp/evp_fetch.c                             | 21 ++++---
 crypto/evp/evp_lib.c                               | 22 ++++++++
 crypto/evp/evp_local.h                             | 11 +++-
 crypto/evp/evp_rand.c                              | 18 ++++--
 crypto/evp/exchange.c                              | 17 ++++--
 crypto/evp/kdf_lib.c                               |  5 ++
 crypto/evp/kdf_meth.c                              | 12 ++--
 crypto/evp/kem.c                                   | 15 +++--
 crypto/evp/keymgmt_meth.c                          | 19 +++++--
 crypto/evp/mac_lib.c                               |  5 ++
 crypto/evp/mac_meth.c                              | 12 ++--
 crypto/evp/p_lib.c                                 | 14 +++++
 crypto/evp/signature.c                             | 17 ++++--
 crypto/store/store_local.h                         |  1 +
 crypto/store/store_meth.c                          | 16 ++++--
 doc/internal/man3/evp_generic_fetch.pod            | 16 +++---
 doc/man3/EVP_ASYM_CIPHER_free.pod                  |  6 ++
 doc/man3/EVP_DigestInit.pod                        |  9 ++-
 doc/man3/EVP_EncryptInit.pod                       |  6 ++
 doc/man3/EVP_KDF.pod                               |  7 ++-
 doc/man3/EVP_KEM_free.pod                          |  7 ++-
 doc/man3/EVP_KEYEXCH_free.pod                      |  6 ++
 doc/man3/EVP_KEYMGMT.pod                           |  9 +++
 doc/man3/EVP_MAC.pod                               |  9 ++-
 doc/man3/EVP_PKEY_new.pod                          |  6 ++
 doc/man3/EVP_RAND.pod                              | 14 +++--
 doc/man3/EVP_SIGNATURE_free.pod                    |  6 ++
 doc/man3/OSSL_DECODER.pod                          |  9 +++
 doc/man3/OSSL_ENCODER.pod                          |  9 +++
 doc/man3/OSSL_STORE_LOADER.pod                     |  9 +++
 include/crypto/decoder.h                           |  4 +-
 include/crypto/evp.h                               |  4 ++
 include/openssl/core.h                             |  1 +
 include/openssl/decoder.h                          |  1 +
 include/openssl/encoder.h                          |  1 +
 include/openssl/evp.h                              | 10 ++++
 include/openssl/kdf.h                              |  1 +
 include/openssl/store.h                            |  1 +
 providers/defltprov.c                              | 53 ++++++++++++------
 providers/fips/fipsprov.c                          | 40 +++++++++-----
 providers/implementations/storemgmt/file_store.c   |  4 +-
 .../implementations/storemgmt/file_store_der2obj.c |  2 +-
 util/libcrypto.num                                 | 14 +++++
 50 files changed, 467 insertions(+), 140 deletions(-)

diff --git a/apps/list.c b/apps/list.c
index 5326a4b367..df87880ba7 100644
--- a/apps/list.c
+++ b/apps/list.c
@@ -96,15 +96,19 @@ static void list_ciphers(void)
             print_names(bio_out, names);
 
             BIO_printf(bio_out, " @ %s\n",
-                    OSSL_PROVIDER_name(EVP_CIPHER_provider(c)));
+                       OSSL_PROVIDER_name(EVP_CIPHER_provider(c)));
 
             if (verbose) {
+                const char *desc = EVP_CIPHER_description(c);
+
+                if (desc != NULL)
+                    BIO_printf(bio_out, "    description: %s\n", desc);
                 print_param_types("retrievable algorithm parameters",
-                                EVP_CIPHER_gettable_params(c), 4);
+                                  EVP_CIPHER_gettable_params(c), 4);
                 print_param_types("retrievable operation parameters",
-                                EVP_CIPHER_gettable_ctx_params(c), 4);
+                                  EVP_CIPHER_gettable_ctx_params(c), 4);
                 print_param_types("settable operation parameters",
-                                EVP_CIPHER_settable_ctx_params(c), 4);
+                                  EVP_CIPHER_settable_ctx_params(c), 4);
             }
         }
         sk_OPENSSL_CSTRING_free(names);
@@ -176,6 +180,10 @@ static void list_digests(void)
             BIO_printf(bio_out, " @ %s\n", OSSL_PROVIDER_name(EVP_MD_provider(m)));
 
             if (verbose) {
+                const char *desc = EVP_MD_description(m);
+
+                if (desc != NULL)
+                    BIO_printf(bio_out, "    description: %s\n", desc);
                 print_param_types("retrievable algorithm parameters",
                                 EVP_MD_gettable_params(m), 4);
                 print_param_types("retrievable operation parameters",
@@ -236,6 +244,10 @@ static void list_macs(void)
             BIO_printf(bio_out, " @ %s\n", OSSL_PROVIDER_name(EVP_MAC_provider(m)));
 
             if (verbose) {
+                const char *desc = EVP_MAC_description(m);
+
+                if (desc != NULL)
+                    BIO_printf(bio_out, "    description: %s\n", desc);
                 print_param_types("retrievable algorithm parameters",
                                 EVP_MAC_gettable_params(m), 4);
                 print_param_types("retrievable operation parameters",
@@ -299,6 +311,10 @@ static void list_kdfs(void)
             BIO_printf(bio_out, " @ %s\n", OSSL_PROVIDER_name(EVP_KDF_provider(k)));
 
             if (verbose) {
+                const char *desc = EVP_KDF_description(k);
+
+                if (desc != NULL)
+                    BIO_printf(bio_out, "    description: %s\n", desc);
                 print_param_types("retrievable algorithm parameters",
                                 EVP_KDF_gettable_params(k), 4);
                 print_param_types("retrievable operation parameters",
@@ -358,6 +374,10 @@ static void list_random_generators(void)
         BIO_printf(bio_out, " @ %s\n", OSSL_PROVIDER_name(EVP_RAND_provider(m)));
 
         if (verbose) {
+            const char *desc = EVP_RAND_description(m);
+
+            if (desc != NULL)
+                BIO_printf(bio_out, "    description: %s\n", desc);
             print_param_types("retrievable algorithm parameters",
                               EVP_RAND_gettable_params(m), 4);
             print_param_types("retrievable operation parameters",
@@ -491,6 +511,10 @@ static void list_encoders(void)
                     OSSL_ENCODER_properties(k));
 
             if (verbose) {
+                const char *desc = OSSL_ENCODER_description(k);
+
+                if (desc != NULL)
+                    BIO_printf(bio_out, "    description: %s\n", desc);
                 print_param_types("settable operation parameters",
                                 OSSL_ENCODER_settable_ctx_params(k), 4);
             }
@@ -555,6 +579,10 @@ static void list_decoders(void)
                     OSSL_DECODER_properties(k));
 
             if (verbose) {
+                const char *desc = OSSL_DECODER_description(k);
+
+                if (desc != NULL)
+                    BIO_printf(bio_out, "    description: %s\n", desc);
                 print_param_types("settable operation parameters",
                                 OSSL_DECODER_settable_ctx_params(k), 4);
             }
@@ -601,9 +629,17 @@ static void list_keymanagers(void)
 
         names = sk_OPENSSL_CSTRING_new(name_cmp);
         if (names != NULL && EVP_KEYMGMT_names_do_all(k, collect_names, names)) {
-            BIO_printf(bio_out, "  ");
+            const char *desc = EVP_KEYMGMT_description(k);
+
+            BIO_printf(bio_out, "  Name: ");
+            if (desc != NULL)
+                BIO_printf(bio_out, "%s", desc);
+            else
+                BIO_printf(bio_out, "%s", sk_OPENSSL_CSTRING_value(names, 0));
+            BIO_printf(bio_out, "\n");
+            BIO_printf(bio_out, "    Type: Provider Algorithm\n");
+            BIO_printf(bio_out, "    IDs: ");
             print_names(bio_out, names);
-
             BIO_printf(bio_out, " @ %s\n",
                     OSSL_PROVIDER_name(EVP_KEYMGMT_provider(k)));
 
@@ -666,6 +702,10 @@ static void list_signatures(void)
                     OSSL_PROVIDER_name(EVP_SIGNATURE_provider(k)));
 
             if (verbose) {
+                const char *desc = EVP_SIGNATURE_description(k);
+
+                if (desc != NULL)
+                    BIO_printf(bio_out, "    description: %s\n", desc);
                 print_param_types("settable operation parameters",
                                 EVP_SIGNATURE_settable_ctx_params(k), 4);
                 print_param_types("retrievable operation parameters",
@@ -723,6 +763,10 @@ static void list_kems(void)
             BIO_printf(bio_out, " @ %s\n", OSSL_PROVIDER_name(EVP_KEM_provider(k)));
 
             if (verbose) {
+                const char *desc = EVP_KEM_description(k);
+
+                if (desc != NULL)
+                    BIO_printf(bio_out, "    description: %s\n", desc);
                 print_param_types("settable operation parameters",
                                 EVP_KEM_settable_ctx_params(k), 4);
                 print_param_types("retrievable operation parameters",
@@ -783,6 +827,10 @@ static void list_asymciphers(void)
                     OSSL_PROVIDER_name(EVP_ASYM_CIPHER_provider(k)));
 
             if (verbose) {
+                const char *desc = EVP_ASYM_CIPHER_description(k);
+
+                if (desc != NULL)
+                    BIO_printf(bio_out, "    description: %s\n", desc);
                 print_param_types("settable operation parameters",
                                 EVP_ASYM_CIPHER_settable_ctx_params(k), 4);
                 print_param_types("retrievable operation parameters",
@@ -841,6 +889,10 @@ static void list_keyexchanges(void)
                     OSSL_PROVIDER_name(EVP_KEYEXCH_provider(k)));
 
             if (verbose) {
+                const char *desc = EVP_KEYEXCH_description(k);
+
+                if (desc != NULL)
+                    BIO_printf(bio_out, "    description: %s\n", desc);
                 print_param_types("settable operation parameters",
                                 EVP_KEYEXCH_settable_ctx_params(k), 4);
                 print_param_types("retrievable operation parameters",
diff --git a/crypto/encode_decode/decoder_meth.c b/crypto/encode_decode/decoder_meth.c
index c2182c2e53..7f8a365b66 100644
--- a/crypto/encode_decode/decoder_meth.c
+++ b/crypto/encode_decode/decoder_meth.c
@@ -159,8 +159,8 @@ static int put_decoder_in_store(OSSL_LIB_CTX *libctx, void *store,
 }
 
 /* Create and populate a decoder method */
-void *ossl_decoder_from_dispatch(int id, const OSSL_ALGORITHM *algodef,
-                                 OSSL_PROVIDER *prov)
+void *ossl_decoder_from_algorithm(int id, const OSSL_ALGORITHM *algodef,
+                                  OSSL_PROVIDER *prov)
 {
     OSSL_DECODER *decoder = NULL;
     const OSSL_DISPATCH *fns = algodef->implementation;
@@ -169,6 +169,7 @@ void *ossl_decoder_from_dispatch(int id, const OSSL_ALGORITHM *algodef,
         return NULL;
     decoder->base.id = id;
     decoder->base.propdef = algodef->property_definition;
+    decoder->base.description = algodef->algorithm_description;
 
     for (; fns->function_id != 0; fns++) {
         switch (fns->function_id) {
@@ -241,7 +242,7 @@ void *ossl_decoder_from_dispatch(int id, const OSSL_ALGORITHM *algodef,
 /*
  * The core fetching functionality passes the names of the implementation.
  * This function is responsible to getting an identity number for them,
- * then call ossl_decoder_from_dispatch() with that identity number.
+ * then call ossl_decoder_from_algorithm() with that identity number.
  */
 static void *construct_decoder(const OSSL_ALGORITHM *algodef,
                                OSSL_PROVIDER *prov, void *data)
@@ -260,7 +261,7 @@ static void *construct_decoder(const OSSL_ALGORITHM *algodef,
     void *method = NULL;
 
     if (id != 0)
-        method = ossl_decoder_from_dispatch(id, algodef, prov);
+        method = ossl_decoder_from_algorithm(id, algodef, prov);
 
     /*
      * Flag to indicate that there was actual construction errors.  This
@@ -424,6 +425,11 @@ int OSSL_DECODER_number(const OSSL_DECODER *decoder)
     return decoder->base.id;
 }
 
+const char *OSSL_DECODER_description(const OSSL_DECODER *decoder)
+{
+    return decoder->base.description;
+}
+
 int OSSL_DECODER_is_a(const OSSL_DECODER *decoder, const char *name)
 {
     if (decoder->base.prov != NULL) {
@@ -452,7 +458,7 @@ static void decoder_do_one(OSSL_PROVIDER *provider,
     void *method = NULL;
 
     if (id != 0)
-        method = ossl_decoder_from_dispatch(id, algodef, provider);
+        method = ossl_decoder_from_algorithm(id, algodef, provider);
 
     if (method != NULL) {
         data->user_fn(method, data->user_arg);
diff --git a/crypto/encode_decode/encoder_local.h b/crypto/encode_decode/encoder_local.h
index 2ff1853b9f..9f3235a562 100644
--- a/crypto/encode_decode/encoder_local.h
+++ b/crypto/encode_decode/encoder_local.h
@@ -20,6 +20,7 @@ struct ossl_endecode_base_st {
     OSSL_PROVIDER *prov;
     int id;
     const char *propdef;
+    const char *description;
 
     CRYPTO_REF_COUNT refcnt;
     CRYPTO_RWLOCK *lock;
diff --git a/crypto/encode_decode/encoder_meth.c b/crypto/encode_decode/encoder_meth.c
index 490eeb2e0a..de0a66578c 100644
--- a/crypto/encode_decode/encoder_meth.c
+++ b/crypto/encode_decode/encoder_meth.c
@@ -159,8 +159,8 @@ static int put_encoder_in_store(OSSL_LIB_CTX *libctx, void *store,
 }
 
