Hi Steve Marquess, What's the equivalent file forĀ fipscanister.o on windows..?
Thanks, Justin --- On Tue, 11/4/08, Steve Marquess <[EMAIL PROTECTED]> wrote: From: Steve Marquess <[EMAIL PROTECTED]> Subject: Re: FIPS and new releases of openssl To: openssl-users@openssl.org Date: Tuesday, November 4, 2008, 9:46 AM David Schwartz wrote: >> ... > > Build the FIPS module, then fix the higher-level code, then build the rest > of OpenSSL. So long as don't modify the source before building the FIPS > module, you are fine. You can fix the code that doesn't go in the FIPS > canister without violating FIPS, then link your fixed code with the > canister. Correct -- just don't modify *any* code in the special openssl-fips-1.1.2.tar.gz tarball, whether that code has any effect on the resulting fipscanister.o object module or not. You can't even modify the README file. Once fipscanister.o (and handful of ancillary files) are generated you should throw away everything else from that build. The fipscanister.o can subsequently be used with a FIPS compatible (i.e., recent) OpenSSL built the usual way from one of the usual tarballs. You do not want to use any of the other object code from the special FIPS tarball. -Steve M. -- Steve Marquess Open Source Software Institute [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
