Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the FIPS module

The documentation claimed this was already the default but it wasn't. This was causing the dhparam application to change behaviour when compared to 1.1.1 Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/13228)
2024-11-21 01:15:20 +08:00 · 2020-10-22 13:54:11 +01:00 · 2020-10-22 13:54:11 +01:00 · c2bd8d2783
commit c2bd8d2783
parent d3d2c0dc68
3 changed files with 35 additions and 9 deletions
--- a/doc/man3/EVP_PKEY_CTX_ctrl.pod
+++ b/doc/man3/EVP_PKEY_CTX_ctrl.pod
@ -414,7 +414,8 @@ p, q, and verifiable g are required, since it is not part of a persisted key.

 EVP_PKEY_CTX_set_dsa_paramgen_type() sets the generation type to use FIPS186-4
 generation if I<name> is "fips186_4", or FIPS186-2 generation if I<name> is
-"fips186_2". The default value is "fips186_4".
+"fips186_2". The default value for the default provider is "fips186_2". The
+default value for the FIPS provider is "fips186_4".

 =head2 DH parameters

@ -454,7 +455,9 @@ Uses a safe prime generator g (PKCS#3 format).

 =back

-The default is B<DH_PARAMGEN_TYPE_GENERATOR>.
+The default is B<DH_PARAMGEN_TYPE_GENERATOR> in the default provider for the
+"DH" keytype, and B<DH_PARAMGEN_TYPE_FIPS_186_4> in the FIPS provider and for
+the "DHX" keytype in the default provider.

 EVP_PKEY_CTX_set_dh_paramgen_gindex() sets the I<gindex> used by the generator G.
 The default value is -1 which uses unverifiable g, otherwise a positive value
--- a/providers/implementations/keymgmt/build.info
+++ b/providers/implementations/keymgmt/build.info
@ -1,14 +1,14 @@
 # We make separate GOAL variables for each algorithm, to make it easy to
 # switch each to the Legacy provider when needed.

-$DH_GOAL=../../libimplementations.a
 $DSA_GOAL=../../libimplementations.a
 $EC_GOAL=../../libimplementations.a
 $ECX_GOAL=../../libimplementations.a
 $KDF_GOAL=../../libimplementations.a

 IF[{- !$disabled{dh} -}]
-  SOURCE[$DH_GOAL]=dh_kmgmt.c
+  SOURCE[../../libfips.a]=dh_kmgmt.c
+  SOURCE[../../libnonfips.a]=dh_kmgmt.c
 ENDIF
 IF[{- !$disabled{dsa} -}]
  SOURCE[$DSA_GOAL]=dsa_kmgmt.c
--- a/providers/implementations/keymgmt/dh_kmgmt.c
+++ b/providers/implementations/keymgmt/dh_kmgmt.c
@ -83,7 +83,6 @@ typedef struct dh_name2id_st{

 static const DH_GENTYPE_NAME2ID dhtype2id[]=
 {
-    { "default", DH_PARAMGEN_TYPE_FIPS_186_4 },
    { "fips186_4", DH_PARAMGEN_TYPE_FIPS_186_4 },
    { "fips186_2", DH_PARAMGEN_TYPE_FIPS_186_2 },
    { "group", DH_PARAMGEN_TYPE_GROUP },
@ -101,10 +100,24 @@ const char *dh_gen_type_id2name(int id)
    return NULL;
 }

-static int dh_gen_type_name2id(const char *name)
+static int dh_gen_type_name2id(const char *name, int type)
 {
    size_t i;

+    if (strcmp(name, "default") == 0) {
+#ifdef FIPS_MODULE
+        if (type == DH_FLAG_TYPE_DHX)
+            return DH_PARAMGEN_TYPE_FIPS_186_4;
+
+        return DH_PARAMGEN_TYPE_GROUP;
+#else
+        if (type == DH_FLAG_TYPE_DHX)
+            return DH_PARAMGEN_TYPE_FIPS_186_2;
+
+        return DH_PARAMGEN_TYPE_GENERATOR;
+#endif
+    }
+
    for (i = 0; i < OSSL_NELEM(dhtype2id); ++i) {
        if (strcmp(dhtype2id[i].name, name) == 0)
            return dhtype2id[i].id;
@ -428,7 +441,15 @@ static void *dh_gen_init_base(void *provctx, int selection, int type)
        gctx->pbits = 2048;
        gctx->qbits = 224;
        gctx->mdname = NULL;
-        gctx->gen_type = DH_PARAMGEN_TYPE_FIPS_186_4;
+#ifdef FIPS_MODULE
+        gctx->gen_type = (type == DH_FLAG_TYPE_DHX)
+                         ? DH_PARAMGEN_TYPE_FIPS_186_4
+                         : DH_PARAMGEN_TYPE_GROUP;
+#else
+        gctx->gen_type = (type == DH_FLAG_TYPE_DHX)
+                         ? DH_PARAMGEN_TYPE_FIPS_186_2
+                         : DH_PARAMGEN_TYPE_GENERATOR;
+#endif
        gctx->gindex = -1;
        gctx->hindex = 0;
        gctx->pcounter = -1;
@ -485,7 +506,8 @@ static int dh_gen_set_params(void *genctx, const OSSL_PARAM params[])
    p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_FFC_TYPE);
    if (p != NULL) {
        if (p->data_type != OSSL_PARAM_UTF8_STRING
-            || ((gctx->gen_type = dh_gen_type_name2id(p->data)) == -1)) {
+            || ((gctx->gen_type = dh_gen_type_name2id(p->data,
+                                                      gctx->dh_type)) == -1)) {
            ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_INVALID_ARGUMENT);
            return 0;
        }
@ -584,7 +606,8 @@ static void *dh_gen(void *genctx, OSSL_CALLBACK *osslcb, void *cbarg)
        return NULL;

    /* For parameter generation - If there is a group name just create it */
-    if (gctx->gen_type == DH_PARAMGEN_TYPE_GROUP) {
+    if (gctx->gen_type == DH_PARAMGEN_TYPE_GROUP
+            && gctx->ffc_params == NULL) {
        /* Select a named group if there is not one already */
        if (gctx->group_nid == NID_undef)
            gctx->group_nid = dh_get_named_group_uid_from_size(gctx->pbits);