Re: Help regarding Compile FIPS compliant OpenSSL on Windows platform

imran.sherdin Fri, 28 Mar 2014 11:03:35 -0700

Dear OpenSSL users,

I would like to post my successful compilation of FIPS compliant OpenSSL


Regards
Imran Sher Din

*=================================================
Building OpenSSL for Visual Studio 2005/2008/2010
=================================================*

*=============
Requirements:
=============*
    1. Visual Studio 2005/2008/2010
    2. ActivePerl
    3. The Netwide Assembler NASM
    3. OpenSSL source code version openssl-1.0.1e.tar.gz
    4. OpenSSL fips module source code version openssl-fips-2.0.tar.gz
    
*==================
Environment Setup:
==================*
    1. Installed version of Visual Studio 2005/2008/2010 with VC++ support
    2. Install ActivePerl
    3. Install NASM

*========================================
Procedure for Simple OpenSSL Compilation
========================================*
    1. Extract the contents of openssl-1.0.1e.tar.gz to
C:\openssl-1.0.1e-simple\
    2. Open Visual Studio 2008 Command Prompt.
    3. cd C:\openssl-1.0.1e-simple\
    4. perl Configure VC-WIN32
    5. ms\do_ms
    6. nmake -f ms\nt.mak
    7. nmake -f ms\nt.mak install

*=====================================================
Procedure for FIPS Enabled OpenSSL Module Compilation
=====================================================
*    
    *=================================
    1. Compile openssl-fips2.0 module
    =================================*
        a. Extract the contents of openssl-fips-2.0.tar.gz to
C:\openssl-fips-2.0\
        b. Open Visual Studio 2008 Command Prompt.
        c. cd C:\openssl-fips2.0\
        d. Copy all the contents of "C:\Program Files\NASM" in this source
folder
        e. ms\do_fips [no-asm] (nmake -f ms\ntdll.mak  &  nmake -f
ms\ntdll.mak install are included in this command)
    
        Compiled FIPS module is located at C:\usr\local\ssl\fips-2.0    
    
    *=======================================================
    2. Integrate compiled openssl-fips2.0 in openssl-1.0.1e
    =======================================================*
        a. Extract the contents of openssl-1.0.1e.tar.gz to
C:\openssl-1.0.1e-fips-compliant\
        b. Open Visual Studio 2008 Command Prompt.
        c. cd C:\openssl-1.0.1e-fips-compliant\
        d. Copy all the contents of "C:\Program Files\NASM" in this source
folder
        
        e. perl Configure VC-WIN32 fips
--with-fipslibdir=C:\usr\local\ssl\fips-2.0
        f. ms\do_nasm
        g. nmake -f ms\nt.mak        
        h. For Testing, use the following command: nmake -f ms\nt.mak test    
        i. nmake -f ms\nt.mak install    
        j. (If you want to create DLL files then Use the following commands 
nmake -f ms\ntdll.mak  &&     nmake -f ms\ntdll.mak install)
        k. Compiled FIPS compliant OpenSSL exe is located at
C:\usr\local\ssl\bin\openssl.exe        
        l. Run C:\usr\local\ssl\bin\openssl.exe and type "version". You will
be confirmed to get the following output.
            *=======================================
            ****OpenSSL 1.0.1e-fips 11 Feb 2013****
            =======================================*            
        m. Compiled FIPS compliant OpenSSL fipslibeay32.lib, ssleay32.lib &
libeaycompat32.lib are located at C:\openssl-1.0.1e-fips-compliant\out32        
        n. Compiled FIPS compliant OpenSSL fipslibeay32.dll & ssleay32.dll
are located at C:\openssl-1.0.1e-fips-compliant\out32    
    
*=================================================================
Integration of FIPS Complaint compiled OPENSSL Library with Visual Studio
2005/2008/2010
====================================================================*

1. Open Visual Studio 2005/2008/2010

2. File => New => Project =>  Visual C++ => Win 32 => Win32 Console
Application=> Next => Empty Project => Finish

3. Right Click on source file => Add => Existing Items =>
C:\openssl-fips-2.0\fips\hmac\fips_hmactest.c

4. Right Click on Resources File => Add => Existing Items =>
libeayfips32.lib, ssleay32.lib & libeaycompat32.lib (from
C:\openssl-1.0.1e-fips-compliant\out32) and
C:\openssl-1.0.1e-simple\out32\libeay32.lib (OpenSSL simple Version) 

5. Right Click on fips_hmactest.c=> Properties => C++ => General =>
Additional Include Directories : C:\usr\local\ssl\include => Finish

6. Compile the Project => Works Fine

Regards
Imran Sher Din



--
View this message in context: 
http://openssl.6102.n7.nabble.com/Help-regarding-Compile-FIPS-compliant-OpenSSL-on-Windows-platform-tp48672p49003.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [email protected]
Automated List Manager                           [email protected]

Re: Help regarding Compile FIPS compliant OpenSSL on Windows platform

Reply via email to