 /* Create and populate a encoder method */
-static void *encoder_from_dispatch(int id, const OSSL_ALGORITHM *algodef,
-                                   OSSL_PROVIDER *prov)
+static void *encoder_from_algorithm(int id, const OSSL_ALGORITHM *algodef,
+                                    OSSL_PROVIDER *prov)
 {
     OSSL_ENCODER *encoder = NULL;
     const OSSL_DISPATCH *fns = algodef->implementation;
@@ -169,6 +169,7 @@ static void *encoder_from_dispatch(int id, const OSSL_ALGORITHM *algodef,
         return NULL;
     encoder->base.id = id;
     encoder->base.propdef = algodef->property_definition;
+    encoder->base.description = algodef->algorithm_description;
 
     for (; fns->function_id != 0; fns++) {
         switch (fns->function_id) {
@@ -253,7 +254,7 @@ static void *encoder_from_dispatch(int id, const OSSL_ALGORITHM *algodef,
 /*
  * The core fetching functionality passes the names of the implementation.
  * This function is responsible to getting an identity number for them,
- * then call encoder_from_dispatch() with that identity number.
+ * then call encoder_from_algorithm() with that identity number.
  */
 static void *construct_encoder(const OSSL_ALGORITHM *algodef,
                                OSSL_PROVIDER *prov, void *data)
@@ -272,7 +273,7 @@ static void *construct_encoder(const OSSL_ALGORITHM *algodef,
     void *method = NULL;
 
     if (id != 0)
-        method = encoder_from_dispatch(id, algodef, prov);
+        method = encoder_from_algorithm(id, algodef, prov);
 
     /*
      * Flag to indicate that there was actual construction errors.  This
@@ -436,6 +437,11 @@ int OSSL_ENCODER_number(const OSSL_ENCODER *encoder)
     return encoder->base.id;
 }
 
+const char *OSSL_ENCODER_description(const OSSL_ENCODER *encoder)
+{
+    return encoder->base.description;
+}
+
 int OSSL_ENCODER_is_a(const OSSL_ENCODER *encoder, const char *name)
 {
     if (encoder->base.prov != NULL) {
@@ -465,7 +471,7 @@ static void encoder_do_one(OSSL_PROVIDER *provider,
 
     if (id != 0)
         method =
-            encoder_from_dispatch(id, algodef, provider);
+            encoder_from_algorithm(id, algodef, provider);
 
     if (method != NULL) {
         data->user_fn(method, data->user_arg);
diff --git a/crypto/evp/asymcipher.c b/crypto/evp/asymcipher.c
index e74aafcb13..08c8fb0088 100644
--- a/crypto/evp/asymcipher.c
+++ b/crypto/evp/asymcipher.c
@@ -274,10 +274,11 @@ static EVP_ASYM_CIPHER *evp_asym_cipher_new(OSSL_PROVIDER *prov)
     return cipher;
 }
 
-static void *evp_asym_cipher_from_dispatch(int name_id,
-                                           const OSSL_DISPATCH *fns,
-                                           OSSL_PROVIDER *prov)
+static void *evp_asym_cipher_from_algorithm(int name_id,
+                                            const OSSL_ALGORITHM *algodef,
+                                            OSSL_PROVIDER *prov)
 {
+    const OSSL_DISPATCH *fns = algodef->implementation;
     EVP_ASYM_CIPHER *cipher = NULL;
     int ctxfncnt = 0, encfncnt = 0, decfncnt = 0;
     int gparamfncnt = 0, sparamfncnt = 0;
@@ -288,6 +289,7 @@ static void *evp_asym_cipher_from_dispatch(int name_id,
     }
 
     cipher->name_id = name_id;
+    cipher->description = algodef->algorithm_description;
 
     for (; fns->function_id != 0; fns++) {
         switch (fns->function_id) {
@@ -418,7 +420,7 @@ EVP_ASYM_CIPHER *EVP_ASYM_CIPHER_fetch(OSSL_LIB_CTX *ctx, const char *algorithm,
                                        const char *properties)
 {
     return evp_generic_fetch(ctx, OSSL_OP_ASYM_CIPHER, algorithm, properties,
-                             evp_asym_cipher_from_dispatch,
+                             evp_asym_cipher_from_algorithm,
                              (int (*)(void *))EVP_ASYM_CIPHER_up_ref,
                              (void (*)(void *))EVP_ASYM_CIPHER_free);
 }
@@ -433,6 +435,11 @@ int EVP_ASYM_CIPHER_number(const EVP_ASYM_CIPHER *cipher)
     return cipher->name_id;
 }
 
+const char *EVP_ASYM_CIPHER_description(const EVP_ASYM_CIPHER *cipher)
+{
+    return cipher->description;
+}
+
 void EVP_ASYM_CIPHER_do_all_provided(OSSL_LIB_CTX *libctx,
                                      void (*fn)(EVP_ASYM_CIPHER *cipher,
                                                 void *arg),
@@ -440,7 +447,7 @@ void EVP_ASYM_CIPHER_do_all_provided(OSSL_LIB_CTX *libctx,
 {
     evp_generic_do_all(libctx, OSSL_OP_ASYM_CIPHER,
                        (void (*)(void *, void *))fn, arg,
-                       evp_asym_cipher_from_dispatch,
+                       evp_asym_cipher_from_algorithm,
                        (void (*)(void *))EVP_ASYM_CIPHER_free);
 }
 
diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c
index 494e0f5646..2e517d2f45 100644
--- a/crypto/evp/digest.c
+++ b/crypto/evp/digest.c
@@ -883,10 +883,11 @@ static int evp_md_cache_constants(EVP_MD *md)
     return ok;
 }
 
-static void *evp_md_from_dispatch(int name_id,
-                                  const OSSL_DISPATCH *fns,
-                                  OSSL_PROVIDER *prov)
+static void *evp_md_from_algorithm(int name_id,
+                                   const OSSL_ALGORITHM *algodef,
+                                   OSSL_PROVIDER *prov)
 {
+    const OSSL_DISPATCH *fns = algodef->implementation;
     EVP_MD *md = NULL;
     int fncnt = 0;
 
@@ -907,6 +908,7 @@ static void *evp_md_from_dispatch(int name_id,
 #endif
 
     md->name_id = name_id;
+    md->description = algodef->algorithm_description;
 
     for (; fns->function_id != 0; fns++) {
         switch (fns->function_id) {
@@ -1017,7 +1019,7 @@ EVP_MD *EVP_MD_fetch(OSSL_LIB_CTX *ctx, const char *algorithm,
 {
     EVP_MD *md =
         evp_generic_fetch(ctx, OSSL_OP_DIGEST, algorithm, properties,
-                          evp_md_from_dispatch, evp_md_up_ref, evp_md_free);
+                          evp_md_from_algorithm, evp_md_up_ref, evp_md_free);
 
     return md;
 }
@@ -1051,5 +1053,5 @@ void EVP_MD_do_all_provided(OSSL_LIB_CTX *libctx,
 {
     evp_generic_do_all(libctx, OSSL_OP_DIGEST,
                        (void (*)(void *, void *))fn, arg,
-                       evp_md_from_dispatch, evp_md_free);
+                       evp_md_from_algorithm, evp_md_free);
 }
diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c
index 79ffd2275f..64759311c0 100644
--- a/crypto/evp/evp_enc.c
+++ b/crypto/evp/evp_enc.c
@@ -1440,10 +1440,11 @@ static void set_legacy_nid(const char *name, void *vlegacy_nid)
 }
 #endif
 
-static void *evp_cipher_from_dispatch(const int name_id,
-                                      const OSSL_DISPATCH *fns,
-                                      OSSL_PROVIDER *prov)
+static void *evp_cipher_from_algorithm(const int name_id,
+                                       const OSSL_ALGORITHM *algodef,
+                                       OSSL_PROVIDER *prov)
 {
+    const OSSL_DISPATCH *fns = algodef->implementation;
     EVP_CIPHER *cipher = NULL;
     int fnciphcnt = 0, fnctxcnt = 0;
 
@@ -1463,6 +1464,7 @@ static void *evp_cipher_from_dispatch(const int name_id,
 #endif
 
     cipher->name_id = name_id;
+    cipher->description = algodef->algorithm_description;
 
     for (; fns->function_id != 0; fns++) {
         switch (fns->function_id) {
@@ -1587,7 +1589,7 @@ EVP_CIPHER *EVP_CIPHER_fetch(OSSL_LIB_CTX *ctx, const char *algorithm,
 {
     EVP_CIPHER *cipher =
         evp_generic_fetch(ctx, OSSL_OP_CIPHER, algorithm, properties,
-                          evp_cipher_from_dispatch, evp_cipher_up_ref,
+                          evp_cipher_from_algorithm, evp_cipher_up_ref,
                           evp_cipher_free);
 
     return cipher;
@@ -1622,5 +1624,5 @@ void EVP_CIPHER_do_all_provided(OSSL_LIB_CTX *libctx,
 {
     evp_generic_do_all(libctx, OSSL_OP_CIPHER,
                        (void (*)(void *, void *))fn, arg,
-                       evp_cipher_from_dispatch, evp_cipher_free);
+                       evp_cipher_from_algorithm, evp_cipher_free);
 }
diff --git a/crypto/evp/evp_fetch.c b/crypto/evp/evp_fetch.c
index 701abfaaf5..4b81204046 100644
--- a/crypto/evp/evp_fetch.c
+++ b/crypto/evp/evp_fetch.c
@@ -50,8 +50,8 @@ struct evp_method_data_st {
 
     unsigned int flag_construct_error_occurred : 1;
 
-    void *(*method_from_dispatch)(int name_id, const OSSL_DISPATCH *,
-                                  OSSL_PROVIDER *);
+    void *(*method_from_algorithm)(int name_id, const OSSL_ALGORITHM *,
+                                   OSSL_PROVIDER *);
     int (*refcnt_up_method)(void *method);
     void (*destruct_method)(void *method);
 };
@@ -194,8 +194,7 @@ static void *construct_evp_method(const OSSL_ALGORITHM *algodef,
     if (name_id == 0)
         return NULL;
 
-    method = methdata->method_from_dispatch(name_id, algodef->implementation,
-                                            prov);
+    method = methdata->method_from_algorithm(name_id, algodef, prov);
 
     /*
      * Flag to indicate that there was actual construction errors.  This
@@ -220,7 +219,7 @@ inner_evp_generic_fetch(OSSL_LIB_CTX *libctx, int operation_id,
                         int name_id, const char *name,
                         const char *properties,
                         void *(*new_method)(int name_id,
-                                            const OSSL_DISPATCH *fns,
+                                            const OSSL_ALGORITHM *algodef,
                                             OSSL_PROVIDER *prov),
                         int (*up_ref_method)(void *),
                         void (*free_method)(void *))
@@ -296,7 +295,7 @@ inner_evp_generic_fetch(OSSL_LIB_CTX *libctx, int operation_id,
         mcmdata.name_id = name_id;
         mcmdata.names = name;
         mcmdata.propquery = properties;
-        mcmdata.method_from_dispatch = new_method;
+        mcmdata.method_from_algorithm = new_method;
         mcmdata.refcnt_up_method = up_ref_method;
         mcmdata.destruct_method = free_method;
         mcmdata.flag_construct_error_occurred = 0;
@@ -341,7 +340,7 @@ inner_evp_generic_fetch(OSSL_LIB_CTX *libctx, int operation_id,
 void *evp_generic_fetch(OSSL_LIB_CTX *libctx, int operation_id,
                         const char *name, const char *properties,
                         void *(*new_method)(int name_id,
-                                            const OSSL_DISPATCH *fns,
+                                            const OSSL_ALGORITHM *algodef,
                                             OSSL_PROVIDER *prov),
                         int (*up_ref_method)(void *),
                         void (*free_method)(void *))
@@ -361,7 +360,7 @@ void *evp_generic_fetch(OSSL_LIB_CTX *libctx, int operation_id,
 void *evp_generic_fetch_by_number(OSSL_LIB_CTX *libctx, int operation_id,
                                   int name_id, const char *properties,
                                   void *(*new_method)(int name_id,
-                                                      const OSSL_DISPATCH *fns,
+                                                      const OSSL_ALGORITHM *algodef,
                                                       OSSL_PROVIDER *prov),
                                   int (*up_ref_method)(void *),
                                   void (*free_method)(void *))
@@ -461,7 +460,7 @@ int EVP_default_properties_enable_fips(OSSL_LIB_CTX *libctx, int enable)
 struct do_all_data_st {
     void (*user_fn)(void *method, void *arg);
     void *user_arg;
-    void *(*new_method)(const int name_id, const OSSL_DISPATCH *fns,
+    void *(*new_method)(const int name_id, const OSSL_ALGORITHM *algodef,
                         OSSL_PROVIDER *prov);
     void (*free_method)(void *);
 };
@@ -477,7 +476,7 @@ static void do_one(OSSL_PROVIDER *provider, const OSSL_ALGORITHM *algo,
     void *method = NULL;
 
     if (name_id != 0)
-        method = data->new_method(name_id, algo->implementation, provider);
+        method = data->new_method(name_id, algo, provider);
 
     if (method != NULL) {
         data->user_fn(method, data->user_arg);
@@ -489,7 +488,7 @@ void evp_generic_do_all(OSSL_LIB_CTX *libctx, int operation_id,
                         void (*user_fn)(void *method, void *arg),
                         void *user_arg,
                         void *(*new_method)(int name_id,
-                                            const OSSL_DISPATCH *fns,
+                                            const OSSL_ALGORITHM *algodef,
                                             OSSL_PROVIDER *prov),
                         void (*free_method)(void *))
 {
diff --git a/crypto/evp/evp_lib.c b/crypto/evp/evp_lib.c
index 31d2a7392b..a707285c91 100644
--- a/crypto/evp/evp_lib.c
+++ b/crypto/evp/evp_lib.c
@@ -645,6 +645,17 @@ const char *EVP_CIPHER_name(const EVP_CIPHER *cipher)
 #endif
 }
 
+const char *EVP_CIPHER_description(const EVP_CIPHER *cipher)
+{
+    if (cipher->description != NULL)
+        return cipher->description;
+#ifndef FIPS_MODULE
+    return OBJ_nid2ln(EVP_CIPHER_nid(cipher));
+#else
+    return NULL;
+#endif
+}
+
 int EVP_CIPHER_names_do_all(const EVP_CIPHER *cipher,
                             void (*fn)(const char *name, void *data),
                             void *data)
@@ -677,6 +688,17 @@ int EVP_MD_number(const EVP_MD *md)
     return md->name_id;
 }
 
