[openssl] master update

tomas at openssl.org tomas at openssl.org
Mon Apr 26 10:05:17 UTC 2021


The branch master has been updated
       via  6c9bc258d2e9e7b500236a1c696da1f384f0b907 (commit)
      from  d21224f1adcd948699e536eaf570f42ef9a051f7 (commit)


- Log -----------------------------------------------------------------
commit 6c9bc258d2e9e7b500236a1c696da1f384f0b907
Author: Tomas Mraz <tomas at openssl.org>
Date:   Fri Apr 16 16:22:03 2021 +0200

    Add type_name member to provided methods and use it
    
    Fixes #14701
    
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/14898)

-----------------------------------------------------------------------

Summary of changes:
 crypto/core_algorithm.c           | 21 +++++++++++++++++++++
 crypto/evp/asymcipher.c           | 11 ++++++++++-
 crypto/evp/digest.c               |  7 ++++++-
 crypto/evp/evp_enc.c              | 10 ++++++++--
 crypto/evp/evp_fetch.c            |  8 --------
 crypto/evp/evp_lib.c              |  9 +++++----
 crypto/evp/evp_local.h            |  6 +++++-
 crypto/evp/evp_pkey.c             |  2 +-
 crypto/evp/evp_rand.c             | 13 ++++++++++---
 crypto/evp/exchange.c             | 11 ++++++++++-
 crypto/evp/kdf_lib.c              |  4 +---
 crypto/evp/kdf_meth.c             |  8 +++++++-
 crypto/evp/kem.c                  | 11 ++++++++++-
 crypto/evp/keymgmt_lib.c          |  3 +--
 crypto/evp/keymgmt_meth.c         | 13 +++++++++----
 crypto/evp/mac_lib.c              |  4 +---
 crypto/evp/mac_meth.c             |  8 +++++++-
 crypto/evp/p_lib.c                |  5 ++---
 crypto/evp/pmeth_lib.c            |  2 +-
 crypto/evp/signature.c            | 11 ++++++++++-
 doc/man3/EVP_ASYM_CIPHER_free.pod |  9 ++++++++-
 doc/man3/EVP_KEM_free.pod         |  9 ++++++++-
 doc/man3/EVP_KEYEXCH_free.pod     |  9 ++++++++-
 doc/man3/EVP_KEYMGMT.pod          | 16 ++++++++--------
 doc/man3/EVP_SIGNATURE_free.pod   | 10 +++++++++-
 doc/man7/openssl-core.h.pod       |  3 +++
 include/crypto/evp.h              |  4 ++++
 include/internal/core.h           |  1 +
 include/openssl/evp.h             |  6 +++++-
 test/evp_libctx_test.c            | 33 +++++++++++++++++++++++----------
 util/libcrypto.num                |  6 +++++-
 31 files changed, 207 insertions(+), 66 deletions(-)

diff --git a/crypto/core_algorithm.c b/crypto/core_algorithm.c
index 3fcb2226c7..50344fbe2d 100644
--- a/crypto/core_algorithm.c
+++ b/crypto/core_algorithm.c
@@ -111,3 +111,24 @@ void ossl_algorithm_do_all(OSSL_LIB_CTX *libctx, int operation_id,
     else
         algorithm_do_this(provider, &cbdata);
 }
+
+char *ossl_algorithm_get1_first_name(const OSSL_ALGORITHM *algo)
+{
+    const char *first_name_end = NULL;
+    size_t first_name_len = 0;
+    char *ret;
+
+    if (algo->algorithm_names == NULL)
+        return NULL;
+
+    first_name_end = strchr(algo->algorithm_names, ':');
+    if (first_name_end == NULL)
+        first_name_len = strlen(algo->algorithm_names);
+    else
+        first_name_len = first_name_end - algo->algorithm_names;
+
+    ret = OPENSSL_strndup(algo->algorithm_names, first_name_len);
+    if (ret == NULL)
+        ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE);
+    return ret;
+}
diff --git a/crypto/evp/asymcipher.c b/crypto/evp/asymcipher.c
index feabe0a793..1acbe81b68 100644
--- a/crypto/evp/asymcipher.c
+++ b/crypto/evp/asymcipher.c
@@ -12,8 +12,9 @@
 #include <openssl/objects.h>
 #include <openssl/evp.h>
 #include "internal/cryptlib.h"
-#include "crypto/evp.h"
 #include "internal/provider.h"
+#include "internal/core.h"
+#include "crypto/evp.h"
 #include "evp_local.h"
 
 static int evp_pkey_asym_cipher_init(EVP_PKEY_CTX *ctx, int operation,
@@ -289,6 +290,8 @@ static void *evp_asym_cipher_from_algorithm(int name_id,
     }
 
     cipher->name_id = name_id;
+    if ((cipher->type_name = ossl_algorithm_get1_first_name(algodef)) == NULL)
+        goto err;
     cipher->description = algodef->algorithm_description;
 
     for (; fns->function_id != 0; fns++) {
@@ -398,6 +401,7 @@ void EVP_ASYM_CIPHER_free(EVP_ASYM_CIPHER *cipher)
     CRYPTO_DOWN_REF(&cipher->refcnt, &i, cipher->lock);
     if (i > 0)
         return;
+    OPENSSL_free(cipher->type_name);
     ossl_provider_free(cipher->prov);
     CRYPTO_THREAD_lock_free(cipher->lock);
     OPENSSL_free(cipher);
@@ -435,6 +439,11 @@ int EVP_ASYM_CIPHER_number(const EVP_ASYM_CIPHER *cipher)
     return cipher->name_id;
 }
 
+const char *EVP_ASYM_CIPHER_name(const EVP_ASYM_CIPHER *cipher)
+{
+    return cipher->type_name;
+}
+
 const char *EVP_ASYM_CIPHER_description(const EVP_ASYM_CIPHER *cipher)
 {
     return cipher->description;
diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c
index ef60fc1505..67f6e839ca 100644
--- a/crypto/evp/digest.c
+++ b/crypto/evp/digest.c
@@ -18,8 +18,9 @@
 #include <openssl/params.h>
 #include <openssl/core_names.h>
 #include "internal/cryptlib.h"
-#include "crypto/evp.h"
 #include "internal/provider.h"
+#include "internal/core.h"
+#include "crypto/evp.h"
 #include "evp_local.h"
 
 
@@ -906,6 +907,10 @@ static void *evp_md_from_algorithm(int name_id,
 #endif
 
     md->name_id = name_id;
+    if ((md->type_name = ossl_algorithm_get1_first_name(algodef)) == NULL) {
+        EVP_MD_free(md);
+        return NULL;
+    }
     md->description = algodef->algorithm_description;
 
     for (; fns->function_id != 0; fns++) {
diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c
index 2de2a11e5a..50e1c3452b 100644
--- a/crypto/evp/evp_enc.c
+++ b/crypto/evp/evp_enc.c
@@ -13,15 +13,16 @@
 #include <stdio.h>
 #include <limits.h>
 #include <assert.h>
-#include "internal/cryptlib.h"
 #include <openssl/evp.h>
 #include <openssl/err.h>
 #include <openssl/rand.h>
 #include <openssl/engine.h>
 #include <openssl/params.h>
 #include <openssl/core_names.h>
-#include "crypto/evp.h"
+#include "internal/cryptlib.h"
 #include "internal/provider.h"
+#include "internal/core.h"
+#include "crypto/evp.h"
 #include "evp_local.h"
 
 int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *ctx)
@@ -1468,6 +1469,10 @@ static void *evp_cipher_from_algorithm(const int name_id,
 #endif
 
     cipher->name_id = name_id;
+    if ((cipher->type_name = ossl_algorithm_get1_first_name(algodef)) == NULL) {
+        EVP_CIPHER_free(cipher);
+        return NULL;
+    }
     cipher->description = algodef->algorithm_description;
 
     for (; fns->function_id != 0; fns++) {
@@ -1610,6 +1615,7 @@ int EVP_CIPHER_up_ref(EVP_CIPHER *cipher)
 
 void evp_cipher_free_int(EVP_CIPHER *cipher)
 {
+    OPENSSL_free(cipher->type_name);
     ossl_provider_free(cipher->prov);
     CRYPTO_THREAD_lock_free(cipher->lock);
     OPENSSL_free(cipher);
diff --git a/crypto/evp/evp_fetch.c b/crypto/evp/evp_fetch.c
index 3893220441..266f657ff2 100644
--- a/crypto/evp/evp_fetch.c
+++ b/crypto/evp/evp_fetch.c
@@ -508,14 +508,6 @@ void evp_generic_do_all(OSSL_LIB_CTX *libctx, int operation_id,
                           &data);
 }
 
-const char *evp_first_name(const OSSL_PROVIDER *prov, int name_id)
-{
-    OSSL_LIB_CTX *libctx = ossl_provider_libctx(prov);
-    OSSL_NAMEMAP *namemap = ossl_namemap_stored(libctx);
-
-    return ossl_namemap_num2name(namemap, name_id, 0);
-}
-
 int evp_is_a(OSSL_PROVIDER *prov, int number,
              const char *legacy_name, const char *name)
 {
diff --git a/crypto/evp/evp_lib.c b/crypto/evp/evp_lib.c
index 41209fa763..66a862688a 100644
--- a/crypto/evp/evp_lib.c
+++ b/crypto/evp/evp_lib.c
@@ -659,8 +659,8 @@ int EVP_CIPHER_number(const EVP_CIPHER *cipher)
 
 const char *EVP_CIPHER_name(const EVP_CIPHER *cipher)
 {
-    if (cipher->prov != NULL)
-        return evp_first_name(cipher->prov, cipher->name_id);
+    if (cipher->type_name != NULL)
+        return cipher->type_name;
 #ifndef FIPS_MODULE
     return OBJ_nid2sn(EVP_CIPHER_nid(cipher));
 #else
@@ -726,8 +726,8 @@ const char *EVP_MD_name(const EVP_MD *md)
 {
     if (md == NULL)
         return NULL;
-    if (md->prov != NULL)
-        return evp_first_name(md->prov, md->name_id);
+    if (md->type_name != NULL)
+        return md->type_name;
 #ifndef FIPS_MODULE
     return OBJ_nid2sn(EVP_MD_nid(md));
 #else
@@ -817,6 +817,7 @@ EVP_MD *EVP_MD_meth_dup(const EVP_MD *md)
 
 void evp_md_free_int(EVP_MD *md)
 {
+    OPENSSL_free(md->type_name);
     ossl_provider_free(md->prov);
     CRYPTO_THREAD_lock_free(md->lock);
     OPENSSL_free(md);
diff --git a/crypto/evp/evp_local.h b/crypto/evp/evp_local.h
index cdf89a62c0..82c5641842 100644
--- a/crypto/evp/evp_local.h
+++ b/crypto/evp/evp_local.h
@@ -78,6 +78,7 @@ struct evp_keymgmt_st {
     int id;                      /* libcrypto internal */
 
     int name_id;
+    char *type_name;
     const char *description;
     OSSL_PROVIDER *prov;
     CRYPTO_REF_COUNT refcnt;
@@ -117,6 +118,7 @@ struct evp_keymgmt_st {
 
 struct evp_keyexch_st {
     int name_id;
+    char *type_name;
     const char *description;
     OSSL_PROVIDER *prov;
     CRYPTO_REF_COUNT refcnt;
@@ -136,6 +138,7 @@ struct evp_keyexch_st {
 
 struct evp_signature_st {
     int name_id;
+    char *type_name;
     const char *description;
     OSSL_PROVIDER *prov;
     CRYPTO_REF_COUNT refcnt;
@@ -170,6 +173,7 @@ struct evp_signature_st {
 
 struct evp_asym_cipher_st {
     int name_id;
+    char *type_name;
     const char *description;
     OSSL_PROVIDER *prov;
     CRYPTO_REF_COUNT refcnt;
@@ -190,6 +194,7 @@ struct evp_asym_cipher_st {
 
 struct evp_kem_st {
     int name_id;
+    char *type_name;
     const char *description;
     OSSL_PROVIDER *prov;
     CRYPTO_REF_COUNT refcnt;
@@ -321,7 +326,6 @@ void evp_cipher_free_int(EVP_CIPHER *md);
 void evp_md_free_int(EVP_MD *md);
 
 /* OSSL_PROVIDER * is only used to get the library context */
-const char *evp_first_name(const OSSL_PROVIDER *prov, int name_id);
 int evp_is_a(OSSL_PROVIDER *prov, int number,
              const char *legacy_name, const char *name);
 int evp_names_do_all(OSSL_PROVIDER *prov, int number,
diff --git a/crypto/evp/evp_pkey.c b/crypto/evp/evp_pkey.c
index a31c54887b..f82d6f8081 100644
--- a/crypto/evp/evp_pkey.c
+++ b/crypto/evp/evp_pkey.c
@@ -225,7 +225,7 @@ const char *EVP_PKEY_get0_type_name(const EVP_PKEY *key)
     const char *name = NULL;
 
     if (key->keymgmt != NULL)
-        return EVP_KEYMGMT_get0_first_name(key->keymgmt);
+        return EVP_KEYMGMT_name(key->keymgmt);
 
     /* Otherwise fallback to legacy */
     ameth = EVP_PKEY_get0_asn1(key);
diff --git a/crypto/evp/evp_rand.c b/crypto/evp/evp_rand.c
index cdcc88a9ac..5cd6588fa8 100644
--- a/crypto/evp/evp_rand.c
+++ b/crypto/evp/evp_rand.c
@@ -18,16 +18,18 @@
 #include <openssl/core.h>
 #include <openssl/core_names.h>
 #include <openssl/crypto.h>
-#include "crypto/asn1.h"
-#include "crypto/evp.h"
 #include "internal/cryptlib.h"
 #include "internal/numbers.h"
 #include "internal/provider.h"
+#include "internal/core.h"
+#include "crypto/asn1.h"
+#include "crypto/evp.h"
 #include "evp_local.h"
 
 struct evp_rand_st {
     OSSL_PROVIDER *prov;
     int name_id;
+    char *type_name;
     const char *description;
     CRYPTO_REF_COUNT refcnt;
     CRYPTO_RWLOCK *refcnt_lock;
@@ -72,6 +74,7 @@ static void evp_rand_free(void *vrand)
     CRYPTO_DOWN_REF(&rand->refcnt, &ref, rand->refcnt_lock);
     if (ref > 0)
         return;
+    OPENSSL_free(rand->type_name);
     ossl_provider_free(rand->prov);
     CRYPTO_THREAD_lock_free(rand->refcnt_lock);
     OPENSSL_free(rand);
@@ -130,6 +133,10 @@ static void *evp_rand_from_algorithm(int name_id,
         return NULL;
     }
     rand->name_id = name_id;
+    if ((rand->type_name = ossl_algorithm_get1_first_name(algodef)) == NULL) {
+        evp_rand_free(rand);
+        return NULL;
+    }
     rand->description = algodef->algorithm_description;
     rand->dispatch = fns;
     for (; fns->function_id != 0; fns++) {
@@ -293,7 +300,7 @@ int EVP_RAND_number(const EVP_RAND *rand)
 
 const char *EVP_RAND_name(const EVP_RAND *rand)
 {
-    return evp_first_name(rand->prov, rand->name_id);
+    return rand->type_name;
 }
 
 const char *EVP_RAND_description(const EVP_RAND *rand)
diff --git a/crypto/evp/exchange.c b/crypto/evp/exchange.c
index 7ec2ad760b..0ff5d8848c 100644
--- a/crypto/evp/exchange.c
+++ b/crypto/evp/exchange.c
@@ -11,9 +11,10 @@
 #include <openssl/evp.h>
 #include <openssl/err.h>
 #include "internal/refcount.h"
-#include "crypto/evp.h"
 #include "internal/provider.h"
+#include "internal/core.h"
 #include "internal/numbers.h"   /* includes SIZE_MAX */
+#include "crypto/evp.h"
 #include "evp_local.h"
 
 static EVP_KEYEXCH *evp_keyexch_new(OSSL_PROVIDER *prov)
@@ -52,6 +53,8 @@ static void *evp_keyexch_from_algorithm(int name_id,
     }
 
     exchange->name_id = name_id;
+    if ((exchange->type_name = ossl_algorithm_get1_first_name(algodef)) == NULL)
+        goto err;
     exchange->description = algodef->algorithm_description;
 
     for (; fns->function_id != 0; fns++) {
@@ -149,6 +152,7 @@ void EVP_KEYEXCH_free(EVP_KEYEXCH *exchange)
     CRYPTO_DOWN_REF(&exchange->refcnt, &i, exchange->lock);
     if (i > 0)
         return;
+    OPENSSL_free(exchange->type_name);
     ossl_provider_free(exchange->prov);
     CRYPTO_THREAD_lock_free(exchange->lock);
     OPENSSL_free(exchange);
@@ -465,6 +469,11 @@ int EVP_KEYEXCH_number(const EVP_KEYEXCH *keyexch)
     return keyexch->name_id;
 }
 
+const char *EVP_KEYEXCH_name(const EVP_KEYEXCH *keyexch)
+{
+    return keyexch->type_name;
+}
+
 const char *EVP_KEYEXCH_description(const EVP_KEYEXCH *keyexch)
 {
     return keyexch->description;
diff --git a/crypto/evp/kdf_lib.c b/crypto/evp/kdf_lib.c
index b995e8fc5a..8b2dc71996 100644
--- a/crypto/evp/kdf_lib.c
+++ b/crypto/evp/kdf_lib.c
@@ -90,9 +90,7 @@ int EVP_KDF_number(const EVP_KDF *kdf)
 
 const char *EVP_KDF_name(const EVP_KDF *kdf)
 {
-    if (kdf->prov != NULL)
-        return evp_first_name(kdf->prov, kdf->name_id);
-    return NULL;
+    return kdf->type_name;
 }
 
 const char *EVP_KDF_description(const EVP_KDF *kdf)
diff --git a/crypto/evp/kdf_meth.c b/crypto/evp/kdf_meth.c
index 5c2ac46f4e..0c6defa0f2 100644
--- a/crypto/evp/kdf_meth.c
+++ b/crypto/evp/kdf_meth.c
@@ -12,8 +12,9 @@
 #include <openssl/core.h>
 #include <openssl/core_dispatch.h>
 #include <openssl/kdf.h>
-#include "crypto/evp.h"
 #include "internal/provider.h"
+#include "internal/core.h"
+#include "crypto/evp.h"
 #include "evp_local.h"
 
 static int evp_kdf_up_ref(void *vkdf)
@@ -36,6 +37,7 @@ static void evp_kdf_free(void *vkdf)
     CRYPTO_DOWN_REF(&kdf->refcnt, &ref, kdf->lock);
     if (ref > 0)
         return;
+    OPENSSL_free(kdf->type_name);
     ossl_provider_free(kdf->prov);
     CRYPTO_THREAD_lock_free(kdf->lock);
     OPENSSL_free(kdf);
@@ -67,6 +69,10 @@ static void *evp_kdf_from_algorithm(int name_id,
         return NULL;
     }
     kdf->name_id = name_id;
+    if ((kdf->type_name = ossl_algorithm_get1_first_name(algodef)) == NULL) {
+        evp_kdf_free(kdf);
+        return NULL;
+    }
     kdf->description = algodef->algorithm_description;
 
     for (; fns->function_id != 0; fns++) {
diff --git a/crypto/evp/kem.c b/crypto/evp/kem.c
index 227d3c721a..5ee9a43892 100644
--- a/crypto/evp/kem.c
+++ b/crypto/evp/kem.c
@@ -12,8 +12,9 @@
 #include <openssl/objects.h>
 #include <openssl/evp.h>
 #include "internal/cryptlib.h"
-#include "crypto/evp.h"
 #include "internal/provider.h"
+#include "internal/core.h"
+#include "crypto/evp.h"
 #include "evp_local.h"
 
 static int evp_kem_init(EVP_PKEY_CTX *ctx, int operation,
@@ -197,6 +198,8 @@ static void *evp_kem_from_algorithm(int name_id, const OSSL_ALGORITHM *algodef,
     }
 
     kem->name_id = name_id;
+    if ((kem->type_name = ossl_algorithm_get1_first_name(algodef)) == NULL)
+        goto err;
     kem->description = algodef->algorithm_description;
 
     for (; fns->function_id != 0; fns++) {
@@ -307,6 +310,7 @@ void EVP_KEM_free(EVP_KEM *kem)
     CRYPTO_DOWN_REF(&kem->refcnt, &i, kem->lock);
     if (i > 0)
         return;
+    OPENSSL_free(kem->type_name);
     ossl_provider_free(kem->prov);
     CRYPTO_THREAD_lock_free(kem->lock);
     OPENSSL_free(kem);
@@ -344,6 +348,11 @@ int EVP_KEM_number(const EVP_KEM *kem)
     return kem->name_id;
 }
 
+const char *EVP_KEM_name(const EVP_KEM *kem)
+{
+    return kem->type_name;
+}
+
 const char *EVP_KEM_description(const EVP_KEM *kem)
 {
     return kem->description;
diff --git a/crypto/evp/keymgmt_lib.c b/crypto/evp/keymgmt_lib.c
index 301e1a8a2f..d2d60fa953 100644
--- a/crypto/evp/keymgmt_lib.c
+++ b/crypto/evp/keymgmt_lib.c
@@ -22,8 +22,7 @@
  */
 static int match_type(const EVP_KEYMGMT *keymgmt1, const EVP_KEYMGMT *keymgmt2)
 {
-    const OSSL_PROVIDER *prov2 = EVP_KEYMGMT_provider(keymgmt2);
-    const char *name2 = evp_first_name(prov2, EVP_KEYMGMT_number(keymgmt2));
+    const char *name2 = EVP_KEYMGMT_name(keymgmt2);
 
     return EVP_KEYMGMT_is_a(keymgmt1, name2);
 }
diff --git a/crypto/evp/keymgmt_meth.c b/crypto/evp/keymgmt_meth.c
index 937faa99d6..94f0133860 100644
--- a/crypto/evp/keymgmt_meth.c
+++ b/crypto/evp/keymgmt_meth.c
@@ -13,6 +13,7 @@
 #include <openssl/err.h>
 #include "internal/provider.h"
 #include "internal/refcount.h"
+#include "internal/core.h"
 #include "crypto/evp.h"
 #include "evp_local.h"
 
@@ -42,11 +43,14 @@ static void *keymgmt_from_algorithm(int name_id,
     int setgenparamfncnt = 0;
     int importfncnt = 0, exportfncnt = 0;
 
-    if ((keymgmt = keymgmt_new()) == NULL) {
+    if ((keymgmt = keymgmt_new()) == NULL)
+        return NULL;
+
+    keymgmt->name_id = name_id;
+    if ((keymgmt->type_name = ossl_algorithm_get1_first_name(algodef)) == NULL) {
         EVP_KEYMGMT_free(keymgmt);
         return NULL;
     }
-    keymgmt->name_id = name_id;
     keymgmt->description = algodef->algorithm_description;
 
     for (; fns->function_id != 0; fns++) {
@@ -236,6 +240,7 @@ void EVP_KEYMGMT_free(EVP_KEYMGMT *keymgmt)
     CRYPTO_DOWN_REF(&keymgmt->refcnt, &ref, keymgmt->lock);
     if (ref > 0)
         return;
+    OPENSSL_free(keymgmt->type_name);
     ossl_provider_free(keymgmt->prov);
     CRYPTO_THREAD_lock_free(keymgmt->lock);
     OPENSSL_free(keymgmt);
@@ -256,9 +261,9 @@ const char *EVP_KEYMGMT_description(const EVP_KEYMGMT *keymgmt)
     return keymgmt->description;
 }
 
-const char *EVP_KEYMGMT_get0_first_name(const EVP_KEYMGMT *keymgmt)
+const char *EVP_KEYMGMT_name(const EVP_KEYMGMT *keymgmt)
 {
-    return evp_first_name(keymgmt->prov, keymgmt->name_id);
+    return keymgmt->type_name;
 }
 
 int EVP_KEYMGMT_is_a(const EVP_KEYMGMT *keymgmt, const char *name)
diff --git a/crypto/evp/mac_lib.c b/crypto/evp/mac_lib.c
index 0784aaddc2..3d60905a9e 100644
--- a/crypto/evp/mac_lib.c
+++ b/crypto/evp/mac_lib.c
@@ -165,9 +165,7 @@ int EVP_MAC_number(const EVP_MAC *mac)
 
 const char *EVP_MAC_name(const EVP_MAC *mac)
 {
-    if (mac->prov != NULL)
-        return evp_first_name(mac->prov, mac->name_id);
-    return NULL;
+    return mac->type_name;
 }
 
 const char *EVP_MAC_description(const EVP_MAC *mac)
diff --git a/crypto/evp/mac_meth.c b/crypto/evp/mac_meth.c
index bd43e880ae..342aadc996 100644
--- a/crypto/evp/mac_meth.c
+++ b/crypto/evp/mac_meth.c
@@ -2,8 +2,9 @@
 #include <openssl/err.h>
 #include <openssl/core.h>
 #include <openssl/core_dispatch.h>
-#include "crypto/evp.h"
 #include "internal/provider.h"
+#include "internal/core.h"
+#include "crypto/evp.h"
 #include "evp_local.h"
 
 static int evp_mac_up_ref(void *vmac)
@@ -26,6 +27,7 @@ static void evp_mac_free(void *vmac)
     CRYPTO_DOWN_REF(&mac->refcnt, &ref, mac->lock);
     if (ref > 0)
         return;
+    OPENSSL_free(mac->type_name);
     ossl_provider_free(mac->prov);
     CRYPTO_THREAD_lock_free(mac->lock);
     OPENSSL_free(mac);
@@ -59,6 +61,10 @@ static void *evp_mac_from_algorithm(int name_id,
         return NULL;
     }
     mac->name_id = name_id;
+    if ((mac->type_name = ossl_algorithm_get1_first_name(algodef)) == NULL) {
+        evp_mac_free(mac);
+        return NULL;
+    }
     mac->description = algodef->algorithm_description;
 
     for (; fns->function_id != 0; fns++) {
diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c
index a0dfff9195..daa0f617d8 100644
--- a/crypto/evp/p_lib.c
+++ b/crypto/evp/p_lib.c
@@ -1056,7 +1056,7 @@ int EVP_PKEY_can_sign(const EVP_PKEY *pkey)
         const char *supported_sig =
             pkey->keymgmt->query_operation_name != NULL
             ? pkey->keymgmt->query_operation_name(OSSL_OP_SIGNATURE)
-            : evp_first_name(prov, pkey->keymgmt->name_id);
+            : EVP_KEYMGMT_name(pkey->keymgmt);
         EVP_SIGNATURE *signature = NULL;
 
         signature = EVP_SIGNATURE_fetch(libctx, supported_sig, NULL);
@@ -1937,8 +1937,7 @@ int evp_pkey_copy_downgraded(EVP_PKEY **dest, const EVP_PKEY *src)
         int type = src->type;
         const char *keytype = NULL;
 
-        keytype = evp_first_name(EVP_KEYMGMT_provider(keymgmt),
-                                 keymgmt->name_id);
+        keytype = EVP_KEYMGMT_name(keymgmt);
 
