[openssl-users] Compiling openssl fips for iOS 7.1 on Yosemite
Jeffrey Walton
noloader at gmail.com
Tue Jun 9 12:14:17 UTC 2015
> The problem is:
> ld: building for iOS Simulator, but linking against dylib built for MacOSX
> file '/usr/lib/libSystem.dylib' for architecture i386
> clang: error: linker command failed with exit code 1 (use -v to see
> invocation)
There's no reason to build the Simulator as FIPS. Its not distributed.
But, if you must, then setenv-ios.sh uses the wrong SDK for the
Simulator. The script uses the iOS SDK, and not the simulator SDK.
*****
Going back to *not* building for the Simulator... usually, you can do
something like the following. You will still need to link to an
OpenSSL; you can just avoid the FIPS aggravations.
# include "TargetConditionals.h"
# if defined(TARGET_IPHONE_SIMULATOR) && (TARGET_IPHONE_SIMULATOR != 0)
# define OPENSSL_IPHONE_SIMULATOR 1
# elif defined(TARGET_OS_IPHONE) && (TARGET_OS_IPHONE != 0)
# define OPENSSL_IPHONE 1
# elif defined(TARGET_OS_MAC) && (TARGET_OS_MAC != 0)
# define OPENSSL_MAC_OSX 1
# else
# error Unknown Apple platform
# endif
// Enable FIPS for iOS. Skip if for the Simulator
#ifdef OPENSSL_IPHONE
int rc = FIPS_mode_set(1);
assert(rc == 1);
#endif
// Use OpenSSL as normal...
Jeff
On Tue, Jun 9, 2015 at 7:37 AM, Kawecka, Anna <Anna.Kawecka at pega.com> wrote:
> Hello,
>
> I have problems with compiling Openssl FIPS library for iOS 7.1
> (openssl-fips 2.0.9) on Yosemite (using Xcode 6.2).
>
> After checking few build scripts available on net (mainly for older versions
> of openssl-fips library) I came across the testing instructions (
> http://opensslfoundation.com/testing/validation-2.0/platforms/ios-7.1/TestingInstructions-iOS-7.1.pdf).
> I’ve tried to compile it with the openssl-fips 2.0.10 (which contains the
> patches described in instruction). Nevertheless I've stuck on cross
> compilation of FIPS module.
>
> The problem is:
> ld: building for iOS Simulator, but linking against dylib built for MacOSX
> file '/usr/lib/libSystem.dylib' for architecture i386
> clang: error: linker command failed with exit code 1 (use -v to see
> invocation)
>
> What I’m doing wrong? Is there a known issue (or maybe some workaround)
> about compiling the Openssl FIPS library on Yosemite?
> I would appreciate any help.
>
> Instructions:
> http://opensslfoundation.com/testing/validation-2.0/platforms/ios-7.1/TestingInstructions-iOS-7.1.pdf
> Source files:
> http://opensslfoundation.com/testing/validation-2.0/source/openssl-fips-2.0.10.tar.gz
> Build scripts:
> http://opensslfoundation.com/testing/validation-2.0/platforms/ios-7.1/
> Environment:
>
> $ uname -a
>
> Darwin lkaweaosxeu.local 14.3.0 Darwin Kernel Version 14.3.0: Mon Mar 23
> 11:59:05 PDT 2015; root:xnu-2782.20.48~5/RELEASE_X86_64 x86_64
> $ sw_vers -productVersion
> 10.10.3
> $ sysctl -n machdep.cpu.brand_string
> Intel(R) Core(TM) i7-4870HQ CPU @ 2.50GHz
>
>
> Error: (log files attached)
>
> ld: building for iOS Simulator, but linking against dylib built for MacOSX
> file '/usr/lib/libSystem.dylib' for architecture i386
> clang: error: linker command failed with exit code 1 (use -v to see
> invocation)
> make[3]: *** [../fips_standalone_sha1] Error 1
> make[2]: *** [subdirs] Error 1
> make[1]: *** [all] Error 2
> make: *** [build_fips] Error 1
>
> The attached iOS-7.1.zip containing files I used for compiling.
>
> The output from myBuild-step1-compilationOfIncoreMacho.sh (instructions from
> chapter 4.3) is in file log-step1-compilationOfIncoreMacho.log
> The output from myBuild-step2-crossCompilationOfFIPS.sh (instructions from
> chapter 4.4) is in file log-step2-crossCompilationOfFIPS.log
>
More information about the openssl-users
mailing list