This is currently in WIP because I haven't yet modified the relevant provider implementations to respond to a requested algorithm identifier... let alone with key generation.

Regardless of WIP or Travis failures, I'm interested in early comments on the ideas introduced in this PR

https://tools.ietf.org/html/draft-housley-lamps-cms-update-alg-id-protect-00 (and list discussion thereof) may provide some additional clarity for the use of multiple algorithm IDs within CMS.

Well. I have many failing tests for CMS.

The diagnostics is

Error decrypting CMS using private key
00:C1:24:36:68:7F:00:00:error:CMS routines:CMS_decrypt_set1_pkey_and_peer:no matching recipient:crypto/cms/cms_smime.c:677:

I see two sets of problems for GOST.

1. GOST engine I use supports both key derivation and key encryption. The code https://github.com/openssl/openssl/pull/11422/files#diff-47b8520df0a2f8fa0433ff37611596f3R1092-R1099 enforces selection according to supported operation implicitly.

Reordering the options (checking first for encryption, then for derivation) does the trick for GOST.
As support of KeyTransRecipientInfo is mandatory according to specification (see below quote in Russian, unfortunately, no text in English yet)

Совместимые реализации, оперирующие сообщениями с типом данных «конверт данных», должны поддерживать следующий функционал при зашифровании и расшифровании:
• Обработка шифрованных сообщений с использованием эфемерного протокола Диффи-Хеллмана;
• Закодирование и раскодирование информации о получателях шифрованного сообщения в виде структур типа KeyTransRecipientInfo;

I'd suggest to leave it this way.

2. The 2nd problem seems unrelated to this one. It prevents decryption for key agreement and I'm in process of investigations.

The 2nd problem is related to cms_pkey_is_ri_type_supported function. Now it returns the result of comparison with one exact value instead of checking for more than one in ctrl function.

@levitte, feel free to ask for more information. I currently have a reasonable test installation for its work.

#11450 is in, I've rebased, now I just gotta finish up

The travis failure seems relevant

$ if test -n "$CHECKDOCS" && ! $make doc-nits; then echo -e '\052\052 FAILED -- MAKE DOC-NITS'; travis_terminate 1; fi
/usr/bin/perl ./util/find-doc-nits -n -l -e
doc/man3/EVP_PKEY_size.pod:1: EVP_PKEY_gettable_params(3) also in NAME section of doc/man3/EVP_PKEY_gettable_params.pod
doc/man3/EVP_PKEY_size.pod:1: The following exist as other .pod files: EVP_PKEY_gettable_params
*** WARNING: No items in =over (at line 22) / =back list at line 27 in file doc/man3/X509_get0_distinguishing_id.pod
*** WARNING: No items in =over (at line 12) / =back list at line 52 in file doc/man7/EVP_MD-common.pod
*** WARNING: No items in =over (at line 19) / =back list at line 25 in file doc/man7/OSSL_PROVIDER-FIPS.pod
*** WARNING: No items in =over (at line 18) / =back list at line 22 in file doc/man7/OSSL_PROVIDER-default.pod
*** WARNING: No items in =over (at line 21) / =back list at line 25 in file doc/man7/OSSL_PROVIDER-legacy.pod
Makefile:1812: recipe for target 'doc-nits' failed
make: *** [doc-nits] Error 1
** FAILED -- MAKE DOC-NITS

@levitte, @romen - could you please remind me how to fetch the current state of this PR to make tests? There were hints at the top of the page when a review was requested, but they've disappeared :(
Many thanks!

Found the commands in history.

git fetch origin refs/pull/11422/head
git checkout -b levitte/cms-with-providers FETCH_HEAD

Is this still WIP?

Is this still WIP?

Yes. I'm currently testing it merged with #11328, I need to ensure that works first.

However, please feel welcome to comment what you see!

Oh... wow! The code that's in right now works flawlessly when merged with #11328

Oh... wow! The code that's in right now works flawlessly when merged with #11328

... heh, that says nothing. Since it's merged with EC key generation, and we only tell EC with key derivation, for which I've added an EVP_PKEY downgrade hack, it reduces the whole test suite to legacy key only. I wonder what happens if I merge in the DSA key generation PR, which is around, er, somewhere... yes, in #11303.

I think we need to discuss the issues with OSSL_PARAM / BIGNUM elsewhere. Let's no hijack this PR (or any other PR) for that discussion.

Elsewhere we have EVP_XX_CTX_[gs]et_params. Here the names are ass-about. Can we work on a better name for a start? Just because the underlying naming is rotten does not mean we need to perpetuate the rot.

The BIGNUM concerns do need a separate discussion. Agreed that it will not happen here. BIGNUMs are difficult with the existing OSSL_PARAM framework. The framework mandates extra buffers of the right size before knowing what the actual values are. My opinion is that OSSL_PARAM is broken with respects to this :( I understand why we're byte reordering but it's pain for minimal benefit.

Figuring out which OSSL_PARAMs have been used is a two directional affair, we will need to address this at some point, again not here.

BIGNUMs are difficult

I think that sums it up. It comes down to lack of language support.

... damnit. NOT hijack this PR, @levitte...

... damnit. NOT hijack this PR, @levitte...

We understood :)

Time is too pressing to hold things up.

Is this a topic for beta1...?

Is this still relevant? IMO not.