Steve Marquess in gmane.comp.encryption.openssl.devel (Wed, 01 Jul 2015 09:53:14 -0400): >On 07/01/2015 02:24 AM, Patil, Ashwini IN BLR STS wrote: >> Hello All, >> >> Please let me know if openssl-1.0.2c include FIPS 140-2 Object Module. >> Also please explain how to validate the application. > >This question would be more appropriate for the openssl-users list. The >-dev list is for OpenSSL development issues, not for basic usage questions.
Patil has a point, because FIPS 140-2 building on Windows is broken since the introduction of applink.c. The generated fips_premain_dso.exe fails during the building process: link /nologo /subsystem:console /opt:ref /debug /dll /fixed /map /base:0xFB00000 /out:out32dll\libeay32.dll /def:ms/LIBEAY32.def @D:\Temp\nmB1D5.tmp Creating library out32dll\libeay32.lib and object out32dll\libeay32.exp out32dll\fips_premain_dso.exe out32dll\libeay32.dll OPENSSL_Uplink(00CBB000,08): no OPENSSL_Applink Get hash failure at \usr\local\ssl\fips-2.0\bin\fipslink.pl line 60. NMAKE : fatal error U1077: 'C:\Perl64\bin\perl.EXE' : return code '0x1' Outside of the building script the error is the same C:\openssl>out32dll\fips_premain_dso.exe out32dll\libeay32.dll OPENSSL_Uplink(010CB000,08): no OPENSSL_Applink Solution: fips/fips_premain.c in the FIPS sources should include applink.c on Windows I managed to build a fips_premain_dso.exe with Applink and use that to create Openssl 1.0.2d fips, but this was certainly not without breaking the FIPS rules. It is time for openssl-fips-2.0.10 -- Jan _______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
