How curious that this topic would come up today as I had a discussion on it just two days earlier. The OpenSSL FIPS 140-2 Security Policy Version 1.1.2 states:
"The FIPS Object Module is not a static library. It may be incorporated into shared library files or runtime executable application files, but in any event can only be incorporated intact and in its entirety." This was leading me to believe that we could use this in a shared library mode; perhaps we need to understand the boundaries of what may be included in a shared library? How can we interpret the above quote? -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dr. Stephen Henson Sent: Thursday, September 18, 2008 7:48 AM To: openssl-users@openssl.org Subject: Re: Openssl Fips Shared Library On Thu, Sep 18, 2008, joshi chandra wrote: > > I have followed the step mention in OpenSSL FIPS Security Policy for openssl > fips 1.1.2 and that all work fine. > But when i started working on fips capable openssl using openssl 0.9.7m and > used the shared option in the ./Configure,it is giving the error > but work fine when not using shared option > Shared libraries are not supported in the 1.1.2 module because the module itself if not usually compiled with appropriate options. They will be supported in the 1.2 validation whenever that happens... Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]