Building an application with OpenSSL and FIPS support.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I recompiled with dynamic libraries and after linking to them the program runs without issue. I'll keep trying to hunt down the issues with the static libs. Thanks for the help.

Thanks,

Matt Heimlich
Linux Security Engineer
SteelCloud LLC
703.999.4346

________________________________________
From: openssl-users <openssl-users-bounces@xxxxxxxxxxx> on behalf of Dr. Stephen Henson <steve@xxxxxxxxxxx>
Sent: Tuesday, October 11, 2016 10:35 AM
To: openssl-users at openssl.org
Subject: Re: Building an application with OpenSSL       and     FIPS    support.

On Mon, Oct 10, 2016, Matthew Heimlich wrote:

> $openssl version
>
> returns:
>
> OpenSSL 1.0.2j-fips
>
> My FIPS module version is openssl-fips-2.0.13
>
> $OPENSSL_FIPS=1 openssl md5 /dev/null
>
> returns:
>
> Error setting digest md5
> 140066569107136:error:060A80A3:digital envelope routines:FIPS_DIGESTINIT:disabled for fips:fips_md.c:180:
>
> $OPENSSL_FIPS=1 openssl sha1 /dev/null
>
> returns:
>
> SHA1(/dev/null)= da39a3ee5e6b4b0d3255bfef95601890afd80709
>
> Do that appears to be working correctly.
>

Can you give more details of the steps you are using to link your application?

If you're linking to the OpenSSL shared libraries then you don't need to use
fipsld at all. I'd suggest you try that as a first step and see if your
application works.

Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux