MEDIUM: ssl: set FIPS-approved sigalgs defaults for AWS-LC FIPS builds

When AWS-LC is built in FIPS mode, unconditionally override the
compile-time signature algorithm defaults with the FIPS-approved set
before config parsing. Explicit ssl-default-{bind,server}-sigalgs
keywords in the global section still take precedence over these
defaults.

The approved set is defined as macros in include/haproxy/defaults.h
alongside the existing CONNECT/LISTEN_DEFAULT_FIPS_CIPHERS family:
  CONNECT/LISTEN_DEFAULT_FIPS_SIGALGS        - ECDSA (P-256/384/521),
                                               RSA-PSS and RSA-PKCS1
                                               with SHA-256/384/512
  CONNECT/LISTEN_DEFAULT_FIPS_CLIENT_SIGALGS - same set for client
                                               certificate sigalgs

SHA-1 based algorithms and non-FIPS primitives (ed25519, ed448) are
excluded from the defaults.
This commit is contained in:
William Lallemand 2026-06-30 13:37:27 +00:00
parent 6647a59f06
commit 1aee4ccd25
2 changed files with 39 additions and 0 deletions

View file

@ -469,6 +469,35 @@
#define LISTEN_DEFAULT_FIPS_CURVES "P-256:P-384:P-521"
#endif
/* FIPS-approved signature algorithms for AWS-LC FIPS builds */
#ifndef CONNECT_DEFAULT_FIPS_SIGALGS
#define CONNECT_DEFAULT_FIPS_SIGALGS \
"ecdsa_secp256r1_sha256:ecdsa_secp384r1_sha384:ecdsa_secp521r1_sha512:" \
"rsa_pss_rsae_sha256:rsa_pss_rsae_sha384:rsa_pss_rsae_sha512:" \
"rsa_pkcs1_sha256:rsa_pkcs1_sha384:rsa_pkcs1_sha512"
#endif
#ifndef LISTEN_DEFAULT_FIPS_SIGALGS
#define LISTEN_DEFAULT_FIPS_SIGALGS \
"ecdsa_secp256r1_sha256:ecdsa_secp384r1_sha384:ecdsa_secp521r1_sha512:" \
"rsa_pss_rsae_sha256:rsa_pss_rsae_sha384:rsa_pss_rsae_sha512:" \
"rsa_pkcs1_sha256:rsa_pkcs1_sha384:rsa_pkcs1_sha512"
#endif
#ifndef CONNECT_DEFAULT_FIPS_CLIENT_SIGALGS
#define CONNECT_DEFAULT_FIPS_CLIENT_SIGALGS \
"ecdsa_secp256r1_sha256:ecdsa_secp384r1_sha384:ecdsa_secp521r1_sha512:" \
"rsa_pss_rsae_sha256:rsa_pss_rsae_sha384:rsa_pss_rsae_sha512:" \
"rsa_pkcs1_sha256:rsa_pkcs1_sha384:rsa_pkcs1_sha512"
#endif
#ifndef LISTEN_DEFAULT_FIPS_CLIENT_SIGALGS
#define LISTEN_DEFAULT_FIPS_CLIENT_SIGALGS \
"ecdsa_secp256r1_sha256:ecdsa_secp384r1_sha384:ecdsa_secp521r1_sha512:" \
"rsa_pss_rsae_sha256:rsa_pss_rsae_sha384:rsa_pss_rsae_sha512:" \
"rsa_pkcs1_sha256:rsa_pkcs1_sha384:rsa_pkcs1_sha512"
#endif
/* named curve used as defaults for ECDHE ciphers */
#ifndef ECDHE_DEFAULT_CURVE
#define ECDHE_DEFAULT_CURVE "prime256v1"

View file

@ -8544,6 +8544,16 @@ static void __ssl_sock_init(void)
global_ssl.listen_default_curves = strdup(LISTEN_DEFAULT_FIPS_CURVES);
free(global_ssl.connect_default_curves);
global_ssl.connect_default_curves = strdup(CONNECT_DEFAULT_FIPS_CURVES);
#if defined(SSL_CTX_set1_sigalgs_list)
free(global_ssl.listen_default_sigalgs);
global_ssl.listen_default_sigalgs = strdup(LISTEN_DEFAULT_FIPS_SIGALGS);
free(global_ssl.connect_default_sigalgs);
global_ssl.connect_default_sigalgs = strdup(CONNECT_DEFAULT_FIPS_SIGALGS);
free(global_ssl.listen_default_client_sigalgs);
global_ssl.listen_default_client_sigalgs = strdup(LISTEN_DEFAULT_FIPS_CLIENT_SIGALGS);
free(global_ssl.connect_default_client_sigalgs);
global_ssl.connect_default_client_sigalgs = strdup(CONNECT_DEFAULT_FIPS_CLIENT_SIGALGS);
#endif
}
#endif /* OPENSSL_IS_AWSLC */