I want to build the OpenSSL 1.0.1e distribution with the FIPS code from OpenSSL FIPS 2.0.2 distribution WITHOUT using the FIPS canister method and in-core fingerprint method described in the User Guide for the OpenSSL FIPS Object Module v2.0 document.
Maybe to say it another way, I would like to build the OpenSSL 1.0.1e distribution more in the style of the 0.9.8 FIPS implementation. It looks like the code in openssl-fips-ecp-2.0.2/fips is equivalent (albeit updated) to the code in openssl-0.9.8y/fips. So I made a "fips" directory in openssl-1.0.1e and copied the files from openssl-fips-ecp-2.0.2/fips into it. But I'm not sure what to do with the code in openssl-fips-ecp-2.0.2/crypto? Do I replace the corresponding files in openssl-1.0.1e with these files? Obviously what I'm attempting to do renders the OSF OpenSSL FIPS certification invalid. I understand that, and I have alternative plans in mind. Setting that issue aside, has anyone else attempted to do this? Is there a documented procedure for this? Thanks for any thoughts or ideas.
