From d8025f4ac002f6de775a8c3c7936036d0722eed6 Mon Sep 17 00:00:00 2001
From: Matt Caswell <matt@openssl.org>
Date: Sun, 13 Sep 2020 11:09:20 +0100
Subject: [PATCH] Correctly display the signing/hmac algorithm in the dgst app

In OpenSSL 1.1.1 doing an HMAC operation with (say) SHA1 would produce
output like this:

HMAC-SHA1(README.md)= 553154e4c0109ddc320bb495735906ad7135c2f1

Prior to this change master would instead display this like so:

SHA1(README.md)= 553154e4c0109ddc320bb495735906ad7135c2f1

The problem is that dgst was using EVP_PKEY_asn1_get0_info() to get
the algorithm name from the EVP_PKEY. This doesn't work with provider
based keys. Instead we introduce a new EVP_PKEY_get0_first_alg_name()
function, and an equivalent EVP_KEYMGMT_get0_first_name() function.

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/12850)
---
 apps/dgst.c               |  9 ++-------
 crypto/evp/evp_pkey.c     | 17 +++++++++++++++++
 crypto/evp/keymgmt_meth.c |  5 +++++
 include/openssl/evp.h     |  3 +++
 util/libcrypto.num        |  2 ++
 5 files changed, 29 insertions(+), 7 deletions(-)

diff --git a/apps/dgst.c b/apps/dgst.c
index 7fc7da1e53..650115b468 100644
--- a/apps/dgst.c
+++ b/apps/dgst.c
@@ -406,13 +406,8 @@ int dgst_main(int argc, char **argv)
     } else {
         const char *sig_name = NULL;
         if (!out_bin) {
-            if (sigkey != NULL) {
-                const EVP_PKEY_ASN1_METHOD *ameth;
-                ameth = EVP_PKEY_get0_asn1(sigkey);
-                if (ameth)
-                    EVP_PKEY_asn1_get0_info(NULL, NULL,
-                                            NULL, NULL, &sig_name, ameth);
-            }
+            if (sigkey != NULL)
+                sig_name = EVP_PKEY_get0_first_alg_name(sigkey);
         }
         ret = 0;
         for (i = 0; i < argc; i++) {
diff --git a/crypto/evp/evp_pkey.c b/crypto/evp/evp_pkey.c
index d435c86087..f31d1d68f8 100644
--- a/crypto/evp/evp_pkey.c
+++ b/crypto/evp/evp_pkey.c
@@ -163,3 +163,20 @@ int EVP_PKEY_add1_attr_by_txt(EVP_PKEY *key,
         return 1;
     return 0;
 }
+
+const char *EVP_PKEY_get0_first_alg_name(const EVP_PKEY *key)
+{
+    const EVP_PKEY_ASN1_METHOD *ameth;
+    const char *name = NULL;
+
+    if (key->keymgmt != NULL)
+        return EVP_KEYMGMT_get0_first_name(key->keymgmt);
+
+    /* Otherwise fallback to legacy */
+    ameth = EVP_PKEY_get0_asn1(key);
+    if (ameth != NULL)
+        EVP_PKEY_asn1_get0_info(NULL, NULL,
+                                NULL, NULL, &name, ameth);
+
+    return name;
+}
diff --git a/crypto/evp/keymgmt_meth.c b/crypto/evp/keymgmt_meth.c
index 1459b64f0e..5453ceadda 100644
--- a/crypto/evp/keymgmt_meth.c
+++ b/crypto/evp/keymgmt_meth.c
@@ -249,6 +249,11 @@ int EVP_KEYMGMT_number(const EVP_KEYMGMT *keymgmt)
     return keymgmt->name_id;
 }
 
+const char *EVP_KEYMGMT_get0_first_name(const EVP_KEYMGMT *keymgmt)
+{
+    return evp_first_name(keymgmt->prov, keymgmt->name_id);
+}
+
 int EVP_KEYMGMT_is_a(const EVP_KEYMGMT *keymgmt, const char *name)
 {
     return evp_is_a(keymgmt->prov, keymgmt->name_id, NULL, name);
diff --git a/include/openssl/evp.h b/include/openssl/evp.h
index 4d0cc9d560..ff97198542 100644
--- a/include/openssl/evp.h
+++ b/include/openssl/evp.h
@@ -1496,6 +1496,8 @@ int EVP_PKEY_CTX_set1_id(EVP_PKEY_CTX *ctx, const void *id, int len);
 int EVP_PKEY_CTX_get1_id(EVP_PKEY_CTX *ctx, void *id);
 int EVP_PKEY_CTX_get1_id_len(EVP_PKEY_CTX *ctx, size_t *id_len);
 
+const char *EVP_PKEY_get0_first_alg_name(const EVP_PKEY *key);
+
 # define EVP_PKEY_OP_UNDEFINED           0
 # define EVP_PKEY_OP_PARAMGEN            (1<<1)
 # define EVP_PKEY_OP_KEYGEN              (1<<2)
@@ -1573,6 +1575,7 @@ EVP_KEYMGMT *EVP_KEYMGMT_fetch(OPENSSL_CTX *ctx, const char *algorithm,
 int EVP_KEYMGMT_up_ref(EVP_KEYMGMT *keymgmt);
 void EVP_KEYMGMT_free(EVP_KEYMGMT *keymgmt);
 const OSSL_PROVIDER *EVP_KEYMGMT_provider(const EVP_KEYMGMT *keymgmt);
+const char *EVP_KEYMGMT_get0_first_name(const EVP_KEYMGMT *keymgmt);
 int EVP_KEYMGMT_number(const EVP_KEYMGMT *keymgmt);
 int EVP_KEYMGMT_is_a(const EVP_KEYMGMT *keymgmt, const char *name);
 void EVP_KEYMGMT_do_all_provided(OPENSSL_CTX *libctx,
diff --git a/util/libcrypto.num b/util/libcrypto.num
index 6070b570a5..a1b8ce0be1 100644
--- a/util/libcrypto.num
+++ b/util/libcrypto.num
@@ -5280,3 +5280,5 @@ EVP_PKEY_CTX_get1_id_len                ?	3_0_0	EXIST::FUNCTION:
 CMS_AuthEnvelopedData_create            ?	3_0_0	EXIST::FUNCTION:CMS
 CMS_AuthEnvelopedData_create_with_libctx ?	3_0_0	EXIST::FUNCTION:CMS
 EVP_PKEY_CTX_set_ec_param_enc           ?	3_0_0	EXIST::FUNCTION:EC
+EVP_PKEY_get0_first_alg_name            ?	3_0_0	EXIST::FUNCTION:
+EVP_KEYMGMT_get0_first_name             ?	3_0_0	EXIST::FUNCTION:
-- 
2.34.1