> As a convenience to users, the "fipsdo" option of FIPS compatible > versions of OpenSSL will, in conjunction with a previously built OpenSSL > FIPS Object Module, automagically create a libcrypto shared library > containing fipscanister.o. This is documented in Appendix B of the User > Guide. Note the resulting "FIPS compatible" OpenSSL can be used just > like the good old OpenSSL we all know and love, or at runtime the FIPS > mode of operation can be enabled where all crypto operations are > performed in the validated fipscanister.o. This behavior was an > important design goal because it allows software vendors to ship one > binary to all customers. >
Correction, should be 'As a convenience to users, the "fips" option of FIPS compatible versions of OpenSSSL...". The "fipsdso"option is a special purpose feature intended for use with "private label" binary validations. I should note that it does not work for all platforms. -Steve M. -- Steve Marquess Veridical Systems, Inc. marqu...@veridicalsystems.com ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org Excellent. Thanks. That makes life easy. -- View this message in context: http://www.nabble.com/fipsld-or-libcrypto.so-tp23439162p23483221.html Sent from the OpenSSL - Dev mailing list archive at Nabble.com. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
