Re: Doubts between libfips.a and fips.so in openssl3.0
On 02/01/2020 04:11, Manish Patidar wrote:
> What is the difference in libfips.a and fips.so.?
> Selftest.c and fipsprov.c is extra in fips.so library compilation. Does
> it mean that it just add provider entry function and self test, which is
> required for fips certification.?
libfips.a is just an internal build artifact. The actual module itself
> Once openssl3.0 is fips certified, can we use libfips.a directly ?
No. Applications will use libcrypto/libssl, and OpenSSL will internally
load fips.so as required.
> My requirement is to use fips certified algorithm but environment may
> not have capability to load dynamic library, so just thinking how
> openssl3.0 should be used?
Unfortunately in the 3.0 design you *must* use dynamic libraries. Static
linking for fips usage will not be possible.