[openssl] master update

Dr. Paul Dale pauli at openssl.org
Mon May 24 00:12:56 UTC 2021


The branch master has been updated
       via  7c14d0c1c0ece97f7406b4df466df6439146d6c6 (commit)
      from  c45df3302d20291ff1125f1aeb82fae1cdceaac8 (commit)


- Log -----------------------------------------------------------------
commit 7c14d0c1c0ece97f7406b4df466df6439146d6c6
Author: Shane Lontis <shane.lontis at oracle.com>
Date:   Fri May 14 13:08:42 2021 +1000

    Rename the field 'provctx and data' to 'algctx' inside some objects containing
    pointers to provider size algorithm contexts.
    
    Fixes #14284
    
    The gettable_ctx_params methods were confusingly passing a 'provctx' and
    a provider context which are completely different objects.
    Some objects such as EVP_KDF used 'data' while others such as EVP_MD used 'provctx'.
    
    For libcrypto this 'ctx' is an opaque ptr returned when a providers algorithm
    implementation creates an internal context using a new_ctx() method.
    Hence the new name 'algctx'.
    
    Reviewed-by: Tomas Mraz <tomas at openssl.org>
    Reviewed-by: Richard Levitte <levitte at openssl.org>
    Reviewed-by: Paul Dale <pauli at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/15275)

-----------------------------------------------------------------------

Summary of changes:
 crypto/evp/asymcipher.c            |  16 ++---
 crypto/evp/ctrl_params_translate.c |   8 +--
 crypto/evp/digest.c                |  84 ++++++++++++-------------
 crypto/evp/evp_enc.c               |  78 ++++++++++++------------
 crypto/evp/evp_lib.c               |  26 ++++----
 crypto/evp/evp_local.h             |  34 ++++++++---
 crypto/evp/evp_rand.c              |  38 ++++++------
 crypto/evp/evp_utils.c             |   6 +-
 crypto/evp/exchange.c              |  14 ++---
 crypto/evp/kdf_lib.c               |  24 ++++----
 crypto/evp/kdf_meth.c              |   4 +-
 crypto/evp/kem.c                   |  16 ++---
 crypto/evp/m_sigver.c              |  38 ++++++------
 crypto/evp/mac_lib.c               |  28 ++++-----
 crypto/evp/mac_meth.c              |   4 +-
 crypto/evp/pmeth_lib.c             | 122 ++++++++++++++++++-------------------
 crypto/evp/signature.c             |  26 ++++----
 include/crypto/evp.h               |  24 ++++++--
 test/drbgtest.c                    |   2 +-
 test/testutil/fake_random.c        |   4 +-
 20 files changed, 314 insertions(+), 282 deletions(-)

diff --git a/crypto/evp/asymcipher.c b/crypto/evp/asymcipher.c
index 1acbe81b68..513cb7e654 100644
--- a/crypto/evp/asymcipher.c
+++ b/crypto/evp/asymcipher.c
@@ -99,8 +99,8 @@ static int evp_pkey_asym_cipher_init(EVP_PKEY_CTX *ctx, int operation,
     /* No more legacy from here down to legacy: */
 
     ctx->op.ciph.cipher = cipher;
-    ctx->op.ciph.ciphprovctx = cipher->newctx(ossl_provider_ctx(cipher->prov));
-    if (ctx->op.ciph.ciphprovctx == NULL) {
+    ctx->op.ciph.algctx = cipher->newctx(ossl_provider_ctx(cipher->prov));
+    if (ctx->op.ciph.algctx == NULL) {
         /* The provider key can stay in the cache */
         ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
         goto err;
@@ -113,7 +113,7 @@ static int evp_pkey_asym_cipher_init(EVP_PKEY_CTX *ctx, int operation,
             ret = -2;
             goto err;
         }
-        ret = cipher->encrypt_init(ctx->op.ciph.ciphprovctx, provkey, params);
+        ret = cipher->encrypt_init(ctx->op.ciph.algctx, provkey, params);
         break;
     case EVP_PKEY_OP_DECRYPT:
         if (cipher->decrypt_init == NULL) {
@@ -121,7 +121,7 @@ static int evp_pkey_asym_cipher_init(EVP_PKEY_CTX *ctx, int operation,
             ret = -2;
             goto err;
         }
-        ret = cipher->decrypt_init(ctx->op.ciph.ciphprovctx, provkey, params);
+        ret = cipher->decrypt_init(ctx->op.ciph.algctx, provkey, params);
         break;
     default:
         ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
@@ -194,10 +194,10 @@ int EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx,
         return -1;
     }
 
-    if (ctx->op.ciph.ciphprovctx == NULL)
+    if (ctx->op.ciph.algctx == NULL)
         goto legacy;
 
-    ret = ctx->op.ciph.cipher->encrypt(ctx->op.ciph.ciphprovctx, out, outlen,
+    ret = ctx->op.ciph.cipher->encrypt(ctx->op.ciph.algctx, out, outlen,
                                        (out == NULL ? 0 : *outlen), in, inlen);
     return ret;
 
@@ -236,10 +236,10 @@ int EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx,
         return -1;
     }
 
-    if (ctx->op.ciph.ciphprovctx == NULL)
+    if (ctx->op.ciph.algctx == NULL)
         goto legacy;
 
-    ret = ctx->op.ciph.cipher->decrypt(ctx->op.ciph.ciphprovctx, out, outlen,
+    ret = ctx->op.ciph.cipher->decrypt(ctx->op.ciph.algctx, out, outlen,
                                        (out == NULL ? 0 : *outlen), in, inlen);
     return ret;
 
diff --git a/crypto/evp/ctrl_params_translate.c b/crypto/evp/ctrl_params_translate.c
index f47209ae83..216305b952 100644
--- a/crypto/evp/ctrl_params_translate.c
+++ b/crypto/evp/ctrl_params_translate.c
@@ -419,13 +419,13 @@ static int default_fixup_args(enum state state,
 
         if (translation->optype != 0) {
             if ((EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx->pctx)
-                 && ctx->pctx->op.sig.sigprovctx == NULL)
+                 && ctx->pctx->op.sig.algctx == NULL)
                 || (EVP_PKEY_CTX_IS_DERIVE_OP(ctx->pctx)
-                    && ctx->pctx->op.kex.exchprovctx == NULL)
+                    && ctx->pctx->op.kex.algctx == NULL)
                 || (EVP_PKEY_CTX_IS_ASYM_CIPHER_OP(ctx->pctx)
-                    && ctx->pctx->op.ciph.ciphprovctx == NULL)
+                    && ctx->pctx->op.ciph.algctx == NULL)
                 || (EVP_PKEY_CTX_IS_KEM_OP(ctx->pctx)
-                    && ctx->pctx->op.encap.kemprovctx == NULL)
+                    && ctx->pctx->op.encap.algctx == NULL)
                 /*
                  * The following may be unnecessary, but we have them
                  * for good measure...
diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c
index 25ce609854..b202d466e4 100644
--- a/crypto/evp/digest.c
+++ b/crypto/evp/digest.c
@@ -26,10 +26,10 @@
 
 void evp_md_ctx_clear_digest(EVP_MD_CTX *ctx, int force)
 {
-    if (ctx->provctx != NULL) {
+    if (ctx->algctx != NULL) {
         if (ctx->digest != NULL && ctx->digest->freectx != NULL)
-            ctx->digest->freectx(ctx->provctx);
-        ctx->provctx = NULL;
+            ctx->digest->freectx(ctx->algctx);
+        ctx->algctx = NULL;
         EVP_MD_CTX_set_flags(ctx, EVP_MD_CTX_FLAG_CLEANED);
     }
 
@@ -132,7 +132,7 @@ static int evp_md_init_internal(EVP_MD_CTX *ctx, const EVP_MD *type,
 #if !defined(FIPS_MODULE)
     if (ctx->pctx != NULL
             && EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx->pctx)
-            && ctx->pctx->op.sig.sigprovctx != NULL) {
+            && ctx->pctx->op.sig.algctx != NULL) {
         /*
          * Prior to OpenSSL 3.0 calling EVP_DigestInit_ex() on an mdctx
          * previously initialised with EVP_DigestSignInit() would retain
@@ -150,14 +150,14 @@ static int evp_md_init_internal(EVP_MD_CTX *ctx, const EVP_MD *type,
 
     EVP_MD_CTX_clear_flags(ctx, EVP_MD_CTX_FLAG_CLEANED);
 
-    if (ctx->provctx != NULL) {
+    if (ctx->algctx != NULL) {
         if (!ossl_assert(ctx->digest != NULL)) {
             ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
             return 0;
         }
         if (ctx->digest->freectx != NULL)
-            ctx->digest->freectx(ctx->provctx);
-        ctx->provctx = NULL;
+            ctx->digest->freectx(ctx->algctx);
+        ctx->algctx = NULL;
     }
 
     if (type != NULL) {
@@ -238,10 +238,10 @@ static int evp_md_init_internal(EVP_MD_CTX *ctx, const EVP_MD *type,
 #endif
     }
 
-    if (ctx->provctx != NULL && ctx->digest != NULL && ctx->digest != type) {
+    if (ctx->algctx != NULL && ctx->digest != NULL && ctx->digest != type) {
         if (ctx->digest->freectx != NULL)
-            ctx->digest->freectx(ctx->provctx);
-        ctx->provctx = NULL;
+            ctx->digest->freectx(ctx->algctx);
+        ctx->algctx = NULL;
     }
     if (type->prov != NULL && ctx->fetched_digest != type) {
         if (!EVP_MD_up_ref((EVP_MD *)type)) {
@@ -252,9 +252,9 @@ static int evp_md_init_internal(EVP_MD_CTX *ctx, const EVP_MD *type,
         ctx->fetched_digest = (EVP_MD *)type;
     }
     ctx->digest = type;
-    if (ctx->provctx == NULL) {
-        ctx->provctx = ctx->digest->newctx(ossl_provider_ctx(type->prov));
-        if (ctx->provctx == NULL) {
+    if (ctx->algctx == NULL) {
+        ctx->algctx = ctx->digest->newctx(ossl_provider_ctx(type->prov));
+        if (ctx->algctx == NULL) {
             ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
             return 0;
         }
@@ -265,7 +265,7 @@ static int evp_md_init_internal(EVP_MD_CTX *ctx, const EVP_MD *type,
         return 0;
     }
 
-    return ctx->digest->dinit(ctx->provctx, params);
+    return ctx->digest->dinit(ctx->algctx, params);
 
     /* Code below to be removed when legacy support is dropped. */
  legacy:
@@ -359,7 +359,7 @@ int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t count)
 
     if (ctx->pctx != NULL
             && EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx->pctx)
-            && ctx->pctx->op.sig.sigprovctx != NULL) {
+            && ctx->pctx->op.sig.algctx != NULL) {
         /*
          * Prior to OpenSSL 3.0 EVP_DigestSignUpdate() and
          * EVP_DigestVerifyUpdate() were just macros for EVP_DigestUpdate().
@@ -385,7 +385,7 @@ int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *data, size_t count)
         ERR_raise(ERR_LIB_EVP, EVP_R_UPDATE_ERROR);
         return 0;
     }
-    return ctx->digest->dupdate(ctx->provctx, data, count);
+    return ctx->digest->dupdate(ctx->algctx, data, count);
 
     /* Code below to be removed when legacy support is dropped. */
  legacy:
@@ -423,7 +423,7 @@ int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *isize)
         return 0;
     }
 
-    ret = ctx->digest->dfinal(ctx->provctx, md, &size, mdsize);
+    ret = ctx->digest->dfinal(ctx->algctx, md, &size, mdsize);
 
     if (isize != NULL) {
         if (size <= UINT_MAX) {
@@ -473,7 +473,7 @@ int EVP_DigestFinalXOF(EVP_MD_CTX *ctx, unsigned char *md, size_t size)
     params[i++] = OSSL_PARAM_construct_end();
 
     if (EVP_MD_CTX_set_params(ctx, params) > 0)
-        ret = ctx->digest->dfinal(ctx->provctx, md, &size, size);
+        ret = ctx->digest->dfinal(ctx->algctx, md, &size, size);
 
     return ret;
 
@@ -524,14 +524,14 @@ int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out, const EVP_MD_CTX *in)
     *out = *in;
     /* NULL out pointers in case of error */
     out->pctx = NULL;
-    out->provctx = NULL;
+    out->algctx = NULL;
 
     if (in->fetched_digest != NULL)
         EVP_MD_up_ref(in->fetched_digest);
 
