I apologize in advance if this is all newbie stuff.
General Crypto++ Questions:
1. It is my understanding the Crypto++ library can be compiled on platforms
that support gcc?
2. The FIPS 140-2 certified version of the Crypto++ library is only
available as a DLL on Windows 2K or similar operating systems that can
execute the same binary code?
Custom certification of the Crypto++ Questions:
3. How much am I leaving out or not grasping in the following sequence of
steps to get certification:
a. Cross-compile the Crypto++ library with gcc-arm for the XScale
(Allocate a couple of days to glance over the code, and a
day to get it built -- I am familiar with cross-compilation
to the ARM so that is not a problem)
b. Verify the self-tests are up to date
(A week to read the FIPS tests and compare to the code)
c. Run the self-tests with the current test data
(If all goes well, a day or two)
d. Submit for validation and certification
(no idea how long this takes)
4. It sounds like a lot of documentation is needed: design, state tables,
assumptions... Can I use the same documentation that Crypto++ Library used?
If so where do I find it?
5. What test facility was used? Would it be advantageous for me to use the
same testing facility?
6. Are there problems with using a static library? (Is this about the
single user, Level 1 stuff?)
7. Would I provide hardware with the software embedded in it for the
testing, or just the binary Crypto++ library? I doubt a test facility will
support the OS (Linux on an ARM XScale) that I am using, suggesting that
hardware certification with the software library may be the way to go.
Thanks ahead of time, for your thoughts and answers!
-------------------------------
Philip Vickery
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.784 / Virus Database: 530 - Release Date: 10/27/2004
