projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Don't give dependency warning for fips builds.
[openssl.git] / README.FIPS
diff --git a/README.FIPS b/README.FIPS
index 6c5250cf44f882581a5bdac09ab22d390596aa0e..a30adea8c9b540ca85fdde7e77d10339f8e7c8f8 100644 (file)
--- a/README.FIPS
+++ b/README.FIPS
@@ -46,6 +46,28 @@ with FIPS or fips. One way to check with GNU nm is:
 
 nm -g --defined-only fips/fipscanister.o | grep -v -i fips
 
+Restricted tarball tests.
+
+The validated module will have its own tarball containing sufficient code to
+build fipscanister.o and the associated algorithm tests. You can create a
+similar tarball yourself for testing purposes using the commands below.
+
+Standard restricted tarball:
+
+make -f Makefile.fips dist
+
+Prime field field only ECC tarball:
+
+make NOEC2M=1 -f Makefile.fips dist
+
+Once you've created the tarball extract into a fresh directory and do:
+
+./config
+make
+
+You can then run the algorithm tests as above. This build automatically uses
+fipscanisteronly and -DOPENSSL_FIPSYMS and no-ec2m as appropriate.
+
 Known issues:
 
 Algorithm tests are pre-2011.
Unnamed repository; edit this file 'description' to name the repository.