[Bug 1987] New: FIPS signature verification incompatibility with openssl versions > 0.9.8q

Sat Feb 25 04:48:16 EST 2012

https://bugzilla.mindrot.org/show_bug.cgi?id=1987

             Bug #: 1987
           Summary: FIPS signature verification incompatibility with
                    openssl versions > 0.9.8q
    Classification: Unclassified
           Product: Portable OpenSSH
           Version: 5.9p1
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: normal
          Priority: P2
         Component: ssh
        AssignedTo: unassigned-bugs at mindrot.org
        ReportedBy: kak at cisco.com

Created attachment 2135
  --> https://bugzilla.mindrot.org/attachment.cgi?id=2135
Suggested patch

When building openssh with openssl library with FIPS (specifically
versions newer than openssl 0.9.8q), there is an issue if FIPS mode is
active for openssl.  In ssh-rsa.c on line 243 RSA_public_decrypt is
called, which is disallowed now in openssl (if in FIPS mode).  The
library requires applications to use the EVP API if running in FIPS
mode so it can disallow certain cipher suites and hash algorithms that
are not considered FIPS compliant.  The user experience is that the
scp/ssh client fails because RSA_public_decrypt just returns null if
FIPS mode is active in openssl > 0.9.8q.

The reference below states that there is a patch, but I cannot find it
so I am submitting my own for review.

References:
http://www.mail-archive.com/openssl-users@openssl.org/msg63512.html

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.