+const char *EVP_MD_description(const EVP_MD *md)
+{
+    if (md->description != NULL)
+        return md->description;
+#ifndef FIPS_MODULE
+    return OBJ_nid2ln(EVP_MD_nid(md));
+#else
+    return NULL;
+#endif
+}
+
 const char *EVP_MD_name(const EVP_MD *md)
 {
     if (md->prov != NULL)
diff --git a/crypto/evp/evp_local.h b/crypto/evp/evp_local.h
index 0db84a3d84..72caf86aaf 100644
--- a/crypto/evp/evp_local.h
+++ b/crypto/evp/evp_local.h
@@ -78,6 +78,7 @@ struct evp_keymgmt_st {
     int id;                      /* libcrypto internal */
 
     int name_id;
+    const char *description;
     OSSL_PROVIDER *prov;
     CRYPTO_REF_COUNT refcnt;
     CRYPTO_RWLOCK *lock;
@@ -116,6 +117,7 @@ struct evp_keymgmt_st {
 
 struct evp_keyexch_st {
     int name_id;
+    const char *description;
     OSSL_PROVIDER *prov;
     CRYPTO_REF_COUNT refcnt;
     CRYPTO_RWLOCK *lock;
@@ -134,6 +136,7 @@ struct evp_keyexch_st {
 
 struct evp_signature_st {
     int name_id;
+    const char *description;
     OSSL_PROVIDER *prov;
     CRYPTO_REF_COUNT refcnt;
     CRYPTO_RWLOCK *lock;
@@ -167,6 +170,7 @@ struct evp_signature_st {
 
 struct evp_asym_cipher_st {
     int name_id;
+    const char *description;
     OSSL_PROVIDER *prov;
     CRYPTO_REF_COUNT refcnt;
     CRYPTO_RWLOCK *lock;
@@ -186,6 +190,7 @@ struct evp_asym_cipher_st {
 
 struct evp_kem_st {
     int name_id;
+    const char *description;
     OSSL_PROVIDER *prov;
     CRYPTO_REF_COUNT refcnt;
     CRYPTO_RWLOCK *lock;
@@ -235,14 +240,14 @@ int ossl_is_partially_overlapping(const void *ptr1, const void *ptr2, int len);
 void *evp_generic_fetch(OSSL_LIB_CTX *ctx, int operation_id,
                         const char *name, const char *properties,
                         void *(*new_method)(int name_id,
-                                            const OSSL_DISPATCH *fns,
+                                            const OSSL_ALGORITHM *algodef,
                                             OSSL_PROVIDER *prov),
                         int (*up_ref_method)(void *),
                         void (*free_method)(void *));
 void *evp_generic_fetch_by_number(OSSL_LIB_CTX *ctx, int operation_id,
                                   int name_id, const char *properties,
                                   void *(*new_method)(int name_id,
-                                                      const OSSL_DISPATCH *fns,
+                                                      const OSSL_ALGORITHM *algodef,
                                                       OSSL_PROVIDER *prov),
                                   int (*up_ref_method)(void *),
                                   void (*free_method)(void *));
@@ -250,7 +255,7 @@ void evp_generic_do_all(OSSL_LIB_CTX *libctx, int operation_id,
                         void (*user_fn)(void *method, void *arg),
                         void *user_arg,
                         void *(*new_method)(int name_id,
-                                            const OSSL_DISPATCH *fns,
+                                            const OSSL_ALGORITHM *algodef,
                                             OSSL_PROVIDER *prov),
                         void (*free_method)(void *));
 
diff --git a/crypto/evp/evp_rand.c b/crypto/evp/evp_rand.c
index aea9d72ab7..cae21891ee 100644
--- a/crypto/evp/evp_rand.c
+++ b/crypto/evp/evp_rand.c
@@ -28,6 +28,7 @@
 struct evp_rand_st {
     OSSL_PROVIDER *prov;
     int name_id;
+    const char *description;
     CRYPTO_REF_COUNT refcnt;
     CRYPTO_RWLOCK *refcnt_lock;
 
@@ -112,10 +113,11 @@ static void evp_rand_unlock(EVP_RAND_CTX *rand)
         rand->meth->unlock(rand->data);
 }
 
-static void *evp_rand_from_dispatch(int name_id,
-                                    const OSSL_DISPATCH *fns,
-                                    OSSL_PROVIDER *prov)
+static void *evp_rand_from_algorithm(int name_id,
+                                     const OSSL_ALGORITHM *algodef,
+                                     OSSL_PROVIDER *prov)
 {
+    const OSSL_DISPATCH *fns = algodef->implementation;
     EVP_RAND *rand = NULL;
     int fnrandcnt = 0, fnctxcnt = 0, fnlockcnt = 0, fnenablelockcnt = 0;
 #ifdef FIPS_MODULE
@@ -127,6 +129,7 @@ static void *evp_rand_from_dispatch(int name_id,
         return NULL;
     }
     rand->name_id = name_id;
+    rand->description = algodef->algorithm_description;
     rand->dispatch = fns;
     for (; fns->function_id != 0; fns++) {
         switch (fns->function_id) {
@@ -268,7 +271,7 @@ EVP_RAND *EVP_RAND_fetch(OSSL_LIB_CTX *libctx, const char *algorithm,
                          const char *properties)
 {
     return evp_generic_fetch(libctx, OSSL_OP_RAND, algorithm, properties,
-                             evp_rand_from_dispatch, evp_rand_up_ref,
+                             evp_rand_from_algorithm, evp_rand_up_ref,
                              evp_rand_free);
 }
 
@@ -292,6 +295,11 @@ const char *EVP_RAND_name(const EVP_RAND *rand)
     return evp_first_name(rand->prov, rand->name_id);
 }
 
+const char *EVP_RAND_description(const EVP_RAND *rand)
+{
+    return rand->description;
+}
+
 int EVP_RAND_is_a(const EVP_RAND *rand, const char *name)
 {
     return evp_is_a(rand->prov, rand->name_id, NULL, name);
@@ -472,7 +480,7 @@ void EVP_RAND_do_all_provided(OSSL_LIB_CTX *libctx,
 {
     evp_generic_do_all(libctx, OSSL_OP_RAND,
                        (void (*)(void *, void *))fn, arg,
-                       evp_rand_from_dispatch, evp_rand_free);
+                       evp_rand_from_algorithm, evp_rand_free);
 }
 
 int EVP_RAND_names_do_all(const EVP_RAND *rand,
diff --git a/crypto/evp/exchange.c b/crypto/evp/exchange.c
index 5bb038f118..07d5e4ab9b 100644
--- a/crypto/evp/exchange.c
+++ b/crypto/evp/exchange.c
@@ -38,10 +38,11 @@ static EVP_KEYEXCH *evp_keyexch_new(OSSL_PROVIDER *prov)
     return exchange;
 }
 
-static void *evp_keyexch_from_dispatch(int name_id,
-                                       const OSSL_DISPATCH *fns,
-                                       OSSL_PROVIDER *prov)
+static void *evp_keyexch_from_algorithm(int name_id,
+                                        const OSSL_ALGORITHM *algodef,
+                                        OSSL_PROVIDER *prov)
 {
+    const OSSL_DISPATCH *fns = algodef->implementation;
     EVP_KEYEXCH *exchange = NULL;
     int fncnt = 0, sparamfncnt = 0, gparamfncnt = 0;
 
@@ -51,6 +52,7 @@ static void *evp_keyexch_from_dispatch(int name_id,
     }
 
     exchange->name_id = name_id;
+    exchange->description = algodef->algorithm_description;
 
     for (; fns->function_id != 0; fns++) {
         switch (fns->function_id) {
@@ -169,7 +171,7 @@ EVP_KEYEXCH *EVP_KEYEXCH_fetch(OSSL_LIB_CTX *ctx, const char *algorithm,
                                const char *properties)
 {
     return evp_generic_fetch(ctx, OSSL_OP_KEYEXCH, algorithm, properties,
-                             evp_keyexch_from_dispatch,
+                             evp_keyexch_from_algorithm,
                              (int (*)(void *))EVP_KEYEXCH_up_ref,
                              (void (*)(void *))EVP_KEYEXCH_free);
 }
@@ -463,6 +465,11 @@ int EVP_KEYEXCH_number(const EVP_KEYEXCH *keyexch)
     return keyexch->name_id;
 }
 
+const char *EVP_KEYEXCH_description(const EVP_KEYEXCH *keyexch)
+{
+    return keyexch->description;
+}
+
 int EVP_KEYEXCH_is_a(const EVP_KEYEXCH *keyexch, const char *name)
 {
     return evp_is_a(keyexch->prov, keyexch->name_id, NULL, name);
@@ -474,7 +481,7 @@ void EVP_KEYEXCH_do_all_provided(OSSL_LIB_CTX *libctx,
 {
     evp_generic_do_all(libctx, OSSL_OP_KEYEXCH,
                        (void (*)(void *, void *))fn, arg,
-                       evp_keyexch_from_dispatch,
+                       evp_keyexch_from_algorithm,
                        (void (*)(void *))EVP_KEYEXCH_free);
 }
 
diff --git a/crypto/evp/kdf_lib.c b/crypto/evp/kdf_lib.c
index f5ff00d7e7..1a1074b21b 100644
--- a/crypto/evp/kdf_lib.c
+++ b/crypto/evp/kdf_lib.c
@@ -95,6 +95,11 @@ const char *EVP_KDF_name(const EVP_KDF *kdf)
     return NULL;
 }
 
+const char *EVP_KDF_description(const EVP_KDF *kdf)
+{
+    return kdf->description;
+}
+
 int EVP_KDF_is_a(const EVP_KDF *kdf, const char *name)
 {
     return evp_is_a(kdf->prov, kdf->name_id, NULL, name);
diff --git a/crypto/evp/kdf_meth.c b/crypto/evp/kdf_meth.c
index 17526a8fe4..1caf1c579c 100644
--- a/crypto/evp/kdf_meth.c
+++ b/crypto/evp/kdf_meth.c
@@ -52,10 +52,11 @@ static void *evp_kdf_new(void)
     return kdf;
 }
 
-static void *evp_kdf_from_dispatch(int name_id,
-                                   const OSSL_DISPATCH *fns,
-                                   OSSL_PROVIDER *prov)
+static void *evp_kdf_from_algorithm(int name_id,
+                                    const OSSL_ALGORITHM *algodef,
+                                    OSSL_PROVIDER *prov)
 {
+    const OSSL_DISPATCH *fns = algodef->implementation;
     EVP_KDF *kdf = NULL;
     int fnkdfcnt = 0, fnctxcnt = 0;
 
@@ -64,6 +65,7 @@ static void *evp_kdf_from_dispatch(int name_id,
         return NULL;
     }
     kdf->name_id = name_id;
+    kdf->description = algodef->algorithm_description;
 
     for (; fns->function_id != 0; fns++) {
         switch (fns->function_id) {
@@ -151,7 +153,7 @@ EVP_KDF *EVP_KDF_fetch(OSSL_LIB_CTX *libctx, const char *algorithm,
                        const char *properties)
 {
     return evp_generic_fetch(libctx, OSSL_OP_KDF, algorithm, properties,
-                             evp_kdf_from_dispatch, evp_kdf_up_ref,
+                             evp_kdf_from_algorithm, evp_kdf_up_ref,
                              evp_kdf_free);
 }
 
@@ -218,5 +220,5 @@ void EVP_KDF_do_all_provided(OSSL_LIB_CTX *libctx,
 {
     evp_generic_do_all(libctx, OSSL_OP_KDF,
                        (void (*)(void *, void *))fn, arg,
-                       evp_kdf_from_dispatch, evp_kdf_free);
+                       evp_kdf_from_algorithm, evp_kdf_free);
 }
diff --git a/crypto/evp/kem.c b/crypto/evp/kem.c
index a4183e8311..cd8924ef39 100644
--- a/crypto/evp/kem.c
+++ b/crypto/evp/kem.c
@@ -183,9 +183,10 @@ static EVP_KEM *evp_kem_new(OSSL_PROVIDER *prov)
     return kem;
 }
 
-static void *evp_kem_from_dispatch(int name_id, const OSSL_DISPATCH *fns,
-                                   OSSL_PROVIDER *prov)
+static void *evp_kem_from_algorithm(int name_id, const OSSL_ALGORITHM *algodef,
+                                    OSSL_PROVIDER *prov)
 {
+    const OSSL_DISPATCH *fns = algodef->implementation;
     EVP_KEM *kem = NULL;
     int ctxfncnt = 0, encfncnt = 0, decfncnt = 0;
     int gparamfncnt = 0, sparamfncnt = 0;
@@ -196,6 +197,7 @@ static void *evp_kem_from_dispatch(int name_id, const OSSL_DISPATCH *fns,
     }
 
     kem->name_id = name_id;
+    kem->description = algodef->algorithm_description;
 
     for (; fns->function_id != 0; fns++) {
         switch (fns->function_id) {
@@ -326,7 +328,7 @@ EVP_KEM *EVP_KEM_fetch(OSSL_LIB_CTX *ctx, const char *algorithm,
                        const char *properties)
 {
     return evp_generic_fetch(ctx, OSSL_OP_KEM, algorithm, properties,
-                             evp_kem_from_dispatch,
+                             evp_kem_from_algorithm,
                              (int (*)(void *))EVP_KEM_up_ref,
                              (void (*)(void *))EVP_KEM_free);
 }
@@ -341,12 +343,17 @@ int EVP_KEM_number(const EVP_KEM *kem)
     return kem->name_id;
 }
 
+const char *EVP_KEM_description(const EVP_KEM *kem)
+{
+    return kem->description;
+}
+
 void EVP_KEM_do_all_provided(OSSL_LIB_CTX *libctx,
                              void (*fn)(EVP_KEM *kem, void *arg),
                              void *arg)
 {
     evp_generic_do_all(libctx, OSSL_OP_KEM, (void (*)(void *, void *))fn, arg,
-                       evp_kem_from_dispatch,
+                       evp_kem_from_algorithm,
                        (void (*)(void *))EVP_KEM_free);
 }
 
diff --git a/crypto/evp/keymgmt_meth.c b/crypto/evp/keymgmt_meth.c
index 0d7b54316b..cdd7c70ed9 100644
--- a/crypto/evp/keymgmt_meth.c
+++ b/crypto/evp/keymgmt_meth.c
@@ -32,10 +32,11 @@ static void *keymgmt_new(void)
     return keymgmt;
 }
 
