Back to product page
- Introduction
- License Agreement
- Objects
- Enumerations
- wodTunnel
- Methods
- Properties
- AllocatePty
- Authentication
- Channels
- ClientName
- Compression
- Encryption
- EncryptionList
- FIPS
- HMacList
- Hostname
- KeyExchangeList
- KeySignatureList
- Login
- MyHostname
- MyIP
- Notification
- Password
- Port
- PrivateKey
- Protocol
- ProxyHostname
- ProxyLogin
- ProxyPassword
- ProxyPort
- ProxyType
- RemoteIdentification
- State
- StateText
- Threads
- Timeout
- UseIPv6
- Version
- Events
- wodTunnelNotify
- Channel
- Channels
- User
- Users
- How to get support?
- Technical information
- Fast notifications interface
- Using threads
- Error list
FIPS property
Specifies FIPS enabled libeay32.dll to load.
Type
A String value. Represents full path to libeay32.dll file that is FIPS capable.Syntax
- Basic
object.FIPS [= value]
The FIPS(object,value) syntax has these parts:
The FIPS(object,value) syntax has these parts:
object | An expression evaluating to an object of type wodTunnel. |
value | A String value. |
Remarks
wodTunnel allows you to go into special FIPS mode by using external FIPS-certified OpenSSL library. You should provide full path to libeay32.dll file in FIPS property to do so, prior to calling Connect method. When FIPS property is set, wodTunnel internally calls crypto functions from provided library, first by enabling FIPS mode using FIPS_mode_set() OpenSSL call. If call fails, error 33016 or 33017 is returned. Please note that if FIPS is set during development and debugging, it will most probably fail - due to debugger being attached to the process and process will be unable to load libeay32.dll at required address space (0xFB00000). You can compile your own FIPS 140-2 certified OpenSSL library to provide to this property, or you can download ours from URL https://download.weonlydo.com/libeay32.zip We have compiled library exactly as specified in "OpenSSL FIPS Object Module" UserGuide that can be found at http://www.openssl.org/docs/fips/UserGuide-1.2.pdf , on clean Windows XP using "Microsoft Visual Studio 2005" and "The Netwide Assembled NASM", using exact steps explained in above document. Source was not tampered in any way before compilation process. There are no digital signatures or any other binary changes after the compilation - since that would also result in FIPS_mode_set() call to fail. If wodTunnel detects that loaded DLL is already used by your application (such as if you want to share same DLL for your own FIPS capable code), and FIPS_mode() API returns TRUE, wodTunnel will not call FIPS_mode_set() again. Note that if your application decides to remove FIPS requirement, it should clear out this property by setting it to empty string. In that case wodTunnel will revert back to internal libeay32 functions. NOTE: this property can be empty, and FIPS will not be enabled - wodTunnel will work as it was working before. We have internally linked non-FIPS version of libeay32.dll so wodTunnel does not have any 3rd party requirements for normal usage.Warning: changing this property also internally changes EncryptionList and HMacList properties.