From b03ec3b5d62ee26bf8437556b9040d4141d5bdd8 Mon Sep 17 00:00:00 2001
From: Shane Lontis <shane.lontis@oracle.com>
Date: Wed, 15 Apr 2020 21:02:52 +1000
Subject: Add DSA keygen to provider

Moved some shared FFC code into the FFC files.
Added extra paramgen parameters for seed, gindex.
Fixed bug in ossl_prov util to print bignums.

Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11303)
---
 crypto/dsa/dsa_key.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

(limited to 'crypto/dsa/dsa_key.c')

diff --git a/crypto/dsa/dsa_key.c b/crypto/dsa/dsa_key.c
index 2dec35f28f..1d625272e5 100644
--- a/crypto/dsa/dsa_key.c
+++ b/crypto/dsa/dsa_key.c
@@ -21,6 +21,12 @@
 #include "crypto/dsa.h"
 #include "dsa_local.h"
 
+#ifdef FIPS_MODE
+# define MIN_STRENGTH 112
+#else
+# define MIN_STRENGTH 80
+#endif
+
 static int dsa_keygen(DSA *dsa, int pairwise_test);
 static int dsa_keygen_pairwise_test(DSA *dsa, OSSL_CALLBACK *cb, void *cbarg);
 
@@ -69,7 +75,7 @@ static int dsa_keygen(DSA *dsa, int pairwise_test)
     }
 
     if (!ffc_generate_private_key(ctx, &dsa->params, BN_num_bits(dsa->params.q),
-                                  112, priv_key))
+                                  MIN_STRENGTH, priv_key))
         goto err;
 
     if (dsa->pub_key == NULL) {
-- 
cgit v1.2.3