I compiled fips module OpenSSL-fips-1.0.tar.gz with the following options
./Configure fips hpux-ia64-cc
And the official OpenSSL release 0.9.7j with the following options
./Configure threads zlib shared no-rc5 no-idea no-krb5
fips --openssldir=/opt/openssl hpux-ia64-cc
I tried compling the sample FIPS application given in the FIPS User Guide,
page # 47 fips_sample.c
The compile options are
cc -I.. -I/opt/openssl/include
+Z -DOPENSSL_PIC -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H
-DOPENSSL_NO_KRB5 -DOPENSSL_NO_RC5 -DOPENSSL_NO_IDEA -Ae +DD32 +O3
+Olit=all -z -DB_ENDIAN -c -o fips_sample.o fips_sample.c
cc -o fips_sample -I/opt/openssl/include
+Z -DOPENSSL_PIC -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H
-DOPENSSL_NO_KRB5 -DOPENSSL_NO_RC5 -DOPENSSL_NO_IDEA -Ae +DD32 +O3
+Olit=all -z -DB_ENDIAN fips_sample.o /opt/openssl/lib/libssl.a
/opt/openssl/lib/libcrypto.a -Wl,+s,+b,/opt/openssl/lib -ldl -lz
I get the following error message.
./fips_sample -v abc
22118:error:2A07806E:FIPS routines:FIPS_check_dso:fingerprint does not
match:fips.c:212:
BUT its working fine for *Shared* library.
Will FIPS module doesnot work with static library?
Thanks in advance,
Haridharan
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
