]> git.ipfire.org Git - thirdparty/openssl.git/commit
projects / thirdparty / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 6c4e2e5) | patch
Fix DSA/DH so that legacy keys can still be generated by the default provider
authorShane Lontis <shane.lontis@oracle.com>
Tue, 11 Aug 2020 00:15:28 +0000 (10:15 +1000)
committerShane Lontis <shane.lontis@oracle.com>
Mon, 17 Aug 2020 13:40:20 +0000 (23:40 +1000)
commit38145fba0a5f6163743f007dd6c9ba1a1e07e4f4
treeaf3b5a8ae3d4e004bc6452a1ad3cc3ae96bb2941tree
parent6c4e2e52d87d61a6df3ddf5f67c7207387585d6ccommit | diff
Fix DSA/DH so that legacy keys can still be generated by the default provider

Fixes #12589

The 'type' parameter needed to be propagated to the ffc params during keygen,
so that the simple validation of params done during keygen can handle legacy keys for the default provider.
The fips provider ignores this change and only allows fips186-4 approved sizes.

Reviewed-by: Nicola Tuveri <nic.tuv@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/12623)
crypto/ffc/ffc_params.c diff | blob | blame | history
crypto/ffc/ffc_params_validate.c diff | blob | blame | history
include/internal/ffc.h diff | blob | blame | history
providers/implementations/keymgmt/dh_kmgmt.c diff | blob | blame | history
providers/implementations/keymgmt/dsa_kmgmt.c diff | blob | blame | history
test/recipes/15-test_gendsa.t diff | blob | blame | history
Mirror of https://github.com/openssl/openssl.git