From e0fbba0939c9aec3863d2ec960d34b9ed7ae76ca Mon Sep 17 00:00:00 2001
From: David Benjamin <davidben@google.com>
Date: Thu, 29 Sep 2022 10:28:28 -0400
Subject: [PATCH] crypto: use EVP_PKEY_CTX_set_dsa_paramgen_q_bits when
 available
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This matches the formulation described in the documentation:
https://www.openssl.org/docs/man3.0/man3/EVP_PKEY_CTX_set_dsa_paramgen_q_bits.html

It is also, starting OpenSSL 3.0, more type-safe because the wrapper
macros were finally converted to real functions. In OpenSSL 3.0, it is
also no longer quite a wrapper over EVP_PKEY_CTX_ctrl, so using this
name saves some extra OSSL_PARAM <-> EVP_PKEY_CTRL conversions.

Alas, it was only backported to OpenSSL 1.1.1e, so I've left a temporary
compatibility define until you all decide to drop pre-1.1.1e releases of
1.1.1.

PR-URL: https://github.com/nodejs/node/pull/44561
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
---
 src/crypto/crypto_dsa.cc | 20 +++++++++++++-------
 1 file changed, 13 insertions(+), 7 deletions(-)

diff --git a/src/crypto/crypto_dsa.cc b/src/crypto/crypto_dsa.cc
index c7894baf00ee9c..862c091b05f588 100644
--- a/src/crypto/crypto_dsa.cc
+++ b/src/crypto/crypto_dsa.cc
@@ -12,6 +12,17 @@
 
 #include <cstdio>
 
+// EVP_PKEY_CTX_set_dsa_paramgen_q_bits was added in OpenSSL 1.1.1e.
+#if OPENSSL_VERSION_NUMBER < 0x1010105fL
+#define EVP_PKEY_CTX_set_dsa_paramgen_q_bits(ctx, qbits)                       \
+  EVP_PKEY_CTX_ctrl((ctx),                                                     \
+                    EVP_PKEY_DSA,                                              \
+                    EVP_PKEY_OP_PARAMGEN,                                      \
+                    EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS,                         \
+                    (qbits),                                                   \
+                    nullptr)
+#endif
+
 namespace node {
 
 using v8::FunctionCallbackInfo;
@@ -39,13 +50,8 @@ EVPKeyCtxPointer DsaKeyGenTraits::Setup(DsaKeyPairGenConfig* params) {
   }
 
   if (params->params.divisor_bits != -1) {
-    if (EVP_PKEY_CTX_ctrl(
-            param_ctx.get(),
-            EVP_PKEY_DSA,
-            EVP_PKEY_OP_PARAMGEN,
-            EVP_PKEY_CTRL_DSA_PARAMGEN_Q_BITS,
-            params->params.divisor_bits,
-            nullptr) <= 0) {
+    if (EVP_PKEY_CTX_set_dsa_paramgen_q_bits(
+            param_ctx.get(), params->params.divisor_bits) <= 0) {
       return EVPKeyCtxPointer();
     }
   }