How to make a DLL FIPS validated
Tomas Mraz
tomas at openssl.org
Thu Jan 18 07:21:24 UTC 2024
Hello,
unfortunately it is not possible to validate a statically linked FIPS
provider in OpenSSL 3.0. The FIPS provider is always a separate shared
library module that is loaded at runtime.
Tomas Mraz, OpenSSL
On Thu, 2024-01-18 at 00:04 +0000, Prajeed Chathuar via openssl-users
wrote:
>
> Hi team,
>
>
>
> In one of our product, we consumes the OPENSSL static libraries and
> make the use of FIPSLD to make the complete application/DLL FIPS
> validated module.
>
>
>
> In a process of migrating the OPENSSL v1.0.2 to v3.0.8, I couldn't
> find any replacement for FIPSLD script used in previous version.
>
>
>
> I did go through the FIPS provider concept and the steps for making
> FIP validated OPENSSL libraries, but couldn't find any ways for
> making the application/DLL FIPS validated while using the OPENSSL
> static library.
>
>
>
> Please let me know if there are any other ways to make
> application/DLL(by using the OPENSSL static libraries) FIPS
> validated, other than using the FIPS validated OPENSSL dynamic
> libraries.
>
>
>
> Regards,
>
> Prajeed
--
Tomáš Mráz, OpenSSL
More information about the openssl-users
mailing list