         /*
          * If the type is EVP_PKEY_NONE, then we have a problem somewhere
diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c
index f00394e081..d09b39b7d5 100644
--- a/crypto/evp/pmeth_lib.c
+++ b/crypto/evp/pmeth_lib.c
@@ -192,7 +192,7 @@ static EVP_PKEY_CTX *int_ctx_new(OSSL_LIB_CTX *libctx,
         /* If we have an engine, something went wrong somewhere... */
         if (!ossl_assert(e == NULL))
             return NULL;
-        keytype = evp_first_name(pkey->keymgmt->prov, pkey->keymgmt->name_id);
+        keytype = EVP_KEYMGMT_name(pkey->keymgmt);
         goto common;
     }
 
diff --git a/crypto/evp/signature.c b/crypto/evp/signature.c
index 0307fb5e33..c945eaae5e 100644
--- a/crypto/evp/signature.c
+++ b/crypto/evp/signature.c
@@ -12,8 +12,9 @@
 #include <openssl/objects.h>
 #include <openssl/evp.h>
 #include "internal/cryptlib.h"
-#include "crypto/evp.h"
 #include "internal/provider.h"
+#include "internal/core.h"
+#include "crypto/evp.h"
 #include "evp_local.h"
 
 static EVP_SIGNATURE *evp_signature_new(OSSL_PROVIDER *prov)
@@ -54,6 +55,8 @@ static void *evp_signature_from_algorithm(int name_id,
     }
 
     signature->name_id = name_id;
+    if ((signature->type_name = ossl_algorithm_get1_first_name(algodef)) == NULL)
+        goto err;
     signature->description = algodef->algorithm_description;
 
     for (; fns->function_id != 0; fns++) {
@@ -282,6 +285,7 @@ void EVP_SIGNATURE_free(EVP_SIGNATURE *signature)
     CRYPTO_DOWN_REF(&signature->refcnt, &i, signature->lock);
     if (i > 0)
         return;
+    OPENSSL_free(signature->type_name);
     ossl_provider_free(signature->prov);
     CRYPTO_THREAD_lock_free(signature->lock);
     OPENSSL_free(signature);
@@ -319,6 +323,11 @@ int EVP_SIGNATURE_number(const EVP_SIGNATURE *signature)
     return signature->name_id;
 }
 
+const char *EVP_SIGNATURE_name(const EVP_SIGNATURE *signature)
+{
+    return signature->type_name;
+}
+
 const char *EVP_SIGNATURE_description(const EVP_SIGNATURE *signature)
 {
     return signature->description;
diff --git a/doc/man3/EVP_ASYM_CIPHER_free.pod b/doc/man3/EVP_ASYM_CIPHER_free.pod
index dfe67d9993..93df44ec8f 100644
--- a/doc/man3/EVP_ASYM_CIPHER_free.pod
+++ b/doc/man3/EVP_ASYM_CIPHER_free.pod
@@ -5,7 +5,7 @@
 EVP_ASYM_CIPHER_fetch, EVP_ASYM_CIPHER_free, EVP_ASYM_CIPHER_up_ref,
 EVP_ASYM_CIPHER_number, EVP_ASYM_CIPHER_is_a, EVP_ASYM_CIPHER_provider,
 EVP_ASYM_CIPHER_do_all_provided, EVP_ASYM_CIPHER_names_do_all,
-EVP_ASYM_CIPHER_description,
+EVP_ASYM_CIPHER_name, EVP_ASYM_CIPHER_description,
 EVP_ASYM_CIPHER_gettable_ctx_params, EVP_ASYM_CIPHER_settable_ctx_params
 - Functions to manage EVP_ASYM_CIPHER algorithm objects
 
@@ -18,6 +18,7 @@ EVP_ASYM_CIPHER_gettable_ctx_params, EVP_ASYM_CIPHER_settable_ctx_params
  void EVP_ASYM_CIPHER_free(EVP_ASYM_CIPHER *cipher);
  int EVP_ASYM_CIPHER_up_ref(EVP_ASYM_CIPHER *cipher);
  int EVP_ASYM_CIPHER_number(const EVP_ASYM_CIPHER *cipher);
+ const char *EVP_ASYM_CIPHER_name(const EVP_ASYM_CIPHER *cipher);
  int EVP_ASYM_CIPHER_is_a(const EVP_ASYM_CIPHER *cipher, const char *name);
  OSSL_PROVIDER *EVP_ASYM_CIPHER_provider(const EVP_ASYM_CIPHER *cipher);
  void EVP_ASYM_CIPHER_do_all_provided(OSSL_LIB_CTX *libctx,
@@ -63,6 +64,12 @@ method and the given I<arg> as argument.
 EVP_ASYM_CIPHER_number() returns the internal dynamic number assigned to
 I<cipher>.
 
+EVP_ASYM_CIPHER_name() returns the algorithm name from the provided
+implementation for the given I<cipher>. Note that the I<cipher> may have
+multiple synonyms associated with it. In this case the first name from the
+algorithm definition is returned. Ownership of the returned string is retained
+by the I<cipher> object and should not be freed by the caller.
+
 EVP_ASYM_CIPHER_names_do_all() traverses all names for I<cipher>, and calls
 I<fn> with each name and I<data>.
 
diff --git a/doc/man3/EVP_KEM_free.pod b/doc/man3/EVP_KEM_free.pod
index 906f4eebed..13600c521c 100644
--- a/doc/man3/EVP_KEM_free.pod
+++ b/doc/man3/EVP_KEM_free.pod
@@ -3,7 +3,7 @@
 =head1 NAME
 
 EVP_KEM_fetch, EVP_KEM_free, EVP_KEM_up_ref,
-EVP_KEM_number, EVP_KEM_is_a, EVP_KEM_provider,
+EVP_KEM_number, EVP_KEM_name, EVP_KEM_is_a, EVP_KEM_provider,
 EVP_KEM_do_all_provided, EVP_KEM_names_do_all, EVP_KEM_description,
 EVP_KEM_gettable_ctx_params, EVP_KEM_settable_ctx_params
 - Functions to manage EVP_KEM algorithm objects
@@ -17,6 +17,7 @@ EVP_KEM_gettable_ctx_params, EVP_KEM_settable_ctx_params
  void EVP_KEM_free(EVP_KEM *kem);
  int EVP_KEM_up_ref(EVP_KEM *kem);
  int EVP_KEM_number(const EVP_KEM *kem);
+ const char *EVP_KEM_name(const EVP_KEM *kem);
  int EVP_KEM_is_a(const EVP_KEM *kem, const char *name);
  OSSL_PROVIDER *EVP_KEM_provider(const EVP_KEM *kem);
  void EVP_KEM_do_all_provided(OSSL_LIB_CTX *libctx,
@@ -56,6 +57,12 @@ and the given I<arg> as argument.
 
 EVP_KEM_number() returns the internal dynamic number assigned to I<kem>.
 
+EVP_KEM_name() returns the algorithm name from the provided
+implementation for the given I<kem>. Note that the I<kem> may have
+multiple synonyms associated with it. In this case the first name from the
+algorithm definition is returned. Ownership of the returned string is retained
+by the I<kem> object and should not be freed by the caller.
+
 EVP_KEM_names_do_all() traverses all names for I<kem>, and calls I<fn> with
 each name and I<data>.
 
diff --git a/doc/man3/EVP_KEYEXCH_free.pod b/doc/man3/EVP_KEYEXCH_free.pod
index 1257dd2e5c..d0a0b6ef06 100644
--- a/doc/man3/EVP_KEYEXCH_free.pod
+++ b/doc/man3/EVP_KEYEXCH_free.pod
@@ -5,7 +5,7 @@
 EVP_KEYEXCH_fetch, EVP_KEYEXCH_free, EVP_KEYEXCH_up_ref, EVP_KEYEXCH_provider,
 EVP_KEYEXCH_is_a, EVP_KEYEXCH_do_all_provided,
 EVP_KEYEXCH_number, EVP_KEYEXCH_names_do_all,
-EVP_KEYEXCH_description,
+EVP_KEYEXCH_name, EVP_KEYEXCH_description,
 EVP_KEYEXCH_gettable_ctx_params, EVP_KEYEXCH_settable_ctx_params
 - Functions to manage EVP_KEYEXCH algorithm objects
 
@@ -20,6 +20,7 @@ EVP_KEYEXCH_gettable_ctx_params, EVP_KEYEXCH_settable_ctx_params
  OSSL_PROVIDER *EVP_KEYEXCH_provider(const EVP_KEYEXCH *exchange);
  int EVP_KEYEXCH_is_a(const EVP_KEYEXCH *exchange, const char *name);
  int EVP_KEYEXCH_number(const EVP_KEYEXCH *exchange);
+ const char *EVP_KEYEXCH_name(const EVP_KEYEXCH *exchange);
  void EVP_KEYEXCH_do_all_provided(OSSL_LIB_CTX *libctx,
                                   void (*fn)(EVP_KEYEXCH *exchange, void *arg),
                                   void *arg);
@@ -55,6 +56,12 @@ algorithm that's identifiable with I<name>.
 EVP_KEYEXCH_number() returns the internal dynamic number assigned to
 the I<exchange>.
 
+EVP_KEYEXCH_name() returns the algorithm name from the provided
+implementation for the given I<exchange>. Note that the I<exchange> may have
+multiple synonyms associated with it. In this case the first name from the
+algorithm definition is returned. Ownership of the returned string is retained
+by the I<exchange> object and should not be freed by the caller.
+
 EVP_KEYEXCH_names_do_all() traverses all names for the I<exchange>, and
 calls I<fn> with each name and I<data>.
 
diff --git a/doc/man3/EVP_KEYMGMT.pod b/doc/man3/EVP_KEYMGMT.pod
index d62f1cb3f5..9f143cd6ed 100644
--- a/doc/man3/EVP_KEYMGMT.pod
+++ b/doc/man3/EVP_KEYMGMT.pod
@@ -10,7 +10,7 @@ EVP_KEYMGMT_provider,
 EVP_KEYMGMT_is_a,
 EVP_KEYMGMT_number,
 EVP_KEYMGMT_description,
-EVP_KEYMGMT_get0_first_name,
+EVP_KEYMGMT_name,
 EVP_KEYMGMT_do_all_provided,
 EVP_KEYMGMT_names_do_all,
 EVP_KEYMGMT_gettable_params,
@@ -31,7 +31,7 @@ EVP_KEYMGMT_gen_settable_params
  const OSSL_PROVIDER *EVP_KEYMGMT_provider(const EVP_KEYMGMT *keymgmt);
  int EVP_KEYMGMT_is_a(const EVP_KEYMGMT *keymgmt, const char *name);
  int EVP_KEYMGMT_number(const EVP_KEYMGMT *keymgmt);
- const char *EVP_KEYMGMT_get0_first_name(const EVP_KEYMGMT *keymgmt);
+ const char *EVP_KEYMGMT_name(const EVP_KEYMGMT *keymgmt);
  const char *EVP_KEYMGMT_description(const EVP_KEYMGMT *keymgmt);
 
  void EVP_KEYMGMT_do_all_provided(OSSL_LIB_CTX *libctx,
@@ -74,11 +74,11 @@ algorithm that's identifiable with I<name>.
 EVP_KEYMGMT_number() returns the internal dynamic number assigned to
 the I<keymgmt>.
 
-EVP_KEYMGMT_get0_first_name() returns the first algorithm name that is found for
-the given I<keymgmt>. Note that the I<keymgmt> may have multiple synonyms
-associated with it. In this case it is undefined which one will be returned.
-Ownership of the returned string is retained by the I<keymgmt> object and should
-not be freed by the caller.
+EVP_KEYMGMT_name() returns the algorithm name from the provided implementation
+for the given I<keymgmt>. Note that the I<keymgmt> may have multiple synonyms
+associated with it. In this case the first name from the algorithm
+definition is returned. Ownership of the returned string is retained by the
+I<keymgmt> object and should not be freed by the caller.
 
 EVP_KEYMGMT_names_do_all() traverses all names for the I<keymgmt>, and
 calls I<fn> with each name and I<data>.
@@ -129,7 +129,7 @@ otherwise 0.
 
 EVP_KEYMGMT_number() returns an integer.
 
-EVP_KEYMGMT_get0_first_name() returns the name that is found or NULL on error.
+EVP_KEYMGMT_name() returns the algorithm name, or NULL on error.
 
 EVP_KEYMGMT_description() returns a pointer to a decription, or NULL if
 there isn't one.
diff --git a/doc/man3/EVP_SIGNATURE_free.pod b/doc/man3/EVP_SIGNATURE_free.pod
index 71f283fdc6..a1897bbdb0 100644
--- a/doc/man3/EVP_SIGNATURE_free.pod
+++ b/doc/man3/EVP_SIGNATURE_free.pod
@@ -5,7 +5,7 @@
 EVP_SIGNATURE_fetch, EVP_SIGNATURE_free, EVP_SIGNATURE_up_ref,
 EVP_SIGNATURE_number, EVP_SIGNATURE_is_a, EVP_SIGNATURE_provider,
 EVP_SIGNATURE_do_all_provided, EVP_SIGNATURE_names_do_all,
-EVP_SIGNATURE_description,
+EVP_SIGNATURE_name, EVP_SIGNATURE_description,
 EVP_SIGNATURE_gettable_ctx_params, EVP_SIGNATURE_settable_ctx_params
 - Functions to manage EVP_SIGNATURE algorithm objects
 
@@ -18,6 +18,7 @@ EVP_SIGNATURE_gettable_ctx_params, EVP_SIGNATURE_settable_ctx_params
  void EVP_SIGNATURE_free(EVP_SIGNATURE *signature);
  int EVP_SIGNATURE_up_ref(EVP_SIGNATURE *signature);
  int EVP_SIGNATURE_number(const EVP_SIGNATURE *signature);
+ const char *EVP_SIGNATURE_name(const EVP_SIGNATURE *signature);
  int EVP_SIGNATURE_is_a(const EVP_SIGNATURE *signature, const char *name);
  OSSL_PROVIDER *EVP_SIGNATURE_provider(const EVP_SIGNATURE *signature);
  void EVP_SIGNATURE_do_all_provided(OSSL_LIB_CTX *libctx,
@@ -27,6 +28,7 @@ EVP_SIGNATURE_gettable_ctx_params, EVP_SIGNATURE_settable_ctx_params
  int EVP_SIGNATURE_names_do_all(const EVP_SIGNATURE *signature,
                                 void (*fn)(const char *name, void *data),
                                 void *data);
+ const char *EVP_SIGNATURE_name(const EVP_SIGNATURE *signature);
  const char *EVP_SIGNATURE_description(const EVP_SIGNATURE *signature);
  const OSSL_PARAM *EVP_SIGNATURE_gettable_ctx_params(const EVP_SIGNATURE *sig);
  const OSSL_PARAM *EVP_SIGNATURE_settable_ctx_params(const EVP_SIGNATURE *sig);
@@ -63,6 +65,12 @@ and the given I<arg> as argument.
 EVP_SIGNATURE_number() returns the internal dynamic number assigned to
 I<signature>.
 
