[openssl] master update
Matt Caswell
matt at openssl.org
Wed Nov 18 15:09:50 UTC 2020
The branch master has been updated
via f1d6670840b08104646713f464a6ef42e2cf1c2a (commit)
via c2bd8d27835186b9fc4c7e4e12a3f6d81bac0544 (commit)
from d3d2c0dc68e6eebbfe7b1fc2ea653225a9f37a94 (commit)
- Log -----------------------------------------------------------------
commit f1d6670840b08104646713f464a6ef42e2cf1c2a
Author: Matt Caswell <matt at openssl.org>
Date: Fri Oct 23 12:35:00 2020 +0100
Swap to FIPS186-2 DSA generation outside of the FIPS module
Inside the FIPS module we continue to use FIPS186-4. We prefer FIPS186-2
in the default provider for backwards compatibility reasons.
Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13228)
commit c2bd8d27835186b9fc4c7e4e12a3f6d81bac0544
Author: Matt Caswell <matt at openssl.org>
Date: Thu Oct 22 13:54:11 2020 +0100
Swap to DH_PARAMGEN_TYPE_GENERATOR as the default outside of the FIPS module
The documentation claimed this was already the default but it wasn't. This
was causing the dhparam application to change behaviour when compared to
1.1.1
Reviewed-by: Tomas Mraz <tmraz at fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/13228)
-----------------------------------------------------------------------
Summary of changes:
doc/man3/EVP_PKEY_CTX_ctrl.pod | 8 +++++--
providers/implementations/keymgmt/build.info | 8 +++----
providers/implementations/keymgmt/dh_kmgmt.c | 33 +++++++++++++++++++++++----
providers/implementations/keymgmt/dsa_kmgmt.c | 8 +++++++
test/dsatest.c | 1 +
test/recipes/15-test_gendsa.t | 1 +
6 files changed, 48 insertions(+), 11 deletions(-)
diff --git a/doc/man3/EVP_PKEY_CTX_ctrl.pod b/doc/man3/EVP_PKEY_CTX_ctrl.pod
index 7159d8885c..1de332c3b3 100644
--- a/doc/man3/EVP_PKEY_CTX_ctrl.pod
+++ b/doc/man3/EVP_PKEY_CTX_ctrl.pod
@@ -414,7 +414,8 @@ p, q, and verifiable g are required, since it is not part of a persisted key.
EVP_PKEY_CTX_set_dsa_paramgen_type() sets the generation type to use FIPS186-4
generation if I<name> is "fips186_4", or FIPS186-2 generation if I<name> is
-"fips186_2". The default value is "fips186_4".
+"fips186_2". The default value for the default provider is "fips186_2". The
+default value for the FIPS provider is "fips186_4".
=head2 DH parameters
@@ -454,7 +455,10 @@ Uses a safe prime generator g (PKCS#3 format).
=back
-The default is B<DH_PARAMGEN_TYPE_GENERATOR>.
+The default in the default provider is B<DH_PARAMGEN_TYPE_GENERATOR> for the
+"DH" keytype, and B<DH_PARAMGEN_TYPE_FIPS_186_2> for the "DHX" keytype. In the
+FIPS provider the default value is B<DH_PARAMGEN_TYPE_GROUP> for the "DH"
+keytype and <B<DH_PARAMGEN_TYPE_FIPS_186_4> for the "DHX" keytype.
EVP_PKEY_CTX_set_dh_paramgen_gindex() sets the I<gindex> used by the generator G.
