Swap to FIPS186-2 DSA generation outside of the FIPS module

Inside the FIPS module we continue to use FIPS186-4. We prefer FIPS186-2 in the default provider for backwards compatibility reasons. Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/13228)
2025-03-19 19:50:42 +08:00 · 2020-10-23 12:35:00 +01:00 · 2020-10-23 12:35:00 +01:00 · f1d6670840
commit f1d6670840
parent c2bd8d2783
5 changed files with 16 additions and 5 deletions
--- a/doc/man3/EVP_PKEY_CTX_ctrl.pod
+++ b/doc/man3/EVP_PKEY_CTX_ctrl.pod
@ -455,9 +455,10 @@ Uses a safe prime generator g (PKCS#3 format).

 =back

-The default is B<DH_PARAMGEN_TYPE_GENERATOR> in the default provider for the
-"DH" keytype, and B<DH_PARAMGEN_TYPE_FIPS_186_4> in the FIPS provider and for
-the "DHX" keytype in the default provider.
+The default in the default provider is B<DH_PARAMGEN_TYPE_GENERATOR> for the
+"DH" keytype, and B<DH_PARAMGEN_TYPE_FIPS_186_2> for the "DHX" keytype. In the
+FIPS provider the default value is B<DH_PARAMGEN_TYPE_GROUP> for the "DH"
+keytype and <B<DH_PARAMGEN_TYPE_FIPS_186_4> for the "DHX" keytype.

 EVP_PKEY_CTX_set_dh_paramgen_gindex() sets the I<gindex> used by the generator G.
 The default value is -1 which uses unverifiable g, otherwise a positive value
--- a/providers/implementations/keymgmt/build.info
+++ b/providers/implementations/keymgmt/build.info
@ -1,7 +1,6 @@
 # We make separate GOAL variables for each algorithm, to make it easy to
 # switch each to the Legacy provider when needed.

-$DSA_GOAL=../../libimplementations.a
 $EC_GOAL=../../libimplementations.a
 $ECX_GOAL=../../libimplementations.a
 $KDF_GOAL=../../libimplementations.a
@ -11,7 +10,8 @@ IF[{- !$disabled{dh} -}]
  SOURCE[../../libnonfips.a]=dh_kmgmt.c
 ENDIF
 IF[{- !$disabled{dsa} -}]
-  SOURCE[$DSA_GOAL]=dsa_kmgmt.c
+  SOURCE[../../libfips.a]=dsa_kmgmt.c
+  SOURCE[../../libnonfips.a]=dsa_kmgmt.c
 ENDIF
 IF[{- !$disabled{ec} -}]
  SOURCE[$EC_GOAL]=ec_kmgmt.c
--- a/providers/implementations/keymgmt/dsa_kmgmt.c
+++ b/providers/implementations/keymgmt/dsa_kmgmt.c
@ -75,7 +75,11 @@ typedef struct dh_name2id_st{

 static const DSA_GENTYPE_NAME2ID dsatype2id[]=
 {
+#ifdef FIPS_MODULE
    { "default", DSA_PARAMGEN_TYPE_FIPS_186_4 },
+#else
+    { "default", DSA_PARAMGEN_TYPE_FIPS_186_2 },
+#endif
    { "fips186_4", DSA_PARAMGEN_TYPE_FIPS_186_4 },
    { "fips186_2", DSA_PARAMGEN_TYPE_FIPS_186_2 },
 };
@ -374,7 +378,11 @@ static void *dsa_gen_init(void *provctx, int selection)
        gctx->libctx = libctx;
        gctx->pbits = 2048;
        gctx->qbits = 224;
+#ifdef FIPS_MODULE
        gctx->gen_type = DSA_PARAMGEN_TYPE_FIPS_186_4;
+#else
+        gctx->gen_type = DSA_PARAMGEN_TYPE_FIPS_186_2;
+#endif
        gctx->gindex = -1;
        gctx->pcounter = -1;
        gctx->hindex = 0;
--- a/test/dsatest.c
+++ b/test/dsatest.c
@ -249,6 +249,7 @@ static int dsa_keygen_test(void)
        || !TEST_ptr(settables = EVP_PKEY_CTX_settable_params(pg_ctx))
        || !TEST_ptr(OSSL_PARAM_locate_const(settables,
                                             OSSL_PKEY_PARAM_FFC_PBITS))
+        || !TEST_true(EVP_PKEY_CTX_set_dsa_paramgen_type(pg_ctx, "fips186_4"))
        || !TEST_true(EVP_PKEY_CTX_set_dsa_paramgen_bits(pg_ctx, 2048))
        || !TEST_true(EVP_PKEY_CTX_set_dsa_paramgen_q_bits(pg_ctx, 224))
        || !TEST_true(EVP_PKEY_CTX_set_dsa_paramgen_seed(pg_ctx, seed_data,
--- a/test/recipes/15-test_gendsa.t
+++ b/test/recipes/15-test_gendsa.t
@ -79,6 +79,7 @@ ok(run(app([ 'openssl', 'genpkey',
 # Just put some dummy ones in to show it works.
 ok(run(app([ 'openssl', 'genpkey',
             '-paramfile', 'dsagen.der',
+             '-pkeyopt', 'type:fips186_4',
             '-pkeyopt', 'gindex:1',
             '-pkeyopt', 'hexseed:0102030405060708090A0B0C0D0E0F1011121314',
             '-pkeyopt', 'pcounter:25',