RSA_public_decrypt and FIPS
Jan F. Chadima
jchadima at redhat.com
Fri Aug 26 05:52:15 EST 2011
On Aug 18, 2011, at 6:47 PM, Christian S. Perone wrote:
> Does anyone knows if there is a patch for OpenSSH in order to make it work
> with 0.9.8r OpenSSL in FIPS Mode ?
> I'm having problem with the RSA_public_decrypt() function that is failing in
> FIPS Mode, I changed it to use RSA_verify instead and setting the flag
> "RSA_FLAG_NON_FIPS_ALLOW", and it's working fine now, but I'm not sure if
> this is allowed in FIPS Mode, does anyone knows something about that ? I
> read something about the use of EVP_Verify* functions, is there any patch
> for this ?
>
> Great thanks !
> --
> "Forgive, O Lord, my little jokes on Thee, and I'll forgive Thy great big
> joke on me."
> http://pyevolve.sourceforge.net/wordpress/
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
we have the patch in all red hat distributions including fedora
Jan F. Chadima
jchadima at redhat.com
More information about the openssh-unix-dev
mailing list