RE: Only in FIPS mode: Crash in X509_sign() with memory corruption

. Thanks, Lester -Original Message- From: Memmott, Lester Sent: Friday, February 08, 2013 12:07 PM To: openssl-users@openssl.org Subject: Only in FIPS mode: Crash in X509_sign() with memory corruption I'm hoping someone has some insight into what I'm doing wrong or if I've just bumped up

Only in FIPS mode: Crash in X509_sign() with memory corruption

I'm hoping someone has some insight into what I'm doing wrong or if I've just bumped up against a bug. I'm using Visual Studio 2008 on Windows 8 and am in the process of running existing code with FIPS enabled. As expected a few things don't work, but in this case, I'm a bit stumped. I've

RE: fipslink

[mailto:owner-openssl-us...@openssl.org] On Behalf Of Jeffrey Walton Sent: Wednesday, February 06, 2013 2:59 PM To: openssl-users@openssl.org Subject: Re: fipslink On Wed, Feb 6, 2013 at 2:40 PM, Memmott, Lester lester.memm...@landesk.com wrote: Jon, I’m having trouble with fipslink as well

RE: fipslink

is the same place you get to. I can't really copy my make files because they are on a secure system, so I have to type everything here. Thanks, -Jon -Original Message- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Memmott, Lester Sent: Wednesday

RE: fipslink

, Lester -Original Message- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Dr. Stephen Henson Sent: Thursday, February 07, 2013 8:00 AM To: openssl-users@openssl.org Subject: Re: fipslink On Wed, Feb 06, 2013, Memmott, Lester wrote: Jon, I

RE: fipslink

Dr Henson, Excellent! Thanks for clarifying that for us! Jon, I'm using dynamic openssl libraries so I have no need pursue this further. If you still do, good luck! Thanks, Lester __ OpenSSL Project

RE: Compiling openssl fips in Windows

Jon, I was able to get the sample from appendix C.1 to compile for me with the following steps: 1. Build the fips module 2. Build openssl with --with-fipslibdir --with-fipsdir 3. Create a Windows console application in Visual Studio 2008 4. Add the openssl\inc32 folder to the include path 5.

RE: fipslink

Jon, I’m having trouble with fipslink as well and thought it might help to compare notes. These are the linker errors I’m getting using Visual Studio 2008: fips_premain.obj : error LNK2001: unresolved external symbol unsigned char * FIPS_signature (?FIPS_signature@@3PAEA) fips_premain.obj :

RE: Compiling openssl fips in Windows

Jon, Regarding: According to my interpretation of the documentation, it should be included in libeay32.dll: Section 2.4.2 Note that except in the most unusual circumstances the FIPS Object Module itself (fipscanister.o) is not linked directly with application code. Section 4.3.3 The resulting

RE: Compiling openssl fips in Windows

Regarding: C:\temp\nma0452: setargv.obj d:\work\ssl\ved\Debug\VED.obj d:\work\ssl\ved\Debug\stdafx.obj d:\work\ssl\ved\Debug\fips_premain.obj d:\Work\SSL\openssl-1.0.1c\out32dll\libeay32.lib ws2_32.lib gdi32.lib advapi32.lib crytp32.bli user32.lib I’m not sure but did you link in

Can I build the FIPS module with /MT?

I'm in the process of incorporating FIPS enabled OpenSSL into an application when I realized that by default the FIPS module is built by dynamically linking the C runtime, not statically linking. In my case, for Windows using Microsoft Visual Studio it uses the /MD option, instead of /MT.

RE: Can I build the FIPS module with /MT?

All modern Versions of Microsoft's C Runtime are thread safe. That occurred around Visual Studio 6.0 (circa 2000 or so). From http://msdn.microsoft.com/en-us/library/abx4dbyh.aspx: The single-threaded CRT (libc.lib, libcd.lib) (formerly the /ML or /MLd options) is no longer available. Instead,

OpenSSL 1.0.1c vs OpenSSL 1.0.1c + FIPS 2.0.2 Module without puttingin FIPS mode

I've gone through the FIPS User Guide and have built OpenSSL 1.0.1c with the FIPS module 2.0.2. From a practical perspective I'm trying to sort out in my mind the following: - What is functionally different between the standard OpenSSL and OpenSSL compiled with FIPS and _not_ in FIPS mode

RE: Web site: Send to Majordomo broken

It appears that the web site went through a few changes recently and some aren't working quite right yet. Another case is on the FIPS page (http://www.openssl.org/docs/fips/) the link for the User Guide is also broken. Thanks, Lester -Original Message- From:

Openssl ectest Fails when built with FIPS

After building openssl 1.0.1c with the 2.0.2 fips module on Windows 7 with Visual Studio 2008, the ectest fails as follows: C:\openssl-1.0.1cnmake -f ms\ntdll.mak test ectest Curve defined by Weierstrass equation y^2 = x^3 + a*x + b (mod 0x17) a = 0x1 b = 0x1 Point is not on

Building fips enabled openssl using cygwin

Regarding (from Joy Leima): I am using openssl-1.0.1c.tar.gz openssl-fips-2.0.2.tar.gz. ... The ms\do_fips resulted in a SUCCESS.The nmake had issues. Here is the last few lines. The error: link /nologo /subsystem:console /opt:ref /debug /dll /map /base:0xFB0

Openssl ectest Fails when built with FIPS

After building openssl 1.0.1c with the 2.0.2 fips module on Windows 7 with Visual Studio 2008, the ectest fails as follows: C:\openssl-1.0.1cnmake -f ms\ntdll.mak test ectest Curve defined by Weierstrass equation y^2 = x^3 + a*x + b (mod 0x17) a = 0x1 b = 0x1 Point is not on