Hello , I just saw the openssl-fips 2.0 user guide and in that its clearly mentioned that iOS is not supported. In the 1.2 FIPS user guide, there is a separate section on Apple iOS support. I have built the static libs for iOS ( armv7) using the instructions in 1.2 user guide. So, does open-ssl 1.2.4 fips still support iOS 5.1?
Thank you, Tarani From: Tarani Vishwanatha <tarani.vishwana...@citrix.com<mailto:tarani.vishwana...@citrix.com>> Date: Wed, 5 Sep 2012 14:04:22 -0400 To: "openssl-users@openssl.org<mailto:openssl-users@openssl.org>" <openssl-users@openssl.org<mailto:openssl-users@openssl.org>> Subject: iOS-App is crashing when openssl-FIPS complaint libraries are included in Xcode project Hey guys, I have built FIPS complaint openssl ( 1.2.4) libraries for iOS ( armv7) following the instructions in the user guide. After all the configuration and building, I have static libraries present in /usr/local/ssl/Release-iphoneos/lib. I did not conduct any tests on the FIPS module as describes here: http://opensslfoundation.com/testing/validation-2.0/platforms/ios/TestingInstructions-iOS.pdf as it was described in the user guide that these are not mandatory for application developers. Having built the libraries, I created a sample Xcode iOS project and included the headers and libraries in my project. I have given the search paths for both herders and libraries in build settings. I wanted to check the FIPS mode by using FIPS_mode_set(1) in a method. The app crashes before the launch. GDB does not hit even the first method in the app. Here is the output: GNU gdb 6.3.50-20050815 (Apple version gdb-1708) (Mon Oct 17 16:52:01 UTC 2011) Copyright 2004 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "--host=i386-apple-darwin --target=arm-apple-darwin".tty /dev/ttys003 sharedlibrary apply-load-rules all target remote-mobile /tmp/.XcodeGDBRemote-60628-41 Switching to remote-macosx protocol mem 0x1000 0x3fffffff cache mem 0x40000000 0xffffffff none mem 0x00000000 0x0fff none [Switching to process 7171 thread 0x1c03] [Switching to process 7171 thread 0x1c03] 5f0c073475efc882173469dd3e002d0ff2db4a98 Program ended with exit code: 0 I know for sure that its happening because I have included openssl-FIPS libraries(Have checked removing them and things are fine). Has anyone seen this issue before? Its very difficult to debug as there are no traces or logs. Also, please let me know am I doing the right way test FIPS mode. Thank you, Tarani
