Russell Selph
2014-10-15 21:33:39 UTC
Apologies if this is a duplicate post. I tried first via Google Groups, but apparently it's read-only. ;-)
Has anyone else built 0.9.8zc with FIPS 1.2.4? I've been unable to get a build that passes the 'make test' phase. I'm using build scripts that worked for 0.9.8.zb. (More details on the scripts below.) This is happening on Linux RHEL5 (gcc 4.1.2), Mac OS X 10.9.5 (Xcode 6.0.1), as well as Windows 7 (VS 2010).
Off hand, it seems like this kind of failure could be accounted for by something fundamental, such as an incompatible API change in libcrypto, or a word size mismatch between the FIPS and the libssl builds. I'm about to start digging through the diffs to get a handle on this, but I was wondering if I'm alone in having this problem. Any information about experiences positive or negative would be very helpful.
-russ
The *nix test failure looks like this:
====================================================
...
verify BN_GF2m_mod_solve_quad
2220 tests passed
test a^b%c implementations
../util/shlib_wrap.sh ./exptest
........................................................................................................................................................................................................
1**0 mod 1 = 1, should be 0
make[1]: *** [test_bn] Error 1
make[1]: Leaving directory `/var/tmp/opensll/openssl-0.9.8zc/test'
make: *** [tests] Error 2
OpenSSL self test failed
====================================================
While the Windows failure looks basically the same, but seems to occur in a different part of the test sequence:
====================================================
...
exptest
....................................................................................................................................
....................................................................
1**0 mod 1 = 1, should be 0
problems.....
====================================================
BUILD DETAILS:
The build scripts I use try to capture the whole process of the build from un-taring the distribution to the 'make install', so I can maintain consistency between platforms and versions. If anyone is interested enough, I'll be happy to supply them, but I'll give the highlights here:
- Clear out the directory
- Untar the FIPS distribution (openssl-fips-1.2.4.tar.gz)
- ./config fipscanisterbuild ; make ; make install
- Unpack latest OpenSSL 0.9.8 (openssl-0.9.8zc.tar.gz)
- ./Configure threads shared fips --prefix=${openssl_install} linux-x86_64|darwin64-x86_64-cc
- make depend ; make ; make test ; make install_sw
(Of course, on Windows the build script looks quite a bit different, but the net effect is the same, so I'm assuming the differences are irrelevant for now.)
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users-MCmKBN63+***@public.gmane.org
Automated List Manager majordomo-MCmKBN63+***@public.gmane.org
Has anyone else built 0.9.8zc with FIPS 1.2.4? I've been unable to get a build that passes the 'make test' phase. I'm using build scripts that worked for 0.9.8.zb. (More details on the scripts below.) This is happening on Linux RHEL5 (gcc 4.1.2), Mac OS X 10.9.5 (Xcode 6.0.1), as well as Windows 7 (VS 2010).
Off hand, it seems like this kind of failure could be accounted for by something fundamental, such as an incompatible API change in libcrypto, or a word size mismatch between the FIPS and the libssl builds. I'm about to start digging through the diffs to get a handle on this, but I was wondering if I'm alone in having this problem. Any information about experiences positive or negative would be very helpful.
-russ
The *nix test failure looks like this:
====================================================
...
verify BN_GF2m_mod_solve_quad
2220 tests passed
test a^b%c implementations
../util/shlib_wrap.sh ./exptest
........................................................................................................................................................................................................
1**0 mod 1 = 1, should be 0
make[1]: *** [test_bn] Error 1
make[1]: Leaving directory `/var/tmp/opensll/openssl-0.9.8zc/test'
make: *** [tests] Error 2
OpenSSL self test failed
====================================================
While the Windows failure looks basically the same, but seems to occur in a different part of the test sequence:
====================================================
...
exptest
....................................................................................................................................
....................................................................
1**0 mod 1 = 1, should be 0
problems.....
====================================================
BUILD DETAILS:
The build scripts I use try to capture the whole process of the build from un-taring the distribution to the 'make install', so I can maintain consistency between platforms and versions. If anyone is interested enough, I'll be happy to supply them, but I'll give the highlights here:
- Clear out the directory
- Untar the FIPS distribution (openssl-fips-1.2.4.tar.gz)
- ./config fipscanisterbuild ; make ; make install
- Unpack latest OpenSSL 0.9.8 (openssl-0.9.8zc.tar.gz)
- ./Configure threads shared fips --prefix=${openssl_install} linux-x86_64|darwin64-x86_64-cc
- make depend ; make ; make test ; make install_sw
(Of course, on Windows the build script looks quite a bit different, but the net effect is the same, so I'm assuming the differences are irrelevant for now.)
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users-MCmKBN63+***@public.gmane.org
Automated List Manager majordomo-MCmKBN63+***@public.gmane.org