>> We’re implementing our own web-server intended to run on Win32
>> platform and using OpenSSL for TLS/SSL support. We’re obliged
>> to be FIPS-certified and we’re using OpenSSL 0.9.7 with FIPS
>> module for these purposes. Recently, we were requested to support
>> amd64 platform. I’ve tried to build OpenSSL 0.9.8, but it failed
>> to build successfully neither with cross-compiler, nor with
>> native x86_64 gcc compiler. Anyway, I had to modify makefiles in
>> both approaches.
>
>> Alexey Nevolin
>
> It's awfully hard to investigate a problem or find workarounds for a problem when the only description you have is "it failed to build successfully". Perhaps I could find a way to avoid the modifications you needed, except you don't tell me what they are.
>
> Do you just like making people do extra work in order to help you? Yes, I could get to my amd64 Win32 machine, try the build process a few different ways, see what errors I get, then look for workarounds for them. But you've already done the first two steps, and making me redo them in order to help you seems like a complete waste of my time.
>
> If you're developing a real application that requires FIPS compliance, surely spending an extra five minutes describing the actual problems you had, rather than making people guess and possibly solving problems other than the ones you are actually facing, would be a productive use of your time.
Heh, well, if you know anything about the fips build process
on windows, you know FIPS-1.1.2 (based on OpenSSL 0.9.7) will
only compile for 32bit Windows since it requires the use of
Mingw/MSYS to build the fips canister. Since Mingw/MSYS is
only available as a 32bit compiler (well, there are 64bit
snapshots now, but most likely the build scripts aren't aware
of that since FIPS 1.1 predates any 64bit mingw), you're not going
to get a 64bit windows binary with the currently validated FIPS
release.
The new FIPS-1.2.0 (based off OpenSSL 0.9.8) will supposedly be
fully buildable using Visual Studio 2005 (or higher I assume).
I haven't personally tried the snapshot available here:
ftp://ftp.openssl.org/snapshot/openssl-fips-test-1.2.0.tar.gz
But I know it was one of the primary features, and it should
also support 64bit Windows. It's validation is not yet complete
so is not suitable for anything more than testing at this point
in time.
-Brad
______________________________________________________________________
OpenSSL Project
http://www.openssl.orgDevelopment Mailing List
openssl-dev@...
Automated List Manager
majordomo@...
Some parts of this message have been removed.
Learn more about Nabble's 