As per my knowledge you have to build your fipscanister.o as specified in users guide. No static option at build time is allowed. You have to follow word to word of users guide.Once you built fipscanister at right place, you can use it to statically link directly with your application using the fipsld utility or can statically link with your shared library.
On Tue, Apr 12, 2011 at 9:08 PM, John Foley <fol...@cisco.com> wrote: > > Section 4.2.1 of the FIPS User Guide states... > > Per the conditions of the FIPS 1402 validation only two configuration > commands may > be used: > ./config fipscanisterbuild > or > ./config fipscanisterbuild noasm > > > However, section 4.2.2 states... > > Note that fipscanister.o can either be statically linked into an > application binary executable, > or statically linked into a shared library. > > > This leads to the question of how we would build a statically linked > OpenSSL library, such as using the following configuration... > > ./config fipscanisterbuild -static > > My question is using the -static option to build the library a valid > option for FIPS mode? If not, why does section 4.2.2 state the canister > can be statically linked? > > Thank you. > > > > > > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org >
