[openssl.org #1654] OpenSSL Build errors in Windows XP Professional
We need the following required files for DataWire development. /libeay32.dll /ssleay32.dll /libssl32.dll We installed, ActivePerl We have VisualStudio 2005 Professional We ran > ms\do_ms _ C:\Dev\DataWire\openssl-0.9.8g>ms\do_ms C:\Dev\DataWire\openssl-0.9.8g>perl util\mkfiles.pl 1>MINFO C:\Dev\DataWire\openssl-0.9.8g>perl util\mk1mf.pl no-asm VC-WIN32 1>ms\nt.mak C:\Dev\DataWire\openssl-0.9.8g>perl util\mk1mf.pl dll no-asm VC-WIN32 1>ms\ntdll.mak C:\Dev\DataWire\openssl-0.9.8g>perl util\mk1mf.pl no-asm VC-CE 1>ms\ce.mak %OSVERSION% is not defined at util/pl/VC-32.pl line 41. Compilation failed in require at util\mk1mf.pl line 138. C:\Dev\DataWire\openssl-0.9.8g>perl util\mk1mf.pl dll no-asm VC-CE 1>ms\cedll.mak %OSVERSION% is not defined at util/pl/VC-32.pl line 41. Compilation failed in require at util\mk1mf.pl line 138. C:\Dev\DataWire\openssl-0.9.8g>perl util\mkdef.pl 32 libeay 1>ms\libeay32.def C:\Dev\DataWire\openssl-0.9.8g>perl util\mkdef.pl 32 ssleay 1>ms\ssleay32.def _ But we get a fatal error on our nmake call below, _ C:\Dev\DataWire\openssl-0.9.8g>nmake -f ms\ntdll.mak Microsoft (R) Program Maintenance Utility Version 8.00.50727.762 Copyright (C) Microsoft Corporation. All rights reserved. Building OpenSSL perl util/copy.pl .\crypto\buildinf.h tmp32dll\buildinf.h Copying: ./crypto/buildinf.h to tmp32dll/buildinf.h cl /Fotmp32dll\uplink.obj -Iinc32 -Itmp32dll /MD /Ox /O2 /Ob2 /W3 /WX /G s0 /GF /Gy /nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DDS O_WIN32 -D_CRT_SECURE_NO_DEPRECATE -D_CRT_NONSTDC_NO_DEPRECATE -DOPENSSL_SYSNAME _WINNT -DUNICODE -D_UNICODE -DOPENSSL_USE_APPLINK -I. /Fdout32dll -DOPENSSL_NO_C AMELLIA -DOPENSSL_NO_SEED -DOPENSSL_NO_RC5 -DOPENSSL_NO_MDC2 -DOPENSSL_NO_TLSEXT -DOPENSSL_NO_KRB5 -DOPENSSL_NO_DYNAMIC_ENGINE -D_WINDLL -c ms\uplink.c uplink.c ms\uplink.c(11) : fatal error C1083: Cannot open include file: 'windows.h': No s uch file or directory NMAKE : fatal error U1077: '"C:\Program Files\Microsoft Visual Studio 8\VC\BIN\c l.EXE"' : return code '0x2' Stop. _ We have a windows.h resource file, but it is dated from 1998 from our VisualStudio 2003 install. We tried as suggested in support "7. Why does the OpenSSL compilation fail on Win32 with VC?" but same result. _ C:\Dev\DataWire\openssl-0.9.8g>VSVARS32.BAT Setting environment for using Microsoft Visual Studio 2005 x86 tools. C:\Dev\DataWire\openssl-0.9.8g>nmake -f ms\ntdll.mak Microsoft (R) Program Maintenance Utility Version 8.00.50727.762 Copyright (C) Microsoft Corporation. All rights reserved. Building OpenSSL cl /Fotmp32dll\uplink.obj -Iinc32 -Itmp32dll /MD /Ox /O2 /Ob2 /W3 /WX /G s0 /GF /Gy /nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DDS O_WIN32 -D_CRT_SECURE_NO_DEPRECATE -D_CRT_NONSTDC_NO_DEPRECATE -DOPENSSL_SYSNAME _WINNT -DUNICODE -D_UNICODE -DOPENSSL_USE_APPLINK -I. /Fdout32dll -DOPENSSL_NO_C AMELLIA -DOPENSSL_NO_SEED -DOPENSSL_NO_RC5 -DOPENSSL_NO_MDC2 -DOPENSSL_NO_TLSEXT -DOPENSSL_NO_KRB5 -DOPENSSL_NO_DYNAMIC_ENGINE -D_WINDLL -c ms\uplink.c uplink.c ms\uplink.c(11) : fatal error C1083: Cannot open include file: 'windows.h': No s uch file or directory NMAKE : fatal error U1077: '"C:\Program Files\Microsoft Visual Studio 8\VC\BIN\c l.EXE"' : return code '0x2' Stop. _ Any suggestions? Thanks in advance. Rich O'Brien 970 W Valley Parkway, #456 Escondido, CA 92025 [EMAIL PROTECTED] (760) 291-0081 Main (760) 807-1590 Cell/Mobile (760) 291-0070 FAX _ *** The information in this message may be proprietary and/or confidential, and protected from disclosure. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify 1stTransaction Corporation immediately by replying to this message and deleting it from your computer. *** We need the following required files for DataWire development. /libeay32.dll/ssleay32.dll/libssl32.dll We installed, ActivePerl We have VisualStudio 2005 Professional We ran > ms\do_ms C:\Dev\DataWire\openssl-0.9.8g>ms\do_ms C:\Dev\DataWire\openssl-0.9.8g>perl util\mkfiles.pl 1>MINFO C:\Dev\DataWire\openssl-0.9.8g>perl util\mk1mf.pl no-asm VC-WIN32 1>ms\nt.mak C:\Dev\DataWire\openssl-0.9.8g>perl util\mk1mf.pl dll no-asm VC-WIN32 1>ms\ntdll.mak C:\Dev\DataWire\openssl-0.9.8g>perl util\mk1mf.pl no-asm VC-CE 1>ms\ce.mak%OSVERSION% is not defined at util/pl/VC-32.pl line 41.Compilation failed in require at util\mk1mf.pl line 138. C:\Dev\DataWire\openssl-0.9.8g>perl util\mk1mf.pl dll no-asm VC-CE 1>ms\cedll.mak%OSVERSION% is not defined at util/pl/VC-32.pl line 41.Compilation failed in require at util\mk1
RE: [openssl.org #1649] openssl-fips-test-1.2.0 bug
Hi OpenSSL Developers, Thank you for your advise. I tried to use the latest source via ftp://ftp.openssl.org/snapshot/openssl-0.9.8-fips-test-SNAP-20080312.tar.gz and followed the instructions to build fips openssl. Below is what I get: [EMAIL PROTECTED] pwd /home/boqian/fips/openssl-0.9.8-fips-test-SNAP-20080312/apps [EMAIL PROTECTED] ldd openssl libssl.so.0.9.8 => /home/boqian/fips/openssl-0.9.8-fips-test-SNAP-20080312/libssl.so.0.9.8 libcrypto.so.0.9.8 => /home/boqian/fips/openssl-0.9.8-fips-test-SNAP-20080312/libcrypto.so.0.9.8 libdl.so.1 => /usr/lib/hpux32/libdl.so.1 libc.so.1 =>/usr/lib/hpux32/libc.so.1 libcrypto.so.0.9.8 => /home/boqian/fips/openssl-0.9.8-fips-test-SNAP-20080312/libcrypto.so.0.9.8 libdl.so.1 => /usr/lib/hpux32/libdl.so.1 [EMAIL PROTECTED] ./openssl version OpenSSL 0.9.8h-fips-dev xx XXX [EMAIL PROTECTED] ./openssl ecparam -out eckey_secp112r1.pem -name secp112r1 -genkey [EMAIL PROTECTED] ./openssl ec -in eckey_secp112r1.pem -des3 -out key_out_secp112r1.pem -passout pass:pass read EC key unable to load Key 3859:error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag:tasn_dec.c:1294: 3859:error:0D06C03A:asn1 encoding routines:ASN1_D2I_EX_PRIMITIVE:nested asn1 error:tasn_dec.c:830: 3859:error:0D08303A:asn1 encoding routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 error:tasn_dec.c:748:Field=n, Type=RSA 3859:error:0D09A00D:asn1 encoding routines:d2i_PrivateKey:ASN1 lib:d2i_pr.c:99: 3859:error:0907B00D:PEM routines:PEM_READ_BIO_PRIVATEKEY:ASN1 lib:pem_pkey.c:125: [EMAIL PROTECTED] cat eckey_secp112r1.pem -BEGIN EC PARAMETERS- BgUrgQQABg== -END EC PARAMETERS- -BEGIN RSA PRIVATE KEY- MD4CAQEEDr3zMZRjZsucD7xiGhqioAcGBSuBBAAGoSADHgAEK/bKhjxrqyPcKi3D 1H6BkcdBkiCx43oLyRyY9g== -END RSA PRIVATE KEY- It seems this bug has not been fixed. In fact, after I try to modify crypto/pem/pem_all.c, the problem disappears. Original: int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc, unsigned char *kstr, int klen, pem_password_cb *cb, void *u) { if (FIPS_mode()) return PEM_write_PKCS8PrivateKey(fp, x, enc, (char *)kstr, klen, cb, u); else return PEM_ASN1_write((i2d_of_void *)i2d_PrivateKey, (((x)->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA), fp,(char *)x,enc,kstr,klen,cb,u); } Modification: int PEM_write_PrivateKey(FILE *fp, EVP_PKEY *x, const EVP_CIPHER *enc, unsigned char *kstr, int klen, pem_password_cb *cb, void *u) { if (FIPS_mode()) return PEM_write_PKCS8PrivateKey(fp, x, enc, (char *)kstr, klen, cb, u); else return PEM_ASN1_write((i2d_of_void *)i2d_PrivateKey, (((x)->type == EVP_PKEY_DSA)?PEM_STRING_DSA:((x)->type == EVP_PKEY_EC)?PEM_STRING_ECPRIVATEKEY:PEM_STRING_RSA), fp,(char *)x,enc,kstr,klen,cb,u); } Hope it is helpful. Thank you! > Subject: [openssl.org #1649] openssl-fips-test-1.2.0 bug > From: [EMAIL PROTECTED] > To: [EMAIL PROTECTED] > CC: openssl-dev@openssl.org > Date: Sat, 8 Mar 2008 13:27:16 +0100 > >> [EMAIL PROTECTED] - Fri Mar 07 09:30:15 2008]: >> >> >> 2) >> [EMAIL PROTECTED] pwd >> /home/boqian/fips/openssl-fips-0.9.8f-dev >> [EMAIL PROTECTED] ./Configure hpux-cc fipscanisterbuild >> > > You should do: > > ./config fipscanisterbuild > >> >> It shows the eckey_secp112r1.pem file's format may be wrong. >> Is there any workaround? Could you investigate this problem? >> Thank you and looking forward to your reply! >> > > The 1.2 module has been submitted for validation and the code is now > frozen. We can't modify that at this stage. > > However you can use the 1.2 test tarball to generate the FIPS module and > then use a later version of OpenSSL 0.9.8-fips to produce the libraries. > I suggest you see if your problem applies to that version too. If so > we'll fix it. > > See the documentation for details about how to link 0.9.8-fips against > the test FIPS module. > > Note that the EC implementation is not part of the FIPS modules so will > not be an approved algorithm in FIPS mode. > > Well nothing has been validated yet as testing isn't complete... _ 手机也能上 MSN 聊天了,快来试试吧! http://mobile.msn.com.cn/ __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated Lis