Henson
Sent: Wednesday, June 11, 2014 7:47 AM
To: openssl-users@openssl.org
Subject: Re: error building openssl-0.9.8za with FIPS
On Wed, Jun 11, 2014, Saurabh Pandya wrote:
> Adding further I already tried below to build openssl, I already built
> fips libs with /tmp/_install path
>
>
7;
Subject: RE: link error building openssl 0.9.8za with FIPS module 1.2.4
Thanks! Got a build with 0610's snapshot.
However rebuilt openssl0.9.8za with no-ec (not rebuild fips libs), still see
the same error.
-DOPENSSL_NO_EC -DOPENSSL_NO_ECDSA -DOPENSSL_NO_ECDH
-Original Message-
From
On Wed, Jun 11, 2014, Zhang, Ping (Unisphere) wrote:
> Added the command line used and the error.
>
> perl Configure VC-WIN32 no-asm fips no-ec
> --with-fipslibdir=C:\openssl_build\openssl-fips-1.2.4\out32dll
>
> cl /Fotmp32dll\fips_premain.obj -Iinc32 -Itmp32dll /MD /Ox /O2 /Ob2 /W3 /WX
> /Gs
Thanks you very much for prompt info.
What could be the end-user effect if I start using openssl with no-ec ?
(sorry for a silly question !!)
-
Saurabh
On Wed, Jun 11, 2014 at 5:17 PM, Dr. Stephen Henson
wrote:
> On Wed, Jun 11, 2014, Saurabh Pandya wrote:
>
> > Adding further I already tried
On Wed, Jun 11, 2014, Saurabh Pandya wrote:
> Adding further I already tried below to build openssl, I already built fips
> libs with /tmp/_install path
>
> /config fips --prefix=/tmp/_install --with-fipslibdir=/tmp/_install/lib
> -DOPENSSL_NO_EC -DOPENSSL_NO_ECDSA -DOPENSSL_NO_ECDH
>
> It also
Hi Stephen,
I understand it got fixed with development version. I tried it its working
fine. But I want to build 0.9.8za with FIPS, and release notes says it
could be done by compiling openssl without EC algorithms,can you point me
out how can I do that ?
-
Saurabh
On Tue, Jun 10, 2014 at 8:23
Adding further I already tried below to build openssl, I already built fips
libs with /tmp/_install path
/config fips --prefix=/tmp/_install --with-fipslibdir=/tmp/_install/lib
-DOPENSSL_NO_EC -DOPENSSL_NO_ECDSA -DOPENSSL_NO_ECDH
It also gives below build error
../../include/openssl/ec.h:78:2: er
Hi,
I am trying to build "openssl-0.9.8za" with "openssl-fips-1.2", but with no
luck. Came to know from release notes, that "openssl-0.9.8za" have know
compilation issues with FIPS. I got below statement from release notes
"FIPS capable link failure with missing symbol
BN_constti
l.org]
On Behalf Of Dr. Stephen Henson
Sent: Tuesday, June 10, 2014 10:54 AM
To: openssl-users@openssl.org
Subject: Re: link error building openssl 0.9.8za with FIPS module 1.2.4
On Tue, Jun 10, 2014, Zhang, Ping (Unisphere) wrote:
> In process upgrade openssl to 0.9.8za. When building with fip
On Tue, Jun 10, 2014, Zhang, Ping (Unisphere) wrote:
> In process upgrade openssl to 0.9.8za. When building with fips module 1.2.4
> lib, failed with link error. The same process and fips 1.2.4 lib works with
> 0.9.8y.
>
> Compared the code difference with 0.9.8za and 0.9.8y, noticed
> BN_cons
In process upgrade openssl to 0.9.8za. When building with fips module 1.2.4
lib, failed with link error. The same process and fips 1.2.4 lib works with
0.9.8y.
Compared the code difference with 0.9.8za and 0.9.8y, noticed
BN_consttime_swap() is used in 0.9.8za crypto/ec/ec2_mult.c.
perl Config
11 matches
Mail list logo