-static void *keymgmt_from_dispatch(int name_id,
-                                   const OSSL_DISPATCH *fns,
-                                   OSSL_PROVIDER *prov)
+static void *keymgmt_from_algorithm(int name_id,
+                                    const OSSL_ALGORITHM *algodef,
+                                    OSSL_PROVIDER *prov)
 {
+    const OSSL_DISPATCH *fns = algodef->implementation;
     EVP_KEYMGMT *keymgmt = NULL;
     int setparamfncnt = 0, getparamfncnt = 0;
     int setgenparamfncnt = 0;
@@ -46,6 +47,7 @@ static void *keymgmt_from_dispatch(int name_id,
         return NULL;
     }
     keymgmt->name_id = name_id;
+    keymgmt->description = algodef->algorithm_description;
 
     for (; fns->function_id != 0; fns++) {
         switch (fns->function_id) {
@@ -202,7 +204,7 @@ EVP_KEYMGMT *evp_keymgmt_fetch_by_number(OSSL_LIB_CTX *ctx, int name_id,
 {
     return evp_generic_fetch_by_number(ctx,
                                        OSSL_OP_KEYMGMT, name_id, properties,
-                                       keymgmt_from_dispatch,
+                                       keymgmt_from_algorithm,
                                        (int (*)(void *))EVP_KEYMGMT_up_ref,
                                        (void (*)(void *))EVP_KEYMGMT_free);
 }
@@ -211,7 +213,7 @@ EVP_KEYMGMT *EVP_KEYMGMT_fetch(OSSL_LIB_CTX *ctx, const char *algorithm,
                                const char *properties)
 {
     return evp_generic_fetch(ctx, OSSL_OP_KEYMGMT, algorithm, properties,
-                             keymgmt_from_dispatch,
+                             keymgmt_from_algorithm,
                              (int (*)(void *))EVP_KEYMGMT_up_ref,
                              (void (*)(void *))EVP_KEYMGMT_free);
 }
@@ -249,6 +251,11 @@ int EVP_KEYMGMT_number(const EVP_KEYMGMT *keymgmt)
     return keymgmt->name_id;
 }
 
+const char *EVP_KEYMGMT_description(const EVP_KEYMGMT *keymgmt)
+{
+    return keymgmt->description;
+}
+
 const char *EVP_KEYMGMT_get0_first_name(const EVP_KEYMGMT *keymgmt)
 {
     return evp_first_name(keymgmt->prov, keymgmt->name_id);
@@ -265,7 +272,7 @@ void EVP_KEYMGMT_do_all_provided(OSSL_LIB_CTX *libctx,
 {
     evp_generic_do_all(libctx, OSSL_OP_KEYMGMT,
                        (void (*)(void *, void *))fn, arg,
-                       keymgmt_from_dispatch,
+                       keymgmt_from_algorithm,
                        (void (*)(void *))EVP_KEYMGMT_free);
 }
 
diff --git a/crypto/evp/mac_lib.c b/crypto/evp/mac_lib.c
index 746abf53c1..e7eea3294b 100644
--- a/crypto/evp/mac_lib.c
+++ b/crypto/evp/mac_lib.c
@@ -170,6 +170,11 @@ const char *EVP_MAC_name(const EVP_MAC *mac)
     return NULL;
 }
 
+const char *EVP_MAC_description(const EVP_MAC *mac)
+{
+    return mac->description;
+}
+
 int EVP_MAC_is_a(const EVP_MAC *mac, const char *name)
 {
     return evp_is_a(mac->prov, mac->name_id, NULL, name);
diff --git a/crypto/evp/mac_meth.c b/crypto/evp/mac_meth.c
index 85f87e4c61..bd43e880ae 100644
--- a/crypto/evp/mac_meth.c
+++ b/crypto/evp/mac_meth.c
@@ -46,10 +46,11 @@ static void *evp_mac_new(void)
     return mac;
 }
 
-static void *evp_mac_from_dispatch(int name_id,
-                                   const OSSL_DISPATCH *fns,
-                                   OSSL_PROVIDER *prov)
+static void *evp_mac_from_algorithm(int name_id,
+                                    const OSSL_ALGORITHM *algodef,
+                                    OSSL_PROVIDER *prov)
 {
+    const OSSL_DISPATCH *fns = algodef->implementation;
     EVP_MAC *mac = NULL;
     int fnmaccnt = 0, fnctxcnt = 0;
 
@@ -58,6 +59,7 @@ static void *evp_mac_from_dispatch(int name_id,
         return NULL;
     }
     mac->name_id = name_id;
+    mac->description = algodef->algorithm_description;
 
     for (; fns->function_id != 0; fns++) {
         switch (fns->function_id) {
@@ -153,7 +155,7 @@ EVP_MAC *EVP_MAC_fetch(OSSL_LIB_CTX *libctx, const char *algorithm,
                        const char *properties)
 {
     return evp_generic_fetch(libctx, OSSL_OP_MAC, algorithm, properties,
-                             evp_mac_from_dispatch, evp_mac_up_ref,
+                             evp_mac_from_algorithm, evp_mac_up_ref,
                              evp_mac_free);
 }
 
@@ -225,5 +227,5 @@ void EVP_MAC_do_all_provided(OSSL_LIB_CTX *libctx,
 {
     evp_generic_do_all(libctx, OSSL_OP_MAC,
                        (void (*)(void *, void *))fn, arg,
-                       evp_mac_from_dispatch, evp_mac_free);
+                       evp_mac_from_algorithm, evp_mac_free);
 }
diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c
index d424106360..f1ffb80e90 100644
--- a/crypto/evp/p_lib.c
+++ b/crypto/evp/p_lib.c
@@ -1723,6 +1723,20 @@ int EVP_PKEY_size(const EVP_PKEY *pkey)
     return size < 0 ? 0 : size;
 }
 
+const char *EVP_PKEY_description(const EVP_PKEY *pkey)
+{
+    if (!evp_pkey_is_assigned(pkey))
+        return NULL;
+
+    if (evp_pkey_is_provided(pkey) && pkey->keymgmt->description != NULL)
+        return pkey->keymgmt->description;
+#ifndef FIPS_MODULE
+    if (pkey->ameth != NULL)
+        return pkey->ameth->info;
+#endif
+    return NULL;
+}
+
 void *evp_pkey_export_to_provider(EVP_PKEY *pk, OSSL_LIB_CTX *libctx,
                                   EVP_KEYMGMT **keymgmt,
                                   const char *propquery)
diff --git a/crypto/evp/signature.c b/crypto/evp/signature.c
index 09cf4539d9..7df984e1bf 100644
--- a/crypto/evp/signature.c
+++ b/crypto/evp/signature.c
@@ -38,10 +38,11 @@ static EVP_SIGNATURE *evp_signature_new(OSSL_PROVIDER *prov)
     return signature;
 }
 
-static void *evp_signature_from_dispatch(int name_id,
-                                         const OSSL_DISPATCH *fns,
-                                         OSSL_PROVIDER *prov)
+static void *evp_signature_from_algorithm(int name_id,
+                                          const OSSL_ALGORITHM *algodef,
+                                          OSSL_PROVIDER *prov)
 {
+    const OSSL_DISPATCH *fns = algodef->implementation;
     EVP_SIGNATURE *signature = NULL;
     int ctxfncnt = 0, signfncnt = 0, verifyfncnt = 0, verifyrecfncnt = 0;
     int digsignfncnt = 0, digverifyfncnt = 0;
@@ -53,6 +54,7 @@ static void *evp_signature_from_dispatch(int name_id,
     }
 
     signature->name_id = name_id;
+    signature->description = algodef->algorithm_description;
 
     for (; fns->function_id != 0; fns++) {
         switch (fns->function_id) {
@@ -302,7 +304,7 @@ EVP_SIGNATURE *EVP_SIGNATURE_fetch(OSSL_LIB_CTX *ctx, const char *algorithm,
                                    const char *properties)
 {
     return evp_generic_fetch(ctx, OSSL_OP_SIGNATURE, algorithm, properties,
-                             evp_signature_from_dispatch,
+                             evp_signature_from_algorithm,
                              (int (*)(void *))EVP_SIGNATURE_up_ref,
                              (void (*)(void *))EVP_SIGNATURE_free);
 }
@@ -317,6 +319,11 @@ int EVP_SIGNATURE_number(const EVP_SIGNATURE *signature)
     return signature->name_id;
 }
 
+const char *EVP_SIGNATURE_description(const EVP_SIGNATURE *signature)
+{
+    return signature->description;
+}
+
 void EVP_SIGNATURE_do_all_provided(OSSL_LIB_CTX *libctx,
                                    void (*fn)(EVP_SIGNATURE *signature,
                                               void *arg),
@@ -324,7 +331,7 @@ void EVP_SIGNATURE_do_all_provided(OSSL_LIB_CTX *libctx,
 {
     evp_generic_do_all(libctx, OSSL_OP_SIGNATURE,
                        (void (*)(void *, void *))fn, arg,
-                       evp_signature_from_dispatch,
+                       evp_signature_from_algorithm,
                        (void (*)(void *))EVP_SIGNATURE_free);
 }
 
diff --git a/crypto/store/store_local.h b/crypto/store/store_local.h
index 16989707d6..b46c63d5e9 100644
--- a/crypto/store/store_local.h
+++ b/crypto/store/store_local.h
@@ -100,6 +100,7 @@ struct ossl_store_loader_st {
     OSSL_PROVIDER *prov;
     int scheme_id;
     const char *propdef;
+    const char *description;
 
     CRYPTO_REF_COUNT refcnt;
     CRYPTO_RWLOCK *lock;
diff --git a/crypto/store/store_meth.c b/crypto/store/store_meth.c
index c74a634e9e..be78adaab8 100644
--- a/crypto/store/store_meth.c
+++ b/crypto/store/store_meth.c
@@ -162,8 +162,8 @@ static int put_loader_in_store(OSSL_LIB_CTX *libctx, void *store,
                                  up_ref_loader, free_loader);
 }
 
-static void *loader_from_dispatch(int scheme_id, const OSSL_ALGORITHM *algodef,
-                                  OSSL_PROVIDER *prov)
+static void *loader_from_algorithm(int scheme_id, const OSSL_ALGORITHM *algodef,
+                                   OSSL_PROVIDER *prov)
 {
     OSSL_STORE_LOADER *loader = NULL;
     const OSSL_DISPATCH *fns = algodef->implementation;
@@ -172,6 +172,7 @@ static void *loader_from_dispatch(int scheme_id, const OSSL_ALGORITHM *algodef,
         return NULL;
     loader->scheme_id = scheme_id;
     loader->propdef = algodef->property_definition;
+    loader->description = algodef->algorithm_description;
 
     for (; fns->function_id != 0; fns++) {
         switch (fns->function_id) {
@@ -226,7 +227,7 @@ static void *loader_from_dispatch(int scheme_id, const OSSL_ALGORITHM *algodef,
 /*
  * The core fetching functionality passes the scheme of the implementation.
  * This function is responsible to getting an identity number for them,
- * then call loader_from_dispatch() with that identity number.
+ * then call loader_from_algorithm() with that identity number.
  */
 static void *construct_loader(const OSSL_ALGORITHM *algodef,
                               OSSL_PROVIDER *prov, void *data)
@@ -245,7 +246,7 @@ static void *construct_loader(const OSSL_ALGORITHM *algodef,
     void *method = NULL;
 
     if (id != 0)
-        method = loader_from_dispatch(id, algodef, prov);
+        method = loader_from_algorithm(id, algodef, prov);
 
     /*
      * Flag to indicate that there was actual construction errors.  This
@@ -401,6 +402,11 @@ int OSSL_STORE_LOADER_number(const OSSL_STORE_LOADER *loader)
     return loader->scheme_id;
 }
 
+const char *OSSL_STORE_LOADER_description(const OSSL_STORE_LOADER *loader)
+{
+    return loader->description;
+}
+
 int OSSL_STORE_LOADER_is_a(const OSSL_STORE_LOADER *loader, const char *name)
 {
     if (loader->prov != NULL) {
@@ -430,7 +436,7 @@ static void loader_do_one(OSSL_PROVIDER *provider,
 
     if (id != 0)
         method =
-            loader_from_dispatch(id, algodef, provider);
+            loader_from_algorithm(id, algodef, provider);
 
     if (method != NULL) {
         data->user_fn(method, data->user_arg);
diff --git a/doc/internal/man3/evp_generic_fetch.pod b/doc/internal/man3/evp_generic_fetch.pod
index d7c73fb114..1b3e699536 100644
--- a/doc/internal/man3/evp_generic_fetch.pod
+++ b/doc/internal/man3/evp_generic_fetch.pod
@@ -114,10 +114,10 @@ And here's the implementation of the FOO method fetcher:
      * In this example, we have a public method creator and destructor.
      * It's not absolutely necessary, but is in the spirit of OpenSSL.
      */
-    EVP_FOO *EVP_FOO_meth_from_dispatch(int name_id,
-                                        const OSSL_DISPATCH *fns,
-                                        OSSL_PROVIDER *prov,
-                                        void *data)
+    EVP_FOO *EVP_FOO_meth_from_algorithm(int name_id,
+                                         const OSSL_DISPATCH *fns,
+                                         OSSL_PROVIDER *prov,
+                                         void *data)
     {
         EVP_FOO *foo = NULL;
 
@@ -162,10 +162,10 @@ And here's the implementation of the FOO method fetcher:
         }
     }
 
-    static void *foo_from_dispatch(const OSSL_DISPATCH *fns,
-                                   OSSL_PROVIDER *prov)
+    static void *foo_from_algorithm(const OSSL_DISPATCH *fns,
+                                    OSSL_PROVIDER *prov)
     {
-        return EVP_FOO_meth_from_dispatch(fns, prov);
+        return EVP_FOO_meth_from_algorithm(fns, prov);
     }
 
     static int foo_up_ref(void *vfoo)
@@ -188,7 +188,7 @@ And here's the implementation of the FOO method fetcher:
     {
         EVP_FOO *foo =
             evp_generic_fetch(ctx, OSSL_OP_FOO, name, properties,
-                              foo_from_dispatch, foo_up_ref, foo_free);
+                              foo_from_algorithm, foo_up_ref, foo_free);
 
         /*
          * If this method exists in legacy form, with a constant NID for the
diff --git a/doc/man3/EVP_ASYM_CIPHER_free.pod b/doc/man3/EVP_ASYM_CIPHER_free.pod
index 6558d0c0c4..2500109e45 100644
--- a/doc/man3/EVP_ASYM_CIPHER_free.pod
+++ b/doc/man3/EVP_ASYM_CIPHER_free.pod
@@ -5,6 +5,7 @@
 EVP_ASYM_CIPHER_fetch, EVP_ASYM_CIPHER_free, EVP_ASYM_CIPHER_up_ref,
 EVP_ASYM_CIPHER_number, EVP_ASYM_CIPHER_is_a, EVP_ASYM_CIPHER_provider,
 EVP_ASYM_CIPHER_do_all_provided, EVP_ASYM_CIPHER_names_do_all,
+EVP_ASYM_CIPHER_description,
 EVP_ASYM_CIPHER_gettable_ctx_params, EVP_ASYM_CIPHER_settable_ctx_params
 - Functions to manage EVP_ASYM_CIPHER algorithm objects
 
@@ -26,6 +27,7 @@ EVP_ASYM_CIPHER_gettable_ctx_params, EVP_ASYM_CIPHER_settable_ctx_params
  int EVP_ASYM_CIPHER_names_do_all(const EVP_ASYM_CIPHER *cipher,
                                   void (*fn)(const char *name, void *data),
                                   void *data);
+ const char *EVP_ASYM_CIPHER_description(const EVP_ASYM_CIPHER *cipher);
  const OSSL_PARAM *EVP_ASYM_CIPHER_gettable_ctx_params(const EVP_ASYM_CIPHER *cip);
  const OSSL_PARAM *EVP_ASYM_CIPHER_settable_ctx_params(const EVP_ASYM_CIPHER *cip);
 
@@ -64,6 +66,10 @@ I<cipher>.
 EVP_ASYM_CIPHER_names_do_all() traverses all names for I<cipher>, and calls
 I<fn> with each name and I<data>.
 
+EVP_ASYM_CIPHER_description() returns a description of the I<cipher>, meant
+for display and human consumption.  The description is at the discretion of
+the I<cipher> implementation.
+
 EVP_ASYM_CIPHER_gettable_ctx_params() and EVP_ASYM_CIPHER_settable_ctx_params()
 return a constant B<OSSL_PARAM> array that describes the names and types of key
 parameters that can be retrieved or set by a key encryption algorithm using
diff --git a/doc/man3/EVP_DigestInit.pod b/doc/man3/EVP_DigestInit.pod
index 043717758e..6299aa3d20 100644
--- a/doc/man3/EVP_DigestInit.pod
+++ b/doc/man3/EVP_DigestInit.pod
@@ -12,7 +12,8 @@ EVP_MD_CTX_settable_params, EVP_MD_CTX_gettable_params,
 EVP_MD_CTX_set_flags, EVP_MD_CTX_clear_flags, EVP_MD_CTX_test_flags,
 EVP_Digest, EVP_DigestInit_ex2, EVP_DigestInit_ex, EVP_DigestInit,
 EVP_DigestUpdate, EVP_DigestFinal_ex, EVP_DigestFinalXOF, EVP_DigestFinal,
-EVP_MD_is_a, EVP_MD_name, EVP_MD_number, EVP_MD_names_do_all, EVP_MD_provider,
+EVP_MD_is_a, EVP_MD_name, EVP_MD_description, EVP_MD_number,
+EVP_MD_names_do_all, EVP_MD_provider,
 EVP_MD_type, EVP_MD_pkey_type, EVP_MD_size, EVP_MD_block_size, EVP_MD_flags,
 EVP_MD_CTX_name,
 EVP_MD_CTX_md, EVP_MD_CTX_type, EVP_MD_CTX_size, EVP_MD_CTX_block_size,
@@ -64,6 +65,7 @@ EVP_MD_do_all_provided
  int EVP_MD_CTX_copy(EVP_MD_CTX *out, EVP_MD_CTX *in);
 
  const char *EVP_MD_name(const EVP_MD *md);
+ const char *EVP_MD_description(const EVP_MD *md);
  int EVP_MD_number(const EVP_MD *md);
  int EVP_MD_is_a(const EVP_MD *md, const char *name);
  int EVP_MD_names_do_all(const EVP_MD *md,
@@ -314,6 +316,11 @@ recommended to use EVP_MD_names_do_all() instead.
 Traverses all names for the I<md>, and calls I<fn> with each name and
 I<data>.  This is only useful with fetched B<EVP_MD>s.
 
+=item EVP_MD_description()
+
+Returns a description of the digest, meant for display and human consumption.
+The description is at the discretion of the digest implementation.
+
 =item EVP_MD_provider()
 
 Returns an B<OSSL_PROVIDER> pointer to the provider that implements the given
diff --git a/doc/man3/EVP_EncryptInit.pod b/doc/man3/EVP_EncryptInit.pod
index 9090dc8ad3..303e93fe06 100644
--- a/doc/man3/EVP_EncryptInit.pod
+++ b/doc/man3/EVP_EncryptInit.pod
@@ -34,6 +34,7 @@ EVP_get_cipherbynid,
 EVP_get_cipherbyobj,
 EVP_CIPHER_is_a,
 EVP_CIPHER_name,
+EVP_CIPHER_description,
 EVP_CIPHER_number,
 EVP_CIPHER_names_do_all,
 EVP_CIPHER_provider,
@@ -143,6 +144,7 @@ EVP_CIPHER_do_all_provided
                              void (*fn)(const char *name, void *data),
                              void *data);
  const char *EVP_CIPHER_name(const EVP_CIPHER *cipher);
+ const char *EVP_CIPHER_description(const EVP_CIPHER *cipher);
  const OSSL_PROVIDER *EVP_CIPHER_provider(const EVP_CIPHER *cipher);
  int EVP_CIPHER_block_size(const EVP_CIPHER *e);
  int EVP_CIPHER_key_length(const EVP_CIPHER *e);
@@ -408,6 +410,10 @@ EVP_CIPHER_names_do_all() traverses all names for the I<cipher>, and
 calls I<fn> with each name and I<data>.  This is only useful with
 fetched B<EVP_CIPHER>s.
 
+EVP_CIPHER_description() returns a description of the cipher, meant for
+display and human consumption.  The description is at the discretion of the
+cipher implementation.
+
 EVP_CIPHER_provider() returns an B<OSSL_PROVIDER> pointer to the provider
 that implements the given B<EVP_CIPHER>.
 
diff --git a/doc/man3/EVP_KDF.pod b/doc/man3/EVP_KDF.pod
index 5d7fa72b16..c3d0464d2e 100644
--- a/doc/man3/EVP_KDF.pod
+++ b/doc/man3/EVP_KDF.pod
@@ -6,7 +6,7 @@ EVP_KDF, EVP_KDF_fetch, EVP_KDF_free, EVP_KDF_up_ref,
 EVP_KDF_CTX, EVP_KDF_CTX_new, EVP_KDF_CTX_free, EVP_KDF_CTX_dup,
 EVP_KDF_CTX_reset, EVP_KDF_derive,
 EVP_KDF_CTX_get_kdf_size, EVP_KDF_provider, EVP_KDF_CTX_kdf, EVP_KDF_is_a,
-EVP_KDF_number, EVP_KDF_name, EVP_KDF_names_do_all,
+EVP_KDF_number, EVP_KDF_name, EVP_KDF_names_do_all, EVP_KDF_description,
 EVP_KDF_CTX_get_params, EVP_KDF_CTX_set_params, EVP_KDF_do_all_provided,
 EVP_KDF_get_params, EVP_KDF_gettable_params,
 EVP_KDF_gettable_ctx_params, EVP_KDF_settable_ctx_params,
@@ -34,6 +34,7 @@ EVP_KDF_CTX_gettable_params, EVP_KDF_CTX_settable_params - EVP KDF routines
  int EVP_KDF_number(const EVP_KDF *kdf);
  int EVP_KDF_is_a(const EVP_KDF *kdf, const char *name);
  const char *EVP_KDF_name(const EVP_KDF *kdf);
+ const char *EVP_KDF_description(const EVP_KDF *kdf);
  const OSSL_PROVIDER *EVP_KDF_provider(const EVP_KDF *kdf);
  void EVP_KDF_do_all_provided(OSSL_LIB_CTX *libctx,
                               void (*fn)(EVP_KDF *kdf, void *arg),
@@ -179,6 +180,10 @@ recommended to use EVP_KDF_names_do_all() instead.
 EVP_KDF_names_do_all() traverses all names for I<kdf>, and calls
 I<fn> with each name and I<data>.
 
+EVP_KDF_description() returns a description of the I<kdf>, meant for display
+and human consumption.  The description is at the discretion of the I<kdf>
+implementation.
+
 =head1 PARAMETERS
 
 The standard parameter names are:
diff --git a/doc/man3/EVP_KEM_free.pod b/doc/man3/EVP_KEM_free.pod
index 69302880c7..0551afcf8d 100644
--- a/doc/man3/EVP_KEM_free.pod
+++ b/doc/man3/EVP_KEM_free.pod
@@ -4,7 +4,7 @@
 
 EVP_KEM_fetch, EVP_KEM_free, EVP_KEM_up_ref,
 EVP_KEM_number, EVP_KEM_is_a, EVP_KEM_provider,
-EVP_KEM_do_all_provided, EVP_KEM_names_do_all,
+EVP_KEM_do_all_provided, EVP_KEM_names_do_all, EVP_KEM_description,
 EVP_KEM_gettable_ctx_params, EVP_KEM_settable_ctx_params
 - Functions to manage EVP_KEM algorithm objects
 
@@ -23,6 +23,7 @@ EVP_KEM_gettable_ctx_params, EVP_KEM_settable_ctx_params
                               void (*fn)(EVP_KEM *kem, void *arg), void *arg);
  int EVP_KEM_names_do_all(const EVP_KEM *kem,
                           void (*fn)(const char *name, void *data), void *data);
+ const char *EVP_KEM_description(const EVP_KEM *kem);
  const OSSL_PARAM *EVP_KEM_gettable_ctx_params(const EVP_KEM *kem);
  const OSSL_PARAM *EVP_KEM_settable_ctx_params(const EVP_KEM *kem);
 
@@ -58,6 +59,10 @@ EVP_KEM_number() returns the internal dynamic number assigned to I<kem>.
 EVP_KEM_names_do_all() traverses all names for I<kem>, and calls I<fn> with
 each name and I<data>.
 
+EVP_KEM_description() returns a description of the I<kem>, meant for display
+and human consumption.  The description is at the discretion of the I<kem>
+implementation.
+
 EVP_KEM_gettable_ctx_params() and EVP_KEM_settable_ctx_params() return
 a constant B<OSSL_PARAM> array that describes the names and types of key
 parameters that can be retrieved or set by a key encapsulation algorithm using
diff --git a/doc/man3/EVP_KEYEXCH_free.pod b/doc/man3/EVP_KEYEXCH_free.pod
index 83dafde007..a040e7d604 100644
--- a/doc/man3/EVP_KEYEXCH_free.pod
+++ b/doc/man3/EVP_KEYEXCH_free.pod
@@ -5,6 +5,7 @@
 EVP_KEYEXCH_fetch, EVP_KEYEXCH_free, EVP_KEYEXCH_up_ref, EVP_KEYEXCH_provider,
 EVP_KEYEXCH_is_a, EVP_KEYEXCH_do_all_provided,
 EVP_KEYEXCH_number, EVP_KEYEXCH_names_do_all,
+EVP_KEYEXCH_description,
 EVP_KEYEXCH_gettable_ctx_params, EVP_KEYEXCH_settable_ctx_params
 - Functions to manage EVP_KEYEXCH algorithm objects
 
@@ -25,6 +26,7 @@ EVP_KEYEXCH_gettable_ctx_params, EVP_KEYEXCH_settable_ctx_params
  int EVP_KEYEXCH_names_do_all(const EVP_KEYEXCH *exchange,
                               void (*fn)(const char *name, void *data),
                               void *data);
+ const char *EVP_KEYEXCH_description(const EVP_KEYEXCH *keyexch);
  const OSSL_PARAM *EVP_KEYEXCH_gettable_ctx_params(const EVP_KEYEXCH *keyexch);
  const OSSL_PARAM *EVP_KEYEXCH_settable_ctx_params(const EVP_KEYEXCH *keyexch);
 
@@ -56,6 +58,10 @@ the I<exchange>.
 EVP_KEYEXCH_names_do_all() traverses all names for the I<exchange>, and
 calls I<fn> with each name and I<data>.
 
+EVP_KEYEXCH_description() returns a description of the I<keyexch>, meant for
+display and human consumption.  The description is at the discretion of the
+I<keyexch> implementation.
+
 EVP_KEYEXCH_do_all_provided() traverses all key exchange implementations by
 all activated providers in the library context I<libctx>, and for each
 of the implementations, calls I<fn> with the implementation method and
diff --git a/doc/man3/EVP_KEYMGMT.pod b/doc/man3/EVP_KEYMGMT.pod
index 6eb4e5567d..d62f1cb3f5 100644
--- a/doc/man3/EVP_KEYMGMT.pod
+++ b/doc/man3/EVP_KEYMGMT.pod
@@ -9,6 +9,7 @@ EVP_KEYMGMT_free,
 EVP_KEYMGMT_provider,
 EVP_KEYMGMT_is_a,
 EVP_KEYMGMT_number,
+EVP_KEYMGMT_description,
 EVP_KEYMGMT_get0_first_name,
 EVP_KEYMGMT_do_all_provided,
 EVP_KEYMGMT_names_do_all,
@@ -31,6 +32,7 @@ EVP_KEYMGMT_gen_settable_params
  int EVP_KEYMGMT_is_a(const EVP_KEYMGMT *keymgmt, const char *name);
  int EVP_KEYMGMT_number(const EVP_KEYMGMT *keymgmt);
  const char *EVP_KEYMGMT_get0_first_name(const EVP_KEYMGMT *keymgmt);
+ const char *EVP_KEYMGMT_description(const EVP_KEYMGMT *keymgmt);
 
  void EVP_KEYMGMT_do_all_provided(OSSL_LIB_CTX *libctx,
                                   void (*fn)(EVP_KEYMGMT *keymgmt, void *arg),
@@ -81,6 +83,10 @@ not be freed by the caller.
 EVP_KEYMGMT_names_do_all() traverses all names for the I<keymgmt>, and
 calls I<fn> with each name and I<data>.
 
