[PHP-BUG] Req #54339 [NEW]: FIPS Support

Mon, 21 Mar 2011 11:21:54 -0700 

From:             
Operating system: Linux - Redhat EL5
PHP version:      5.3.6
Package:          OpenSSL related
Bug Type:         Feature/Change Request
Bug description:FIPS Support

Description:
------------
It appears that there's no FIPS support in the OpenSSL functionality,
correct me 

if I'm wrong. When PHP is operating as a SAPI under Apache2, any calls to 

RSA_public_decrypt causes the following error:



SSL Library Error: 67674254 error:0408A08E:rsa 

routines:RSA_public_decrypt:operation not allowed in fips mode



This is due to the fact that PHP is calling RSA_public_decrypt directly,
which 

isn't allowed when Apache is operating in FIPS mode (see SSLFIPS directive
in the 

Apache2 documentation). The workaround is to use the EVP_Verify* functions
in the 

OpenSSL library - at least that's what I've been reading.



Apache 2.2.17

PHP 5.3.6

OpenSSL 0.9.8r w/OpenSSL FIPS 1.2.2 module


-- 
Edit bug report at http://bugs.php.net/bug.php?id=54339&edit=1
-- 
Try a snapshot (PHP 5.2):            
http://bugs.php.net/fix.php?id=54339&r=trysnapshot52
Try a snapshot (PHP 5.3):            
http://bugs.php.net/fix.php?id=54339&r=trysnapshot53
Try a snapshot (trunk):              
http://bugs.php.net/fix.php?id=54339&r=trysnapshottrunk
Fixed in SVN:                        
http://bugs.php.net/fix.php?id=54339&r=fixed
Fixed in SVN and need be documented: 
http://bugs.php.net/fix.php?id=54339&r=needdocs
Fixed in release:                    
http://bugs.php.net/fix.php?id=54339&r=alreadyfixed
Need backtrace:                      
http://bugs.php.net/fix.php?id=54339&r=needtrace
Need Reproduce Script:               
http://bugs.php.net/fix.php?id=54339&r=needscript
Try newer version:                   
http://bugs.php.net/fix.php?id=54339&r=oldversion
Not developer issue:                 
http://bugs.php.net/fix.php?id=54339&r=support
Expected behavior:                   
http://bugs.php.net/fix.php?id=54339&r=notwrong
Not enough info:                     
http://bugs.php.net/fix.php?id=54339&r=notenoughinfo
Submitted twice:                     
http://bugs.php.net/fix.php?id=54339&r=submittedtwice
register_globals:                    
http://bugs.php.net/fix.php?id=54339&r=globals
PHP 4 support discontinued:          http://bugs.php.net/fix.php?id=54339&r=php4
Daylight Savings:                    http://bugs.php.net/fix.php?id=54339&r=dst
IIS Stability:                       
http://bugs.php.net/fix.php?id=54339&r=isapi
Install GNU Sed:                     
http://bugs.php.net/fix.php?id=54339&r=gnused
Floating point limitations:          
http://bugs.php.net/fix.php?id=54339&r=float
No Zend Extensions:                  
http://bugs.php.net/fix.php?id=54339&r=nozend
MySQL Configuration Error:           
http://bugs.php.net/fix.php?id=54339&r=mysqlcfg

Reply via email to