[openssl-dev] [openssl.org #3745] OpenSSl Bug, affected release 0.9.8zd
Rath, Santosh via RT
rt at openssl.org
Sat Mar 14 04:46:13 UTC 2015
Thanks Steve,
For your valued information.
After executing the steps suggested fips module is building fine.
But when I build the openssl0.9.8.ze with fips flag.
make is success.
But make test is failing.. with Below error.
test BN_sqr
Square test failed: BN_sqr and BN_mul produce different results!
make[1]: *** [test_bn] Error 1
make[1]: Leaving directory `/home/OPENSSL_LIBUPDATE/openssl-0.9.8ze/test'
make: *** [tests] Error 2
Is there any suggestion on this?
Thanks
Santosh
-----Original Message-----
From: Stephen Henson via RT [mailto:rt at openssl.org]
Sent: Saturday, March 14, 2015 4:22 AM
To: Rath, Santosh
Cc: openssl-dev at openssl.org
Subject: [openssl.org #3745] OpenSSl Bug, affected release 0.9.8zd
On Fri Mar 13 21:00:30 2015, Santosh.Rath at ca.com wrote:
> Thank you Stephen,
>
> Since the product is already build on
> openssl.0.9.8.r, and if we upgrade it to openssl0.1.1l then there
> could be lot of change in terms of API what our product use.
Well if you'd used any OpenSSL 0.9.8 using
./config fipscanisterbuild
then the result would not be FIPS compliant as you weren't using the validated FIPS module. In outline you need to download the FIPS module appropriate for your version of OpenSSL. For 0.9.8 the latest is 1.2.4 you can get it from:
https://www.openssl.org/source/old/fips/openssl-fips-1.2.4.tar.gz
Extract the tarball. Build and install using:
./config fipscanisterbuild
make
make install
Download OpenSSL 0.9.8 latest tarball currently:
https://www.openssl.org/source/openssl-0.9.8ze.tar.gz
and extract it. Then do:
./config fips
make
Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
More information about the openssl-dev
mailing list