On Oct 5, 2011, at 12:15 PM, Dr. Stephen Henson wrote: > On Wed, Oct 05, 2011, Bill Durant wrote: >> On Oct 5, 2011, at 8:08 AM, Dr. Stephen Henson wrote: >>> On Tue, Oct 04, 2011, William A. Rowe Jr. wrote: >>>> On 10/4/2011 10:45 PM, Bill Durant wrote: >>>>> >>>>> Does anyone know how to produce a FIPS-capable OpenSSL that works on >>>>> Windows NT? >>>> >>>> It's likely not possible... >>>> >>>>> But when I run it under Windows NT, I get the following run-time error: >>>>> >>>>> "The procedure entry point Module32NextW could not be located in the >>>>> dynamic link library KERNEL32.dll" >>>> >>>> If you use the equivalent of nm against the fipscanister.lib, I'd expect >>>> you'll find the binding there. >>>> >>>> I see no reason the team would accommodate this in OpenSSL/FIPS 2.0, >>>> though. >>>> Support for Windows NT 4.xx ended on December 31, 2004. Support for >>>> Windows >>>> 2000 ended on July 13, 2010. So updating "security" or cryptographic >>>> software >>>> validation for such systems is something of an oxymoron. >>> >>> I'd suggest the OP try to build the 2.0 test module and run fips_test_suite >>> on >>> NT as it may work. A lot of the platform specific code has been removed from >>> the 2.0 module design. >> >> Thank you everyone for the comments so far. >> >> What is the 2.0 test module? Does it mean to build openssl-fips-1.2.tar.gz? >> > > For the upcoming 2.0 validation test snapshots are available. You can see > them at: ftp://ftp.openssl.org/snapshot/ > > Steve. > -- > Dr Stephen N. Henson. OpenSSL project core developer. > Commercial tech support now available see: http://www.openssl.org
Hello Steve: I downloaded ftp://openssl.org/snapshot/openssl-fips-2.0-test-20111023.tar.gz and http://openssl.org/source/openssl-0.9.8r.tar.gz. I am getting the following compile errors. Any ideas on what I am doing wrong? C:\> cd openssl-fips-2.0-test-20111023 C:\> ms\do_fips no-asm ... ... *************************** ****FIPS BUILD SUCCESS***** *************************** C:\> cd ..\openssl-0.9.8r C:\> perl Configure VC-WIN32 fips --with-fipslibdir=..\openssl-fips-2.0-test-20111023\out32dll --prefix=..\openssl-0.9.8r-fips-static no-idea no-mdc2 no-rc5 no-asm ... ... C:\> ms\do_nasm ... ... C:\> nmake -f ms\nt.mak Generating x86 for NASM assember Bignum AES ... ... Copying: ./ssl/dtls1.h to inc32/openssl/dtls1.h perl util/copy.pl ".\ssl\kssl.h" "inc32\openssl\kssl.h"Copying: ./ssl/kssl.h to inc32/openssl/kssl.h cl /Fotmp32\fips_standalone_sha1.obj -Iinc32 -Itmp32 /MT /Ox /O2 /Ob2 /W3 /W X /Gs0 /GF /Gy /nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DDSO_WIN32 -D_CRT_SECURE_NO_DEPRECATE -D_CRT_NONSTDC_NO_DEPRECATE /Fdout32 -DOPENSSL_NO_IDEA -DOPENSSL_NO_CAMELLIA -DOPENSSL_NO_SEED -DOPENSSL_NO_RC5 -DOPENSSL _NO_MDC2 -DOPENSSL_NO_CMS -DOPENSSL_NO_JPAKE -DOPENSSL_NO_CAPIENG -DOPENSSL_NO_KRB5 -DOPENSSL_FIPS -DOPENSSL_NO_DYNAMIC_ENGINE /Zl -c .\fips\sha\fips_standalon e_sha1.cfips_standalone_sha1.c link /nologo /subsystem:console /opt:ref /out:out32\fips_standalone_sha1.exe @C:\Users\bdurant\AppData\Local\Temp\nm257.tmp fips_standalone_sha1.obj : error LNK2019: unresolved external symbol _SHA1_Final referenced in function _hmac_init fips_standalone_sha1.obj : error LNK2019: unresolved external symbol _SHA1_Update referenced in function _hmac_init fips_standalone_sha1.obj : error LNK2019: unresolved external symbol _SHA1_Init referenced in function _hmac_init fips_standalone_sha1.obj : error LNK2019: unresolved external symbol __chkstk referenced in function _hmac_init fips_standalone_sha1.obj : error LNK2019: unresolved external symbol _fwrite referenced in function _main fips_standalone_sha1.obj : error LNK2019: unresolved external symbol _perror referenced in function _main fips_standalone_sha1.obj : error LNK2019: unresolved external symbol _printf referenced in function _main fips_standalone_sha1.obj : error LNK2019: unresolved external symbol _fread referenced in function _main fips_standalone_sha1.obj : error LNK2019: unresolved external symbol _fopen referenced in function _main fips_standalone_sha1.obj : error LNK2019: unresolved external symbol _exit refer enced in function _main fips_standalone_sha1.obj : error LNK2019: unresolved external symbol _fprintf re ferenced in function _main fips_standalone_sha1.obj : error LNK2019: unresolved external symbol __iob refer enced in function _mainLINK : error LNK2001: unresolved external symbol _mainCRTStartup out32\fips_standalone_sha1.exe : fatal error LNK1120: 13 unresolved externals NMAKE : fatal error U1077: 'link' : return code '0x460' Stop. Thanks, Bill > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