The default value is -1 which uses unverifiable g, otherwise a positive value
diff --git a/providers/implementations/keymgmt/build.info b/providers/implementations/keymgmt/build.info
index 978cd706ae..75f61a6de1 100644
--- a/providers/implementations/keymgmt/build.info
+++ b/providers/implementations/keymgmt/build.info
@@ -1,17 +1,17 @@
# We make separate GOAL variables for each algorithm, to make it easy to
# switch each to the Legacy provider when needed.
-$DH_GOAL=../../libimplementations.a
-$DSA_GOAL=../../libimplementations.a
$EC_GOAL=../../libimplementations.a
$ECX_GOAL=../../libimplementations.a
$KDF_GOAL=../../libimplementations.a
IF[{- !$disabled{dh} -}]
- SOURCE[$DH_GOAL]=dh_kmgmt.c
+ SOURCE[../../libfips.a]=dh_kmgmt.c
+ SOURCE[../../libnonfips.a]=dh_kmgmt.c
ENDIF
IF[{- !$disabled{dsa} -}]
- SOURCE[$DSA_GOAL]=dsa_kmgmt.c
+ SOURCE[../../libfips.a]=dsa_kmgmt.c
+ SOURCE[../../libnonfips.a]=dsa_kmgmt.c
ENDIF
IF[{- !$disabled{ec} -}]
SOURCE[$EC_GOAL]=ec_kmgmt.c
diff --git a/providers/implementations/keymgmt/dh_kmgmt.c b/providers/implementations/keymgmt/dh_kmgmt.c
index d8ca4cc9dd..927246167e 100644
--- a/providers/implementations/keymgmt/dh_kmgmt.c
+++ b/providers/implementations/keymgmt/dh_kmgmt.c
@@ -83,7 +83,6 @@ typedef struct dh_name2id_st{
static const DH_GENTYPE_NAME2ID dhtype2id[]=
{
- { "default", DH_PARAMGEN_TYPE_FIPS_186_4 },
{ "fips186_4", DH_PARAMGEN_TYPE_FIPS_186_4 },
{ "fips186_2", DH_PARAMGEN_TYPE_FIPS_186_2 },
{ "group", DH_PARAMGEN_TYPE_GROUP },
@@ -101,10 +100,24 @@ const char *dh_gen_type_id2name(int id)
return NULL;
}
-static int dh_gen_type_name2id(const char *name)
+static int dh_gen_type_name2id(const char *name, int type)
{
size_t i;
+ if (strcmp(name, "default") == 0) {
+#ifdef FIPS_MODULE
+ if (type == DH_FLAG_TYPE_DHX)
+ return DH_PARAMGEN_TYPE_FIPS_186_4;
+
+ return DH_PARAMGEN_TYPE_GROUP;
+#else
+ if (type == DH_FLAG_TYPE_DHX)
+ return DH_PARAMGEN_TYPE_FIPS_186_2;
+
+ return DH_PARAMGEN_TYPE_GENERATOR;
+#endif
+ }
+
for (i = 0; i < OSSL_NELEM(dhtype2id); ++i) {
if (strcmp(dhtype2id[i].name, name) == 0)
return dhtype2id[i].id;
@@ -428,7 +441,15 @@ static void *dh_gen_init_base(void *provctx, int selection, int type)
gctx->pbits = 2048;
gctx->qbits = 224;
gctx->mdname = NULL;
- gctx->gen_type = DH_PARAMGEN_TYPE_FIPS_186_4;
+#ifdef FIPS_MODULE
+ gctx->gen_type = (type == DH_FLAG_TYPE_DHX)
+ ? DH_PARAMGEN_TYPE_FIPS_186_4
+ : DH_PARAMGEN_TYPE_GROUP;
+#else
+ gctx->gen_type = (type == DH_FLAG_TYPE_DHX)
+ ? DH_PARAMGEN_TYPE_FIPS_186_2
+ : DH_PARAMGEN_TYPE_GENERATOR;
+#endif
gctx->gindex = -1;
gctx->hindex = 0;
gctx->pcounter = -1;
@@ -485,7 +506,8 @@ static int dh_gen_set_params(void *genctx, const OSSL_PARAM params[])
p = OSSL_PARAM_locate_const(params, OSSL_PKEY_PARAM_FFC_TYPE);
