FIPS 140-2 patch for openssh 6.3.p1

Damien Miller djm at mindrot.org
Fri Oct 25 10:26:19 EST 2013


On Thu, 24 Oct 2013, Joseph, Binny Kallarackal (MCOU) wrote:

> Hi,
> 
> As per the FIPS patch http://www.openssl.com/export/openssh/openssh-6.0p1.fips-revised.patch
> 
> , the cipher_set_key_string() in cipher.c replaces MD5 calls with  EVP_Digest() as given below:
> 
>                  "if (EVP_Digest(passphrase, strlen(passphrase), digest, NULL, EVP_md5(), NULL) <= 0)"
>
> Since OpenSSL does not support EVP_md5() in FIPS mode, should this be
> replaced with EVP_sha1() or another FIPS compliant call inside the
> above EVP_Digest() ?

That's only used by SSH protocol 1. MD5 is so baked into that protocol that
I don't think it would be possible to run it while complying with FIPS.
You should probably just comment it out or define an EVP_md5() that
calls fatal().

-d


More information about the openssh-unix-dev mailing list