-    if (in->provctx != NULL) {
-        out->provctx = in->digest->dupctx(in->provctx);
-        if (out->provctx == NULL) {
+    if (in->algctx != NULL) {
+        out->algctx = in->digest->dupctx(in->algctx);
+        if (out->algctx == NULL) {
             ERR_raise(ERR_LIB_EVP, EVP_R_NOT_ABLE_TO_COPY_CTX);
             return 0;
         }
@@ -666,24 +666,24 @@ int EVP_MD_CTX_set_params(EVP_MD_CTX *ctx, const OSSL_PARAM params[])
     if (pctx != NULL
             && (pctx->operation == EVP_PKEY_OP_VERIFYCTX
                 || pctx->operation == EVP_PKEY_OP_SIGNCTX)
-            && pctx->op.sig.sigprovctx != NULL
+            && pctx->op.sig.algctx != NULL
             && pctx->op.sig.signature->set_ctx_md_params != NULL)
-        return pctx->op.sig.signature->set_ctx_md_params(pctx->op.sig.sigprovctx,
+        return pctx->op.sig.signature->set_ctx_md_params(pctx->op.sig.algctx,
                                                          params);
 
     if (ctx->digest != NULL && ctx->digest->set_ctx_params != NULL)
-        return ctx->digest->set_ctx_params(ctx->provctx, params);
+        return ctx->digest->set_ctx_params(ctx->algctx, params);
 
     return 0;
 }
 
 const OSSL_PARAM *EVP_MD_settable_ctx_params(const EVP_MD *md)
 {
-    void *alg;
+    void *provctx;
 
     if (md != NULL && md->settable_ctx_params != NULL) {
-        alg = ossl_provider_ctx(EVP_MD_provider(md));
-        return md->settable_ctx_params(NULL, alg);
+        provctx = ossl_provider_ctx(EVP_MD_provider(md));
+        return md->settable_ctx_params(NULL, provctx);
     }
     return NULL;
 }
@@ -701,14 +701,14 @@ const OSSL_PARAM *EVP_MD_CTX_settable_params(EVP_MD_CTX *ctx)
     if (pctx != NULL
             && (pctx->operation == EVP_PKEY_OP_VERIFYCTX
                 || pctx->operation == EVP_PKEY_OP_SIGNCTX)
-            && pctx->op.sig.sigprovctx != NULL
+            && pctx->op.sig.algctx != NULL
             && pctx->op.sig.signature->settable_ctx_md_params != NULL)
         return pctx->op.sig.signature->settable_ctx_md_params(
-                   pctx->op.sig.sigprovctx);
+                   pctx->op.sig.algctx);
 
     if (ctx->digest != NULL && ctx->digest->settable_ctx_params != NULL) {
         alg = ossl_provider_ctx(EVP_MD_provider(ctx->digest));
-        return ctx->digest->settable_ctx_params(ctx->provctx, alg);
+        return ctx->digest->settable_ctx_params(ctx->algctx, alg);
     }
 
     return NULL;
@@ -722,24 +722,24 @@ int EVP_MD_CTX_get_params(EVP_MD_CTX *ctx, OSSL_PARAM params[])
     if (pctx != NULL
             && (pctx->operation == EVP_PKEY_OP_VERIFYCTX
                 || pctx->operation == EVP_PKEY_OP_SIGNCTX)
-            && pctx->op.sig.sigprovctx != NULL
+            && pctx->op.sig.algctx != NULL
             && pctx->op.sig.signature->get_ctx_md_params != NULL)
-        return pctx->op.sig.signature->get_ctx_md_params(pctx->op.sig.sigprovctx,
+        return pctx->op.sig.signature->get_ctx_md_params(pctx->op.sig.algctx,
                                                          params);
 
     if (ctx->digest != NULL && ctx->digest->get_params != NULL)
-        return ctx->digest->get_ctx_params(ctx->provctx, params);
+        return ctx->digest->get_ctx_params(ctx->algctx, params);
 
     return 0;
 }
 
 const OSSL_PARAM *EVP_MD_gettable_ctx_params(const EVP_MD *md)
 {
-    void *alg;
+    void *provctx;
 
     if (md != NULL && md->gettable_ctx_params != NULL) {
-        alg = ossl_provider_ctx(EVP_MD_provider(md));
-        return md->gettable_ctx_params(NULL, alg);
+        provctx = ossl_provider_ctx(EVP_MD_provider(md));
+        return md->gettable_ctx_params(NULL, provctx);
     }
     return NULL;
 }
@@ -747,7 +747,7 @@ const OSSL_PARAM *EVP_MD_gettable_ctx_params(const EVP_MD *md)
 const OSSL_PARAM *EVP_MD_CTX_gettable_params(EVP_MD_CTX *ctx)
 {
     EVP_PKEY_CTX *pctx;
-    void *alg;
+    void *provctx;
 
     if (ctx == NULL)
         return NULL;
@@ -757,14 +757,14 @@ const OSSL_PARAM *EVP_MD_CTX_gettable_params(EVP_MD_CTX *ctx)
     if (pctx != NULL
             && (pctx->operation == EVP_PKEY_OP_VERIFYCTX
                 || pctx->operation == EVP_PKEY_OP_SIGNCTX)
-            && pctx->op.sig.sigprovctx != NULL
+            && pctx->op.sig.algctx != NULL
             && pctx->op.sig.signature->gettable_ctx_md_params != NULL)
         return pctx->op.sig.signature->gettable_ctx_md_params(
-                    pctx->op.sig.sigprovctx);
+                    pctx->op.sig.algctx);
 
     if (ctx->digest != NULL && ctx->digest->gettable_ctx_params != NULL) {
-        alg = ossl_provider_ctx(EVP_MD_provider(ctx->digest));
-        return ctx->digest->gettable_ctx_params(ctx->provctx, alg);
+        provctx = ossl_provider_ctx(EVP_MD_provider(ctx->digest));
+        return ctx->digest->gettable_ctx_params(ctx->algctx, provctx);
     }
     return NULL;
 }
diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c
index 50e1c3452b..143ae1b076 100644
--- a/crypto/evp/evp_enc.c
+++ b/crypto/evp/evp_enc.c
@@ -33,10 +33,10 @@ int EVP_CIPHER_CTX_reset(EVP_CIPHER_CTX *ctx)
     if (ctx->cipher == NULL || ctx->cipher->prov == NULL)
         goto legacy;
 
-    if (ctx->provctx != NULL) {
+    if (ctx->algctx != NULL) {
         if (ctx->cipher->freectx != NULL)
-            ctx->cipher->freectx(ctx->provctx);
-        ctx->provctx = NULL;
+            ctx->cipher->freectx(ctx->algctx);
+        ctx->algctx = NULL;
     }
     if (ctx->fetched_cipher != NULL)
         EVP_CIPHER_free(ctx->fetched_cipher);
@@ -190,9 +190,9 @@ static int evp_cipher_init_internal(EVP_CIPHER_CTX *ctx,
         ctx->fetched_cipher = (EVP_CIPHER *)cipher;
     }
     ctx->cipher = cipher;
-    if (ctx->provctx == NULL) {
-        ctx->provctx = ctx->cipher->newctx(ossl_provider_ctx(cipher->prov));
-        if (ctx->provctx == NULL) {
+    if (ctx->algctx == NULL) {
+        ctx->algctx = ctx->cipher->newctx(ossl_provider_ctx(cipher->prov));
+        if (ctx->algctx == NULL) {
             ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
             return 0;
         }
@@ -213,7 +213,7 @@ static int evp_cipher_init_internal(EVP_CIPHER_CTX *ctx,
             return 0;
         }
 
-        return ctx->cipher->einit(ctx->provctx,
+        return ctx->cipher->einit(ctx->algctx,
                                   key,
                                   key == NULL ? 0
                                               : EVP_CIPHER_CTX_key_length(ctx),
@@ -228,7 +228,7 @@ static int evp_cipher_init_internal(EVP_CIPHER_CTX *ctx,
         return 0;
     }
 
-    return ctx->cipher->dinit(ctx->provctx,
+    return ctx->cipher->dinit(ctx->algctx,
                               key,
                               key == NULL ? 0
                                           : EVP_CIPHER_CTX_key_length(ctx),
@@ -620,7 +620,7 @@ int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
         ERR_raise(ERR_LIB_EVP, EVP_R_UPDATE_ERROR);
         return 0;
     }
-    ret = ctx->cipher->cupdate(ctx->provctx, out, &soutl,
+    ret = ctx->cipher->cupdate(ctx->algctx, out, &soutl,
                                inl + (blocksize == 1 ? 0 : blocksize), in,
                                (size_t)inl);
 
@@ -681,7 +681,7 @@ int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
         return 0;
     }
 
-    ret = ctx->cipher->cfinal(ctx->provctx, out, &soutl,
+    ret = ctx->cipher->cfinal(ctx->algctx, out, &soutl,
                               blocksize == 1 ? 0 : blocksize);
 
     if (ret) {
@@ -767,7 +767,7 @@ int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl,
         ERR_raise(ERR_LIB_EVP, EVP_R_UPDATE_ERROR);
         return 0;
     }
-    ret = ctx->cipher->cupdate(ctx->provctx, out, &soutl,
+    ret = ctx->cipher->cupdate(ctx->algctx, out, &soutl,
                                inl + (blocksize == 1 ? 0 : blocksize), in,
                                (size_t)inl);
 
@@ -903,7 +903,7 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl)
         return 0;
     }
 
-    ret = ctx->cipher->cfinal(ctx->provctx, out, &soutl,
+    ret = ctx->cipher->cfinal(ctx->algctx, out, &soutl,
                               blocksize == 1 ? 0 : blocksize);
 
     if (ret) {
@@ -985,7 +985,7 @@ int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *c, int keylen)
             return 0;
 
         params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_KEYLEN, &len);
-        ok = evp_do_ciph_ctx_setparams(c->cipher, c->provctx, params);
+        ok = evp_do_ciph_ctx_setparams(c->cipher, c->algctx, params);
 
         return ok > 0 ? 1 : 0;
     }
@@ -1022,7 +1022,7 @@ int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *ctx, int pad)
     if (ctx->cipher != NULL && ctx->cipher->prov == NULL)
         return 1;
     params[0] = OSSL_PARAM_construct_uint(OSSL_CIPHER_PARAM_PADDING, &pd);
-    ok = evp_do_ciph_ctx_setparams(ctx->cipher, ctx->provctx, params);
+    ok = evp_do_ciph_ctx_setparams(ctx->cipher, ctx->algctx, params);
 
     return ok != 0;
 }
@@ -1115,12 +1115,12 @@ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
         params[0] =
             OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_AEAD_TLS1_AAD,
                                               ptr, sz);
-        ret = evp_do_ciph_ctx_setparams(ctx->cipher, ctx->provctx, params);
+        ret = evp_do_ciph_ctx_setparams(ctx->cipher, ctx->algctx, params);
         if (ret <= 0)
             goto end;
         params[0] =
             OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_AEAD_TLS1_AAD_PAD, &sz);
-        ret = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
+        ret = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params);
         if (ret <= 0)
             goto end;
         return sz;
@@ -1135,14 +1135,14 @@ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
     case EVP_CTRL_TLS1_1_MULTIBLOCK_MAX_BUFSIZE:
         params[0] = OSSL_PARAM_construct_size_t(
                 OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_SEND_FRAGMENT, &sz);
-        ret = evp_do_ciph_ctx_setparams(ctx->cipher, ctx->provctx, params);
+        ret = evp_do_ciph_ctx_setparams(ctx->cipher, ctx->algctx, params);
         if (ret <= 0)
             return 0;
 
         params[0] = OSSL_PARAM_construct_size_t(
                 OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_MAX_BUFSIZE, &sz);
         params[1] = OSSL_PARAM_construct_end();
-        ret = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
+        ret = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params);
         if (ret <= 0)
             return 0;
         return sz;
@@ -1157,7 +1157,7 @@ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
                 OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_AAD, (void*)p->inp, p->len);
         params[1] = OSSL_PARAM_construct_uint(
                 OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE, &p->interleave);
-        ret = evp_do_ciph_ctx_setparams(ctx->cipher, ctx->provctx, params);
+        ret = evp_do_ciph_ctx_setparams(ctx->cipher, ctx->algctx, params);
         if (ret <= 0)
             return ret;
         /* Retrieve the return values changed by the set */
@@ -1166,7 +1166,7 @@ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
         params[1] = OSSL_PARAM_construct_uint(
                 OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE, &p->interleave);
         params[2] = OSSL_PARAM_construct_end();
-        ret = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
+        ret = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params);
         if (ret <= 0)
             return 0;
         return sz;
@@ -1183,13 +1183,13 @@ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
                 p->len);
         params[2] = OSSL_PARAM_construct_uint(
                 OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE, &p->interleave);
-        ret = evp_do_ciph_ctx_setparams(ctx->cipher, ctx->provctx, params);
+        ret = evp_do_ciph_ctx_setparams(ctx->cipher, ctx->algctx, params);
         if (ret <= 0)
             return ret;
         params[0] = OSSL_PARAM_construct_size_t(
                         OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_ENC_LEN, &sz);
         params[1] = OSSL_PARAM_construct_end();
-        ret = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
+        ret = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params);
         if (ret <= 0)
             return 0;
         return sz;
@@ -1204,9 +1204,9 @@ int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr)
     }
 
     if (set_params)
-        ret = evp_do_ciph_ctx_setparams(ctx->cipher, ctx->provctx, params);
+        ret = evp_do_ciph_ctx_setparams(ctx->cipher, ctx->algctx, params);
     else
-        ret = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
+        ret = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params);
     goto end;
 
