RSA_public_decrypt and FIPS

Jan F. Chadima jchadima at
Fri Aug 26 05:52:15 EST 2011

On Aug 18, 2011, at 6:47 PM, Christian S. Perone wrote:

> Does anyone knows if there is a patch for OpenSSH in order to make it work
> with 0.9.8r OpenSSL in FIPS Mode ?
> I'm having problem with the RSA_public_decrypt() function that is failing in
> FIPS Mode, I changed it to use RSA_verify instead and setting the flag
> "RSA_FLAG_NON_FIPS_ALLOW", and it's working fine now, but I'm not sure if
> this is allowed in FIPS Mode, does anyone knows something about that ? I
> read something about the use of EVP_Verify* functions, is there any patch
> for this ?
> Great thanks !
> -- 
> "Forgive, O Lord, my little jokes on Thee, and I'll forgive Thy great big
> joke on me."
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at

we have the patch in all red hat distributions including fedora

Jan F. Chadima
jchadima at

More information about the openssh-unix-dev mailing list