I had a problem after building as well, I built the fips-mode (version
1.2) of openssl on LInux via running "./config fipscanisterbuild" and
then "make", this builds fine, and "make test" works, only
fipscanister.o doesn't have the strings that fipsld expects, when I run
"strings fipscanister.o | fgrep HMAC" all I see is "HMAC: digest not
allowed in FIPS mode". The other strings I got before with fips openssl
1.1 which have the hash values (e.g. "HMAC-SHA1(fips_premain.c)=
6a08d15c578f1258246181bf52134ae974aa5a80") are not present. This causes
fipsld to fail, any suggestions appreciated.
Lee
--
On 10/12/2010 07:07 AM, rajesh kumar wrote:
Hi All,
i am very new to OpenSSL build ...
I have build the static build of FIPS Capable OpenSSL as mentioned in
user guide 1.2.
I have used following commands on VS2005 Command Prompt...
/Build FIPS Module : ms\do_fips no-asm/
/
/
/Set Confiugration : perl Configure VC-WIN32
--with-fipslibdir="..\openssl-0.9.8l\out32dll"/
/
/
/For not using Assembler : ms\do_ms/
/
/
/Static Build : nmake -f ms\nt.mak InstallStatic/
All this seems to work but the issue is that when i link libeay32.lib
and ssleay32.lib in application and when i am calling FIPS_mode_set()
function to set/reset FIPS Mode.
I am seeing following link error ...
error LNK2019: unresolved external symbol _FIPS_mode referenced in
function
Can some one please let me know if i am missing anything...
when i am looking at the do_fips.bat file; it internally calls
ntdll.mak - i am not sure if fips module is always creating Dynamic
mode where as my application links them static...
quick reply would be really helpful ....
Thanks,
Rajesh.
--
/Unless otherwise stated, any views presented in this email are solely
those of the author and do not necessarily represent those of the company./
