On Tue, Jan 29, 2013 at 6:37 AM, Joseandro Luiz <joseandro.l...@gmail.com> wrote: > Hello everyone, > I am using the OpenSSL user guide from > http://www.openssl.org/docs/fips/UserGuide-2.0.pdf in order to create a FIPS > 140-2 compliant iOS app. > So far I've successfully built the Incore utility and the FIPS Object Module > but I am having big troubles when I try to build the FIPS Capable Library. > > I run the following commands to compile openssl-1.0.1c: > $ ./config fips -no-comp -no-shared -no-dso > $ make depend > > The first command runs ok, no error messages, but when I run the second, I > get this: > Joseandros-iMac:openssl-1.0.1c joseandro$ make depend > making depend in crypto... > o_fips.c:60:26: error: openssl/fips.h: No such file or directory > o_fips.c:61:31: error: openssl/fips_rand.h: No such file or directory > o_init.c:58:26: error: openssl/fips.h: No such file or directory > In file included from fips_ers.c:4: > fips_err.h:63:26: error: openssl/fips.h: No such file or directory > make[1]: *** [depend] Error 1 > make: *** [depend] Error 1 > > The base of my OpenSSL installation is the default: > /usr/local/ssl/Release-iphoneos A few thoughts....
You should be using http://www.openssl.org/source/openssl-1.0.1c.tar.gz and http://www.openssl.org/source/openssl-fips-2.0.1.tar.gz. Are you working from Appendix E? I believe the Foundation solicited feedback from three of their commercial customers, so the steps laid out in Appendix E are fairly complete (I'm not aware of any errors/omissions). Use: --openssldir=/usr/local/ssl/Release-iphoneos Use: --with-fipsdir=/usr/local/ssl/Release-iphoneos/lib setenv-ios.sh will silently fail. If needed, I can send you an updated shell script that checks for path errors alerts you of issues. Jeff ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org