Hello. Here's my question in a nutshell: I would like to use OpenSSL in FIPS mode from an Android app. I know that I can use the NDK to build a native shared library (.so), and use JNI to load and call into that library from the Java app. Is it possible to enter FIPS mode with that arrangement? Or would it be better to write a pure-native Android executable to use OpenSSL, and use an IPC mechanism to call into it from the Java app?
Additional details: using the instructions at http://stackoverflow.com/questions/11091905/android-build-openssl-fips-2-0, I have built the FIPS module and a libcrypto.a static library for Android. Using the NDK, I am able to link that static library and my C code to create a shared library. From Java code, I can load and call into the shared library with the JNI, and the shared library can call into OpenSSL. Regular functions work fine, but when I try to set FIPS mode, it fails because the fingerprint check failed. Is there a way to embed the fingerprint into the shared library? Or can the fingerprint only be embedded in executables? Any help is appreciated. Thank you. Jason Knight, Citrix ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
