Hi Steve,

Thanks for your response... I've now managed to 'work around' the
cross-compilation by using the fips_standalone_sha1.exe from a win32 build
to generate the sha1 values used during the build and then disabling the
'self' tests.

The resulting libraries seem to work well for me, but do you see any issue
with my approach that I'm missing?

Thanks,
Jari Niskala
Get a FREE Microsoft Project Viewer at http://www.kadonk.com

-----Original Message-----
From: owner-openssl-users@openssl.org
[mailtowner-openssl-users@openssl.org] On Behalf Of Steve Marquess
Sent: Monday, March 03, 2008 4:44 AM
To: openssl-users@openssl.org
Subject: Re: FIPS for WinCE

Jari Niskala wrote:

> So the main question I was hoping to get answered before I spend more
> time trying to make it work is whether it is even possible to have FIPS
> enabled OpenSSL on the WinCE platform? In the FIPS 1.1.1 documentation
> it mentions that Windows CE is not a supported platform but doesn't
> mention a reason.


Well, Andy Polyakov is the expert on that topic and the source of that
assertion in the User Guide, but as I recall the issue is that WinCE
requires cross-compilation.

The "fipsld" step of generating the in-core digest is dependent on the
ability to execute the binary in the target environment, and hence is
generally not possible when cross compiling.

-Steve M.


--
Steve Marquess
Open Source Software Institute
marquess@oss-institute.org

__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majordomo@openssl.org

__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majordomo@openssl.org