RSA_public_decrypt and FIPS

Christian S. Perone christian.perone at
Fri Aug 19 02:47:55 EST 2011

Does anyone knows if there is a patch for OpenSSH in order to make it work
with 0.9.8r OpenSSL in FIPS Mode ?
I'm having problem with the RSA_public_decrypt() function that is failing in
FIPS Mode, I changed it to use RSA_verify instead and setting the flag
"RSA_FLAG_NON_FIPS_ALLOW", and it's working fine now, but I'm not sure if
this is allowed in FIPS Mode, does anyone knows something about that ? I
read something about the use of EVP_Verify* functions, is there any patch
for this ?

Great thanks !
"Forgive, O Lord, my little jokes on Thee, and I'll forgive Thy great big
joke on me."

More information about the openssh-unix-dev mailing list