Fingerprint mismatch only for 32-bit DLL linked statically to FIPS Capable OpenSSL

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Appreciate any help on the following.

  1. Built OpenSSL Fips Module and then 'static binaries' of FIPS capable OSSL which 'statically link to the windows run-time'. Thus, my application binary (FipsApp.exe) does not depend on OSSL DLLs.

  2. Consumed these static binaries namely (libeaycompat32.liblibeayfips32.lib and ssleay32.lib) into myapp.dll using msincore.pl.

  3. FipsApp.exe calls function foo() inside myapp.dll which executes FIPS_mode_set() which returns (100:error:2D06B06F:lib(45):func(107): reason (111):/FIPS/FIPS.c:232)

Result

  1. On executing 64-bit FipsApp.exe, the FIPS mode gets set and working with 64-bit myapp.dll

  2. But on executing 32-bit FipsApp.exe which uses 32-bit myapp.dll with same configuration, FIPS_mode_set() fails with reason 111 (Fingerprint mismatch)

Attempted

Since above 32-bit myapp.dll did not work, some additional configuration changes were made.

  1. ReBuilt 32-bit myapp.dll with above LFLAGS "/DynamicBase:No /Fixed". Here default base address gets used for myapp.dll

  2. ReBuilt 32-bit myapp.dll with base address of 0xFB00000. (OSSL does same thing for FIPS dlls)

  3. Checking out following http://openssl.6102.n7.nabble.com/FIPS-Static-Library-linked-into-Win32-Dll-builds-but-fails-self-test-td63011.html

But 32-bit myapp DLL does always fail with fingerprint mismatch.

Question

How do I get 32-bit myapp.dll working in FIPS mode? FIPS_mode_set() returns (100:error:2D06B06F:lib(45):func(107): reason (111):/FIPS/FIPS.c:232)

Thanks.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux