You might want to dump out the OpenSSL error queue to see if there are
any hints.
For example:
ERR_print_errors_fp(stdout);
Matt
On 26/01/2022 16:11, Gregory Letaille wrote:
Hi
I retrieved and compiled official openssl 3 version from openssl site
configure the project with such command line
perl Configure enable-fips VC-WIN32 --debug
--prefix=D:\outssl\Dll\x32\debug --openssldir=D:\outssl\ssl
nmake
nmake install
debug and release version tested
all seems fine even the compilation of fips.dll module
now I tried to create a command line too that just try to load the FIPS
provider
*OSSL_PROVIDER *fips;
fips = OSSL_PROVIDER_load(NULL, "fips");
*
in the output window of visual studio I can see that he fips.dll well
loaded then unloaded and fips pointer is returned as null
I tried to play with the openssl/cnf file that basically (without
success) configured as follow
*
config_diagnostics = 1
openssl_conf = openssl_init
.include d:\outssl\ssl\fipsmodule.cnf
# Extra OBJECT IDENTIFIER info:
# oid_file = $ENV::HOME/.oid
oid_section = new_oids
[openssl_init]
providers = provider_sect
[provider_sect]
base = base_sect
fips = fips_sect
[base_sect]
activate = 1*
my d:\outssl\ssl\fipsmodule.cnf file is as follow
*[fips_sect]*
*#activate = 0 is the value documented to force FIPS in the code but I
also tried 1 without more success**
activate = 0
conditional-errors = 1
security-checks = 1
module-mac =
B9:FB:80:43:6A:58:FC:89:23:19:83:9F:A8:CE:FE:ED:52:F0:DA:93:1C:B9:F7:57:0A:BB:F3:E4:B0:EE:93:C9*
*
*
I have the same problem in debug or release .
if I do the same test with the legacy provider fips pointer is not
null and seems correct
*fips = OSSL_PROVIDER_load(NULL, "Legacy");*
is someone have an idea of what is my problem
is threr some debug info that I can enabled or check to make some progress?
Thanks in advance
Greg
*
*