+EVP_SIGNATURE_name() returns the algorithm name from the provided
+implementation for the given I<signature>. Note that the I<signature> may have
+multiple synonyms associated with it. In this case the first name from the
+algorithm definition is returned. Ownership of the returned string is retained
+by the I<signature> object and should not be freed by the caller.
+
 EVP_SIGNATURE_names_do_all() traverses all names for I<signature>, and calls
 I<fn> with each name and I<data>.
 
diff --git a/doc/man7/openssl-core.h.pod b/doc/man7/openssl-core.h.pod
index 8158e3f421..866abd581d 100644
--- a/doc/man7/openssl-core.h.pod
+++ b/doc/man7/openssl-core.h.pod
@@ -60,6 +60,9 @@ identity zero and function pointer NULL.
 The algorithm names and property definitions are defined by the
 providers.
 
+The OpenSSL libraries use the first of the algorithm names as the main
+or canonical name, on a per algorithm implementation basis.
+
 =item B<OSSL_PARAM>
 
 This type is a structure that allows passing arbitrary object data
diff --git a/include/crypto/evp.h b/include/crypto/evp.h
index 99e884ecfb..f4b12d1400 100644
--- a/include/crypto/evp.h
+++ b/include/crypto/evp.h
@@ -193,6 +193,7 @@ const EVP_PKEY_METHOD *ossl_rsa_pss_pkey_method(void);
 struct evp_mac_st {
     OSSL_PROVIDER *prov;
     int name_id;
+    char *type_name;
     const char *description;
 
     CRYPTO_REF_COUNT refcnt;
@@ -215,6 +216,7 @@ struct evp_mac_st {
 struct evp_kdf_st {
     OSSL_PROVIDER *prov;
     int name_id;
+    char *type_name;
     const char *description;
     CRYPTO_REF_COUNT refcnt;
     CRYPTO_RWLOCK *lock;
@@ -258,6 +260,7 @@ struct evp_md_st {
     /* New structure members */
     /* Above comment to be removed when legacy has gone */
     int name_id;
+    char *type_name;
     const char *description;
     OSSL_PROVIDER *prov;
     CRYPTO_REF_COUNT refcnt;
@@ -313,6 +316,7 @@ struct evp_cipher_st {
     /* New structure members */
     /* Above comment to be removed when legacy has gone */
     int name_id;
+    char *type_name;
     const char *description;
     OSSL_PROVIDER *prov;
     CRYPTO_REF_COUNT refcnt;
diff --git a/include/internal/core.h b/include/internal/core.h
index 6e66bbeb9a..68b3943679 100644
--- a/include/internal/core.h
+++ b/include/internal/core.h
@@ -59,6 +59,7 @@ void ossl_algorithm_do_all(OSSL_LIB_CTX *libctx, int operation_id,
                            int (*post)(OSSL_PROVIDER *, int operation_id,
                                        int no_store, void *data, int *result),
                            void *data);
+char *ossl_algorithm_get1_first_name(const OSSL_ALGORITHM *algo);
 
 __owur int ossl_lib_ctx_write_lock(OSSL_LIB_CTX *ctx);
 __owur int ossl_lib_ctx_read_lock(OSSL_LIB_CTX *ctx);
diff --git a/include/openssl/evp.h b/include/openssl/evp.h
index 40e50666fe..5d493f171e 100644
--- a/include/openssl/evp.h
+++ b/include/openssl/evp.h
@@ -1681,7 +1681,7 @@ EVP_KEYMGMT *EVP_KEYMGMT_fetch(OSSL_LIB_CTX *ctx, const char *algorithm,
 int EVP_KEYMGMT_up_ref(EVP_KEYMGMT *keymgmt);
 void EVP_KEYMGMT_free(EVP_KEYMGMT *keymgmt);
 const OSSL_PROVIDER *EVP_KEYMGMT_provider(const EVP_KEYMGMT *keymgmt);
-const char *EVP_KEYMGMT_get0_first_name(const EVP_KEYMGMT *keymgmt);
+const char *EVP_KEYMGMT_name(const EVP_KEYMGMT *keymgmt);
 const char *EVP_KEYMGMT_description(const EVP_KEYMGMT *keymgmt);
 int EVP_KEYMGMT_number(const EVP_KEYMGMT *keymgmt);
 int EVP_KEYMGMT_is_a(const EVP_KEYMGMT *keymgmt, const char *name);
@@ -1767,6 +1767,7 @@ EVP_SIGNATURE *EVP_SIGNATURE_fetch(OSSL_LIB_CTX *ctx, const char *algorithm,
                                    const char *properties);
 int EVP_SIGNATURE_is_a(const EVP_SIGNATURE *signature, const char *name);
 int EVP_SIGNATURE_number(const EVP_SIGNATURE *signature);
+const char *EVP_SIGNATURE_name(const EVP_SIGNATURE *signature);
 const char *EVP_SIGNATURE_description(const EVP_SIGNATURE *signature);
 void EVP_SIGNATURE_do_all_provided(OSSL_LIB_CTX *libctx,
                                    void (*fn)(EVP_SIGNATURE *signature,
@@ -1785,6 +1786,7 @@ EVP_ASYM_CIPHER *EVP_ASYM_CIPHER_fetch(OSSL_LIB_CTX *ctx, const char *algorithm,
                                        const char *properties);
 int EVP_ASYM_CIPHER_is_a(const EVP_ASYM_CIPHER *cipher, const char *name);
 int EVP_ASYM_CIPHER_number(const EVP_ASYM_CIPHER *cipher);
+const char *EVP_ASYM_CIPHER_name(const EVP_ASYM_CIPHER *cipher);
 const char *EVP_ASYM_CIPHER_description(const EVP_ASYM_CIPHER *cipher);
 void EVP_ASYM_CIPHER_do_all_provided(OSSL_LIB_CTX *libctx,
                                      void (*fn)(EVP_ASYM_CIPHER *cipher,
@@ -1803,6 +1805,7 @@ EVP_KEM *EVP_KEM_fetch(OSSL_LIB_CTX *ctx, const char *algorithm,
                        const char *properties);
 int EVP_KEM_is_a(const EVP_KEM *wrap, const char *name);
 int EVP_KEM_number(const EVP_KEM *wrap);
+const char *EVP_KEM_name(const EVP_KEM *wrap);
 const char *EVP_KEM_description(const EVP_KEM *wrap);
 void EVP_KEM_do_all_provided(OSSL_LIB_CTX *libctx,
                              void (*fn)(EVP_KEM *wrap, void *arg), void *arg);
@@ -2065,6 +2068,7 @@ EVP_KEYEXCH *EVP_KEYEXCH_fetch(OSSL_LIB_CTX *ctx, const char *algorithm,
 OSSL_PROVIDER *EVP_KEYEXCH_provider(const EVP_KEYEXCH *exchange);
 int EVP_KEYEXCH_is_a(const EVP_KEYEXCH *keyexch, const char *name);
 int EVP_KEYEXCH_number(const EVP_KEYEXCH *keyexch);
+const char *EVP_KEYEXCH_name(const EVP_KEYEXCH *keyexch);
 const char *EVP_KEYEXCH_description(const EVP_KEYEXCH *keyexch);
 void EVP_KEYEXCH_do_all_provided(OSSL_LIB_CTX *libctx,
                                  void (*fn)(EVP_KEYEXCH *keyexch, void *data),
diff --git a/test/evp_libctx_test.c b/test/evp_libctx_test.c
index c5cc6bb0d7..6dff939467 100644
--- a/test/evp_libctx_test.c
+++ b/test/evp_libctx_test.c
@@ -20,6 +20,7 @@
  * internal use.
  */
 #include "internal/deprecated.h"
+#include <assert.h>
 #include <openssl/evp.h>
 #include <openssl/provider.h>
 #include <openssl/dsa.h>
@@ -37,7 +38,7 @@
 static OSSL_LIB_CTX *libctx = NULL;
 static OSSL_PROVIDER *nullprov = NULL;
 static OSSL_PROVIDER *libprov = NULL;
-static STACK_OF(OPENSSL_CSTRING) *cipher_names = NULL;
+static STACK_OF(OPENSSL_STRING) *cipher_names = NULL;
 
