> > In FIPS OpenSSL 1.2, fips_premain.c is produced as an output after > > doing ms\do_fips. > > A fips_premain.c.sha1 file is also produced containing the > > SHA1 of the c file. Does the security policy restricts modification > > to this file? > > My application is in C++ and I need to do changes in this > > file (like adding precompiled headers and adding extern "C" > > modifiers). Does this break the security policy? > > > > Pankaj > > You cannot modify fips_premain.c and there is no reason you > should need to. > There is no need for extern "C" modifiers, fips_premain.c is > a C file so C linkage should most definitely be the default.
Make sure that your compiler supports both C and C++ code. Generally it should, but if you are being required to use extern "C" modifiers, then there is something wrong with your compiler setup. Any .c file should be interpreted as C and not C++ code. Your C++ application can link to C libraries just fine. As DS pointed out - there should be no need to add modifiers to the FIPS OpenSSL source. --Will > I'm not sure what you mean by "add precompiled headers", but > I would suggest just not using precompiled headers when > building that file. > > If you need chapter and verse, check the security policy's > list of "Cryptogrpahically Significant Source Files" and you > will see fips_premain.c and its hash. Alterations of these > files are specifically prohibited. > > DS ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
