On 05/28/2013 09:28 AM, Abhijit Ray Chaudhury wrote:
> Hi,
>
> We have an application running in WINCE Kernel address space as a DLL.
> We require to have it compiled against FIPS enabled openSSL.
>
> ...
>
> To get around the problem we have added following line in msincore
> script, all the build procedure and files remains exactly same as in
> source distribution.
>
> ======================================
>
> system("editbin /nologo /rebase:base=0xc08a0000 @ARGV[$#ARGV] >
> @ARGV[$#ARGV].rel");
>
> ======================================
>
> Please let me know :
>
> a> If the libeay32.dll thus produced will still be FIPS 140-2 validated
> module ?
The answer to that question is prominently featured on the NIST CMVP web
site,
http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm#1747:
"...There shall be no additions, deletions or alterations to the tar
file contents as used during module build..."
and is also clearly stated in the Security Policy document
(http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140sp/140sp1747.pdf)
-Steve M.
--
Steve Marquess
OpenSSL Software Foundation, Inc.
1829 Mount Ephraim Road
Adamstown, MD 21710
USA
+1 877 673 6775 s/b
+1 301 874 2571 direct
[email protected]
[email protected]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [email protected]
Automated List Manager [email protected]
