FIPS module with C++ linking problem

Previous Topic Next Topic
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

FIPS module with C++ linking problem

Crane, Rebecca-P56400
FIPS module with C++ linking problem


I am having an issue that hopefully someone can help with! I am trying to use OpenSSL FIPS (OpenSSL-fips-1.0.tar.gz) and am having difficulty. My program is developing in C++, and this is causing problems with fipsld. I built it on Solaris 9 using Sun Studio 11.

The problem is that in the fips_premain.c file, lines 62-66:

#ifndef HMAC_SHA1_SIG
#define HMAC_SHA1_SIG "?have to make sure this string is unique"

static const unsigned char FINGERPRINT_ascii_value[40] = HMAC_SHA1_SIG;

I'm just compiling the example from the security document, in a "main.cpp" file.

Compiling this with C++, during the linking (where it uses fipsld), it puts a null at the end of the string, and I get the following error:

"line 66: Error: Cannot use const char[41] to initialize const unsigned char[40]."

I can get around this by compiling my code with c++, and then setting CC=cc to use the c compiler for fipsld for the final step.  However... Now I get undefined symbols -- all symbols from the C++ libraries. Of course, it works fine as long as I only use c libraries. Unfortunately, this isn't an option.

Is there any way to get around this without invalidating the fips certification?