     /* Code below to be removed when legacy support is dropped. */
@@ -1236,14 +1236,14 @@ int EVP_CIPHER_get_params(EVP_CIPHER *cipher, OSSL_PARAM params[])
 int EVP_CIPHER_CTX_set_params(EVP_CIPHER_CTX *ctx, const OSSL_PARAM params[])
 {
     if (ctx->cipher != NULL && ctx->cipher->set_ctx_params != NULL)
-        return ctx->cipher->set_ctx_params(ctx->provctx, params);
+        return ctx->cipher->set_ctx_params(ctx->algctx, params);
     return 0;
 }
 
 int EVP_CIPHER_CTX_get_params(EVP_CIPHER_CTX *ctx, OSSL_PARAM params[])
 {
     if (ctx->cipher != NULL && ctx->cipher->get_ctx_params != NULL)
-        return ctx->cipher->get_ctx_params(ctx->provctx, params);
+        return ctx->cipher->get_ctx_params(ctx->algctx, params);
     return 0;
 }
 
@@ -1257,22 +1257,22 @@ const OSSL_PARAM *EVP_CIPHER_gettable_params(const EVP_CIPHER *cipher)
 
 const OSSL_PARAM *EVP_CIPHER_settable_ctx_params(const EVP_CIPHER *cipher)
 {
-    void *alg;
+    void *provctx;
 
     if (cipher != NULL && cipher->settable_ctx_params != NULL) {
-        alg = ossl_provider_ctx(EVP_CIPHER_provider(cipher));
-        return cipher->settable_ctx_params(NULL, alg);
+        provctx = ossl_provider_ctx(EVP_CIPHER_provider(cipher));
+        return cipher->settable_ctx_params(NULL, provctx);
     }
     return NULL;
 }
 
 const OSSL_PARAM *EVP_CIPHER_gettable_ctx_params(const EVP_CIPHER *cipher)
 {
-    void *alg;
+    void *provctx;
 
     if (cipher != NULL && cipher->gettable_ctx_params != NULL) {
-        alg = ossl_provider_ctx(EVP_CIPHER_provider(cipher));
-        return cipher->gettable_ctx_params(NULL, alg);
+        provctx = ossl_provider_ctx(EVP_CIPHER_provider(cipher));
+        return cipher->gettable_ctx_params(NULL, provctx);
     }
     return NULL;
 }
@@ -1283,18 +1283,18 @@ const OSSL_PARAM *EVP_CIPHER_CTX_settable_params(EVP_CIPHER_CTX *cctx)
 
     if (cctx != NULL && cctx->cipher->settable_ctx_params != NULL) {
         alg = ossl_provider_ctx(EVP_CIPHER_provider(cctx->cipher));
-        return cctx->cipher->settable_ctx_params(cctx->provctx, alg);
+        return cctx->cipher->settable_ctx_params(cctx->algctx, alg);
     }
     return NULL;
 }
 
 const OSSL_PARAM *EVP_CIPHER_CTX_gettable_params(EVP_CIPHER_CTX *cctx)
 {
-    void *alg;
+    void *provctx;
 
     if (cctx != NULL && cctx->cipher->gettable_ctx_params != NULL) {
-        alg = ossl_provider_ctx(EVP_CIPHER_provider(cctx->cipher));
-        return cctx->cipher->gettable_ctx_params(cctx->provctx, alg);
+        provctx = ossl_provider_ctx(EVP_CIPHER_provider(cctx->cipher));
+        return cctx->cipher->gettable_ctx_params(cctx->algctx, provctx);
     }
     return NULL;
 }
@@ -1351,15 +1351,15 @@ int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in)
     EVP_CIPHER_CTX_reset(out);
 
     *out = *in;
-    out->provctx = NULL;
+    out->algctx = NULL;
 
     if (in->fetched_cipher != NULL && !EVP_CIPHER_up_ref(in->fetched_cipher)) {
         out->fetched_cipher = NULL;
         return 0;
     }
 
-    out->provctx = in->cipher->dupctx(in->provctx);
-    if (out->provctx == NULL) {
+    out->algctx = in->cipher->dupctx(in->algctx);
+    if (out->algctx == NULL) {
         ERR_raise(ERR_LIB_EVP, EVP_R_NOT_ABLE_TO_COPY_CTX);
         return 0;
     }
diff --git a/crypto/evp/evp_lib.c b/crypto/evp/evp_lib.c
index 7d40113790..adae97b8f5 100644
--- a/crypto/evp/evp_lib.c
+++ b/crypto/evp/evp_lib.c
@@ -412,16 +412,16 @@ int EVP_Cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
         size_t blocksize = EVP_CIPHER_CTX_block_size(ctx);
 
         if (ctx->cipher->ccipher != NULL)
-            ret =  ctx->cipher->ccipher(ctx->provctx, out, &outl,
+            ret =  ctx->cipher->ccipher(ctx->algctx, out, &outl,
                                         inl + (blocksize == 1 ? 0 : blocksize),
                                         in, (size_t)inl)
                 ? (int)outl : -1;
         else if (in != NULL)
-            ret = ctx->cipher->cupdate(ctx->provctx, out, &outl,
+            ret = ctx->cipher->cupdate(ctx->algctx, out, &outl,
                                        inl + (blocksize == 1 ? 0 : blocksize),
                                        in, (size_t)inl);
         else
-            ret = ctx->cipher->cfinal(ctx->provctx, out, &outl,
+            ret = ctx->cipher->cfinal(ctx->algctx, out, &outl,
                                       blocksize == 1 ? 0 : blocksize);
 
         return ret;
@@ -505,7 +505,7 @@ int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx)
     OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
 
     params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_IVLEN, &v);
-    rv = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
+    rv = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params);
     if (rv == EVP_CTRL_RET_UNSUPPORTED)
         goto legacy;
     return rv != 0 ? (int)v : -1;
@@ -526,7 +526,7 @@ int EVP_CIPHER_CTX_tag_length(const EVP_CIPHER_CTX *ctx)
     OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
 
     params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_AEAD_TAGLEN, &v);
-    ret = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
+    ret = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params);
     return ret == 1 ? (int)v : 0;
 }
 
@@ -540,7 +540,7 @@ const unsigned char *EVP_CIPHER_CTX_original_iv(const EVP_CIPHER_CTX *ctx)
     params[0] =
         OSSL_PARAM_construct_octet_ptr(OSSL_CIPHER_PARAM_IV,
                                        (void **)&v, sizeof(ctx->oiv));
-    ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
+    ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params);
 
     return ok != 0 ? v : NULL;
 }
@@ -557,7 +557,7 @@ const unsigned char *EVP_CIPHER_CTX_iv(const EVP_CIPHER_CTX *ctx)
     params[0] =
         OSSL_PARAM_construct_octet_ptr(OSSL_CIPHER_PARAM_UPDATED_IV,
                                        (void **)&v, sizeof(ctx->iv));
-    ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
+    ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params);
 
     return ok != 0 ? v : NULL;
 }
@@ -571,7 +571,7 @@ unsigned char *EVP_CIPHER_CTX_iv_noconst(EVP_CIPHER_CTX *ctx)
     params[0] =
         OSSL_PARAM_construct_octet_ptr(OSSL_CIPHER_PARAM_UPDATED_IV,
                                        (void **)&v, sizeof(ctx->iv));
-    ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
+    ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params);
 
     return ok != 0 ? v : NULL;
 }
@@ -583,7 +583,7 @@ int EVP_CIPHER_CTX_get_updated_iv(EVP_CIPHER_CTX *ctx, void *buf, size_t len)
 
     params[0] =
         OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_UPDATED_IV, buf, len);
-    return evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
+    return evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params);
 }
 
 int EVP_CIPHER_CTX_get_original_iv(EVP_CIPHER_CTX *ctx, void *buf, size_t len)
@@ -592,7 +592,7 @@ int EVP_CIPHER_CTX_get_original_iv(EVP_CIPHER_CTX *ctx, void *buf, size_t len)
 
     params[0] =
         OSSL_PARAM_construct_octet_string(OSSL_CIPHER_PARAM_IV, buf, len);
-    return evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
+    return evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params);
 }
 
 unsigned char *EVP_CIPHER_CTX_buf_noconst(EVP_CIPHER_CTX *ctx)
@@ -607,7 +607,7 @@ int EVP_CIPHER_CTX_num(const EVP_CIPHER_CTX *ctx)
     OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
 
     params[0] = OSSL_PARAM_construct_uint(OSSL_CIPHER_PARAM_NUM, &v);
-    ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
+    ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params);
 
     return ok != 0 ? (int)v : EVP_CTRL_RET_UNSUPPORTED;
 }
@@ -619,7 +619,7 @@ int EVP_CIPHER_CTX_set_num(EVP_CIPHER_CTX *ctx, int num)
     OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
 
     params[0] = OSSL_PARAM_construct_uint(OSSL_CIPHER_PARAM_NUM, &n);
-    ok = evp_do_ciph_ctx_setparams(ctx->cipher, ctx->provctx, params);
+    ok = evp_do_ciph_ctx_setparams(ctx->cipher, ctx->algctx, params);
 
     if (ok != 0)
         ctx->num = (int)n;
@@ -638,7 +638,7 @@ int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx)
     OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
 
     params[0] = OSSL_PARAM_construct_size_t(OSSL_CIPHER_PARAM_KEYLEN, &v);
-    ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->provctx, params);
+    ok = evp_do_ciph_ctx_getparams(ctx->cipher, ctx->algctx, params);
 
     return ok != 0 ? (int)v : EVP_CTRL_RET_UNSUPPORTED;
 }
diff --git a/crypto/evp/evp_local.h b/crypto/evp/evp_local.h
index 1490f0df4f..a0f363805c 100644
--- a/crypto/evp/evp_local.h
+++ b/crypto/evp/evp_local.h
@@ -7,8 +7,6 @@
  * https://www.openssl.org/source/license.html
  */
 
-/* EVP_MD_CTX related stuff */
-
 #include <openssl/core_dispatch.h>
 #include "internal/refcount.h"
 
@@ -27,8 +25,11 @@ struct evp_md_ctx_st {
     /* Update function: usually copied from EVP_MD */
     int (*update) (EVP_MD_CTX *ctx, const void *data, size_t count);
 
-    /* Provider ctx */
-    void *provctx;
+    /*
+     * Opaque ctx returned from a providers digest algorithm implementation
+     * OSSL_FUNC_digest_newctx()
+     */
+    void *algctx;
     EVP_MD *fetched_digest;
 } /* EVP_MD_CTX */ ;
 
@@ -51,24 +52,39 @@ struct evp_cipher_ctx_st {
     int block_mask;
     unsigned char final[EVP_MAX_BLOCK_LENGTH]; /* possible final block */
 
-    /* Provider ctx */
-    void *provctx;
+    /*
+     * Opaque ctx returned from a providers cipher algorithm implementation
+     * OSSL_FUNC_cipher_newctx()
+     */
+    void *algctx;
     EVP_CIPHER *fetched_cipher;
 } /* EVP_CIPHER_CTX */ ;
 
 struct evp_mac_ctx_st {
     EVP_MAC *meth;               /* Method structure */
-    void *data;                  /* Individual method data */
+    /*
+     * Opaque ctx returned from a providers MAC algorithm implementation
+     * OSSL_FUNC_mac_newctx()
+     */
+    void *algctx;
 } /* EVP_MAC_CTX */;
 
 struct evp_kdf_ctx_st {
     EVP_KDF *meth;              /* Method structure */
-    void *data;                 /* Algorithm-specific data */
+    /*
+     * Opaque ctx returned from a providers KDF algorithm implementation
+     * OSSL_FUNC_kdf_newctx()
+     */
+    void *algctx;
 } /* EVP_KDF_CTX */ ;
 
 struct evp_rand_ctx_st {
     EVP_RAND *meth;             /* Method structure */
-    void *data;                 /* Algorithm-specific data */
+    /*
+     * Opaque ctx returned from a providers rand algorithm implementation
+     * OSSL_FUNC_rand_newctx()
+     */
+    void *algctx;
     EVP_RAND_CTX *parent;       /* Parent EVP_RAND or NULL if none */
     CRYPTO_REF_COUNT refcnt;    /* Context reference count */
     CRYPTO_RWLOCK *refcnt_lock;
diff --git a/crypto/evp/evp_rand.c b/crypto/evp/evp_rand.c
index 5cd6588fa8..c886d9a563 100644
--- a/crypto/evp/evp_rand.c
+++ b/crypto/evp/evp_rand.c
@@ -97,7 +97,7 @@ static void *evp_rand_new(void)
 int EVP_RAND_enable_locking(EVP_RAND_CTX *rand)
 {
     if (rand->meth->enable_locking != NULL)
-        return rand->meth->enable_locking(rand->data);
+        return rand->meth->enable_locking(rand->algctx);
     ERR_raise(ERR_LIB_EVP, EVP_R_LOCKING_NOT_SUPPORTED);
     return 0;
 }
@@ -106,7 +106,7 @@ int EVP_RAND_enable_locking(EVP_RAND_CTX *rand)
 static int evp_rand_lock(EVP_RAND_CTX *rand)
 {
     if (rand->meth->lock != NULL)
-        return rand->meth->lock(rand->data);
+        return rand->meth->lock(rand->algctx);
     return 1;
 }
 
@@ -114,7 +114,7 @@ static int evp_rand_lock(EVP_RAND_CTX *rand)
 static void evp_rand_unlock(EVP_RAND_CTX *rand)
 {
     if (rand->meth->unlock != NULL)
-        rand->meth->unlock(rand->data);
+        rand->meth->unlock(rand->algctx);
 }
 
 static void *evp_rand_from_algorithm(int name_id,
@@ -356,14 +356,14 @@ EVP_RAND_CTX *EVP_RAND_CTX_new(EVP_RAND *rand, EVP_RAND_CTX *parent)
             OPENSSL_free(ctx);
             return NULL;
         }
-        parent_ctx = parent->data;
+        parent_ctx = parent->algctx;
         parent_dispatch = parent->meth->dispatch;
     }
-    if ((ctx->data = rand->newctx(ossl_provider_ctx(rand->prov), parent_ctx,
-                                  parent_dispatch)) == NULL
+    if ((ctx->algctx = rand->newctx(ossl_provider_ctx(rand->prov), parent_ctx,
+                                    parent_dispatch)) == NULL
             || !EVP_RAND_up_ref(rand)) {
         ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE);
-        rand->freectx(ctx->data);
+        rand->freectx(ctx->algctx);
         CRYPTO_THREAD_lock_free(ctx->refcnt_lock);
         OPENSSL_free(ctx);
         EVP_RAND_CTX_free(parent);
@@ -387,8 +387,8 @@ void EVP_RAND_CTX_free(EVP_RAND_CTX *ctx)
     if (ref > 0)
         return;
     parent = ctx->parent;
-    ctx->meth->freectx(ctx->data);
-    ctx->data = NULL;
+    ctx->meth->freectx(ctx->algctx);
+    ctx->algctx = NULL;
     EVP_RAND_free(ctx->meth);
     CRYPTO_THREAD_lock_free(ctx->refcnt_lock);
     OPENSSL_free(ctx);
@@ -403,7 +403,7 @@ EVP_RAND *EVP_RAND_CTX_rand(EVP_RAND_CTX *ctx)
 static int evp_rand_get_ctx_params_locked(EVP_RAND_CTX *ctx,
                                           OSSL_PARAM params[])
 {
-    return ctx->meth->get_ctx_params(ctx->data, params);
+    return ctx->meth->get_ctx_params(ctx->algctx, params);
 }
 
 int EVP_RAND_CTX_get_params(EVP_RAND_CTX *ctx, OSSL_PARAM params[])
@@ -421,7 +421,7 @@ static int evp_rand_set_ctx_params_locked(EVP_RAND_CTX *ctx,
                                           const OSSL_PARAM params[])
 {
     if (ctx->meth->set_ctx_params != NULL)
-        return ctx->meth->set_ctx_params(ctx->data, params);
+        return ctx->meth->set_ctx_params(ctx->algctx, params);
     return 1;
 }
 
@@ -470,7 +470,7 @@ const OSSL_PARAM *EVP_RAND_CTX_gettable_params(EVP_RAND_CTX *ctx)
     if (ctx->meth->gettable_ctx_params == NULL)
         return NULL;
     provctx = ossl_provider_ctx(EVP_RAND_provider(ctx->meth));
-    return ctx->meth->gettable_ctx_params(ctx->data, provctx);
+    return ctx->meth->gettable_ctx_params(ctx->algctx, provctx);
 }
 
 const OSSL_PARAM *EVP_RAND_CTX_settable_params(EVP_RAND_CTX *ctx)
@@ -480,7 +480,7 @@ const OSSL_PARAM *EVP_RAND_CTX_settable_params(EVP_RAND_CTX *ctx)
     if (ctx->meth->settable_ctx_params == NULL)
         return NULL;
     provctx = ossl_provider_ctx(EVP_RAND_provider(ctx->meth));
-    return ctx->meth->settable_ctx_params(ctx->data, provctx);
+    return ctx->meth->settable_ctx_params(ctx->algctx, provctx);
 }
 
 void EVP_RAND_do_all_provided(OSSL_LIB_CTX *libctx,
@@ -506,7 +506,7 @@ static int evp_rand_instantiate_locked
     (EVP_RAND_CTX *ctx, unsigned int strength, int prediction_resistance,
      const unsigned char *pstr, size_t pstr_len, const OSSL_PARAM params[])
 {
-    return ctx->meth->instantiate(ctx->data, strength, prediction_resistance,
+    return ctx->meth->instantiate(ctx->algctx, strength, prediction_resistance,
                                   pstr, pstr_len, params);
 }
 
@@ -527,7 +527,7 @@ int EVP_RAND_instantiate(EVP_RAND_CTX *ctx, unsigned int strength,
 
 static int evp_rand_uninstantiate_locked(EVP_RAND_CTX *ctx)
 {
-    return ctx->meth->uninstantiate(ctx->data);
+    return ctx->meth->uninstantiate(ctx->algctx);
 }
 
 int EVP_RAND_uninstantiate(EVP_RAND_CTX *ctx)
@@ -559,7 +559,7 @@ static int evp_rand_generate_locked(EVP_RAND_CTX *ctx, unsigned char *out,
     }
     for (; outlen > 0; outlen -= chunk, out += chunk) {
         chunk = outlen > max_request ? max_request : outlen;
-        if (!ctx->meth->generate(ctx->data, out, chunk, strength,
+        if (!ctx->meth->generate(ctx->algctx, out, chunk, strength,
                                  prediction_resistance, addin, addin_len)) {
             ERR_raise(ERR_LIB_EVP, EVP_R_GENERATE_ERROR);
             return 0;
@@ -592,7 +592,7 @@ static int evp_rand_reseed_locked(EVP_RAND_CTX *ctx, int prediction_resistance,
                                   const unsigned char *addin, size_t addin_len)
 {
     if (ctx->meth->reseed != NULL)
-        return ctx->meth->reseed(ctx->data, prediction_resistance,
+        return ctx->meth->reseed(ctx->algctx, prediction_resistance,
                                  ent, ent_len, addin, addin_len);
     return 1;
 }
@@ -640,7 +640,7 @@ static int evp_rand_nonce_locked(EVP_RAND_CTX *ctx, unsigned char *out,
 
     if (ctx->meth->nonce == NULL)
         return 0;
-    if (ctx->meth->nonce(ctx->data, out, str, outlen, outlen))
+    if (ctx->meth->nonce(ctx->algctx, out, str, outlen, outlen))
         return 1;
     return evp_rand_generate_locked(ctx, out, outlen, str, 0, NULL, 0);
 }
@@ -670,7 +670,7 @@ int EVP_RAND_state(EVP_RAND_CTX *ctx)
 static int evp_rand_verify_zeroization_locked(EVP_RAND_CTX *ctx)
 {
     if (ctx->meth->verify_zeroization != NULL)
-        return ctx->meth->verify_zeroization(ctx->data);
+        return ctx->meth->verify_zeroization(ctx->algctx);
     return 0;
 }
 
diff --git a/crypto/evp/evp_utils.c b/crypto/evp/evp_utils.c
index ad37698657..3cc17921f8 100644
--- a/crypto/evp/evp_utils.c
+++ b/crypto/evp/evp_utils.c
@@ -1,5 +1,5 @@
 /*
- * Copyright 2019-2020 The OpenSSL Project Authors. All Rights Reserved.
+ * Copyright 2019-2021 The OpenSSL Project Authors. All Rights Reserved.
  *
  * Licensed under the Apache License 2.0 (the "License").  You may not use
  * this file except in compliance with the License.  You can obtain a copy
@@ -42,10 +42,10 @@ int name (const type *obj, OSSL_PARAM params[])                                \
 }
 
 #define PARAM_CTX_FUNC(name, func, type, err)                                  \
-int name (const type *obj, void *provctx, OSSL_PARAM params[])                 \
+int name (const type *obj, void *algctx, OSSL_PARAM params[])                  \
 {                                                                              \
     PARAM_CHECK(obj, func, err)                                                \
-    return obj->func(provctx, params);                                         \
+    return obj->func(algctx, params);                                          \
 }
 
 #define PARAM_FUNCTIONS(type,                                                  \
diff --git a/crypto/evp/exchange.c b/crypto/evp/exchange.c
index 0ff5d8848c..fb5521681a 100644
--- a/crypto/evp/exchange.c
+++ b/crypto/evp/exchange.c
@@ -284,13 +284,13 @@ int EVP_PKEY_derive_init_ex(EVP_PKEY_CTX *ctx, const OSSL_PARAM params[])
     /* No more legacy from here down to legacy: */
 
     ctx->op.kex.exchange = exchange;
-    ctx->op.kex.exchprovctx = exchange->newctx(ossl_provider_ctx(exchange->prov));
-    if (ctx->op.kex.exchprovctx == NULL) {
+    ctx->op.kex.algctx = exchange->newctx(ossl_provider_ctx(exchange->prov));
+    if (ctx->op.kex.algctx == NULL) {
         /* The provider key can stay in the cache */
         ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
         goto err;
     }
-    ret = exchange->init(ctx->op.kex.exchprovctx, provkey, params);
+    ret = exchange->init(ctx->op.kex.algctx, provkey, params);
 
     return ret ? 1 : 0;
  err:
@@ -335,7 +335,7 @@ int EVP_PKEY_derive_set_peer_ex(EVP_PKEY_CTX *ctx, EVP_PKEY *peer,
         return -1;
     }
 
-    if (!EVP_PKEY_CTX_IS_DERIVE_OP(ctx) || ctx->op.kex.exchprovctx == NULL)
+    if (!EVP_PKEY_CTX_IS_DERIVE_OP(ctx) || ctx->op.kex.algctx == NULL)
         goto legacy;
 
     if (ctx->op.kex.exchange->set_peer == NULL) {
@@ -361,7 +361,7 @@ int EVP_PKEY_derive_set_peer_ex(EVP_PKEY_CTX *ctx, EVP_PKEY *peer,
      */
     if (provkey == NULL)
         goto legacy;
-    return ctx->op.kex.exchange->set_peer(ctx->op.kex.exchprovctx, provkey);
+    return ctx->op.kex.exchange->set_peer(ctx->op.kex.algctx, provkey);
 
  legacy:
 #ifdef FIPS_MODULE
@@ -447,10 +447,10 @@ int EVP_PKEY_derive(EVP_PKEY_CTX *ctx, unsigned char *key, size_t *pkeylen)
         return -1;
     }
 
-    if (ctx->op.kex.exchprovctx == NULL)
+    if (ctx->op.kex.algctx == NULL)
         goto legacy;
 
-    ret = ctx->op.kex.exchange->derive(ctx->op.kex.exchprovctx, key, pkeylen,
+    ret = ctx->op.kex.exchange->derive(ctx->op.kex.algctx, key, pkeylen,
                                        key != NULL ? *pkeylen : 0);
 
     return ret;
diff --git a/crypto/evp/kdf_lib.c b/crypto/evp/kdf_lib.c
index 8b2dc71996..55f5c50ab5 100644
--- a/crypto/evp/kdf_lib.c
+++ b/crypto/evp/kdf_lib.c
@@ -32,11 +32,11 @@ EVP_KDF_CTX *EVP_KDF_CTX_new(EVP_KDF *kdf)
 
     ctx = OPENSSL_zalloc(sizeof(EVP_KDF_CTX));
     if (ctx == NULL
-        || (ctx->data = kdf->newctx(ossl_provider_ctx(kdf->prov))) == NULL
+        || (ctx->algctx = kdf->newctx(ossl_provider_ctx(kdf->prov))) == NULL
         || !EVP_KDF_up_ref(kdf)) {
         ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE);
         if (ctx != NULL)
-            kdf->freectx(ctx->data);
+            kdf->freectx(ctx->algctx);
         OPENSSL_free(ctx);
         ctx = NULL;
     } else {
@@ -49,8 +49,8 @@ void EVP_KDF_CTX_free(EVP_KDF_CTX *ctx)
 {
     if (ctx == NULL)
         return;
-    ctx->meth->freectx(ctx->data);
-    ctx->data = NULL;
+    ctx->meth->freectx(ctx->algctx);
+    ctx->algctx = NULL;
     EVP_KDF_free(ctx->meth);
     OPENSSL_free(ctx);
 }
@@ -59,7 +59,7 @@ EVP_KDF_CTX *EVP_KDF_CTX_dup(const EVP_KDF_CTX *src)
 {
     EVP_KDF_CTX *dst;
 
-    if (src == NULL || src->data == NULL || src->meth->dupctx == NULL)
+    if (src == NULL || src->algctx == NULL || src->meth->dupctx == NULL)
         return NULL;
 
     dst = OPENSSL_malloc(sizeof(*dst));
@@ -75,8 +75,8 @@ EVP_KDF_CTX *EVP_KDF_CTX_dup(const EVP_KDF_CTX *src)
         return NULL;
     }
 
-    dst->data = src->meth->dupctx(src->data);
-    if (dst->data == NULL) {
+    dst->algctx = src->meth->dupctx(src->algctx);
+    if (dst->algctx == NULL) {
         EVP_KDF_CTX_free(dst);
         return NULL;
     }
@@ -119,7 +119,7 @@ void EVP_KDF_CTX_reset(EVP_KDF_CTX *ctx)
         return;
 
     if (ctx->meth->reset != NULL)
-        ctx->meth->reset(ctx->data);
+        ctx->meth->reset(ctx->algctx);
 }
 
 size_t EVP_KDF_CTX_get_kdf_size(EVP_KDF_CTX *ctx)
@@ -132,7 +132,7 @@ size_t EVP_KDF_CTX_get_kdf_size(EVP_KDF_CTX *ctx)
 
     *params = OSSL_PARAM_construct_size_t(OSSL_KDF_PARAM_SIZE, &s);
     if (ctx->meth->get_ctx_params != NULL
-        && ctx->meth->get_ctx_params(ctx->data, params))
+        && ctx->meth->get_ctx_params(ctx->algctx, params))
             return s;
     if (ctx->meth->get_params != NULL
         && ctx->meth->get_params(params))
@@ -146,7 +146,7 @@ int EVP_KDF_derive(EVP_KDF_CTX *ctx, unsigned char *key, size_t keylen,
     if (ctx == NULL)
         return 0;
 
-    return ctx->meth->derive(ctx->data, key, keylen, params);
+    return ctx->meth->derive(ctx->algctx, key, keylen, params);
 }
 
 /*
@@ -165,14 +165,14 @@ int EVP_KDF_get_params(EVP_KDF *kdf, OSSL_PARAM params[])
 int EVP_KDF_CTX_get_params(EVP_KDF_CTX *ctx, OSSL_PARAM params[])
 {
     if (ctx->meth->get_ctx_params != NULL)
-        return ctx->meth->get_ctx_params(ctx->data, params);
+        return ctx->meth->get_ctx_params(ctx->algctx, params);
     return 1;
 }
 
 int EVP_KDF_CTX_set_params(EVP_KDF_CTX *ctx, const OSSL_PARAM params[])
 {
     if (ctx->meth->set_ctx_params != NULL)
-        return ctx->meth->set_ctx_params(ctx->data, params);
+        return ctx->meth->set_ctx_params(ctx->algctx, params);
     return 1;
 }
 
diff --git a/crypto/evp/kdf_meth.c b/crypto/evp/kdf_meth.c
index 0c6defa0f2..9cf0ca125b 100644
--- a/crypto/evp/kdf_meth.c
+++ b/crypto/evp/kdf_meth.c
@@ -209,7 +209,7 @@ const OSSL_PARAM *EVP_KDF_CTX_gettable_params(EVP_KDF_CTX *ctx)
     if (ctx->meth->gettable_ctx_params == NULL)
         return NULL;
     alg = ossl_provider_ctx(EVP_KDF_provider(ctx->meth));
-    return ctx->meth->gettable_ctx_params(ctx->data, alg);
+    return ctx->meth->gettable_ctx_params(ctx->algctx, alg);
 }
 
 const OSSL_PARAM *EVP_KDF_CTX_settable_params(EVP_KDF_CTX *ctx)
@@ -219,7 +219,7 @@ const OSSL_PARAM *EVP_KDF_CTX_settable_params(EVP_KDF_CTX *ctx)
     if (ctx->meth->settable_ctx_params == NULL)
         return NULL;
     alg = ossl_provider_ctx(EVP_KDF_provider(ctx->meth));
-    return ctx->meth->settable_ctx_params(ctx->data, alg);
+    return ctx->meth->settable_ctx_params(ctx->algctx, alg);
 }
 
 void EVP_KDF_do_all_provided(OSSL_LIB_CTX *libctx,
diff --git a/crypto/evp/kem.c b/crypto/evp/kem.c
index 5ee9a43892..493eabf97b 100644
--- a/crypto/evp/kem.c
+++ b/crypto/evp/kem.c
@@ -67,8 +67,8 @@ static int evp_kem_init(EVP_PKEY_CTX *ctx, int operation,
     }
 
     ctx->op.encap.kem = kem;
-    ctx->op.encap.kemprovctx = kem->newctx(ossl_provider_ctx(kem->prov));
-    if (ctx->op.encap.kemprovctx == NULL) {
+    ctx->op.encap.algctx = kem->newctx(ossl_provider_ctx(kem->prov));
+    if (ctx->op.encap.algctx == NULL) {
         /* The provider key can stay in the cache */
         ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
         goto err;
@@ -81,7 +81,7 @@ static int evp_kem_init(EVP_PKEY_CTX *ctx, int operation,
             ret = -2;
             goto err;
         }
-        ret = kem->encapsulate_init(ctx->op.encap.kemprovctx, provkey, params);
+        ret = kem->encapsulate_init(ctx->op.encap.algctx, provkey, params);
         break;
     case EVP_PKEY_OP_DECAPSULATE:
         if (kem->decapsulate_init == NULL) {
@@ -89,7 +89,7 @@ static int evp_kem_init(EVP_PKEY_CTX *ctx, int operation,
             ret = -2;
             goto err;
         }
-        ret = kem->decapsulate_init(ctx->op.encap.kemprovctx, provkey, params);
+        ret = kem->decapsulate_init(ctx->op.encap.algctx, provkey, params);
         break;
     default:
         ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
@@ -123,7 +123,7 @@ int EVP_PKEY_encapsulate(EVP_PKEY_CTX *ctx,
         return -1;
     }
 
-    if (ctx->op.encap.kemprovctx == NULL) {
+    if (ctx->op.encap.algctx == NULL) {
         ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
         return -2;
     }
@@ -131,7 +131,7 @@ int EVP_PKEY_encapsulate(EVP_PKEY_CTX *ctx,
     if (out != NULL && secret == NULL)
         return 0;
 
-    return ctx->op.encap.kem->encapsulate(ctx->op.encap.kemprovctx,
+    return ctx->op.encap.kem->encapsulate(ctx->op.encap.algctx,
                                           out, outlen, secret, secretlen);
 }
 
@@ -154,11 +154,11 @@ int EVP_PKEY_decapsulate(EVP_PKEY_CTX *ctx,
         return -1;
     }
 
-    if (ctx->op.encap.kemprovctx == NULL) {
+    if (ctx->op.encap.algctx == NULL) {
         ERR_raise(ERR_LIB_EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
         return -2;
     }
-    return ctx->op.encap.kem->decapsulate(ctx->op.encap.kemprovctx,
+    return ctx->op.encap.kem->decapsulate(ctx->op.encap.algctx,
                                           secret, secretlen, in, inlen);
 }
 
diff --git a/crypto/evp/m_sigver.c b/crypto/evp/m_sigver.c
index 17565554e0..296269a88e 100644
--- a/crypto/evp/m_sigver.c
+++ b/crypto/evp/m_sigver.c
@@ -51,14 +51,14 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
     void *provkey = NULL;
     int ret;
 
-    if (ctx->provctx != NULL) {
+    if (ctx->algctx != NULL) {
         if (!ossl_assert(ctx->digest != NULL)) {
             ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
             return 0;
         }
         if (ctx->digest->freectx != NULL)
-            ctx->digest->freectx(ctx->provctx);
-        ctx->provctx = NULL;
+            ctx->digest->freectx(ctx->algctx);
+        ctx->algctx = NULL;
     }
 
     if (ctx->pctx == NULL) {
@@ -147,9 +147,9 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
     locpctx->op.sig.signature = signature;
     locpctx->operation = ver ? EVP_PKEY_OP_VERIFYCTX
                              : EVP_PKEY_OP_SIGNCTX;
-    locpctx->op.sig.sigprovctx
+    locpctx->op.sig.algctx
         = signature->newctx(ossl_provider_ctx(signature->prov), props);
-    if (locpctx->op.sig.sigprovctx == NULL) {
+    if (locpctx->op.sig.algctx == NULL) {
         ERR_raise(ERR_LIB_EVP,  EVP_R_INITIALIZATION_ERROR);
         goto err;
     }
@@ -203,14 +203,14 @@ static int do_sigver_init(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx,
             ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
             goto err;
         }
-        ret = signature->digest_verify_init(locpctx->op.sig.sigprovctx,
+        ret = signature->digest_verify_init(locpctx->op.sig.algctx,
                                             mdname, provkey, params);
     } else {
         if (signature->digest_sign_init == NULL) {
             ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
             goto err;
         }
-        ret = signature->digest_sign_init(locpctx->op.sig.sigprovctx,
+        ret = signature->digest_sign_init(locpctx->op.sig.algctx,
                                           mdname, provkey, params);
     }
 
@@ -340,7 +340,7 @@ int EVP_DigestSignUpdate(EVP_MD_CTX *ctx, const void *data, size_t dsize)
 
     if (pctx == NULL
             || pctx->operation != EVP_PKEY_OP_SIGNCTX
-            || pctx->op.sig.sigprovctx == NULL
+            || pctx->op.sig.algctx == NULL
             || pctx->op.sig.signature == NULL)
         goto legacy;
 
@@ -349,7 +349,7 @@ int EVP_DigestSignUpdate(EVP_MD_CTX *ctx, const void *data, size_t dsize)
         return 0;
     }
 
-    return pctx->op.sig.signature->digest_sign_update(pctx->op.sig.sigprovctx,
+    return pctx->op.sig.signature->digest_sign_update(pctx->op.sig.algctx,
                                                       data, dsize);
 
  legacy:
@@ -370,7 +370,7 @@ int EVP_DigestVerifyUpdate(EVP_MD_CTX *ctx, const void *data, size_t dsize)
 
     if (pctx == NULL
             || pctx->operation != EVP_PKEY_OP_VERIFYCTX
-            || pctx->op.sig.sigprovctx == NULL
+            || pctx->op.sig.algctx == NULL
             || pctx->op.sig.signature == NULL)
         goto legacy;
 
@@ -379,7 +379,7 @@ int EVP_DigestVerifyUpdate(EVP_MD_CTX *ctx, const void *data, size_t dsize)
         return 0;
     }
 
-    return pctx->op.sig.signature->digest_verify_update(pctx->op.sig.sigprovctx,
+    return pctx->op.sig.signature->digest_verify_update(pctx->op.sig.algctx,
                                                         data, dsize);
 
  legacy:
@@ -403,11 +403,11 @@ int EVP_DigestSignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
 
     if (pctx == NULL
             || pctx->operation != EVP_PKEY_OP_SIGNCTX
-            || pctx->op.sig.sigprovctx == NULL
+            || pctx->op.sig.algctx == NULL
             || pctx->op.sig.signature == NULL)
         goto legacy;
 
-    return pctx->op.sig.signature->digest_sign_final(pctx->op.sig.sigprovctx,
+    return pctx->op.sig.signature->digest_sign_final(pctx->op.sig.algctx,
                                                      sigret, siglen, SIZE_MAX);
 
  legacy:
@@ -491,10 +491,10 @@ int EVP_DigestSign(EVP_MD_CTX *ctx, unsigned char *sigret, size_t *siglen,
 
     if (pctx != NULL
             && pctx->operation == EVP_PKEY_OP_SIGNCTX
-            && pctx->op.sig.sigprovctx != NULL
+            && pctx->op.sig.algctx != NULL
             && pctx->op.sig.signature != NULL) {
         if (pctx->op.sig.signature->digest_sign != NULL)
-            return pctx->op.sig.signature->digest_sign(pctx->op.sig.sigprovctx,
+            return pctx->op.sig.signature->digest_sign(pctx->op.sig.algctx,
                                                        sigret, siglen, SIZE_MAX,
                                                        tbs, tbslen);
     } else {
@@ -519,11 +519,11 @@ int EVP_DigestVerifyFinal(EVP_MD_CTX *ctx, const unsigned char *sig,
 
     if (pctx == NULL
             || pctx->operation != EVP_PKEY_OP_VERIFYCTX
-            || pctx->op.sig.sigprovctx == NULL
+            || pctx->op.sig.algctx == NULL
             || pctx->op.sig.signature == NULL)
         goto legacy;
 
-    return pctx->op.sig.signature->digest_verify_final(pctx->op.sig.sigprovctx,
+    return pctx->op.sig.signature->digest_verify_final(pctx->op.sig.algctx,
                                                        sig, siglen);
 
  legacy:
@@ -574,10 +574,10 @@ int EVP_DigestVerify(EVP_MD_CTX *ctx, const unsigned char *sigret,
 
     if (pctx != NULL
             && pctx->operation == EVP_PKEY_OP_VERIFYCTX
-            && pctx->op.sig.sigprovctx != NULL
+            && pctx->op.sig.algctx != NULL
             && pctx->op.sig.signature != NULL) {
         if (pctx->op.sig.signature->digest_verify != NULL)
-            return pctx->op.sig.signature->digest_verify(pctx->op.sig.sigprovctx,
+            return pctx->op.sig.signature->digest_verify(pctx->op.sig.algctx,
                                                          sigret, siglen,
                                                          tbs, tbslen);
     } else {
diff --git a/crypto/evp/mac_lib.c b/crypto/evp/mac_lib.c
index 8a34df3757..eef37e882c 100644
--- a/crypto/evp/mac_lib.c
+++ b/crypto/evp/mac_lib.c
@@ -24,11 +24,11 @@ EVP_MAC_CTX *EVP_MAC_CTX_new(EVP_MAC *mac)
     EVP_MAC_CTX *ctx = OPENSSL_zalloc(sizeof(EVP_MAC_CTX));
 
     if (ctx == NULL
-        || (ctx->data = mac->newctx(ossl_provider_ctx(mac->prov))) == NULL
+        || (ctx->algctx = mac->newctx(ossl_provider_ctx(mac->prov))) == NULL
         || !EVP_MAC_up_ref(mac)) {
         ERR_raise(ERR_LIB_EVP, ERR_R_MALLOC_FAILURE);
         if (ctx != NULL)
-            mac->freectx(ctx->data);
+            mac->freectx(ctx->algctx);
         OPENSSL_free(ctx);
         ctx = NULL;
     } else {
@@ -41,8 +41,8 @@ void EVP_MAC_CTX_free(EVP_MAC_CTX *ctx)
 {
     if (ctx == NULL)
         return;
-    ctx->meth->freectx(ctx->data);
-    ctx->data = NULL;
+    ctx->meth->freectx(ctx->algctx);
+    ctx->algctx = NULL;
     /* refcnt-- */
     EVP_MAC_free(ctx->meth);
     OPENSSL_free(ctx);
@@ -52,7 +52,7 @@ EVP_MAC_CTX *EVP_MAC_CTX_dup(const EVP_MAC_CTX *src)
 {
     EVP_MAC_CTX *dst;
 
-    if (src->data == NULL)
+    if (src->algctx == NULL)
         return NULL;
 
     dst = OPENSSL_malloc(sizeof(*dst));
@@ -68,8 +68,8 @@ EVP_MAC_CTX *EVP_MAC_CTX_dup(const EVP_MAC_CTX *src)
         return NULL;
     }
 
-    dst->data = src->meth->dupctx(src->data);
-    if (dst->data == NULL) {
+    dst->algctx = src->meth->dupctx(src->algctx);
+    if (dst->algctx == NULL) {
         EVP_MAC_CTX_free(dst);
         return NULL;
     }
@@ -86,12 +86,12 @@ size_t EVP_MAC_CTX_get_mac_size(EVP_MAC_CTX *ctx)
 {
     size_t sz = 0;
 
-    if (ctx->data != NULL) {
+    if (ctx->algctx != NULL) {
         OSSL_PARAM params[2] = { OSSL_PARAM_END, OSSL_PARAM_END };
 
         params[0] = OSSL_PARAM_construct_size_t(OSSL_MAC_PARAM_SIZE, &sz);
         if (ctx->meth->get_ctx_params != NULL) {
-            if (ctx->meth->get_ctx_params(ctx->data, params))
+            if (ctx->meth->get_ctx_params(ctx->algctx, params))
                 return sz;
         } else if (ctx->meth->get_params != NULL) {
             if (ctx->meth->get_params(params))
@@ -108,12 +108,12 @@ size_t EVP_MAC_CTX_get_mac_size(EVP_MAC_CTX *ctx)
 int EVP_MAC_init(EVP_MAC_CTX *ctx, const unsigned char *key, size_t keylen,
                  const OSSL_PARAM params[])
 {
-    return ctx->meth->init(ctx->data, key, keylen, params);
+    return ctx->meth->init(ctx->algctx, key, keylen, params);
 }
 
 int EVP_MAC_update(EVP_MAC_CTX *ctx, const unsigned char *data, size_t datalen)
 {
-    return ctx->meth->update(ctx->data, data, datalen);
+    return ctx->meth->update(ctx->algctx, data, datalen);
 }
 
 static int evp_mac_final(EVP_MAC_CTX *ctx, int xof,
@@ -149,7 +149,7 @@ static int evp_mac_final(EVP_MAC_CTX *ctx, int xof,
             return 0;
         }
     }
-    res = ctx->meth->final(ctx->data, out, &l, outsize);
+    res = ctx->meth->final(ctx->algctx, out, &l, outsize);
     if (outl != NULL)
         *outl = l;
     return res;
@@ -182,14 +182,14 @@ int EVP_MAC_get_params(EVP_MAC *mac, OSSL_PARAM params[])
 int EVP_MAC_CTX_get_params(EVP_MAC_CTX *ctx, OSSL_PARAM params[])
 {
     if (ctx->meth->get_ctx_params != NULL)
-        return ctx->meth->get_ctx_params(ctx->data, params);
+        return ctx->meth->get_ctx_params(ctx->algctx, params);
     return 1;
 }
 
 int EVP_MAC_CTX_set_params(EVP_MAC_CTX *ctx, const OSSL_PARAM params[])
 {
     if (ctx->meth->set_ctx_params != NULL)
-        return ctx->meth->set_ctx_params(ctx->data, params);
+        return ctx->meth->set_ctx_params(ctx->algctx, params);
     return 1;
 }
 
diff --git a/crypto/evp/mac_meth.c b/crypto/evp/mac_meth.c
index 342aadc996..6396eb38fd 100644
--- a/crypto/evp/mac_meth.c
+++ b/crypto/evp/mac_meth.c
@@ -214,7 +214,7 @@ const OSSL_PARAM *EVP_MAC_CTX_gettable_params(EVP_MAC_CTX *ctx)
     if (ctx->meth->gettable_ctx_params == NULL)
         return NULL;
     alg = ossl_provider_ctx(EVP_MAC_provider(ctx->meth));
-    return ctx->meth->gettable_ctx_params(ctx->data, alg);
+    return ctx->meth->gettable_ctx_params(ctx->algctx, alg);
 }
 
 const OSSL_PARAM *EVP_MAC_CTX_settable_params(EVP_MAC_CTX *ctx)
@@ -224,7 +224,7 @@ const OSSL_PARAM *EVP_MAC_CTX_settable_params(EVP_MAC_CTX *ctx)
     if (ctx->meth->settable_ctx_params == NULL)
         return NULL;
     alg = ossl_provider_ctx(EVP_MAC_provider(ctx->meth));
-    return ctx->meth->settable_ctx_params(ctx->data, alg);
+    return ctx->meth->settable_ctx_params(ctx->algctx, alg);
 }
 
 void EVP_MAC_do_all_provided(OSSL_LIB_CTX *libctx,
diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c
index 506e90fed8..47062c02c1 100644
--- a/crypto/evp/pmeth_lib.c
+++ b/crypto/evp/pmeth_lib.c
@@ -160,15 +160,15 @@ int evp_pkey_ctx_state(const EVP_PKEY_CTX *ctx)
         return EVP_PKEY_STATE_UNKNOWN;
 
     if ((EVP_PKEY_CTX_IS_DERIVE_OP(ctx)
-         && ctx->op.kex.exchprovctx != NULL)
+         && ctx->op.kex.algctx != NULL)
         || (EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx)
-            && ctx->op.sig.sigprovctx != NULL)
+            && ctx->op.sig.algctx != NULL)
         || (EVP_PKEY_CTX_IS_ASYM_CIPHER_OP(ctx)
-            && ctx->op.ciph.ciphprovctx != NULL)
+            && ctx->op.ciph.algctx != NULL)
         || (EVP_PKEY_CTX_IS_GEN_OP(ctx)
             && ctx->op.keymgmt.genctx != NULL)
         || (EVP_PKEY_CTX_IS_KEM_OP(ctx)
-            && ctx->op.encap.kemprovctx != NULL))
+            && ctx->op.encap.algctx != NULL))
         return EVP_PKEY_STATE_PROVIDER;
 
     return EVP_PKEY_STATE_LEGACY;
@@ -360,29 +360,29 @@ EVP_PKEY_CTX *EVP_PKEY_CTX_new_from_pkey(OSSL_LIB_CTX *libctx, EVP_PKEY *pkey,
 void evp_pkey_ctx_free_old_ops(EVP_PKEY_CTX *ctx)
 {
     if (EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx)) {
-        if (ctx->op.sig.sigprovctx != NULL && ctx->op.sig.signature != NULL)
-            ctx->op.sig.signature->freectx(ctx->op.sig.sigprovctx);
+        if (ctx->op.sig.algctx != NULL && ctx->op.sig.signature != NULL)
+            ctx->op.sig.signature->freectx(ctx->op.sig.algctx);
         EVP_SIGNATURE_free(ctx->op.sig.signature);
-        ctx->op.sig.sigprovctx = NULL;
+        ctx->op.sig.algctx = NULL;
         ctx->op.sig.signature = NULL;
     } else if (EVP_PKEY_CTX_IS_DERIVE_OP(ctx)) {
-        if (ctx->op.kex.exchprovctx != NULL && ctx->op.kex.exchange != NULL)
-            ctx->op.kex.exchange->freectx(ctx->op.kex.exchprovctx);
+        if (ctx->op.kex.algctx != NULL && ctx->op.kex.exchange != NULL)
+            ctx->op.kex.exchange->freectx(ctx->op.kex.algctx);
         EVP_KEYEXCH_free(ctx->op.kex.exchange);
-        ctx->op.kex.exchprovctx = NULL;
+        ctx->op.kex.algctx = NULL;
         ctx->op.kex.exchange = NULL;
     } else if (EVP_PKEY_CTX_IS_KEM_OP(ctx)) {
-        if (ctx->op.encap.kemprovctx != NULL && ctx->op.encap.kem != NULL)
-            ctx->op.encap.kem->freectx(ctx->op.encap.kemprovctx);
+        if (ctx->op.encap.algctx != NULL && ctx->op.encap.kem != NULL)
+            ctx->op.encap.kem->freectx(ctx->op.encap.algctx);
         EVP_KEM_free(ctx->op.encap.kem);
-        ctx->op.encap.kemprovctx = NULL;
+        ctx->op.encap.algctx = NULL;
         ctx->op.encap.kem = NULL;
     }
     else if (EVP_PKEY_CTX_IS_ASYM_CIPHER_OP(ctx)) {
-        if (ctx->op.ciph.ciphprovctx != NULL && ctx->op.ciph.cipher != NULL)
-            ctx->op.ciph.cipher->freectx(ctx->op.ciph.ciphprovctx);
+        if (ctx->op.ciph.algctx != NULL && ctx->op.ciph.cipher != NULL)
+            ctx->op.ciph.cipher->freectx(ctx->op.ciph.algctx);
         EVP_ASYM_CIPHER_free(ctx->op.ciph.cipher);
-        ctx->op.ciph.ciphprovctx = NULL;
+        ctx->op.ciph.algctx = NULL;
         ctx->op.ciph.cipher = NULL;
     } else if (EVP_PKEY_CTX_IS_GEN_OP(ctx)) {
         if (ctx->op.keymgmt.genctx != NULL && ctx->keymgmt != NULL)
@@ -489,12 +489,12 @@ EVP_PKEY_CTX *EVP_PKEY_CTX_dup(const EVP_PKEY_CTX *pctx)
             if (!EVP_KEYEXCH_up_ref(rctx->op.kex.exchange))
                 goto err;
         }
-        if (pctx->op.kex.exchprovctx != NULL) {
+        if (pctx->op.kex.algctx != NULL) {
             if (!ossl_assert(pctx->op.kex.exchange != NULL))
                 goto err;
-            rctx->op.kex.exchprovctx
-                = pctx->op.kex.exchange->dupctx(pctx->op.kex.exchprovctx);
-            if (rctx->op.kex.exchprovctx == NULL) {
+            rctx->op.kex.algctx
+                = pctx->op.kex.exchange->dupctx(pctx->op.kex.algctx);
+            if (rctx->op.kex.algctx == NULL) {
                 EVP_KEYEXCH_free(rctx->op.kex.exchange);
                 goto err;
             }
@@ -506,12 +506,12 @@ EVP_PKEY_CTX *EVP_PKEY_CTX_dup(const EVP_PKEY_CTX *pctx)
             if (!EVP_SIGNATURE_up_ref(rctx->op.sig.signature))
                 goto err;
         }
-        if (pctx->op.sig.sigprovctx != NULL) {
+        if (pctx->op.sig.algctx != NULL) {
             if (!ossl_assert(pctx->op.sig.signature != NULL))
                 goto err;
-            rctx->op.sig.sigprovctx
-                = pctx->op.sig.signature->dupctx(pctx->op.sig.sigprovctx);
-            if (rctx->op.sig.sigprovctx == NULL) {
+            rctx->op.sig.algctx
+                = pctx->op.sig.signature->dupctx(pctx->op.sig.algctx);
+            if (rctx->op.sig.algctx == NULL) {
                 EVP_SIGNATURE_free(rctx->op.sig.signature);
                 goto err;
             }
@@ -523,12 +523,12 @@ EVP_PKEY_CTX *EVP_PKEY_CTX_dup(const EVP_PKEY_CTX *pctx)
             if (!EVP_ASYM_CIPHER_up_ref(rctx->op.ciph.cipher))
                 goto err;
         }
-        if (pctx->op.ciph.ciphprovctx != NULL) {
+        if (pctx->op.ciph.algctx != NULL) {
             if (!ossl_assert(pctx->op.ciph.cipher != NULL))
                 goto err;
-            rctx->op.ciph.ciphprovctx
-                = pctx->op.ciph.cipher->dupctx(pctx->op.ciph.ciphprovctx);
-            if (rctx->op.ciph.ciphprovctx == NULL) {
+            rctx->op.ciph.algctx
+                = pctx->op.ciph.cipher->dupctx(pctx->op.ciph.algctx);
+            if (rctx->op.ciph.algctx == NULL) {
                 EVP_ASYM_CIPHER_free(rctx->op.ciph.cipher);
                 goto err;
             }
@@ -540,12 +540,12 @@ EVP_PKEY_CTX *EVP_PKEY_CTX_dup(const EVP_PKEY_CTX *pctx)
             if (!EVP_KEM_up_ref(rctx->op.encap.kem))
                 goto err;
         }
-        if (pctx->op.encap.kemprovctx != NULL) {
+        if (pctx->op.encap.algctx != NULL) {
             if (!ossl_assert(pctx->op.encap.kem != NULL))
                 goto err;
-            rctx->op.encap.kemprovctx
-                = pctx->op.encap.kem->dupctx(pctx->op.encap.kemprovctx);
-            if (rctx->op.encap.kemprovctx == NULL) {
+            rctx->op.encap.algctx
+                = pctx->op.encap.kem->dupctx(pctx->op.encap.algctx);
+            if (rctx->op.encap.algctx == NULL) {
                 EVP_KEM_free(rctx->op.encap.kem);
                 goto err;
             }
@@ -660,19 +660,19 @@ int EVP_PKEY_CTX_set_params(EVP_PKEY_CTX *ctx, const OSSL_PARAM *params)
             && ctx->op.kex.exchange != NULL
             && ctx->op.kex.exchange->set_ctx_params != NULL)
             return
-                ctx->op.kex.exchange->set_ctx_params(ctx->op.kex.exchprovctx,
+                ctx->op.kex.exchange->set_ctx_params(ctx->op.kex.algctx,
                                                      params);
         if (EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx)
             && ctx->op.sig.signature != NULL
             && ctx->op.sig.signature->set_ctx_params != NULL)
             return
-                ctx->op.sig.signature->set_ctx_params(ctx->op.sig.sigprovctx,
+                ctx->op.sig.signature->set_ctx_params(ctx->op.sig.algctx,
                                                       params);
         if (EVP_PKEY_CTX_IS_ASYM_CIPHER_OP(ctx)
             && ctx->op.ciph.cipher != NULL
             && ctx->op.ciph.cipher->set_ctx_params != NULL)
             return
-                ctx->op.ciph.cipher->set_ctx_params(ctx->op.ciph.ciphprovctx,
+                ctx->op.ciph.cipher->set_ctx_params(ctx->op.ciph.algctx,
                                                     params);
         if (EVP_PKEY_CTX_IS_GEN_OP(ctx)
             && ctx->keymgmt != NULL
@@ -684,7 +684,7 @@ int EVP_PKEY_CTX_set_params(EVP_PKEY_CTX *ctx, const OSSL_PARAM *params)
             && ctx->op.encap.kem != NULL
             && ctx->op.encap.kem->set_ctx_params != NULL)
             return
-                ctx->op.encap.kem->set_ctx_params(ctx->op.encap.kemprovctx,
+                ctx->op.encap.kem->set_ctx_params(ctx->op.encap.algctx,
                                                   params);
         break;
 #ifndef FIPS_MODULE
@@ -704,25 +704,25 @@ int EVP_PKEY_CTX_get_params(EVP_PKEY_CTX *ctx, OSSL_PARAM *params)
             && ctx->op.kex.exchange != NULL
             && ctx->op.kex.exchange->get_ctx_params != NULL)
             return
-                ctx->op.kex.exchange->get_ctx_params(ctx->op.kex.exchprovctx,
+                ctx->op.kex.exchange->get_ctx_params(ctx->op.kex.algctx,
                                                      params);
         if (EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx)
             && ctx->op.sig.signature != NULL
             && ctx->op.sig.signature->get_ctx_params != NULL)
             return
-                ctx->op.sig.signature->get_ctx_params(ctx->op.sig.sigprovctx,
+                ctx->op.sig.signature->get_ctx_params(ctx->op.sig.algctx,
                                                       params);
         if (EVP_PKEY_CTX_IS_ASYM_CIPHER_OP(ctx)
             && ctx->op.ciph.cipher != NULL
             && ctx->op.ciph.cipher->get_ctx_params != NULL)
             return
-                ctx->op.ciph.cipher->get_ctx_params(ctx->op.ciph.ciphprovctx,
+                ctx->op.ciph.cipher->get_ctx_params(ctx->op.ciph.algctx,
                                                     params);
         if (EVP_PKEY_CTX_IS_KEM_OP(ctx)
             && ctx->op.encap.kem != NULL
             && ctx->op.encap.kem->get_ctx_params != NULL)
             return
-                ctx->op.encap.kem->get_ctx_params(ctx->op.encap.kemprovctx,
+                ctx->op.encap.kem->get_ctx_params(ctx->op.encap.algctx,
                                                   params);
         break;
 #ifndef FIPS_MODULE
@@ -743,7 +743,7 @@ const OSSL_PARAM *EVP_PKEY_CTX_gettable_params(const EVP_PKEY_CTX *ctx)
             && ctx->op.kex.exchange != NULL
             && ctx->op.kex.exchange->gettable_ctx_params != NULL) {
         provctx = ossl_provider_ctx(EVP_KEYEXCH_provider(ctx->op.kex.exchange));
-        return ctx->op.kex.exchange->gettable_ctx_params(ctx->op.kex.exchprovctx,
+        return ctx->op.kex.exchange->gettable_ctx_params(ctx->op.kex.algctx,
                                                          provctx);
     }
     if (EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx)
@@ -751,7 +751,7 @@ const OSSL_PARAM *EVP_PKEY_CTX_gettable_params(const EVP_PKEY_CTX *ctx)
             && ctx->op.sig.signature->gettable_ctx_params != NULL) {
         provctx = ossl_provider_ctx(
                       EVP_SIGNATURE_provider(ctx->op.sig.signature));
-        return ctx->op.sig.signature->gettable_ctx_params(ctx->op.sig.sigprovctx,
+        return ctx->op.sig.signature->gettable_ctx_params(ctx->op.sig.algctx,
                                                           provctx);
     }
     if (EVP_PKEY_CTX_IS_ASYM_CIPHER_OP(ctx)
@@ -759,14 +759,14 @@ const OSSL_PARAM *EVP_PKEY_CTX_gettable_params(const EVP_PKEY_CTX *ctx)
             && ctx->op.ciph.cipher->gettable_ctx_params != NULL) {
         provctx = ossl_provider_ctx(
                       EVP_ASYM_CIPHER_provider(ctx->op.ciph.cipher));
-        return ctx->op.ciph.cipher->gettable_ctx_params(ctx->op.ciph.ciphprovctx,
+        return ctx->op.ciph.cipher->gettable_ctx_params(ctx->op.ciph.algctx,
                                                         provctx);
     }
     if (EVP_PKEY_CTX_IS_KEM_OP(ctx)
         && ctx->op.encap.kem != NULL
         && ctx->op.encap.kem->gettable_ctx_params != NULL) {
         provctx = ossl_provider_ctx(EVP_KEM_provider(ctx->op.encap.kem));
-        return ctx->op.encap.kem->gettable_ctx_params(ctx->op.encap.kemprovctx,
+        return ctx->op.encap.kem->gettable_ctx_params(ctx->op.encap.algctx,
                                                       provctx);
     }
     return NULL;
@@ -780,7 +780,7 @@ const OSSL_PARAM *EVP_PKEY_CTX_settable_params(const EVP_PKEY_CTX *ctx)
             && ctx->op.kex.exchange != NULL
             && ctx->op.kex.exchange->settable_ctx_params != NULL) {
         provctx = ossl_provider_ctx(EVP_KEYEXCH_provider(ctx->op.kex.exchange));
-        return ctx->op.kex.exchange->settable_ctx_params(ctx->op.kex.exchprovctx,
+        return ctx->op.kex.exchange->settable_ctx_params(ctx->op.kex.algctx,
                                                          provctx);
     }
     if (EVP_PKEY_CTX_IS_SIGNATURE_OP(ctx)
@@ -788,7 +788,7 @@ const OSSL_PARAM *EVP_PKEY_CTX_settable_params(const EVP_PKEY_CTX *ctx)
             && ctx->op.sig.signature->settable_ctx_params != NULL) {
         provctx = ossl_provider_ctx(
                       EVP_SIGNATURE_provider(ctx->op.sig.signature));
-        return ctx->op.sig.signature->settable_ctx_params(ctx->op.sig.sigprovctx,
+        return ctx->op.sig.signature->settable_ctx_params(ctx->op.sig.algctx,
                                                           provctx);
     }
     if (EVP_PKEY_CTX_IS_ASYM_CIPHER_OP(ctx)
@@ -796,7 +796,7 @@ const OSSL_PARAM *EVP_PKEY_CTX_settable_params(const EVP_PKEY_CTX *ctx)
             && ctx->op.ciph.cipher->settable_ctx_params != NULL) {
         provctx = ossl_provider_ctx(
                       EVP_ASYM_CIPHER_provider(ctx->op.ciph.cipher));
-        return ctx->op.ciph.cipher->settable_ctx_params(ctx->op.ciph.ciphprovctx,
+        return ctx->op.ciph.cipher->settable_ctx_params(ctx->op.ciph.algctx,
                                                         provctx);
     }
     if (EVP_PKEY_CTX_IS_GEN_OP(ctx)
@@ -810,7 +810,7 @@ const OSSL_PARAM *EVP_PKEY_CTX_settable_params(const EVP_PKEY_CTX *ctx)
         && ctx->op.encap.kem != NULL
         && ctx->op.encap.kem->settable_ctx_params != NULL) {
         provctx = ossl_provider_ctx(EVP_KEM_provider(ctx->op.encap.kem));
-        return ctx->op.encap.kem->settable_ctx_params(ctx->op.encap.kemprovctx,
+        return ctx->op.encap.kem->settable_ctx_params(ctx->op.encap.algctx,
                                                       provctx);
     }
     return NULL;
@@ -891,7 +891,7 @@ int EVP_PKEY_CTX_get_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD **md)
         return -2;
     }
 
-    if (ctx->op.sig.sigprovctx == NULL)
+    if (ctx->op.sig.algctx == NULL)
         return EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_TYPE_SIG,
                                  EVP_PKEY_CTRL_GET_MD, 0, (void *)(md));
 
