dh: make parameters conditional on FIPS

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28243)

diff --git a/providers/implementations/exchange/dh_exch.c.in b/providers/implementations/exchange/dh_exch.c.in
index 1ecfff479d94c7c7cba08e8c53981c79d652a1c8..3520ee87def5498eb4165d8f2069c637f25b38e8 100644 (file)
--- a/providers/implementations/exchange/dh_exch.c.in
+++ b/providers/implementations/exchange/dh_exch.c.in
@@ -349,8 +349,8 @@ err:
                           ['EXCHANGE_PARAM_KDF_OUTLEN',        'len',    'size_t'],
                           ['EXCHANGE_PARAM_KDF_UKM',           'ukm',    'octet_string'],
                           ['KDF_PARAM_CEK_ALG',                'cekalg', 'utf8_string'],
-                          ['EXCHANGE_PARAM_FIPS_KEY_CHECK',    'ind_k',  'int'],
-                          ['EXCHANGE_PARAM_FIPS_DIGEST_CHECK', 'ind_d',  'int'],
+                          ['EXCHANGE_PARAM_FIPS_KEY_CHECK',    'ind_k',  'int', 'fips'],
+                          ['EXCHANGE_PARAM_FIPS_DIGEST_CHECK', 'ind_d',  'int', 'fips'],
                          )); -}
 
 static int dh_set_ctx_params(void *vpdhctx, const OSSL_PARAM params[])
@@ -471,7 +471,7 @@ static const OSSL_PARAM *dh_settable_ctx_params(ossl_unused void *vpdhctx,
                           ['EXCHANGE_PARAM_KDF_OUTLEN',         'len',    'size_t'],
                           ['EXCHANGE_PARAM_KDF_UKM',            'ukm',    'octet_ptr'],
                           ['KDF_PARAM_CEK_ALG',                 'cekalg', 'utf8_string'],
-                          ['ALG_PARAM_FIPS_APPROVED_INDICATOR', 'ind',    'int'],
+                          ['ALG_PARAM_FIPS_APPROVED_INDICATOR', 'ind',    'int', 'fips'],
                          )); -}
 
 static const OSSL_PARAM *dh_gettable_ctx_params(ossl_unused void *vpdhctx,