From: Dimitri John Ledkov <dimitri.ledkov@surgut.co.uk>
Date: Wed, 14 Jan 2026 21:08:42 +0000 (+0000)
Subject: fips: Upgrade KAT ECDSA curves to minimum 128bits
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b2ecef451ccede07366023da4553f113f6e4fe71;p=thirdparty%2Fopenssl.git

fips: Upgrade KAT ECDSA curves to minimum 128bits

Upgrade prime ECDSA self tests from secp224r1 to prime256v1.
Upgrade binary ECDSA self tests from sect233r1 to sect283r1.

This is forward looking change to allow raising the lower bound in
ossl_ec_check_security_strength() /
OSSL_FIPS_MIN_SECURITY_STRENGTH_BITS in case legacy/deprecated
behaviour is not needed to be supported (for example builds with
support for primary curves only of P-256 or higher).

Did a test build to ensure that updating
OSSL_FIPS_MIN_SECURITY_STRENGTH_BITS to 128 passes fips
selftests. Note not currently recommended.

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/29674)
---

diff --git a/providers/fips/self_test_data.inc b/providers/fips/self_test_data.inc
index 4b5160ac23f..4d41126bc75 100644
--- a/providers/fips/self_test_data.inc
+++ b/providers/fips/self_test_data.inc
@@ -1620,43 +1620,46 @@ static const unsigned char rsa_asym_expected_encrypt[256] = {
 
 #ifndef OPENSSL_NO_EC
 /* ECDSA key data */
-static const char ecd_prime_curve_name[] = "secp224r1";
+static const char ecd_prime_curve_name[] = "prime256v1";
 static const unsigned char ecd_prime_priv[] = {
-    0x98, 0x1f, 0xb5, 0xf1, 0xfc, 0x87, 0x1d, 0x7d,
-    0xde, 0x1e, 0x01, 0x64, 0x09, 0x9b, 0xe7, 0x1b,
-    0x9f, 0xad, 0x63, 0xdd, 0x33, 0x01, 0xd1, 0x50,
-    0x80, 0x93, 0x50, 0x30
+    0x9a, 0x98, 0xc3, 0x61, 0x56, 0xee, 0xe8, 0x27,
+    0xc3, 0x9c, 0x3d, 0xfc, 0x27, 0x05, 0x7a, 0x0d,
+    0x5a, 0x99, 0xd8, 0x24, 0xd9, 0xc5, 0x34, 0xff,
+    0xe1, 0xc1, 0x5d, 0x40, 0x1c, 0x66, 0x00, 0x17
 };
 static const unsigned char ecd_prime_pub[] = {
-    0x04, 0x95, 0x47, 0x99, 0x44, 0x29, 0x8f, 0x51,
-    0x39, 0xe2, 0x53, 0xec, 0x79, 0xb0, 0x4d, 0xde,
-    0x87, 0x1a, 0x76, 0x54, 0xd5, 0x96, 0xb8, 0x7a,
-    0x6d, 0xf4, 0x1c, 0x2c, 0x87, 0x91, 0x5f, 0xd5,
-    0x31, 0xdd, 0x24, 0xe5, 0x78, 0xd9, 0x08, 0x24,
-    0x8a, 0x49, 0x99, 0xec, 0x55, 0xf2, 0x82, 0xb3,
-    0xc4, 0xb7, 0x33, 0x68, 0xe4, 0x24, 0xa9, 0x12,
-    0x82
+    0x04, 0x17, 0xcc, 0x94, 0xc3, 0x83, 0x0b, 0xb9,
+    0x59, 0xbc, 0xf3, 0x09, 0x20, 0x05, 0xdf, 0x5e,
+    0x45, 0x5f, 0x1e, 0x5e, 0x5b, 0x57, 0x19, 0xb3,
+    0x47, 0x2e, 0xc7, 0x29, 0x43, 0xef, 0x17, 0xe2,
+    0x7c, 0xdc, 0x18, 0xf5, 0xc3, 0xf7, 0x77, 0xb5,
+    0x0c, 0xff, 0x44, 0x12, 0x8b, 0x44, 0x33, 0x5f,
+    0x87, 0x17, 0xb2, 0x55, 0xd8, 0x9e, 0xb2, 0xb8,
+    0x85, 0x19, 0x12, 0x99, 0x5b, 0xcf, 0x73, 0x80,
+    0xdf
 };
 static const unsigned char ecdsa_prime_expected_sig[] = {
-    0x30, 0x3d, 0x02, 0x1c, 0x48, 0x4f, 0x3c, 0x97,
-    0x5b, 0xfa, 0x40, 0x6c, 0xdb, 0xd6, 0x70, 0xb5,
-    0xbd, 0x2d, 0xd0, 0xc6, 0x22, 0x93, 0x5a, 0x88,
-    0x56, 0xd0, 0xaf, 0x0a, 0x94, 0x92, 0x20, 0x01,
-    0x02, 0x1d, 0x00, 0xa4, 0x80, 0xe0, 0x47, 0x88,
-    0x8a, 0xef, 0x2a, 0x47, 0x9d, 0x81, 0x9a, 0xbf,
-    0x45, 0xc3, 0x6f, 0x9e, 0x2e, 0xc1, 0x44, 0x9f,
-    0xfd, 0x79, 0xdb, 0x90, 0x3e, 0xb9, 0xb2
+    0x30, 0x46, 0x02, 0x21, 0000, 0xa8, 0x6b, 0xdb,
+    0x4e, 0xed, 0x9f, 0xd5, 0x5f, 0x62, 0x34, 0xd3,
+    0xd1, 0x4e, 0xed, 0xdf, 0x17, 0xaa, 0x9a, 0xd5,
+    0x6c, 0xa1, 0xee, 0x29, 0x39, 0x34, 0x03, 0x82,
+    0x83, 0x93, 0x6e, 0x4a, 0xc9, 0x02, 0x21, 0000,
+    0xd2, 0xed, 0x1e, 0x76, 0x75, 0x51, 0xa4, 0x38,
+    0x78, 0x98, 0xec, 0x9d, 0x03, 0x34, 0xae, 0xe8,
+    0x0f, 0x94, 0x8c, 0xc3, 0x68, 0xdb, 0xf1, 0xa8,
+    0x40, 0xde, 0x71, 0x07, 0x8b, 0x42, 0x14, 0xd9
 };
 #ifndef OPENSSL_NO_HMAC_DRBG_KDF
 static const unsigned char ecdsa_prime_expected_detsig[] = {
-    0x30, 0x3c, 0x02, 0x1c, 0x6a, 0x6d, 0x2c, 0x88,
-    0x2b, 0xe5, 0x6b, 0xe6, 0xb1, 0x28, 0xe7, 0xa8,
-    0xbd, 0xca, 0x2e, 0xad, 0x22, 0x22, 0x8d, 0xe0,
-    0xd6, 0x83, 0x5b, 0xc9, 0x5b, 0x5f, 0x06, 0x2e,
-    0x02, 0x1c, 0x71, 0xec, 0x10, 0x8e, 0x31, 0x5d,
-    0xfc, 0x16, 0xed, 0x9d, 0x7d, 0x9b, 0x42, 0x5e,
-    0xf9, 0x16, 0xe6, 0x06, 0xa5, 0xf0, 0x94, 0x2f,
-    0x57, 0xf1, 0x7e, 0xf2, 0x16, 0x76
+    0x30, 0x44, 0x02, 0x20, 0x7f, 0x21, 0x74, 0x46,
+    0x56, 0x3b, 0x20, 0x19, 0xae, 0xd1, 0x0f, 0xa1,
+    0xef, 0x01, 0x76, 0xaf, 0x9b, 0x77, 0xe0, 0x7e,
+    0xef, 0xbb, 0x5e, 0x22, 0x37, 0xdd, 0x91, 0x27,
+    0xfe, 0x96, 0x5a, 0x54, 0x02, 0x20, 0x68, 0x0a,
+    0xb2, 0xe3, 0x84, 0xe2, 0x09, 0x08, 0x4b, 0x1a,
+    0x81, 0x7d, 0xdc, 0xb6, 0xcd, 0x95, 0x03, 0x9c,
+    0xc3, 0x9d, 0xbe, 0x49, 0xc3, 0x97, 0x22, 0xe6,
+    0x8e, 0xb4, 0x34, 0xfd, 0x79, 0xa8
 };
 #endif
 static const ST_KAT_PARAM ecdsa_prime_key[] = {
@@ -1673,33 +1676,37 @@ static const ST_KAT_PARAM ecdsa_sig_params[] = {
 };
 
