[openssl-users] Regarding FIPS capable openssl (I want to combine libcrypto.a and libssl.a)

Steve Marquess marquess at openssl.com
Wed Jun 29 12:55:29 UTC 2016

On 06/29/2016 07:09 AM, Sahil Gandhi wrote:
> Hi Ken,
> Sorry for the late reply. I really appreciate your suggestion but I some
> how need to have static library not the dynamic one.

You can statically link an application with the FIPS module, using the
special "fipsld" link process, but you cannot put the FIPS module in a
conventional static library (as managed with "ar").

Unfortunately the requirements of FIPS 140-2 conflict in several ways
with standard software engineering practice; it is the tail that wags
the dog.

-Steve M.

Steve Marquess
OpenSSL Validation Services, Inc.
1829 Mount Ephraim Road
Adamstown, MD  21710
+1 877 673 6775 s/b
+1 301 874 2571 direct
marquess at openssl.com
gpg/pgp key: http://openssl.com/docs/0x6D1892F5.asc

More information about the openssl-users mailing list