On Wed, Feb 23, 2011, anmajumd wrote: > > We recently built FIPS compliant openssl 0.9.8q. Earlier we were using > 0.9.8l . With ssh binaries linked to FIPS compliant OpenSSL 0.9.8q, when > running the OpenSSH client, connection setup fails during verification of > the server key. > We did not not run into this SSH issue with 0.9.8l. Has anything changed > between 0.9.8l and 0.9.8q that would cause this? > > The call to OpenSSL that ultimately fails is RSA_public_decrypt(). Has it > somehow been tightened up . >
Yes, you aren't allowed to call RSA_public_decrypt() directly in FIPS mode: instead you have to use the EVP interface for EVP_Verify*(). There is a patch which changes the ssh code to use EVP instead (while still being compatible with other versions of OpenSSL). Due to a bug the restriction wasn't enforced in some versions of OpenSSL. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org