+EVP_KEYMGMT_description() returns a description of the I<keymgmt>, meant for
+display and human consumption.  The description is at the discretion of the
+I<keymgmt> implementation.
+
 EVP_KEYMGMT_do_all_provided() traverses all key keymgmt implementations by
 all activated providers in the library context I<libctx>, and for each
 of the implementations, calls I<fn> with the implementation method and
@@ -125,6 +131,9 @@ EVP_KEYMGMT_number() returns an integer.
 
 EVP_KEYMGMT_get0_first_name() returns the name that is found or NULL on error.
 
+EVP_KEYMGMT_description() returns a pointer to a decription, or NULL if
+there isn't one.
+
 EVP_KEYMGMT_gettable_params(), EVP_KEYMGMT_settable_params() and
 EVP_KEYMGMT_gen_settable_params() return a constant B<OSSL_PARAM> array or
 NULL on error.
diff --git a/doc/man3/EVP_MAC.pod b/doc/man3/EVP_MAC.pod
index b4ad7209dd..a4da280ab4 100644
--- a/doc/man3/EVP_MAC.pod
+++ b/doc/man3/EVP_MAC.pod
@@ -2,8 +2,8 @@
 
 =head1 NAME
 
-EVP_MAC, EVP_MAC_fetch, EVP_MAC_up_ref, EVP_MAC_free,
-EVP_MAC_is_a, EVP_MAC_number, EVP_MAC_name, EVP_MAC_names_do_all,
+EVP_MAC, EVP_MAC_fetch, EVP_MAC_up_ref, EVP_MAC_free, EVP_MAC_is_a,
+EVP_MAC_number, EVP_MAC_name, EVP_MAC_names_do_all, EVP_MAC_description,
 EVP_MAC_provider, EVP_MAC_get_params, EVP_MAC_gettable_params,
 EVP_MAC_CTX, EVP_MAC_CTX_new, EVP_MAC_CTX_free, EVP_MAC_CTX_dup,
 EVP_MAC_CTX_mac, EVP_MAC_CTX_get_params, EVP_MAC_CTX_set_params,
@@ -29,6 +29,7 @@ EVP_MAC_do_all_provided - EVP MAC routines
  int EVP_MAC_names_do_all(const EVP_MAC *mac,
                           void (*fn)(const char *name, void *data),
                           void *data);
+ const char *EVP_MAC_description(const EVP_MAC *mac);
  const OSSL_PROVIDER *EVP_MAC_provider(const EVP_MAC *mac);
  int EVP_MAC_get_params(EVP_MAC *mac, OSSL_PARAM params[]);
 
@@ -205,6 +206,10 @@ recommended to use EVP_MAC_names_do_all() instead.
 EVP_MAC_names_do_all() traverses all names for I<mac>, and calls
 I<fn> with each name and I<data>.
 
+EVP_MAC_description() returns a description of the I<mac>, meant for display
+and human consumption.  The description is at the discretion of the mac
+implementation.
+
 =head1 PARAMETERS
 
 Parameters are identified by name as strings, and have an expected
diff --git a/doc/man3/EVP_PKEY_new.pod b/doc/man3/EVP_PKEY_new.pod
index ee55396de3..d98d7c240e 100644
--- a/doc/man3/EVP_PKEY_new.pod
+++ b/doc/man3/EVP_PKEY_new.pod
@@ -7,6 +7,7 @@ EVP_PKEY_new,
 EVP_PKEY_up_ref,
 EVP_PKEY_dup,
 EVP_PKEY_free,
+EVP_PKEY_description,
 EVP_PKEY_new_raw_private_key_ex,
 EVP_PKEY_new_raw_private_key,
 EVP_PKEY_new_raw_public_key_ex,
@@ -27,6 +28,7 @@ EVP_PKEY_get_raw_public_key
  int EVP_PKEY_up_ref(EVP_PKEY *key);
  EVP_PKEY *EVP_PKEY_dup(EVP_PKEY *key);
  void EVP_PKEY_free(EVP_PKEY *key);
+ const char *EVP_PKEY_description(const EVP_PKEY *key);
 
  EVP_PKEY *EVP_PKEY_new_raw_private_key_ex(OSSL_LIB_CTX *libctx,
                                            const char *keytype,
@@ -90,6 +92,10 @@ a raw key, otherwise the duplication will fail.
 EVP_PKEY_free() decrements the reference count of I<key> and, if the reference
 count is zero, frees it up. If I<key> is NULL, nothing is done.
 
+EVP_PKEY_description() returns a description of the type of B<EVP_PKEY>, meant
+for display and human consumption.  The description is at the discretion of the
+key type implementation.
+
 EVP_PKEY_new_raw_private_key_ex() allocates a new B<EVP_PKEY>. Unless an
 engine should be used for the key type, a provider for the key is found using
 the library context I<libctx> and the property query string I<propq>. The
diff --git a/doc/man3/EVP_RAND.pod b/doc/man3/EVP_RAND.pod
index f550ec18e3..ab0fdbcb48 100644
--- a/doc/man3/EVP_RAND.pod
+++ b/doc/man3/EVP_RAND.pod
@@ -4,11 +4,12 @@
 
 EVP_RAND, EVP_RAND_fetch, EVP_RAND_free, EVP_RAND_up_ref, EVP_RAND_CTX,
 EVP_RAND_CTX_new, EVP_RAND_CTX_free, EVP_RAND_instantiate,
-EVP_RAND_uninstantiate, EVP_RAND_generate, EVP_RAND_reseed,
-EVP_RAND_nonce, EVP_RAND_enable_locking,
-EVP_RAND_verify_zeroization, EVP_RAND_strength, EVP_RAND_state,
+EVP_RAND_uninstantiate, EVP_RAND_generate, EVP_RAND_reseed, EVP_RAND_nonce,
+EVP_RAND_enable_locking, EVP_RAND_verify_zeroization, EVP_RAND_strength,
+EVP_RAND_state,
 EVP_RAND_provider, EVP_RAND_CTX_rand, EVP_RAND_is_a, EVP_RAND_number,
-EVP_RAND_name, EVP_RAND_names_do_all, EVP_RAND_get_ctx_params,
+EVP_RAND_name, EVP_RAND_names_do_all, EVP_RAND_description,
+EVP_RAND_get_ctx_params,
 EVP_RAND_set_ctx_params, EVP_RAND_do_all_provided, EVP_RAND_get_params,
 EVP_RAND_gettable_ctx_params, EVP_RAND_settable_ctx_params,
 EVP_RAND_CTX_gettable_params, EVP_RAND_CTX_settable_params,
@@ -39,6 +40,7 @@ EVP_RAND_STATE_ERROR - EVP RAND routines
  const OSSL_PARAM *EVP_RAND_CTX_settable_params(EVP_RAND_CTX *ctx);
  int EVP_RAND_number(const EVP_RAND *rand);
  const char *EVP_RAND_name(const EVP_RAND *rand);
+ const char *EVP_RAND_description(const EVP_RAND *rand);
  int EVP_RAND_is_a(const EVP_RAND *rand, const char *name);
  const OSSL_PROVIDER *EVP_RAND_provider(const EVP_RAND *rand);
  void EVP_RAND_do_all_provided(OSSL_LIB_CTX *libctx,
@@ -248,6 +250,10 @@ EVP_RAND_name() returns the canonical name of I<rand>.
 EVP_RAND_names_do_all() traverses all names for I<rand>, and calls
 I<fn> with each name and I<data>.
 
+EVP_RAND_description() returns a description of the rand, meant for display
+and human consumption.  The description is at the discretion of the rand
+implementation.
+
 EVP_RAND_verify_zeroization() confirms if the internal DRBG state is
 currently zeroed.  This is used by the FIPS provider to support the mandatory
 self tests.
diff --git a/doc/man3/EVP_SIGNATURE_free.pod b/doc/man3/EVP_SIGNATURE_free.pod
index cfc3b4c3bf..de1b22f387 100644
--- a/doc/man3/EVP_SIGNATURE_free.pod
+++ b/doc/man3/EVP_SIGNATURE_free.pod
@@ -5,6 +5,7 @@
 EVP_SIGNATURE_fetch, EVP_SIGNATURE_free, EVP_SIGNATURE_up_ref,
 EVP_SIGNATURE_number, EVP_SIGNATURE_is_a, EVP_SIGNATURE_provider,
 EVP_SIGNATURE_do_all_provided, EVP_SIGNATURE_names_do_all,
+EVP_SIGNATURE_description,
 EVP_SIGNATURE_gettable_ctx_params, EVP_SIGNATURE_settable_ctx_params
 - Functions to manage EVP_SIGNATURE algorithm objects
 
@@ -26,6 +27,7 @@ EVP_SIGNATURE_gettable_ctx_params, EVP_SIGNATURE_settable_ctx_params
  int EVP_SIGNATURE_names_do_all(const EVP_SIGNATURE *signature,
                                 void (*fn)(const char *name, void *data),
                                 void *data);
+ const char *EVP_SIGNATURE_description(const EVP_SIGNATURE *signature);
  const OSSL_PARAM *EVP_SIGNATURE_gettable_ctx_params(const EVP_SIGNATURE *sig);
  const OSSL_PARAM *EVP_SIGNATURE_settable_ctx_params(const EVP_SIGNATURE *sig);
 
@@ -64,6 +66,10 @@ I<signature>.
 EVP_SIGNATURE_names_do_all() traverses all names for I<signature>, and calls
 I<fn> with each name and I<data>.
 
+EVP_SIGNATURE_description() returns a description of the I<signature>, meant
+for display and human consumption.  The description is at the discretion of
+the I<signature> implementation.
+
 EVP_SIGNATURE_gettable_ctx_params() and EVP_SIGNATURE_settable_ctx_params()
 return a constant B<OSSL_PARAM> array that describes the names and types of key
 parameters that can be retrieved or set by a signature algorithm using
diff --git a/doc/man3/OSSL_DECODER.pod b/doc/man3/OSSL_DECODER.pod
index 289cf1bd84..45a97454e9 100644
--- a/doc/man3/OSSL_DECODER.pod
+++ b/doc/man3/OSSL_DECODER.pod
@@ -10,6 +10,7 @@ OSSL_DECODER_provider,
 OSSL_DECODER_properties,
 OSSL_DECODER_is_a,
 OSSL_DECODER_number,
+OSSL_DECODER_description,
 OSSL_DECODER_do_all_provided,
 OSSL_DECODER_names_do_all,
 OSSL_DECODER_gettable_params,
@@ -30,6 +31,7 @@ OSSL_DECODER_get_params
  const char *OSSL_DECODER_properties(const OSSL_DECODER *decoder);
  int OSSL_DECODER_is_a(const OSSL_DECODER *decoder, const char *name);
  int OSSL_DECODER_number(const OSSL_DECODER *decoder);
+ const char *OSSL_DECODER_description(const OSSL_DECODER *decoder);
  void OSSL_DECODER_do_all_provided(OSSL_LIB_CTX *libctx,
                                    void (*fn)(OSSL_DECODER *decoder, void *arg),
                                    void *arg);
@@ -72,6 +74,10 @@ of an algorithm that's identifiable with I<name>.
 OSSL_DECODER_number() returns the internal dynamic number assigned
 to the given I<decoder>.
 
+OSSL_DECODER_description() returns a description of the I<decoder>, meant
+for display and human consumption.  The description is at the discretion
+of the I<decoder> implementation.
+
 OSSL_DECODER_names_do_all() traverses all names for the given
 I<decoder>, and calls I<fn> with each name and I<data> as arguments.
 
@@ -107,6 +113,9 @@ otherwise 0.
 
 OSSL_DECODER_number() returns an integer.
 
+OSSL_DECODER_description() returns a pointer to a decription, or NULL if
+there isn't one.
+
 OSSL_DECODER_names_do_all() returns 1 if the callback was called for all
 names. A return value of 0 means that the callback was not called for any names.
 
diff --git a/doc/man3/OSSL_ENCODER.pod b/doc/man3/OSSL_ENCODER.pod
index 8515ff12f5..abaee0f997 100644
--- a/doc/man3/OSSL_ENCODER.pod
+++ b/doc/man3/OSSL_ENCODER.pod
@@ -10,6 +10,7 @@ OSSL_ENCODER_provider,
 OSSL_ENCODER_properties,
 OSSL_ENCODER_is_a,
 OSSL_ENCODER_number,
+OSSL_ENCODER_description,
 OSSL_ENCODER_do_all_provided,
 OSSL_ENCODER_names_do_all,
 OSSL_ENCODER_gettable_params,
@@ -30,6 +31,7 @@ OSSL_ENCODER_get_params
  const char *OSSL_ENCODER_properties(const OSSL_ENCODER *encoder);
  int OSSL_ENCODER_is_a(const OSSL_ENCODER *encoder, const char *name);
  int OSSL_ENCODER_number(const OSSL_ENCODER *encoder);
+ const char *OSSL_ENCODER_description(const OSSL_ENCODER *encoder);
  void OSSL_ENCODER_do_all_provided(OSSL_LIB_CTX *libctx,
                                    void (*fn)(OSSL_ENCODER *encoder, void *arg),
                                    void *arg);
@@ -72,6 +74,10 @@ algorithm that's identifiable with I<name>.
 OSSL_ENCODER_number() returns the internal dynamic number assigned to
 the given I<encoder>.
 
+OSSL_ENCODER_description() returns a description of the I<loader>, meant
+for display and human consumption.  The description is at the discretion of the
+I<loader> implementation.
+
 OSSL_ENCODER_names_do_all() traverses all names for the given
 I<encoder>, and calls I<fn> with each name and I<data> as arguments.
 
@@ -108,6 +114,9 @@ otherwise 0.
 
 OSSL_ENCODER_number() returns an integer.
 
+OSSL_ENCODER_description() returns a pointer to a decription, or NULL if
+there isn't one.
+
 OSSL_ENCODER_names_do_all() returns 1 if the callback was called for all
 names. A return value of 0 means that the callback was not called for any names.
 
diff --git a/doc/man3/OSSL_STORE_LOADER.pod b/doc/man3/OSSL_STORE_LOADER.pod
index 1cfce445b8..7413104079 100644
--- a/doc/man3/OSSL_STORE_LOADER.pod
+++ b/doc/man3/OSSL_STORE_LOADER.pod
@@ -10,6 +10,7 @@ OSSL_STORE_LOADER_provider,
 OSSL_STORE_LOADER_properties,
 OSSL_STORE_LOADER_is_a,
 OSSL_STORE_LOADER_number,
+OSSL_STORE_LOADER_description,
 OSSL_STORE_LOADER_do_all_provided,
 OSSL_STORE_LOADER_names_do_all,
 OSSL_STORE_LOADER_CTX, OSSL_STORE_LOADER_new,
@@ -42,6 +43,7 @@ unregister STORE loaders for different URI schemes
                                                  loader);
  const char *OSSL_STORE_LOADER_properties(const OSSL_STORE_LOADER *loader);
  int OSSL_STORE_LOADER_number(const OSSL_STORE_LOADER *loader);
+ const char *OSSL_STORE_LOADER_description(const OSSL_STORE_LOADER *loader);
  int OSSL_STORE_LOADER_is_a(const OSSL_STORE_LOADER *loader,
                             const char *scheme);
  void OSSL_STORE_LOADER_do_all_provided(OSSL_LIB_CTX *libctx,
@@ -139,6 +141,10 @@ of an algorithm that's identifiable with I<scheme>.
 OSSL_STORE_LOADER_number() returns the internal dynamic number assigned
 to the given I<loader>.
 
+OSSL_STORE_LOADER_description() returns a description of the I<loader>, meant
+for display and human consumption.  The description is at the discretion of the
+I<loader> implementation.
+
 OSSL_STORE_LOADER_do_all_provided() traverses all store implementations
 by all activated providers in the library context I<libctx>, and for each
 of the implementations, calls I<fn> with the implementation method and
@@ -328,6 +334,9 @@ otherwise 0.
 
 OSSL_STORE_LOADER_number() returns an integer.
 
+OSSL_STORE_LOADER_description() returns a pointer to a decription, or NULL if
+there isn't one.
+
 The functions with the types B<OSSL_STORE_open_fn>,
 B<OSSL_STORE_open_ex_fn>, B<OSSL_STORE_ctrl_fn>,
 B<OSSL_STORE_expect_fn>, B<OSSL_STORE_load_fn>, B<OSSL_STORE_eof_fn>
diff --git a/include/crypto/decoder.h b/include/crypto/decoder.h
index d463d1e9b5..a591e43a96 100644
--- a/include/crypto/decoder.h
+++ b/include/crypto/decoder.h
@@ -23,8 +23,8 @@ OSSL_DECODER *ossl_decoder_fetch_by_number(OSSL_LIB_CTX *libctx,
  * except read a DER blob and pass it on as a provider object abstraction
  * (provider-object(7)).
  */
-void *ossl_decoder_from_dispatch(int id, const OSSL_ALGORITHM *algodef,
-                                 OSSL_PROVIDER *prov);
+void *ossl_decoder_from_algorithm(int id, const OSSL_ALGORITHM *algodef,
+                                  OSSL_PROVIDER *prov);
 
 OSSL_DECODER_INSTANCE *
 ossl_decoder_instance_new(OSSL_DECODER *decoder, void *decoderctx);
diff --git a/include/crypto/evp.h b/include/crypto/evp.h
index 2089b8b913..fbd0131e78 100644
--- a/include/crypto/evp.h
+++ b/include/crypto/evp.h
@@ -193,6 +193,7 @@ const EVP_PKEY_METHOD *ossl_rsa_pss_pkey_method(void);
 struct evp_mac_st {
     OSSL_PROVIDER *prov;
     int name_id;
+    const char *description;
 
     CRYPTO_REF_COUNT refcnt;
     CRYPTO_RWLOCK *lock;
@@ -214,6 +215,7 @@ struct evp_mac_st {
 struct evp_kdf_st {
     OSSL_PROVIDER *prov;
     int name_id;
+    const char *description;
     CRYPTO_REF_COUNT refcnt;
     CRYPTO_RWLOCK *lock;
 
@@ -251,6 +253,7 @@ struct evp_md_st {
     /* New structure members */
     /* Above comment to be removed when legacy has gone */
     int name_id;
+    const char *description;
     OSSL_PROVIDER *prov;
     CRYPTO_REF_COUNT refcnt;
     CRYPTO_RWLOCK *lock;
@@ -303,6 +306,7 @@ struct evp_cipher_st {
     /* New structure members */
     /* Above comment to be removed when legacy has gone */
     int name_id;
+    const char *description;
     OSSL_PROVIDER *prov;
     CRYPTO_REF_COUNT refcnt;
     CRYPTO_RWLOCK *lock;
diff --git a/include/openssl/core.h b/include/openssl/core.h
index 41e0a70437..5d69278d2e 100644
--- a/include/openssl/core.h
+++ b/include/openssl/core.h
@@ -70,6 +70,7 @@ struct ossl_algorithm_st {
     const char *algorithm_names;     /* key */
     const char *property_definition; /* key */
     const OSSL_DISPATCH *implementation;
+    const char *algorithm_description;
 };
 
 /*
diff --git a/include/openssl/decoder.h b/include/openssl/decoder.h
index fd7e7b52c7..974fbb02ad 100644
--- a/include/openssl/decoder.h
+++ b/include/openssl/decoder.h
@@ -34,6 +34,7 @@ void OSSL_DECODER_free(OSSL_DECODER *encoder);
 const OSSL_PROVIDER *OSSL_DECODER_provider(const OSSL_DECODER *encoder);
 const char *OSSL_DECODER_properties(const OSSL_DECODER *encoder);
 int OSSL_DECODER_number(const OSSL_DECODER *encoder);
+const char *OSSL_DECODER_description(const OSSL_DECODER *decoder);
 int OSSL_DECODER_is_a(const OSSL_DECODER *encoder, const char *name);
 
 void OSSL_DECODER_do_all_provided(OSSL_LIB_CTX *libctx,
diff --git a/include/openssl/encoder.h b/include/openssl/encoder.h
index c533efa3ec..c51bd02a2b 100644
--- a/include/openssl/encoder.h
+++ b/include/openssl/encoder.h
@@ -34,6 +34,7 @@ void OSSL_ENCODER_free(OSSL_ENCODER *encoder);
 const OSSL_PROVIDER *OSSL_ENCODER_provider(const OSSL_ENCODER *encoder);
 const char *OSSL_ENCODER_properties(const OSSL_ENCODER *encoder);
 int OSSL_ENCODER_number(const OSSL_ENCODER *encoder);
+const char *OSSL_ENCODER_description(const OSSL_ENCODER *kdf);
 int OSSL_ENCODER_is_a(const OSSL_ENCODER *encoder, const char *name);
 
 void OSSL_ENCODER_do_all_provided(OSSL_LIB_CTX *libctx,
diff --git a/include/openssl/evp.h b/include/openssl/evp.h
index 7d1823dbac..ed54575e84 100644
--- a/include/openssl/evp.h
+++ b/include/openssl/evp.h
@@ -526,6 +526,7 @@ typedef int (EVP_PBE_KEYGEN) (EVP_CIPHER_CTX *ctx, const char *pass,
 int EVP_MD_type(const EVP_MD *md);
 # define EVP_MD_nid(e)                   EVP_MD_type(e)
 const char *EVP_MD_name(const EVP_MD *md);
+const char *EVP_MD_description(const EVP_MD *md);
 int EVP_MD_number(const EVP_MD *md);
 int EVP_MD_is_a(const EVP_MD *md, const char *name);
 int EVP_MD_names_do_all(const EVP_MD *md,
@@ -557,6 +558,7 @@ void *EVP_MD_CTX_md_data(const EVP_MD_CTX *ctx);
 
 int EVP_CIPHER_nid(const EVP_CIPHER *cipher);
 const char *EVP_CIPHER_name(const EVP_CIPHER *cipher);
+const char *EVP_CIPHER_description(const EVP_CIPHER *cipher);
 int EVP_CIPHER_number(const EVP_CIPHER *cipher);
 int EVP_CIPHER_is_a(const EVP_CIPHER *cipher, const char *name);
 int EVP_CIPHER_names_do_all(const EVP_CIPHER *cipher,
@@ -1151,6 +1153,7 @@ int EVP_MAC_up_ref(EVP_MAC *mac);
 void EVP_MAC_free(EVP_MAC *mac);
 int EVP_MAC_number(const EVP_MAC *mac);
 const char *EVP_MAC_name(const EVP_MAC *mac);
+const char *EVP_MAC_description(const EVP_MAC *mac);
 int EVP_MAC_is_a(const EVP_MAC *mac, const char *name);
 const OSSL_PROVIDER *EVP_MAC_provider(const EVP_MAC *mac);
 int EVP_MAC_get_params(EVP_MAC *mac, OSSL_PARAM params[]);
@@ -1188,6 +1191,7 @@ int EVP_RAND_up_ref(EVP_RAND *rand);
 void EVP_RAND_free(EVP_RAND *rand);
 int EVP_RAND_number(const EVP_RAND *rand);
 const char *EVP_RAND_name(const EVP_RAND *rand);
+const char *EVP_RAND_description(const EVP_RAND *md);
 int EVP_RAND_is_a(const EVP_RAND *rand, const char *name);
 const OSSL_PROVIDER *EVP_RAND_provider(const EVP_RAND *rand);
 int EVP_RAND_get_params(EVP_RAND *rand, OSSL_PARAM params[]);
@@ -1320,6 +1324,7 @@ EVP_PKEY *EVP_PKEY_new(void);
 int EVP_PKEY_up_ref(EVP_PKEY *pkey);
 EVP_PKEY *EVP_PKEY_dup(EVP_PKEY *pkey);
 void EVP_PKEY_free(EVP_PKEY *pkey);
+const char *EVP_PKEY_description(const EVP_PKEY *pkey);
 
 EVP_PKEY *d2i_PublicKey(int type, EVP_PKEY **a, const unsigned char **pp,
                         long length);
@@ -1671,6 +1676,7 @@ int EVP_KEYMGMT_up_ref(EVP_KEYMGMT *keymgmt);
 void EVP_KEYMGMT_free(EVP_KEYMGMT *keymgmt);
 const OSSL_PROVIDER *EVP_KEYMGMT_provider(const EVP_KEYMGMT *keymgmt);
 const char *EVP_KEYMGMT_get0_first_name(const EVP_KEYMGMT *keymgmt);
+const char *EVP_KEYMGMT_description(const EVP_KEYMGMT *keymgmt);
 int EVP_KEYMGMT_number(const EVP_KEYMGMT *keymgmt);
 int EVP_KEYMGMT_is_a(const EVP_KEYMGMT *keymgmt, const char *name);
 void EVP_KEYMGMT_do_all_provided(OSSL_LIB_CTX *libctx,
@@ -1755,6 +1761,7 @@ EVP_SIGNATURE *EVP_SIGNATURE_fetch(OSSL_LIB_CTX *ctx, const char *algorithm,
                                    const char *properties);
 int EVP_SIGNATURE_is_a(const EVP_SIGNATURE *signature, const char *name);
 int EVP_SIGNATURE_number(const EVP_SIGNATURE *signature);
+const char *EVP_SIGNATURE_description(const EVP_SIGNATURE *signature);
 void EVP_SIGNATURE_do_all_provided(OSSL_LIB_CTX *libctx,
                                    void (*fn)(EVP_SIGNATURE *signature,
                                               void *data),
@@ -1772,6 +1779,7 @@ EVP_ASYM_CIPHER *EVP_ASYM_CIPHER_fetch(OSSL_LIB_CTX *ctx, const char *algorithm,
                                        const char *properties);
 int EVP_ASYM_CIPHER_is_a(const EVP_ASYM_CIPHER *cipher, const char *name);
 int EVP_ASYM_CIPHER_number(const EVP_ASYM_CIPHER *cipher);
+const char *EVP_ASYM_CIPHER_description(const EVP_ASYM_CIPHER *cipher);
 void EVP_ASYM_CIPHER_do_all_provided(OSSL_LIB_CTX *libctx,
                                      void (*fn)(EVP_ASYM_CIPHER *cipher,
                                                 void *arg),
@@ -1789,6 +1797,7 @@ EVP_KEM *EVP_KEM_fetch(OSSL_LIB_CTX *ctx, const char *algorithm,
                        const char *properties);
 int EVP_KEM_is_a(const EVP_KEM *wrap, const char *name);
 int EVP_KEM_number(const EVP_KEM *wrap);
+const char *EVP_KEM_description(const EVP_KEM *wrap);
 void EVP_KEM_do_all_provided(OSSL_LIB_CTX *libctx,
                              void (*fn)(EVP_KEM *wrap, void *arg), void *arg);
 int EVP_KEM_names_do_all(const EVP_KEM *wrap,
@@ -2045,6 +2054,7 @@ EVP_KEYEXCH *EVP_KEYEXCH_fetch(OSSL_LIB_CTX *ctx, const char *algorithm,
 OSSL_PROVIDER *EVP_KEYEXCH_provider(const EVP_KEYEXCH *exchange);
 int EVP_KEYEXCH_is_a(const EVP_KEYEXCH *keyexch, const char *name);
 int EVP_KEYEXCH_number(const EVP_KEYEXCH *keyexch);
+const char *EVP_KEYEXCH_description(const EVP_KEYEXCH *keyexch);
 void EVP_KEYEXCH_do_all_provided(OSSL_LIB_CTX *libctx,
                                  void (*fn)(EVP_KEYEXCH *keyexch, void *data),
                                  void *data);
diff --git a/include/openssl/kdf.h b/include/openssl/kdf.h
index 4c1397f909..96a25ff7c1 100644
--- a/include/openssl/kdf.h
+++ b/include/openssl/kdf.h
@@ -34,6 +34,7 @@ EVP_KDF_CTX *EVP_KDF_CTX_new(EVP_KDF *kdf);
 void EVP_KDF_CTX_free(EVP_KDF_CTX *ctx);
 EVP_KDF_CTX *EVP_KDF_CTX_dup(const EVP_KDF_CTX *src);
 int EVP_KDF_number(const EVP_KDF *kdf);
+const char *EVP_KDF_description(const EVP_KDF *kdf);
 int EVP_KDF_is_a(const EVP_KDF *kdf, const char *name);
 const char *EVP_KDF_name(const EVP_KDF *kdf);
 const OSSL_PROVIDER *EVP_KDF_provider(const EVP_KDF *kdf);
diff --git a/include/openssl/store.h b/include/openssl/store.h
index 19669b55f1..f0c20e56fe 100644
--- a/include/openssl/store.h
+++ b/include/openssl/store.h
@@ -260,6 +260,7 @@ const OSSL_PROVIDER *OSSL_STORE_LOADER_provider(const OSSL_STORE_LOADER *
                                                 loader);
 const char *OSSL_STORE_LOADER_properties(const OSSL_STORE_LOADER *loader);
 int OSSL_STORE_LOADER_number(const OSSL_STORE_LOADER *loader);
+const char *OSSL_STORE_LOADER_description(const OSSL_STORE_LOADER *loader);
 int OSSL_STORE_LOADER_is_a(const OSSL_STORE_LOADER *loader,
                            const char *scheme);
 void OSSL_STORE_LOADER_do_all_provided(OSSL_LIB_CTX *libctx,
diff --git a/providers/defltprov.c b/providers/defltprov.c
index 63e8f67509..0e076dd019 100644
--- a/providers/defltprov.c
+++ b/providers/defltprov.c
@@ -408,35 +408,52 @@ static const OSSL_ALGORITHM deflt_asym_kem[] = {
 