@@ -947,14 +947,14 @@ static int evp_pkey_ctx_set_md(EVP_PKEY_CTX *ctx, const EVP_MD *md,
 
 int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md)
 {
-    return evp_pkey_ctx_set_md(ctx, md, ctx->op.sig.sigprovctx == NULL,
+    return evp_pkey_ctx_set_md(ctx, md, ctx->op.sig.algctx == NULL,
                                OSSL_SIGNATURE_PARAM_DIGEST,
                                EVP_PKEY_OP_TYPE_SIG, EVP_PKEY_CTRL_MD);
 }
 
 int EVP_PKEY_CTX_set_tls1_prf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md)
 {
-    return evp_pkey_ctx_set_md(ctx, md, ctx->op.kex.exchprovctx == NULL,
+    return evp_pkey_ctx_set_md(ctx, md, ctx->op.kex.algctx == NULL,
                                OSSL_KDF_PARAM_DIGEST,
                                EVP_PKEY_OP_DERIVE, EVP_PKEY_CTRL_TLS_MD);
 }
@@ -997,7 +997,7 @@ static int evp_pkey_ctx_set1_octet_string(EVP_PKEY_CTX *ctx, int fallback,
 int EVP_PKEY_CTX_set1_tls1_prf_secret(EVP_PKEY_CTX *ctx,
                                       const unsigned char *sec, int seclen)
 {
-    return evp_pkey_ctx_set1_octet_string(ctx, ctx->op.kex.exchprovctx == NULL,
+    return evp_pkey_ctx_set1_octet_string(ctx, ctx->op.kex.algctx == NULL,
                                           OSSL_KDF_PARAM_SECRET,
                                           EVP_PKEY_OP_DERIVE,
                                           EVP_PKEY_CTRL_TLS_SECRET,
@@ -1007,7 +1007,7 @@ int EVP_PKEY_CTX_set1_tls1_prf_secret(EVP_PKEY_CTX *ctx,
 int EVP_PKEY_CTX_add1_tls1_prf_seed(EVP_PKEY_CTX *ctx,
                                     const unsigned char *seed, int seedlen)
 {
-    return evp_pkey_ctx_set1_octet_string(ctx, ctx->op.kex.exchprovctx == NULL,
+    return evp_pkey_ctx_set1_octet_string(ctx, ctx->op.kex.algctx == NULL,
                                           OSSL_KDF_PARAM_SEED,
                                           EVP_PKEY_OP_DERIVE,
                                           EVP_PKEY_CTRL_TLS_SEED,
@@ -1016,7 +1016,7 @@ int EVP_PKEY_CTX_add1_tls1_prf_seed(EVP_PKEY_CTX *ctx,
 
 int EVP_PKEY_CTX_set_hkdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md)
 {
-    return evp_pkey_ctx_set_md(ctx, md, ctx->op.kex.exchprovctx == NULL,
+    return evp_pkey_ctx_set_md(ctx, md, ctx->op.kex.algctx == NULL,
                                OSSL_KDF_PARAM_DIGEST,
                                EVP_PKEY_OP_DERIVE, EVP_PKEY_CTRL_HKDF_MD);
 }
@@ -1024,7 +1024,7 @@ int EVP_PKEY_CTX_set_hkdf_md(EVP_PKEY_CTX *ctx, const EVP_MD *md)
 int EVP_PKEY_CTX_set1_hkdf_salt(EVP_PKEY_CTX *ctx,
                                 const unsigned char *salt, int saltlen)
 {
-    return evp_pkey_ctx_set1_octet_string(ctx, ctx->op.kex.exchprovctx == NULL,
+    return evp_pkey_ctx_set1_octet_string(ctx, ctx->op.kex.algctx == NULL,
                                           OSSL_KDF_PARAM_SALT,
                                           EVP_PKEY_OP_DERIVE,
                                           EVP_PKEY_CTRL_HKDF_SALT,
@@ -1034,7 +1034,7 @@ int EVP_PKEY_CTX_set1_hkdf_salt(EVP_PKEY_CTX *ctx,
 int EVP_PKEY_CTX_set1_hkdf_key(EVP_PKEY_CTX *ctx,
                                       const unsigned char *key, int keylen)
 {
-    return evp_pkey_ctx_set1_octet_string(ctx, ctx->op.kex.exchprovctx == NULL,
+    return evp_pkey_ctx_set1_octet_string(ctx, ctx->op.kex.algctx == NULL,
                                           OSSL_KDF_PARAM_KEY,
                                           EVP_PKEY_OP_DERIVE,
                                           EVP_PKEY_CTRL_HKDF_KEY,
@@ -1044,7 +1044,7 @@ int EVP_PKEY_CTX_set1_hkdf_key(EVP_PKEY_CTX *ctx,
 int EVP_PKEY_CTX_add1_hkdf_info(EVP_PKEY_CTX *ctx,
                                       const unsigned char *info, int infolen)
 {
-    return evp_pkey_ctx_set1_octet_string(ctx, ctx->op.kex.exchprovctx == NULL,
+    return evp_pkey_ctx_set1_octet_string(ctx, ctx->op.kex.algctx == NULL,
                                           OSSL_KDF_PARAM_INFO,
                                           EVP_PKEY_OP_DERIVE,
                                           EVP_PKEY_CTRL_HKDF_INFO,
@@ -1062,7 +1062,7 @@ int EVP_PKEY_CTX_hkdf_mode(EVP_PKEY_CTX *ctx, int mode)
     }
 
     /* Code below to be removed when legacy support is dropped. */
-    if (ctx->op.kex.exchprovctx == NULL)
+    if (ctx->op.kex.algctx == NULL)
         return EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_DERIVE,
                                  EVP_PKEY_CTRL_HKDF_MODE, mode, NULL);
     /* end of legacy support */
@@ -1081,7 +1081,7 @@ int EVP_PKEY_CTX_hkdf_mode(EVP_PKEY_CTX *ctx, int mode)
 int EVP_PKEY_CTX_set1_pbe_pass(EVP_PKEY_CTX *ctx, const char *pass,
                                int passlen)
 {
-    return evp_pkey_ctx_set1_octet_string(ctx, ctx->op.kex.exchprovctx == NULL,
+    return evp_pkey_ctx_set1_octet_string(ctx, ctx->op.kex.algctx == NULL,
                                           OSSL_KDF_PARAM_PASSWORD,
                                           EVP_PKEY_OP_DERIVE,
                                           EVP_PKEY_CTRL_PASS,
@@ -1091,7 +1091,7 @@ int EVP_PKEY_CTX_set1_pbe_pass(EVP_PKEY_CTX *ctx, const char *pass,
 int EVP_PKEY_CTX_set1_scrypt_salt(EVP_PKEY_CTX *ctx,
                                   const unsigned char *salt, int saltlen)
 {
-    return evp_pkey_ctx_set1_octet_string(ctx, ctx->op.kex.exchprovctx == NULL,
+    return evp_pkey_ctx_set1_octet_string(ctx, ctx->op.kex.algctx == NULL,
                                           OSSL_KDF_PARAM_SALT,
                                           EVP_PKEY_OP_DERIVE,
                                           EVP_PKEY_CTRL_SCRYPT_SALT,
@@ -1110,7 +1110,7 @@ static int evp_pkey_ctx_set_uint64(EVP_PKEY_CTX *ctx, const char *param,
     }
 
     /* Code below to be removed when legacy support is dropped. */
-    if (ctx->op.kex.exchprovctx == NULL)
+    if (ctx->op.kex.algctx == NULL)
         return EVP_PKEY_CTX_ctrl_uint64(ctx, -1, op, ctrl, val);
     /* end of legacy support */
 
diff --git a/crypto/evp/signature.c b/crypto/evp/signature.c
index e80d4f503d..b4e0ff2527 100644
--- a/crypto/evp/signature.c
+++ b/crypto/evp/signature.c
@@ -459,9 +459,9 @@ static int evp_pkey_signature_init(EVP_PKEY_CTX *ctx, int operation,
     /* No more legacy from here down to legacy: */
 
     ctx->op.sig.signature = signature;
-    ctx->op.sig.sigprovctx =
+    ctx->op.sig.algctx =
         signature->newctx(ossl_provider_ctx(signature->prov), ctx->propquery);
-    if (ctx->op.sig.sigprovctx == NULL) {
+    if (ctx->op.sig.algctx == NULL) {
         /* The provider key can stay in the cache */
         ERR_raise(ERR_LIB_EVP, EVP_R_INITIALIZATION_ERROR);
         goto err;
@@ -474,7 +474,7 @@ static int evp_pkey_signature_init(EVP_PKEY_CTX *ctx, int operation,
             ret = -2;
             goto err;
         }
-        ret = signature->sign_init(ctx->op.sig.sigprovctx, provkey, params);
+        ret = signature->sign_init(ctx->op.sig.algctx, provkey, params);
         break;
     case EVP_PKEY_OP_VERIFY:
         if (signature->verify_init == NULL) {
@@ -482,7 +482,7 @@ static int evp_pkey_signature_init(EVP_PKEY_CTX *ctx, int operation,
             ret = -2;
             goto err;
         }
-        ret = signature->verify_init(ctx->op.sig.sigprovctx, provkey, params);
+        ret = signature->verify_init(ctx->op.sig.algctx, provkey, params);
         break;
     case EVP_PKEY_OP_VERIFYRECOVER:
         if (signature->verify_recover_init == NULL) {
@@ -490,7 +490,7 @@ static int evp_pkey_signature_init(EVP_PKEY_CTX *ctx, int operation,
             ret = -2;
             goto err;
         }
-        ret = signature->verify_recover_init(ctx->op.sig.sigprovctx, provkey,
+        ret = signature->verify_recover_init(ctx->op.sig.algctx, provkey,
                                              params);
         break;
     default:
@@ -499,8 +499,8 @@ static int evp_pkey_signature_init(EVP_PKEY_CTX *ctx, int operation,
     }
 
     if (ret <= 0) {
-        signature->freectx(ctx->op.sig.sigprovctx);
-        ctx->op.sig.sigprovctx = NULL;
+        signature->freectx(ctx->op.sig.algctx);
+        ctx->op.sig.algctx = NULL;
         goto err;
     }
     goto end;
@@ -583,10 +583,10 @@ int EVP_PKEY_sign(EVP_PKEY_CTX *ctx,
         return -1;
     }
 
-    if (ctx->op.sig.sigprovctx == NULL)
+    if (ctx->op.sig.algctx == NULL)
         goto legacy;
 
-    ret = ctx->op.sig.signature->sign(ctx->op.sig.sigprovctx, sig, siglen,
+    ret = ctx->op.sig.signature->sign(ctx->op.sig.algctx, sig, siglen,
                                       SIZE_MAX, tbs, tbslen);
 
     return ret;
@@ -627,10 +627,10 @@ int EVP_PKEY_verify(EVP_PKEY_CTX *ctx,
         return -1;
     }
 
-    if (ctx->op.sig.sigprovctx == NULL)
+    if (ctx->op.sig.algctx == NULL)
         goto legacy;
 
-    ret = ctx->op.sig.signature->verify(ctx->op.sig.sigprovctx, sig, siglen,
+    ret = ctx->op.sig.signature->verify(ctx->op.sig.algctx, sig, siglen,
                                         tbs, tbslen);
 
     return ret;
@@ -670,10 +670,10 @@ int EVP_PKEY_verify_recover(EVP_PKEY_CTX *ctx,
         return -1;
     }
 
-    if (ctx->op.sig.sigprovctx == NULL)
+    if (ctx->op.sig.algctx == NULL)
         goto legacy;
 
-    ret = ctx->op.sig.signature->verify_recover(ctx->op.sig.sigprovctx, rout,
+    ret = ctx->op.sig.signature->verify_recover(ctx->op.sig.algctx, rout,
                                                 routlen,
                                                 (rout == NULL ? 0 : *routlen),
                                                 sig, siglen);
diff --git a/include/crypto/evp.h b/include/crypto/evp.h
index 92a9f0fc29..ea61b83469 100644
--- a/include/crypto/evp.h
+++ b/include/crypto/evp.h
@@ -58,21 +58,37 @@ struct evp_pkey_ctx_st {
 
         struct {
             EVP_KEYEXCH *exchange;
-            void *exchprovctx;
+            /*
+             * Opaque ctx returned from a providers exchange algorithm
+             * implementation OSSL_FUNC_keyexch_newctx()
+             */
+            void *algctx;
         } kex;
 
         struct {
             EVP_SIGNATURE *signature;
-            void *sigprovctx;
+            /*
+             * Opaque ctx returned from a providers signature algorithm
+             * implementation OSSL_FUNC_signature_newctx()
+             */
+            void *algctx;
         } sig;
 
         struct {
             EVP_ASYM_CIPHER *cipher;
-            void *ciphprovctx;
+            /*
+             * Opaque ctx returned from a providers asymmetric cipher algorithm
+             * implementation OSSL_FUNC_asym_cipher_newctx()
+             */
+            void *algctx;
         } ciph;
         struct {
             EVP_KEM *kem;
-            void *kemprovctx;
+            /*
+             * Opaque ctx returned from a providers KEM algorithm
+             * implementation OSSL_FUNC_kem_newctx()
+             */
+            void *algctx;
         } encap;
     } op;
 
diff --git a/test/drbgtest.c b/test/drbgtest.c
index 70e062ce75..ad5266ce3e 100644
--- a/test/drbgtest.c
+++ b/test/drbgtest.c
@@ -104,7 +104,7 @@ DRBG_UINT(reseed_counter)
 
 static PROV_DRBG *prov_rand(EVP_RAND_CTX *drbg)
 {
-    return (PROV_DRBG *)drbg->data;
+    return (PROV_DRBG *)drbg->algctx;
 }
 
 static void set_reseed_counter(EVP_RAND_CTX *drbg, unsigned int n)
diff --git a/test/testutil/fake_random.c b/test/testutil/fake_random.c
index bdd48d394c..f2f0e2793f 100644
--- a/test/testutil/fake_random.c
+++ b/test/testutil/fake_random.c
@@ -179,7 +179,7 @@ static int check_rng(EVP_RAND_CTX *rng, const char *name)
         TEST_info("random: %s", name);
         return 0;
     }
-    f = rng->data;
+    f = rng->algctx;
     f->name = name;
     f->ctx = rng;
     return 1;
@@ -216,7 +216,7 @@ void fake_rand_set_callback(EVP_RAND_CTX *rng,
                                       const char *name, EVP_RAND_CTX *ctx))
 {
     if (rng != NULL)
-        ((FAKE_RAND *)rng->data)->cb = cb;
+        ((FAKE_RAND *)rng->algctx)->cb = cb;
 }
 
 void fake_rand_set_public_private_callbacks(OSSL_LIB_CTX *libctx,


More information about the openssl-commits mailing list