Its really hard to tell without some debugging output from your execution of your application, but initial guesses are:
1) You're misnaming your fips file. Your fipsinstall command indicates you are outputting a file named fips.cnf, but your openssl.cnf file includes fipsmodule.cnf, so something is misaligned there
2) You may not be loading your openssl.cnf from the location you think. Suggest running `openssl.exe version -a` to see what your default OPENSSLDIR value is, as that is where you will be loading your config files from, barring any setting of the OPENSSL_CONF and OPENSSL_CONF_INCLUDE environment variables
Neil
On Thu, Sep 5, 2024 at 8:50 AM Aima Maqsood <ammaq180@xxxxxxxxx> wrote:
Hi Guys,
Hope you are doing great, I am writing this to inform you that I have been facing issues while loading the FIPS provider. I didn't install the Openssl 3.0.8 on the machine instead, compiled it on JENKINS Server.
Commands to compile the OpenSSL 3.0.8 version on JENKINS Server:
@echo Configuring the compilation environment
perl Configure VC-WIN32 --prefix="%WORKSPACE%\Delivery\x86" enable-fips
@echo Building FIPS capable OpenSSL DLLs
nmake
@echo Running self test
nmake test
@echo Copying files to the delivery folder (prefix)
nmake install
These files were generated in the respective folders:
bin ----- libcrypto-3.dll, libcrypto-3.pdb, libssl-3.dll, libssl-3.pdb, openssl.exe
html ----- having all the APIinclude ---- openssl ---- All header files
lib --- engines-3 ---- capi.dll, loader-attic.dll, padlock.dll|----- ossl-modules ---fips.dll, legacy.dll, fips.pdb, legacy.pdb|------libcrypto.lib, libssl.libI created a console application, and added the Openssl compiled files in Project Properties:
1. Added the include/openssl folder in C/C++ -- General --- Additional Include Directories
2. Added libraries (lib) folder in Linker -- General -- Additional Library Directories
3. Write down the libraries name in Linker --- Input ---- Additional Dependencies:Then manually created a folder of OpenSSL in C:\Program Files (x86), and created further two folders:--
config -- have 2 files ---- fipsmodule.cnf, openssl.cnf
ossl-modules ---- have dll files as ------ fips.dll, fips.pdb, legacy.dll, legacy.pdb
Then created the System Environment Variables and refer these path in it:
I created the fipsmodule.cnf file after running the openssl.exe on command prompt using this command:
openssl fipsinstall -module "path\to\fips.dll" -out "path\to\fips.cnf"
I am also sharing my openssl.cnf file and fipsmodule.cnf file to check if there is any mistake or something else?
I am doing this stuff in Windows and Visual Studio.
Please kindly guide me how can I load the FIPS Provider in my Application without installing OPENSSL on my machine? And at which location or path I need to keep all these files (dll, .cnf)?
Hope to hear from you soon.
You received this message because you are subscribed to the Google Groups "openssl-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to openssl-users+unsubscribe@xxxxxxxxxxx.
To view this discussion on the web visit https://groups.google.com/a/openssl.org/d/msgid/openssl-users/c24b1550-868f-424f-82ae-125099ed8423n%40openssl.org.
You received this message because you are subscribed to the Google Groups "openssl-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to openssl-users+unsubscribe@xxxxxxxxxxx.
To view this discussion on the web visit https://groups.google.com/a/openssl.org/d/msgid/openssl-users/CAJbOq15YSbSBhC21PcumyaEOvqMn8dWeeUuW_Du4NP5j5e8bRA%40mail.gmail.com.
