[openssl-users] [openssl-dev] Low level API call to digest SHA1 forbidden in FIPS mode - within openssl code

Glen Matthews glenm at opentext.com
Wed Mar 23 20:11:34 UTC 2016


Right, sorry about the wrong posting - and thanks.

The message is correct - we got this in the 1.0.2f tree and are still getting in in the 1.0.2g tree.

I notice that in crypto\x509v3\v3_purp.c there is this:

    if (x->ex_flags & EXFLAG_SET)
    X509_digest(x, EVP_sha1(), x->sha1_hash, NULL);

We haven't disabled SHA1 because we need it for our ssh implementation. From what I've been reading, the code should not be calling with EVP_sha1().


From: openssl-dev [mailto:openssl-dev-bounces at openssl.org] On Behalf Of Jeremy Farrell
Sent: Wednesday, March 23, 2016 3:48 PM
To: openssl-users at openssl.org
Cc: openssl-dev at openssl.org
Subject: Re: [openssl-dev] Low level API call to digest SHA1 forbidden in FIPS mode - within openssl code

This is a question about using the OpenSSL libraries; should be in openssl-users, copied and reply-to'd.
On 23/03/2016 17:25, Glen Matthews wrote:
We're receiving this assertion at the start of negotiating an SSL connection:

c:\s\15\src\openssl\build\openssl-1.0.2f\crypto\sha\sha_locl.h(128): OpenSSL internal error, assertion failed: Low level API call to digest SHA1 forbidden in FIPS mode!

I notice the assertion message mentions a header from what looks like a 1.0.2f tree, but the references below are all to a 1.0.2g tree. I've no idea if this is relevant to the problem, but I wonder if this is a self-consistent build of the libraries.

The last 2 lines of this stack trace shows that we are performing a BIO_read at this point.

How can we work around this issue? We're using the self-validated FIPS module and openssl 1.0.2g.


 libeay32f!OPENSSL_showfatal+0x25e [c:\s\15\src\openssl\build\openssl-1.0.2g\crypto\cryptlib.c @ 979]
 libeay32f!OpenSSLDie+0x22 [c:\s\15\src\openssl\build\openssl-1.0.2g\crypto\cryptlib.c @ 1008]
 libeay32f!SHA1_Init+0x33 [c:\s\15\src\openssl\build\openssl-1.0.2g\crypto\sha\sha_locl.h @ 128]
 libeay32f!EVP_DigestInit_ex+0x269 [c:\s\15\src\openssl\build\openssl-1.0.2g\crypto\evp\digest.c @ 241]
 libeay32f!EVP_Digest+0x7a [c:\s\15\src\openssl\build\openssl-1.0.2g\crypto\evp\digest.c @ 359]
 libeay32f!ASN1_item_digest+0x6a [c:\s\15\src\openssl\build\openssl-1.0.2g\crypto\asn1\a_digest.c @ 107]
 libeay32f!X509_digest+0x44 [c:\s\15\src\openssl\build\openssl-1.0.2g\crypto\x509\x_all.c @ 414]
 libeay32f!x509v3_cache_extensions+0x43 [c:\s\15\src\openssl\build\openssl-1.0.2g\crypto\x509v3\v3_purp.c @ 407]
 libeay32f!X509_check_purpose+0x47 [c:\s\15\src\openssl\build\openssl-1.0.2g\crypto\x509v3\v3_purp.c @ 134]
 libeay32f!X509_verify_cert+0x180 [c:\s\15\src\openssl\build\openssl-1.0.2g\crypto\x509\x509_vfy.c @ 249]
 ssleay32f!ssl_verify_cert_chain+0x14a [c:\s\15\src\openssl\build\openssl-1.0.2g\ssl\ssl_cert.c @ 759]
 ssleay32f!ssl3_get_server_certificate+0x1bb [c:\s\15\src\openssl\build\openssl-1.0.2g\ssl\s3_clnt.c @ 1255]
 ssleay32f!ssl3_connect+0x258 [c:\s\15\src\openssl\build\openssl-1.0.2g\ssl\s3_clnt.c @ 345]
 ssleay32f!ssl23_get_server_hello+0x44a [c:\s\15\src\openssl\build\openssl-1.0.2g\ssl\s23_clnt.c @ 799]
 ssleay32f!ssl23_connect+0x1f2 [c:\s\15\src\openssl\build\openssl-1.0.2g\ssl\s23_clnt.c @ 228]
 ssleay32f!ssl23_read+0x44 [c:\s\15\src\openssl\build\openssl-1.0.2g\ssl\s23_lib.c @ 134]
 ssleay32f!ssl_read+0x5e [c:\s\15\src\openssl\build\openssl-1.0.2g\ssl\bio_ssl.c @ 167]
 libeay32f!BIO_read+0xbf [c:\s\15\src\openssl\build\openssl-1.0.2g\crypto\bio\bio_lib.c @ 212]
 hclftpx!CAsyncSslSocketLayer::OnReceive+0x1a8 [c:\s\15\src\montreal\inc\asyncsslsocketlayer.cpp @ 357]


J. J. Farrell

Not speaking for Oracle.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20160323/f86f5196/attachment.html>

More information about the openssl-users mailing list