Because the 'fipsld' script isn't actually necessary to pass FIPS
validation. The steps that that script does are necessary to maintain
validation, but they can be done by anything (once the FIPS canister
is created, anyway). Try setting "OPENSSL_FIPS=1" in your
environment, and make sure that th
Hi,
I am an Openssl newby. Recently I am trying to build FIPS module and
FIPS capable lib on a Linux system.
I notice that all the fips_xxxtest programs at link time all go through
fipsld and linked with a digest. I expect
the same thing with application "openssl", but I don't see it happens
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Chaitra Shankar wrote:
| So I wanted to know whether there is a way to load CA certificates
| in DER format using any SSL APIs.
| My search till now for such an API has been unfruitful.
Yes, directly loading DER encoded certificates into an SS
On Fri, Sep 11, 2009, Mark Phalan wrote:
> On 09/10/09 11:56 PM, Kurt Roeckx wrote:
>
> I understand this. I'd like to know if 0.9.8l will be ABI/API compat with
> 0.9.8k - or at least that it is considered a bug if they are not ABI/API
> compat. I'm unclear as to what restrictions a 0.9.9x rele
On 09/10/09 11:56 PM, Kurt Roeckx wrote:
On Tue, Sep 01, 2009 at 02:23:38PM +0200, Mark Phalan wrote:
In OpenSolaris we follow an interface stability classification system
which marks interfaces according to how stable they are believed to be.
You can see more information here if interested:
htt
"
Currently the ABI changes depending on compile time options.
New functionally ussually means that some struct needs to get
new members, and all those structs are public, and applications
make direct use of them. And compile time options will
add those members.
The API for those functions on the