Thank you for quick answer. We are actually planning to submit our
final product for validation so my understanding is that it needs to
be validated again with all the modifications we have made. Am I
correct? If yes then I am wondering if this is even technically
achievable to get it to build in FIPS mode for our platform. Maybe it
would be easier if we downgraded to the earlier version? Does any
process/procedure exist for cross compiling any of the older versions?
Best,
Chris
On Jul 20, 2009, at 4:08 PM, Dr. Stephen Henson wrote:
On Mon, Jul 20, 2009, Chris Koston wrote:
Hi,
I am trying to compile OpenSSL 0.9.8k with FIPS for ARM machine
(versatile). I am cross compiling using toolchain for my platform.
Unfortunatelly during generation of the fips canister the process
requires some "host native" executables to generate what I believe
is some checksums. I am not very familiar with this process. It is
really difficult to find any information about FIPS and cross
compiling. Does anyone have experience doing this? I am not sure
what I need to do at this point. I don't know which components must
be compiled for the host machine and I am also not sure if I'm
allowed/able to modify the make files in order to use the right
compiler where necessary. Is what I'm talking about really doable?
Cross compiling isn't supported at all for the 1.2 validation. You
need to
compile OpenSSL natively with unmodified sources following the
instructions to
the letter or it isn't validated.
Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
