Created attachment 939480 [details] test-case to reproduce error Description of problem: There is a DSA KeyPair Generation Algorithm. If I provide seed from this algorithm I must get always constant result. http://docs.oracle.com/javase/7/docs/technotes/guides/security/StandardNames.html#algspec . I wrote minimal test-case. To check this. The test-case always show various wrong key. I obtained the code. Seems provided seed is not used. DSA_generate_parameters thinks seed is bad, so it uses any random seed in really. Version-Release number of selected component (if applicable): openssl-1.0.1e-39.fc20.x86_64 How reproducible: Always Steps to Reproduce: Unpack archive and start build.sh. It compiles minimal test-case and run it. Actual results: Always various. Expected results: Constant key. Additional info: It works in Debian testing, also my QCA unittests passed in build.kde.org environment. In build.kde.org also is used Debian.
The DSA parameter generation in our openssl is replaced by parameter generation based on the current FIPS specification. This means the seed for the older specification cannot be used as you found out. Parameters <2048bits are not sufficiently secure anymore anyway.