On 06/24/2016 03:10 AM, Sahil Gandhi wrote: > Hi Jakob, > > Could you please elaborate it? I am not getting it. > I might missing something but I did not get it. > > Many Thanks Jakob for replying. > > -Sahil > > On Fri, Jun 24, 2016 at 11:57 AM, Jakob Bohm <jb-openssl at wisemo.com > <mailto:jb-openssl at wisemo.com>> wrote: > > On 24/06/2016 07:59, Sahil Gandhi wrote: > > Hi All, > > I have built Openssl-fips-2.0.10.tar on* RHEL Linux* (/_*Same > happens with Solaris 10*_/). Then I built Openssl-1.0.1p using > respective fips object module (i.e. Openssl-fips-2.0.10.tar). > > Once I have built Openssl-1.0.1p, libcrypto.a and libssl.a has > been created. > I need to join these 2 libraries and make it one. > > I am doing it using "ar" command as follows: > > ar -x libssl.a > ar -x libcrypto.a > > Then combine all .o files to make third library: > ar -r libnew.a *.o > > But when i use this libnew.a in my sample(contain > FIPS_mode_set(1)), it compiles successfully but when execute the > executable it throws error* finger print does not match:fips.c:232* > > Plz help. > I need to combine both libaries and make it one. > > Any help/suggestion? > > > You forgot the special link step for FIPS enabled applications, > perhaps also some of the other required steps from the FIPS > module users guide. > See https://openssl.org/docs/fips/UserGuide-2.0.pdf. The FIPS module requires special build-time voodoo to satisfy the peculiar requirements of the FIPS 140-2 validation. -Steve M. -- Steve Marquess OpenSSL Validation Services, Inc. 1829 Mount Ephraim Road Adamstown, MD 21710 USA +1 877 673 6775 s/b +1 301 874 2571 direct marquess at openssl.com gpg/pgp key: http://openssl.com/docs/0x6D1892F5.asc
