Steve, Apologies if I got you confused.
I am writing below what I did : =============================== 1. downloaded openssl-fips-2.0.3. 2. exported variables as dictated by user guide and suited for my build enviroment. exported FIPS_SIG=perl mymsincore.pl (I have written mymsincore.pl which calls editbin.exe, that gives the desired base address, followed by msincore script came with openssl-fips) 3. ms\do_ms gave me fipscanister.lib 4. built wcecompat library as stated in user guide. 5. compiled openssl as mentioned in user guide. ===================================== Note that, NONE of the files in openssl-fips-2.0.3 tarball was modified. The only trick I had to use to follow the user guide is the environment variable refers to mymsincore.pl which calls msincore script came with openssl-fips. I guess I am supposed to adapt the environment variable according to my need. kindly let me know if I have created FIPS 140-2 validated binary. Thanks in advance , -Abhijit On Wed, May 29, 2013 at 5:37 PM, Steve Marquess <marqu...@opensslfoundation.com> wrote: > On 05/29/2013 05:40 AM, Abhijit Ray Chaudhury wrote: >> Hi Steve, >> >> Thanks a lot for you clarification. >> >> The user guide states : >> >> ... >> >> >> Now my question is since I have followed following clause: >> --------------------------------------------------------------------------------- >> "...There shall be no additions, deletions or alterations to the tar >> file contents as used during module build..." >> -------------------------------------------------------------------------------- >> >> Is the libeay32.dll thus produced a FIPS140-2 validated module. > > Did you modify the tarball? Yes. Is modifying the tarball allowed? No. > > I didn't write that statement that appears so prominently on the NIST > CMVP web site, but I can't think of a way to state it more clearly. > > You're confusing two different things: the requirements for claiming > FIPS 140-2 validation, and getting the code to run. Most definitely not > the same thing. > > -Steve M. > > -- > Steve Marquess > OpenSSL Software Foundation, Inc. > 1829 Mount Ephraim Road > Adamstown, MD 21710 > USA > +1 877 673 6775 s/b > +1 301 874 2571 direct > marqu...@opensslfoundation.com > marqu...@openssl.com ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