 typedef enum OPTION_choice {
     OPT_ERR = -1,
@@ -338,7 +339,7 @@ static int test_cipher_reinit(int test_id)
         0x0f, 0x0e, 0x0d, 0x0c, 0x0b, 0x0a, 0x09, 0x08,
         0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00
     };
-    const char *name = sk_OPENSSL_CSTRING_value(cipher_names, test_id);
+    const char *name = sk_OPENSSL_STRING_value(cipher_names, test_id);
 
     if (!TEST_ptr(ctx = EVP_CIPHER_CTX_new()))
         goto err;
@@ -420,7 +421,7 @@ static int test_cipher_reinit_partialupdate(int test_id)
         0x0f, 0x0e, 0x0d, 0x0c, 0x0b, 0x0a, 0x09, 0x08,
         0x07, 0x06, 0x05, 0x04, 0x03, 0x02, 0x01, 0x00
     };
-    const char *name = sk_OPENSSL_CSTRING_value(cipher_names, test_id);
+    const char *name = sk_OPENSSL_STRING_value(cipher_names, test_id);
 
     if (!TEST_ptr(ctx = EVP_CIPHER_CTX_new()))
         goto err;
@@ -473,9 +474,15 @@ static int name_cmp(const char * const *a, const char * const *b)
 
 static void collect_cipher_names(EVP_CIPHER *cipher, void *cipher_names_list)
 {
-    STACK_OF(OPENSSL_CSTRING) *names = cipher_names_list;
-
-    sk_OPENSSL_CSTRING_push(names, EVP_CIPHER_name(cipher));
+    STACK_OF(OPENSSL_STRING) *names = cipher_names_list;
+    const char *name = EVP_CIPHER_name(cipher);
+    char *namedup = NULL;
+
+    assert(name != NULL);
+    /* the cipher will be freed after returning, strdup is needed */
+    if ((namedup = OPENSSL_strdup(name)) != NULL
+        && !sk_OPENSSL_STRING_push(names, namedup))
+        OPENSSL_free(namedup);
 }
 
 static int rsa_keygen(int bits, EVP_PKEY **pub, EVP_PKEY **priv)
@@ -693,13 +700,13 @@ int setup_tests(void)
     ADD_TEST(dhx_cert_load);
 #endif
 
-    if (!TEST_ptr(cipher_names = sk_OPENSSL_CSTRING_new(name_cmp)))
+    if (!TEST_ptr(cipher_names = sk_OPENSSL_STRING_new(name_cmp)))
         return 0;
     EVP_CIPHER_do_all_provided(libctx, collect_cipher_names, cipher_names);
 
-    ADD_ALL_TESTS(test_cipher_reinit, sk_OPENSSL_CSTRING_num(cipher_names));
+    ADD_ALL_TESTS(test_cipher_reinit, sk_OPENSSL_STRING_num(cipher_names));
     ADD_ALL_TESTS(test_cipher_reinit_partialupdate,
-                  sk_OPENSSL_CSTRING_num(cipher_names));
+                  sk_OPENSSL_STRING_num(cipher_names));
     ADD_TEST(kem_rsa_gen_recover);
     ADD_TEST(kem_rsa_params);
 #ifndef OPENSSL_NO_DH
@@ -708,9 +715,15 @@ int setup_tests(void)
     return 1;
 }
 
+/* Because OPENSSL_free is a macro, it can't be passed as a function pointer */
+static void string_free(char *m)
+{
+    OPENSSL_free(m);
+}
+
 void cleanup_tests(void)
 {
-    sk_OPENSSL_CSTRING_free(cipher_names);
+    sk_OPENSSL_STRING_pop_free(cipher_names, string_free);
     OSSL_PROVIDER_unload(libprov);
     OSSL_LIB_CTX_free(libctx);
     OSSL_PROVIDER_unload(nullprov);
diff --git a/util/libcrypto.num b/util/libcrypto.num
index 9237bdcd4b..720f28edea 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -5230,7 +5230,7 @@ CMS_AuthEnvelopedData_create            ?	3_0_0	EXIST::FUNCTION:CMS
 CMS_AuthEnvelopedData_create_ex         ?	3_0_0	EXIST::FUNCTION:CMS
 EVP_PKEY_CTX_set_ec_param_enc           ?	3_0_0	EXIST::FUNCTION:
 EVP_PKEY_get0_type_name                 ?	3_0_0	EXIST::FUNCTION:
-EVP_KEYMGMT_get0_first_name             ?	3_0_0	EXIST::FUNCTION:
+EVP_KEYMGMT_name                        ?	3_0_0	EXIST::FUNCTION:
 EC_KEY_decoded_from_explicit_params     ?	3_0_0	EXIST::FUNCTION:DEPRECATEDIN_3_0,EC
 EVP_KEM_free                            ?	3_0_0	EXIST::FUNCTION:
 EVP_KEM_up_ref                          ?	3_0_0	EXIST::FUNCTION:
@@ -5358,3 +5358,7 @@ EVP_MD_CTX_get1_md                      ?	3_0_0	EXIST::FUNCTION:
 EVP_CIPHER_CTX_get0_cipher              ?	3_0_0	EXIST::FUNCTION:
 EVP_CIPHER_CTX_get1_cipher              ?	3_0_0	EXIST::FUNCTION:
 OSSL_LIB_CTX_get0_global_default        ?	3_0_0	EXIST::FUNCTION:
+EVP_SIGNATURE_name                      ?	3_0_0	EXIST::FUNCTION:
+EVP_ASYM_CIPHER_name                    ?	3_0_0	EXIST::FUNCTION:
+EVP_KEM_name                            ?	3_0_0	EXIST::FUNCTION:
+EVP_KEYEXCH_name                        ?	3_0_0	EXIST::FUNCTION:


More information about the openssl-commits mailing list