Eventually I solved this problem. Here is the set of commands I need to use to
generate the shared fips-capable openssl libraries:
su
cd fips // wherever that may be
./config
make
make install
// this installs fipscanister.o and adjacent files into /usr/local/ssl/fips-2.0/
cd openssl // still
On Fri, Jul 27, 2012, Cassie Helms wrote:
Dr. Stephen Henson steve@... writes:
Integrity test started
ERROR:2D06B06F:lib=45,func=107,reason=111:file=fips.c:line=229
Integrity test Failed Incorrectly!!
Well that error indicates the fingerprint error. The
Cassie Helms cassie.helms@... writes:
Built fips_algvs on build system and scp'd to target system as suggested.
Hmm. I incorporated building fips_algvs into my build system and ran it from
the
rpm install on the target machine. I get different results now -- can anyone
point to what this
On Fri, Jul 27, 2012, Cassie Helms wrote:
Cassie Helms cassie.helms@... writes:
Built fips_algvs on build system and scp'd to target system as suggested.
Hmm. I incorporated building fips_algvs into my build system and ran it from
the
rpm install on the target machine. I get
Dr. Stephen Henson steve@... writes:
Integrity test started
ERROR:2D06B06F:lib=45,func=107,reason=111:file=fips.c:line=229
Integrity test Failed Incorrectly!!
Well that error indicates the fingerprint error. The question is what is
different about the two build
Hi folks,
I have a FIPS capable OpenSSL library, where libcrypto.so and libssl.so get
linked into my product during build. I'm using FIPS 2.0 and OpenSSL 1.0.1c.
To the best of my knowledge, on the build machine I can do the following:
for fips, I call
./config
make
make install
where I give
On Wed, Jul 25, 2012, Cassie Helms wrote:
Hi folks,
I have dynamically linked a FIPS capable OpenSSL library (libcrypto.so and
libssl.so) into my product's build, but still get a fingerprint does not
match
error when I call FIPS_mode_set(1). This is using a validated copy of FIPS
2.0
What platform is the target system?
cat /etc/*-release: RHEL Server 5.5 (Tikanga)
uname -mrs: Linux 2.6.18-194.el5 x86_64
Build system specs are the same as these.
After you build the validated module do this:
make build_algvs
This should build an fips_algvs binary in the test directory.
Apologies, this thread is a duplicate of the one Dr. Henson is already
responding to. The authentication system made it unclear whether or
not my original question would post yesterday. Please do not respond
to this thread.
Cassie
Hi folks,
I have dynamically linked a FIPS capable OpenSSL library (libcrypto.so and
libssl.so) into my product's build, but still get a fingerprint does not
match
error when I call FIPS_mode_set(1). This is using a validated copy of FIPS 2.0
source and OpenSSL 1.0.1c.
The full error is:
10 matches
Mail list logo