[External] : Re: DHE key exchange fails with the FIPS provider

Matt Caswell matt at openssl.org
Mon Aug 21 09:44:21 UTC 2023

On 19/08/2023 00:50, Thomas Dwyer III wrote:
> Following up on this, I have legacy applications that are FIPS-enabled 
> with OpenSSL 1.0.2+FOM that I'm porting to OpenSSL 3.x and these 
> applications are failing because of the now-invalid DH parameters that 
> weren't invalid in 1.0.2. I understand that compliance based on whether 
> the parameters are validated using 186-4 vs 186-2 is a question for the 
> FIPS lab rather than the OpenSSL community, but if I wanted to revert 
> back to 186-2 validation in the FIPS provider and submit that to CMVP 
> what would be the best way to achieve this? I see this comment in 
> ffc_params_validate.c directly above the definition of 
> ossl_ffc_params_FIPS186_2_validate():
>      /* This may be used in FIPS mode to validate deprecated FIPS-186-2 
> Params */
>      int ossl_ffc_params_FIPS186_2_validate(OSSL_LIB_CTX *libctx,
>                                             const FFC_PARAMS *params, 
> int type,
>                                             int *res, BN_GENCB *cb)
> but I can't find a codepath through the FIPS provider that gets me 
> there. All of the logic that checks FFC_PARAM_FLAG_VALIDATE_LEGACY is 
> removed when FIPS_MODULE is defined. Is the comment incorrect?

Yes, it looks to me like the comment is incorrect. There are two callers 
of that function, and neither of them seem to be compiled in if 
FIPS_MODULE is defined.


More information about the openssl-users mailing list