|
Hello, I have gone over the OpenSSL FIPS Security Policy & User
Guide and was able to build a test OpenSSL based application according to FIPS
Security Policy, I think that I have quite a clear understating of the OpenSSL
FIPS field. How ever I came across a more complicated situation, instead
of an exe application I would like to create a DLL that would use OpenSSL and
be compiled according to the OpenSSL FIPS Security Policy (I can do this according
to the User Guide). I would then like to use that DLL from a few applications (by
way of linking or dynamic loading), this DLL will provide all the cryptographic
needs of the relevant applications. My question is if this way of use complies
with the OpenSSL FIPS Security Policy? Would my applications be using a FIPS compliant
OpenSSL Module according to the OpenSSL FIPS Security Policy? Are there any limitations
on how do I compile / link my application? Thanks, Hagai. |
