OpenSSL A.00.09.07m.049, A.00.09.07m.050, and A.00.09.08k.003 Release Notes
Table Of Contents
- OpenSSL A.00.09.07m.049, A.00.09.07m.050, and A.00.09.08k.003 Release Notes
- Table of Contents
- 1 OpenSSL A.00.09.07m.049, A.00.09.07m.050, and A.00.09.08k.003
- Announcement
- What is in OpenSSL A.00.09.07m and A.00.09.08k
- What is in OpenSSL A.00.09.08k
- OpenSSL Components
- Defects Fixed in OpenSSL Versions A.00.09.07m and A.00.09.08k
- Known Problems
- Compatibility Information and Installation Requirements
- Installing OpenSSL
- Using the openssl Command-Line Tool
- OpenSSL Resources
- Frequently Asked Questions (FAQs)
./Configure threads zlib shared no-rc5 no-idea no-krb5
--openssldir=/opt/openssl hpux-cc
FIPS Capable OpenSSL (based on 0.9.7m and linked against FIPS140-2 module) is built with the
following options:
./Configure fips for FIPS module
./Configure fips zlib threads no-rc5 no-idea no-krb5 no-mdc2
--openssldir=/opt/openssl for FIPS Compatible OpenSSL
FIPS Capable OpenSSL (based on 0.9.8k and linked against FIPS140-2 module) is built with the
following options:
./Configure fipscanisterbuild for FIPS module
./Configure fips threads zlib no-rc5 no-idea no-krb5 no-mdc2
--openssldir=/opt/openssl for FIPS Compatible OpenSSL
Where:
threads
Creates a library suitable for multi threaded applications.
zlib Provides support for zlib compression.
shared
Builds shared libraries.
no-rc5
Builds OpenSSL without the Rivest encryption Cipher 5 (RC5) cipher algorithm.
no-idea
Builds OpenSSL without the International Data Encryption Algorithm (IDEA)
cipher.
no-krb5
Directs OpenSSL not to compile in any Kerberos 5 (KRB5) library or code.
no-mdc2
(MDC2) library or code.
--prefix Specifies the prefix for the OpenSSL include, lib, and bin directories.
OpenSSL Versions A.00.09.07m and A.00.09.08k use different cryptographic algorithms to perform
operations, such as authenticating the server and client to each other, transmitting certificates,
and establishing session keys.
What is in OpenSSL A.00.09.07m and A.00.09.08k
OpenSSL A.00.09.07m and A.00.09.08k support the following security features:
• Ciphers
• Message Digest
• Public key encryption
• Certificates
• Encoding
• FIPS
The following sections discuss each of the security features in detail.
Ciphers
A cipher algorithm is a mechanism used to encrypt or decrypt a message. OpenSSL A.00.09.07m
and A.00.09.08k support the following ciphers:
• Blowfish
• Carlisle Adams and Stafford Tavares (CAST)
• Advanced Encryption Standard (AES)
• Data Encryption Standard (DES)
WARNING! DES has been cracked (data encoded by DES has been decoded by a third
party). HP recommends that you use DES only when you are required to do so for
compatibility reasons or because of legal restrictions.
• Triple Data Encryption Standard (3DES)
8 OpenSSL A.00.09.07m.049, A.00.09.07m.050, and A.00.09.08k.003