In message <[EMAIL PROTECTED]> on Tue, 09 Sep 2003 13:55:43 -0600, "Verdon Walker"
<[EMAIL PROTECTED]> said:
VWalker> I have downloaded the latest FIPS snapshot (9/9) and I have a couple
VWalker> more questions about it:
VWalker>
VWalker> 1) How do I build it? If I just do a "./config" (Linux) and
VWalker> "make", it will build everything, but I'm not sure I'm
VWalker> getting all the FIPS stuff. Do I need to specify
VWalker> something like "./config -DFIPS" to get it to build the
VWalker> FIPS cryptography module?
./config fips
I added the configuration option "fips" when I noticed that just
saying "-DFIPS" wasn't enough.
VWalker> 2) It doesn't appear that optimized assembly code is part of
VWalker> the FIPS module. Is that correct?
That's correct if you use the configuration option "fips". If you
just did './config -DFIPS', you'll get conflicts, or whatever you're
lucky to end up with (you'll see the conflicts if you also use the
configuration option "shared").
VWalker> 3) Once I have the FIPS crypto built, how do I use OpenSSL so
VWalker> that all SSL crypto work is done using that FIPS crypto?
You have to specify a crypto suite that only contains DSA, DES (and
variants thereof, like DES3), AES and SHA1. Those and RAND are all
that are currently implemented as FIPS modules.
--
Richard Levitte \ Tunnlandsv�gen 3 \ [EMAIL PROTECTED]
[EMAIL PROTECTED] \ S-168 36 BROMMA \ T: +46-8-26 52 47
\ SWEDEN \ or +46-708-26 53 44
Procurator Odiosus Ex Infernis -- [EMAIL PROTECTED]
Member of the OpenSSL development team: http://www.openssl.org/
Unsolicited commercial email is subject to an archival fee of $400.
See <http://www.stacken.kth.se/~levitte/mail/> for more info.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
