Re: FIPS 1.2
On Wed, Jul 09, 2008, Jan F. Schnellbaecher wrote:
> Hello list,
> I am unsure how OpenSSL FIPS 1.2 can be deployed. I read that it can be
> linked static but also loaded dynamically, but I also read that it can only
> be linked static (as FIPS 1.1.2)[/color]
Well it can't be deployed at all yet because it has not been validated. It can
be tested however.
> 1) Can it be linked dynamically?
Yes it can.
> 2) If I would like to link it dynamically when/where do I link the
You build and install fipscanister.o from the FIPS 1.2 test source.
Then obtain the 0.9.8-fips source with shared build options. This will create
libcrypto with fipscanister.o included and linked in the correct manner.
At an application level you just need to link against the OpenSSL shared
Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
OpenSSL project core developer and freelance consultant.
OpenSSL Project [url]http://www.openssl.org[/url]
User Support Mailing List [email]email@example.com[/email]
Automated List Manager [email]firstname.lastname@example.org[/email]