Mailing List Archive

FIPS fix for signature verification in ssh-rsa.c
code version referenced: openssh-5.9p1

Hi all,

When building openssh with openssl (specifically versions newer than openssl 0.9.8q), there is an issue if FIPS mode is active for openssl. In ssh-rsa.c on line 243 RSA_public_decrypt is called, which is disallowed now in openssl (if in FIPS mode). The library requires appliactions to use the EVP API if running in FIPS mode so it can disallow certain cipher suites and hash algorithms that are not considered FIPS compliant. The user experience is that the scp/ssh client fails because RSA_public_decrypt just returns null if FIPS mode is active in openssl > 0.9.8q.

I have a fix, essentially just check for FIPS mode in ssh-rsa.c and appropriately call a new function which uses the EVP API of openssl. I'll be putting this fix in the fedora based rpm we're using in our appliance based product, but also wanted to offer the fix here so it can propogate to future linux distro releases.

This is my first source modification of openssh so I'm not sure what I need to do to get approval/acceptance of the change or how to commit it, please let me know what the process is...

thanks,

Keith



_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
Re: FIPS fix for signature verification in ssh-rsa.c [ In reply to ]
On Thu, 23 Feb 2012, Keith Kaple wrote:

> code version referenced: openssh-5.9p1
>
> Hi all,
>
> When building openssh with openssl (specifically versions newer
> than openssl 0.9.8q), there is an issue if FIPS mode is active for
> openssl. In ssh-rsa.c on line 243 RSA_public_decrypt is called, which
> is disallowed now in openssl (if in FIPS mode). The library requires
> appliactions to use the EVP API if running in FIPS mode so it can
> disallow certain cipher suites and hash algorithms that are not
> considered FIPS compliant. The user experience is that the scp/ssh
> client fails because RSA_public_decrypt just returns null if FIPS mode
> is active in openssl > 0.9.8q.
>
> I have a fix, essentially just check for FIPS mode in ssh-rsa.c and
> appropriately call a new function which uses the EVP API of openssl.
> I'll be putting this fix in the fedora based rpm we're using in our
> appliance based product, but also wanted to offer the fix here so it
> can propogate to future linux distro releases.
>
> This is my first source modification of openssh so I'm not sure what I
> need to do to get approval/acceptance of the change or how to commit
> it, please let me know what the process is...

The usual way is to post the patch to https://bugzilla.mindrot.org in a
new bug. We'll (eventually) get to looking at it.

-d
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev