Back to product page
- Introduction
- Overview
- License agreement
- Getting Started
- Objects
- Enumerations
- wodFTPD
- Methods
- Properties
- Authentication
- BindIP
- BindIPType
- Certificate
- DirFormat
- Encryption
- EncryptionList
- FileLocking
- FIPS
- ForceUTF8
- GoodbyeMessage
- GreetingMessage
- HMacList
- HostKeyList
- KeyExchangeList
- MaxDataPort
- MinDataPort
- MonitorTransfers
- MyHostname
- MyIP
- Notification
- PasvPort
- Port
- Protocol
- Secure
- ServerName
- SFTPVersion
- Status
- StrictDataIP
- Threads
- Timeout
- UseIPv6
- Users
- Version
- VirtualFiles
- VirtualFolders
- Events
- wodFTPDNotify
- FtpUser
- FtpUsers
- VirtualFile
- VirtualFiles
- VirtualFolder
- VirtualFolders
- How to get support?
- Technical information
- Fast notifications interface
- Error list
FIPS property
Specifies FIPS enabled libeay32.dll to load.
Type
A String value. Represents full path to libeay32.dll file that is FIPS capable.Syntax
- Basic
object.FIPS [= value]
The FIPS(object,value) syntax has these parts:
The FIPS(object,value) syntax has these parts:
object | An expression evaluating to an object of type wodFTPD. |
value | A String value. |
Remarks
wodFtpServer allows you to go into special FIPS mode by using external FIPS-certified OpenSSL library. You should provide full path to libeay32.dll file in FIPS property to do so, prior to calling Start method.When FIPS property is set, wodFtpServer internally calls crypto functions from provided library, first by enabling FIPS mode using FIPS_mode_set() OpenSSL call. If call fails, error 33016 or 33017 is returned. Please note that if FIPS is set during development and debugging, it will most probably fail - due to debugger being attached to the process and process will be unable to load libeay32.dll at required address space (0xFB00000).
You can compile your own FIPS 140-2 certified OpenSSL library to provide to this property, or you can download ours from URL
https://download.weonlydo.com/libeay32.zip
We have compiled library exactly as specified in "OpenSSL FIPS Object Module" UserGuide that can be found at http://www.openssl.org/docs/fips/UserGuide-1.2.pdf , on clean Windows XP using "Microsoft Visual Studio 2005" and "The Netwide Assembled NASM", using exact steps explained in above document. Source was not tampered in any way before compilation process. There are no digital signatures or any other binary changes after the compilation - since that would also result in FIPS_mode_set() call to fail.
If wodFtpServer detects that loaded DLL is already used by your application (such as if you want to share same DLL for your own FIPS capable code), and FIPS_mode() API returns TRUE, wodFtpServer will not call FIPS_mode_set() again. Note that if your application decides to remove FIPS requirement, it should clear out this property by setting it to empty string. In that case wodFtpServer will revert back to internal libeay32 functions.
NOTE: this property can be empty, and FIPS will not be enabled - wodFtpServer will work as it was working before. We have internally linked non-FIPS version of libeay32.dll so wodFtpServer does not have any 3rd party requirements for normal usage.
Warning: changing this property internally changes EncryptionList and HMacList properties also!