OpenSSL A.00.09.07m.049, A.00.09.07m.050, and A.00.09.08k.003 Release Notes
Table Of Contents
- OpenSSL A.00.09.07m.049, A.00.09.07m.050, and A.00.09.08k.003 Release Notes
- Table of Contents
- 1 OpenSSL A.00.09.07m.049, A.00.09.07m.050, and A.00.09.08k.003
- Announcement
- What is in OpenSSL A.00.09.07m and A.00.09.08k
- What is in OpenSSL A.00.09.08k
- OpenSSL Components
- Defects Fixed in OpenSSL Versions A.00.09.07m and A.00.09.08k
- Known Problems
- Compatibility Information and Installation Requirements
- Installing OpenSSL
- Using the openssl Command-Line Tool
- OpenSSL Resources
- Frequently Asked Questions (FAQs)
• Public-Key Cryptography Standard 8 (PKCS#8) – Stores private keys.
• Public-Key Cryptography Standard 12 (PKCS#12) – Stores keys and certificates in browsers.
FIPS
Federal Information Processing Standard (FIPS) 140-2 OpenSSL is now added to the OpenSSL
product. For more information about FIPS 140-2, see the following web address:
http://www.oss-institute.org/index.php?option=com_content=blogcategory=84=123
IMPORTANT: The FIPS code is certified only if it is identical with the source code released by
the Open Source Software Institute (OSSI) organization on the OpenSSL website. In the event of
a security vulnerability, HP cannot modify the source code because a modification of the source
code can invalidate the certification.
If a vulnerability is found in the FIPS code, HP will wait until the OSSI organization releases a
new FIPS 140-2 certified FIPS module before updating the HP OpenSSL product with the new
FIPS code.
This release of OpenSSL also contains some minor enhancements included in OpenSSL
A.00.09.07m and A.00.09.08k. For more information, see the OpenSSL Changelog at:
http://www.openssl.org/news/changelog.html
What is in OpenSSL A.00.09.08k
OpenSSL A.00.09.08k supports all the security features that are available in OpenSSL A.00.09.07m.
In addition, OpenSSL A.00.09.08k also supports the following public-key encryptions:
• Elliptic Curve Crypto (ECC)
• Elliptic Curve Diffie-Hellman (ECDH)
• Elliptic Curve Digital Signature Algorithm (ECDSA)
OpenSSL A.00.09.08k also provides library support to the following hardware ENGINES:
• 4758cca
• aep
• atalla
• chil
• cswift
• gmp
• nuron
• sureware
• ubsec
OpenSSL Components
OpenSSL A.00.09.07m and A.00.09.08k contain the following components:
• OpenSSL libraries
• The openssl command-line tool
• Strong Random Number Generator for HP-UX 11i v1
• Automatically generated self-signed host certificate
The following sections discuss these components in detail.
OpenSSL Libraries
OpenSSL A.00.09.07m and A.00.09.08k contain two libraries: libcrypto and libssl. The
libcrypto library contains all the cryptographic functions used for creating and managing
10 OpenSSL A.00.09.07m.049, A.00.09.07m.050, and A.00.09.08k.003