if (p != NULL) {
if (p->data_type != OSSL_PARAM_UTF8_STRING
- || ((gctx->gen_type = dh_gen_type_name2id(p->data)) == -1)) {
+ || ((gctx->gen_type = dh_gen_type_name2id(p->data,
+ gctx->dh_type)) == -1)) {
ERR_raise(ERR_LIB_PROV, ERR_R_PASSED_INVALID_ARGUMENT);
return 0;
}
@@ -584,7 +606,8 @@ static void *dh_gen(void *genctx, OSSL_CALLBACK *osslcb, void *cbarg)
return NULL;
/* For parameter generation - If there is a group name just create it */
- if (gctx->gen_type == DH_PARAMGEN_TYPE_GROUP) {
+ if (gctx->gen_type == DH_PARAMGEN_TYPE_GROUP
+ && gctx->ffc_params == NULL) {
/* Select a named group if there is not one already */
if (gctx->group_nid == NID_undef)
gctx->group_nid = dh_get_named_group_uid_from_size(gctx->pbits);
diff --git a/providers/implementations/keymgmt/dsa_kmgmt.c b/providers/implementations/keymgmt/dsa_kmgmt.c
index c3f178d34c..6dbd450386 100644
--- a/providers/implementations/keymgmt/dsa_kmgmt.c
+++ b/providers/implementations/keymgmt/dsa_kmgmt.c
@@ -75,7 +75,11 @@ typedef struct dh_name2id_st{
static const DSA_GENTYPE_NAME2ID dsatype2id[]=
{
+#ifdef FIPS_MODULE
{ "default", DSA_PARAMGEN_TYPE_FIPS_186_4 },
+#else
+ { "default", DSA_PARAMGEN_TYPE_FIPS_186_2 },
+#endif
{ "fips186_4", DSA_PARAMGEN_TYPE_FIPS_186_4 },
{ "fips186_2", DSA_PARAMGEN_TYPE_FIPS_186_2 },
};
@@ -374,7 +378,11 @@ static void *dsa_gen_init(void *provctx, int selection)
gctx->libctx = libctx;
gctx->pbits = 2048;
gctx->qbits = 224;
+#ifdef FIPS_MODULE
gctx->gen_type = DSA_PARAMGEN_TYPE_FIPS_186_4;
+#else
+ gctx->gen_type = DSA_PARAMGEN_TYPE_FIPS_186_2;
+#endif
gctx->gindex = -1;
gctx->pcounter = -1;
gctx->hindex = 0;
diff --git a/test/dsatest.c b/test/dsatest.c
index 614a8ea1d8..962946602e 100644
--- a/test/dsatest.c
+++ b/test/dsatest.c
@@ -249,6 +249,7 @@ static int dsa_keygen_test(void)
|| !TEST_ptr(settables = EVP_PKEY_CTX_settable_params(pg_ctx))
|| !TEST_ptr(OSSL_PARAM_locate_const(settables,
OSSL_PKEY_PARAM_FFC_PBITS))
+ || !TEST_true(EVP_PKEY_CTX_set_dsa_paramgen_type(pg_ctx, "fips186_4"))
|| !TEST_true(EVP_PKEY_CTX_set_dsa_paramgen_bits(pg_ctx, 2048))
|| !TEST_true(EVP_PKEY_CTX_set_dsa_paramgen_q_bits(pg_ctx, 224))
|| !TEST_true(EVP_PKEY_CTX_set_dsa_paramgen_seed(pg_ctx, seed_data,
diff --git a/test/recipes/15-test_gendsa.t b/test/recipes/15-test_gendsa.t
index 4dc387cac5..910cc7da56 100644
--- a/test/recipes/15-test_gendsa.t
+++ b/test/recipes/15-test_gendsa.t
@@ -79,6 +79,7 @@ ok(run(app([ 'openssl', 'genpkey',
# Just put some dummy ones in to show it works.
ok(run(app([ 'openssl', 'genpkey',
'-paramfile', 'dsagen.der',
+ '-pkeyopt', 'type:fips186_4',
'-pkeyopt', 'gindex:1',
'-pkeyopt', 'hexseed:0102030405060708090A0B0C0D0E0F1011121314',
'-pkeyopt', 'pcounter:25',
More information about the openssl-commits
mailing list