Ok ! I can't modify the fips_premain.c but what If It can't be integrated into my application as it is. Doesn't it limit the usage of fipscanister.lib by making it mandatory to have c like application which can use it.
What if I don't use fips_premain.c at all and write my own code to set FIPS_signature[]. Pankaj David Schwartz wrote: > > >> In FIPS OpenSSL 1.2, fips_premain.c is produced as an output after doing >> ms\do_fips. >> A fips_premain.c.sha1 file is also produced containing the SHA1 of the c >> file. Does the security policy restricts modification to this file? My >> application is in C++ and I need to do changes in this file (like adding >> precompiled headers and adding extern "C" modifiers). Does this break the >> security policy? >> >> Pankaj > > You cannot modify fips_premain.c and there is no reason you should need > to. > There is no need for extern "C" modifiers, fips_premain.c is a C file so C > linkage should most definitely be the default. I'm not sure what you mean > by > "add precompiled headers", but I would suggest just not using precompiled > headers when building that file. > > If you need chapter and verse, check the security policy's list of > "Cryptogrpahically Significant Source Files" and you will see > fips_premain.c > and its hash. Alterations of these files are specifically prohibited. > > DS > > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org > > -- View this message in context: http://www.nabble.com/fips_premain.c-tp25219921p25225139.html Sent from the OpenSSL - User mailing list archive at Nabble.com. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