 # ifndef OPENSSL_NO_EC2M
-static const char ecd_bin_curve_name[] = "sect233r1";
+static const char ecd_bin_curve_name[] = "sect283r1";
 static const unsigned char ecd_bin_priv[] = {
-    0x00, 0x6d, 0xd6, 0x39, 0x9d, 0x2a, 0xa2, 0xc8,
-    0x8c, 0xfc, 0x7b, 0x80, 0x66, 0xaa, 0xe1, 0xaa,
-    0xba, 0xee, 0xcb, 0xfd, 0xc9, 0xe5, 0x36, 0x38,
-    0x2e, 0xf7, 0x37, 0x6d, 0xd3, 0x20
+    0x03, 0x6f, 0x76, 0x1e, 0x13, 0x62, 0xee, 0x8f,
+    0xd0, 0x86, 0x5e, 0x9c, 0xbc, 0x00, 0x19, 0xbd,
+    0x11, 0x73, 0xc7, 0xec, 0x46, 0x1f, 0xea, 0x11,
+    0x97, 0x24, 0x06, 0xfe, 0x63, 0xf5, 0xd6, 0x2d,
+    0xa7, 0x67, 0xc3, 0xec,
 };
 static const unsigned char ecd_bin_pub[] = {
-    0x04, 0x00, 0x06, 0xe2, 0x56, 0xf7, 0x37, 0xf9,
-    0xea, 0xb6, 0xd1, 0x0f, 0x59, 0xfa, 0x23, 0xc3,
-    0x93, 0xa8, 0xb2, 0x26, 0xe2, 0x5c, 0x08, 0xbe,
-    0x63, 0x49, 0x26, 0xdc, 0xc7, 0x1e, 0x6f, 0x01,
-    0x32, 0x3b, 0xe6, 0x54, 0x8d, 0xc1, 0x13, 0x3e,
-    0x54, 0xb2, 0x66, 0x89, 0xb2, 0x82, 0x0a, 0x72,
-    0x02, 0xa8, 0xe9, 0x6f, 0x54, 0xfd, 0x3a, 0x6b,
-    0x99, 0xb6, 0x8f, 0x80, 0x46
+    0x04, 0x06, 0x2c, 0xfb, 0xb6, 0xce, 0xcc, 0x78,
+    0xc3, 0xb1, 0xb0, 0xbc, 0xe9, 0xf9, 0x3c, 0xbb,
+    0xd0, 0x59, 0x75, 0x89, 0x0c, 0x22, 0xa2, 0xa6,
+    0xfe, 0x40, 0x09, 0x79, 0x73, 0x61, 0000, 0x93,
+    0x49, 0x43, 0x43, 0xb6, 0xe2, 0x07, 0xc7, 0x20,
+    0x67, 0x76, 0x2b, 0x9d, 0x1e, 0x92, 0x3c, 0x7d,
+    0x95, 0x22, 0x87, 0xa0, 0x90, 0x1a, 0xd3, 0x7c,
+    0xd8, 0x37, 0x3e, 0x61, 0x41, 0x3c, 0x8a, 0x7c,
+    0x8d, 0x9a, 0x14, 0x71, 0xaa, 0xa0, 0xad, 0x4a,
+    0xc7,
 };
 static const unsigned char ecdsa_bin_expected_sig[] = {
-    0x30, 0x3f, 0x02, 0x1d, 0x58, 0xe9, 0xd0, 0x84,
-    0x5c, 0xad, 0x29, 0x03, 0xf6, 0xa6, 0xbc, 0xe0,
-    0x24, 0x6d, 0x9e, 0x79, 0x5d, 0x1e, 0xe8, 0x5a,
-    0xc3, 0x31, 0x0a, 0xa9, 0xfb, 0xe3, 0x99, 0x54,
-    0x11, 0x02, 0x1e, 0x00, 0xa3, 0x44, 0x28, 0xa3,
-    0x70, 0x97, 0x98, 0x17, 0xd7, 0xa6, 0xad, 0x91,
-    0xaf, 0x41, 0x69, 0xb6, 0x06, 0x99, 0x39, 0xc7,
-    0x63, 0xa4, 0x6a, 0x81, 0xe4, 0x9a, 0x9d, 0x15,
-    0x8b
+    0x30, 0x4c, 0x02, 0x24, 0x02, 0xc5, 0x63, 0xe8,
+    0x01, 0x6d, 0x1d, 0xa6, 0xf3, 0x14, 0x01, 0x54,
+    0x50, 0xe0, 0x65, 0x65, 0x55, 0xb6, 0x3c, 0xc1,
+    0xf1, 0xfa, 0x27, 0xfd, 0x97, 0xfd, 0x6e, 0x57,
+    0xa6, 0x17, 0x6d, 0xf9, 0xf5, 0x1c, 0xdc, 0x49,
+    0x02, 0x24, 0x01, 0xa5, 0xfb, 0x75, 0x5e, 0xc4,
+    0xd3, 0xeb, 0x1a, 0xad, 0xb7, 0x08, 0xc3, 0x1e,
+    0xb8, 0xe3, 0x1c, 0x94, 0x5a, 0xd6, 0x50, 0xb8,
+    0x77, 0x0b, 0xd7, 0xad, 0x1d, 0x06, 0x64, 0x15,
+    0xca, 0x20, 0xae, 0xf3, 0x4d, 0x54,
 };
 static const ST_KAT_PARAM ecdsa_bin_key[] = {
     ST_KAT_PARAM_UTF8STRING(OSSL_PKEY_PARAM_GROUP_NAME, ecd_bin_curve_name),