 static const OSSL_ALGORITHM deflt_keymgmt[] = {
 #ifndef OPENSSL_NO_DH
-    { "DH:dhKeyAgreement", "provider=default", ossl_dh_keymgmt_functions },
+    { "DH:dhKeyAgreement", "provider=default", ossl_dh_keymgmt_functions,
+      "OpenSSL PKCS#3 DH implementation" },
     { "DHX:X9.42 DH:dhpublicnumber", "provider=default",
-      ossl_dhx_keymgmt_functions },
+      ossl_dhx_keymgmt_functions, "OpenSSL X9.42 DH implementation" },
 #endif
 #ifndef OPENSSL_NO_DSA
-    { "DSA:dsaEncryption", "provider=default", ossl_dsa_keymgmt_functions },
+    { "DSA:dsaEncryption", "provider=default", ossl_dsa_keymgmt_functions,
+      "OpenSSL DSA implementation" },
 #endif
-    { "RSA:rsaEncryption", "provider=default", ossl_rsa_keymgmt_functions },
-    { "RSA-PSS:RSASSA-PSS", "provider=default", ossl_rsapss_keymgmt_functions },
+    { "RSA:rsaEncryption", "provider=default", ossl_rsa_keymgmt_functions,
+      "OpenSSL RSA implementation" },
+    { "RSA-PSS:RSASSA-PSS", "provider=default", ossl_rsapss_keymgmt_functions,
+      "OpenSSL RSA-PSS implementation" },
 #ifndef OPENSSL_NO_EC
-    { "EC:id-ecPublicKey", "provider=default", ossl_ec_keymgmt_functions },
-    { "X25519", "provider=default", ossl_x25519_keymgmt_functions },
-    { "X448", "provider=default", ossl_x448_keymgmt_functions },
-    { "ED25519", "provider=default", ossl_ed25519_keymgmt_functions },
-    { "ED448", "provider=default", ossl_ed448_keymgmt_functions },
+    { "EC:id-ecPublicKey", "provider=default", ossl_ec_keymgmt_functions,
+      "OpenSSL EC implementation" },
+    { "X25519", "provider=default", ossl_x25519_keymgmt_functions,
+      "OpenSSL X25519 implementation" },
+    { "X448", "provider=default", ossl_x448_keymgmt_functions,
+      "OpenSSL X448 implementation" },
+    { "ED25519", "provider=default", ossl_ed25519_keymgmt_functions,
+      "OpenSSL ED25519 implementation" },
+    { "ED448", "provider=default", ossl_ed448_keymgmt_functions,
+      "OpenSSL ED448 implementation" },
 #endif
-    { "TLS1-PRF", "provider=default", ossl_kdf_keymgmt_functions },
-    { "HKDF", "provider=default", ossl_kdf_keymgmt_functions },
-    { "SCRYPT:id-scrypt", "provider=default", ossl_kdf_keymgmt_functions },
-    { "HMAC", "provider=default", ossl_mac_legacy_keymgmt_functions },
-    { "SIPHASH", "provider=default", ossl_mac_legacy_keymgmt_functions },
+    { "TLS1-PRF", "provider=default", ossl_kdf_keymgmt_functions,
+      "OpenSSL TLS1-PRF via EVP_PKEY implementation" },
+    { "HKDF", "provider=default", ossl_kdf_keymgmt_functions,
+      "OpenSSL HKDF via EVP_PKEY implementation" },
+    { "SCRYPT:id-scrypt", "provider=default", ossl_kdf_keymgmt_functions,
+      "OpenSSL SCRYPT via EVP_PKEY implementation" },
+    { "HMAC", "provider=default", ossl_mac_legacy_keymgmt_functions,
+      "OpenSSL HMAC via EVP_PKEY implementation" },
+    { "SIPHASH", "provider=default", ossl_mac_legacy_keymgmt_functions,
+      "OpenSSL SIPHASH via EVP_PKEY implementation" },
 #ifndef OPENSSL_NO_POLY1305
-    { "POLY1305", "provider=default", ossl_mac_legacy_keymgmt_functions },
+    { "POLY1305", "provider=default", ossl_mac_legacy_keymgmt_functions,
+      "OpenSSL POLY1305 via EVP_PKEY implementation" },
 #endif
 #ifndef OPENSSL_NO_CMAC
-    { "CMAC", "provider=default", ossl_cossl_mac_legacy_keymgmt_functions },
+    { "CMAC", "provider=default", ossl_cossl_mac_legacy_keymgmt_functions,
+      "OpenSSL CMAC via EVP_PKEY implementation" },
 #endif
 #ifndef OPENSSL_NO_SM2
-    { "SM2", "provider=default", ossl_sm2_keymgmt_functions },
+    { "SM2", "provider=default", ossl_sm2_keymgmt_functions,
+      "OpenSSL SM2 implementation" },
 #endif
     { NULL, NULL, NULL }
 };
diff --git a/providers/fips/fipsprov.c b/providers/fips/fipsprov.c
index 56892aa4c8..f6a405d58e 100644
--- a/providers/fips/fipsprov.c
+++ b/providers/fips/fipsprov.c
@@ -394,30 +394,40 @@ static const OSSL_ALGORITHM fips_asym_kem[] = {
 
 static const OSSL_ALGORITHM fips_keymgmt[] = {
 #ifndef OPENSSL_NO_DH
-    { "DH:dhKeyAgreement", FIPS_DEFAULT_PROPERTIES, ossl_dh_keymgmt_functions },
+    { "DH:dhKeyAgreement", FIPS_DEFAULT_PROPERTIES, ossl_dh_keymgmt_functions,
+      "OpenSSL PKCS#3 DH FIPS implementation" },
     { "DHX:X9.42 DH:dhpublicnumber", FIPS_DEFAULT_PROPERTIES,
-      ossl_dhx_keymgmt_functions },
+      ossl_dhx_keymgmt_functions, "OpenSSL X9.42 DH FIPS implementation" },
 #endif
 #ifndef OPENSSL_NO_DSA
-    { "DSA", FIPS_DEFAULT_PROPERTIES, ossl_dsa_keymgmt_functions },
+    { "DSA", FIPS_DEFAULT_PROPERTIES, ossl_dsa_keymgmt_functions,
+      "OpenSSL DSA FIPS implementation" },
 #endif
     { "RSA:rsaEncryption", FIPS_DEFAULT_PROPERTIES,
-      ossl_rsa_keymgmt_functions },
+      ossl_rsa_keymgmt_functions, "OpenSSL RSA FIPS implementation" },
     { "RSA-PSS:RSASSA-PSS", FIPS_DEFAULT_PROPERTIES,
-      ossl_rsapss_keymgmt_functions },
+      ossl_rsapss_keymgmt_functions, "OpenSSL RSA-PSS FIPS implementation" },
 #ifndef OPENSSL_NO_EC
-    { "EC:id-ecPublicKey", FIPS_DEFAULT_PROPERTIES, ossl_ec_keymgmt_functions },
-    { "X25519", FIPS_DEFAULT_PROPERTIES, ossl_x25519_keymgmt_functions },
-    { "X448", FIPS_DEFAULT_PROPERTIES, ossl_x448_keymgmt_functions },
-    { "ED25519", FIPS_DEFAULT_PROPERTIES, ossl_ed25519_keymgmt_functions },
-    { "ED448", FIPS_DEFAULT_PROPERTIES, ossl_ed448_keymgmt_functions },
+    { "EC:id-ecPublicKey", FIPS_DEFAULT_PROPERTIES, ossl_ec_keymgmt_functions,
+      "OpenSSL EC FIPS implementation" },
+    { "X25519", FIPS_DEFAULT_PROPERTIES, ossl_x25519_keymgmt_functions,
+      "OpenSSL X25519 FIPS implementation" },
+    { "X448", FIPS_DEFAULT_PROPERTIES, ossl_x448_keymgmt_functions,
+      "OpenSSL X448 FIPS implementation" },
+    { "ED25519", FIPS_DEFAULT_PROPERTIES, ossl_ed25519_keymgmt_functions,
+      "OpenSSL ED25519 FIPS implementation" },
+    { "ED448", FIPS_DEFAULT_PROPERTIES, ossl_ed448_keymgmt_functions,
+      "OpenSSL ED448 FIPS implementation" },
 #endif
-    { "TLS1-PRF", FIPS_DEFAULT_PROPERTIES, ossl_kdf_keymgmt_functions },
-    { "HKDF", FIPS_DEFAULT_PROPERTIES, ossl_kdf_keymgmt_functions },
-    { "HMAC", FIPS_DEFAULT_PROPERTIES, ossl_mac_legacy_keymgmt_functions },
+    { "TLS1-PRF", FIPS_DEFAULT_PROPERTIES, ossl_kdf_keymgmt_functions,
+      "OpenSSL TLS1-PRF via EVP_PKEY FIPS implementation" },
+    { "HKDF", FIPS_DEFAULT_PROPERTIES, ossl_kdf_keymgmt_functions,
+      "OpenSSL HKDF via EVP_PKEY FIPS implementation" },
+    { "HMAC", FIPS_DEFAULT_PROPERTIES, ossl_mac_legacy_keymgmt_functions,
+      "OpenSSL HMAC via EVP_PKEY FIPS implementation" },
 #ifndef OPENSSL_NO_CMAC
-    { "CMAC", FIPS_DEFAULT_PROPERTIES,
-      ossl_cossl_mac_legacy_keymgmt_functions },
+    { "CMAC", FIPS_DEFAULT_PROPERTIES, ossl_cossl_mac_legacy_keymgmt_functions,
+      "OpenSSL CMAC via EVP_PKEY FIPS implementation" },
 #endif
     { NULL, NULL, NULL }
 };
diff --git a/providers/implementations/storemgmt/file_store.c b/providers/implementations/storemgmt/file_store.c
index e121052545..37f2fcee67 100644
--- a/providers/implementations/storemgmt/file_store.c
+++ b/providers/implementations/storemgmt/file_store.c
@@ -437,8 +437,8 @@ static int file_setup_decoders(struct file_ctx_st *ctx)
          * The decoder doesn't need any identification or to be attached to
          * any provider, since it's only used locally.
          */
-        to_obj = ossl_decoder_from_dispatch(0, &ossl_der_to_obj_algorithm,
-                                            NULL);
+        to_obj = ossl_decoder_from_algorithm(0, &ossl_der_to_obj_algorithm,
+                                             NULL);
         if (to_obj == NULL)
             goto err;
         to_obj_inst = ossl_decoder_instance_new(to_obj, ctx->provctx);
diff --git a/providers/implementations/storemgmt/file_store_der2obj.c b/providers/implementations/storemgmt/file_store_der2obj.c
index a36e9ab003..94bc467e3e 100644
--- a/providers/implementations/storemgmt/file_store_der2obj.c
+++ b/providers/implementations/storemgmt/file_store_der2obj.c
@@ -36,7 +36,7 @@
 
 /*
  * newctx and freectx are not strictly necessary.  However, the method creator,
- * ossl_decoder_from_dispatch(), demands that they exist, so we make sure to
+ * ossl_decoder_from_algorithm(), demands that they exist, so we make sure to
  * oblige.
  */
 
diff --git a/util/libcrypto.num b/util/libcrypto.num
index b968e0da1f..49fc731085 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -5333,3 +5333,17 @@ X509_REQ_new_ex                         ?	3_0_0	EXIST::FUNCTION:
 EVP_PKEY_dup                            ?	3_0_0	EXIST::FUNCTION:
 RSA_PSS_PARAMS_dup                      ?	3_0_0	EXIST::FUNCTION:
 EVP_PKEY_derive_set_peer_ex             ?	3_0_0	EXIST::FUNCTION:
+OSSL_DECODER_description                ?	3_0_0	EXIST::FUNCTION:
+OSSL_ENCODER_description                ?	3_0_0	EXIST::FUNCTION:
+OSSL_STORE_LOADER_description           ?	3_0_0	EXIST::FUNCTION:
+EVP_MD_description                      ?	3_0_0	EXIST::FUNCTION:
+EVP_CIPHER_description                  ?	3_0_0	EXIST::FUNCTION:
+EVP_MAC_description                     ?	3_0_0	EXIST::FUNCTION:
+EVP_RAND_description                    ?	3_0_0	EXIST::FUNCTION:
+EVP_PKEY_description                    ?	3_0_0	EXIST::FUNCTION:
+EVP_KEYMGMT_description                 ?	3_0_0	EXIST::FUNCTION:
+EVP_SIGNATURE_description               ?	3_0_0	EXIST::FUNCTION:
+EVP_ASYM_CIPHER_description             ?	3_0_0	EXIST::FUNCTION:
+EVP_KEM_description                     ?	3_0_0	EXIST::FUNCTION:
+EVP_KEYEXCH_description                 ?	3_0_0	EXIST::FUNCTION:
+EVP_KDF_description                     ?	3_0_0	EXIST::FUNCTION:


More information about the openssl-commits mailing list