On Mon, Oct 11, 2010, Ronald Wahl wrote: > Hi, > > I'm currently trying to cross compile openssl-fips-1.2 for arm-linux on a > x86 host. This does abort at a certain point. The problem has been already > reported and solutions are provided. See here: > > http://www.mail-archive.com/[email protected]/msg59904.html > > I have not tried the solutions yet but my question is: If I do so - is the > resulting module still FIPS compliant? The according SecurityPolicy > document contains the statement: > > "Note that failure to use one of the specified commands sets exactly > as shown will result in a module that cannot be considered compliant > with FIPS 140-2." > > So my current assumption is that we probably could build the module but you > can't actually call it FIPS compliant anymore which makes it rather > useless. Is this correct? >
The result *is* FIPS compliant: a change leter specifically supports cross compilation as long as you use the specified commands. You should be able to use them unmodified (using incore or a copying script) though you many need to change the environment variables to match the target system. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [email protected] Automated List Manager [email protected]
