I am attempting to build a FIPS-capable Openssl for an XScale processor
(ARMV4I) running under Windows CE 5.0 (using openssl-1.0.1c and
openssl-fips-2.0.1)
The following is an excerpt of the build messages:
perl C:\nan\gem\iStar\Encryption\openssl_fips\util\msincore -dso
Andy,
Thank you for the response!
I am a bit confused. The process is using fipslink.pl to perform the
linking. I thought that was the correct process to cross compile on x86
Windows XP system for a Windows CE ARM system. BTW, I am just using the
provided process to build the FIPS capable
I am a bit confused. The process is using fipslink.pl to perform the
linking. I thought that was the correct process to cross compile on x86
Windows XP system for a Windows CE ARM system. BTW, I am just using the
provided process to build the FIPS capable OpenSSl using the perl
Configure
On Thu, Oct 18, 2012, Andy Polyakov wrote:
Has this been done successfully for Windows CE?
Yes, but not with dll. Even though do_fips.bat from FIPS module
source refers to cedll.mak, validation is performed with statically
linked applications. Probably one shouldn't have referred to
Has this been done successfully for Windows CE?
Yes, but not with dll. Even though do_fips.bat from FIPS module
source refers to cedll.mak, validation is performed with statically
linked applications. Probably one shouldn't have referred to
cedll.mak to avoid confusion. I don't know all the
Our other option would be to build a statically link application,
although I am still not sure how to generate the signature and link it
into the app in a cross-compile (Platform Builder) environment.
fipslink.pl can handle even statically linked applications. My #1
comment from first letter
Hi Fedor,
Thanks for valuable contribution!
About your second patch: could you please advice, what the intended way
to use BIO_TYPE_NO_EX_DATA in real-life applications?
For example TSL-server. Do you have any numbers on performance gain when
using this approach?
Hi,
OpenSSL enables zlib by default.
Could you please advice for what version and platform this is true?
openssl-1.0.1c for linux-elf
has no-zlib configured by default.