Hi,
I am trying to build openssl-0.9.8za with openssl-fips-1.2, but with no
luck. Came to know from release notes, that openssl-0.9.8za have know
compilation issues with FIPS. I got below statement from release notes
FIPS capable link failure with missing symbol
Adding further I already tried below to build openssl, I already built fips
libs with /tmp/_install path
/config fips --prefix=/tmp/_install --with-fipslibdir=/tmp/_install/lib
-DOPENSSL_NO_EC -DOPENSSL_NO_ECDSA -DOPENSSL_NO_ECDH
It also gives below build error
../../include/openssl/ec.h:78:2:
Hi Stephen,
I understand it got fixed with development version. I tried it its working
fine. But I want to build 0.9.8za with FIPS, and release notes says it
could be done by compiling openssl without EC algorithms,can you point me
out how can I do that ?
-
Saurabh
On Tue, Jun 10, 2014 at 8:23
On Wed, Jun 11, 2014, Saurabh Pandya wrote:
Adding further I already tried below to build openssl, I already built fips
libs with /tmp/_install path
/config fips --prefix=/tmp/_install --with-fipslibdir=/tmp/_install/lib
-DOPENSSL_NO_EC -DOPENSSL_NO_ECDSA -DOPENSSL_NO_ECDH
It also gives
Thanks you very much for prompt info.
What could be the end-user effect if I start using openssl with no-ec ?
(sorry for a silly question !!)
-
Saurabh
On Wed, Jun 11, 2014 at 5:17 PM, Dr. Stephen Henson st...@openssl.org
wrote:
On Wed, Jun 11, 2014, Saurabh Pandya wrote:
Adding further I
On Wed, Jun 11, 2014, Zhang, Ping (Unisphere) wrote:
Added the command line used and the error.
perl Configure VC-WIN32 no-asm fips no-ec
--with-fipslibdir=C:\openssl_build\openssl-fips-1.2.4\out32dll
cl /Fotmp32dll\fips_premain.obj -Iinc32 -Itmp32dll /MD /Ox /O2 /Ob2 /W3 /WX
/Gs0 /GF
: RE: link error building openssl 0.9.8za with FIPS module 1.2.4
Thanks! Got a build with 0610's snapshot.
However rebuilt openssl0.9.8za with no-ec (not rebuild fips libs), still see
the same error.
-DOPENSSL_NO_EC -DOPENSSL_NO_ECDSA -DOPENSSL_NO_ECDH
-Original Message-
From: owner-openssl
Henson
Sent: Wednesday, June 11, 2014 7:47 AM
To: openssl-users@openssl.org
Subject: Re: error building openssl-0.9.8za with FIPS
On Wed, Jun 11, 2014, Saurabh Pandya wrote:
Adding further I already tried below to build openssl, I already built
fips libs with /tmp/_install path
/config fips
In process upgrade openssl to 0.9.8za. When building with fips module 1.2.4
lib, failed with link error. The same process and fips 1.2.4 lib works with
0.9.8y.
Compared the code difference with 0.9.8za and 0.9.8y, noticed
BN_consttime_swap() is used in 0.9.8za crypto/ec/ec2_mult.c.
perl
On Tue, Jun 10, 2014, Zhang, Ping (Unisphere) wrote:
In process upgrade openssl to 0.9.8za. When building with fips module 1.2.4
lib, failed with link error. The same process and fips 1.2.4 lib works with
0.9.8y.
Compared the code difference with 0.9.8za and 0.9.8y, noticed
]
On Behalf Of Dr. Stephen Henson
Sent: Tuesday, June 10, 2014 10:54 AM
To: openssl-users@openssl.org
Subject: Re: link error building openssl 0.9.8za with FIPS module 1.2.4
On Tue, Jun 10, 2014, Zhang, Ping (Unisphere) wrote:
In process upgrade openssl to 0.9.8za. When building with fips module
11 matches
Mail list logo
