Manualshelf

OpenSSL A.00.09.08n.001, A.00.09.08n.002, and A.00.09.08n.003 release notes (5992-5215, April 2010)

ManualsBrandsHP ManualsSoftwareHP-UX OpenSSL Software
17181920212223242526
FIPS-validated cryptographic functions of the FIPS object module and the high level functions
of OpenSSL.
The FIPS object module is the special monolithic object module built from the special source
distribution identified in the Security Policy. It is not the same as the OpenSSL product or
any specific official OpenSSL distribution release.
A version of the OpenSSL product that is suitable for reference by an application along with
the FIPS object module is a FIPS compatible OpenSSL which links against FIPS Object Module
1.1.2 or FIPS Object Module 1.2.
When the FIPS object module and a FIPS compatible OpenSSL are separately built and
installed on a system, the combination is referred to as a FIPS capable OpenSSL.
21 What kind of cryptographic algorithms can be used in FIPS mode?
Table 1-10 lists the cryptographic algorithms that can and cannot be used in FIPS mode.
Table 1-10 Cryptographic Algorithms that Can be Used in FIPS mode and Standard OpenSSL
Mode
UsageFIPSStandard OpenSSLAlgorithmAlgorithm Type
Key agreement
Digital signature
Encryption/
Decryption
SupportedSupportedRSAAsymmetric keys
Digital signatureDSA
Key agreementDH
Encryption/
Decryption
SupportedSupportedAESSymmetric keys
Not supportedBlowfish
Not supportedCAST
Not supportedDES
SupportedDES3
Not supportedDESX
Not supportedRC2
Not supportedRC4
Module integrity
Code integrity
Message integrity
Not supportedSupportedHMAC-MD2HMAC
HMAC-MD4
HMAC-MD5
HMAC-RMD160
HMAC-SHA
SupportedHMAC-SHA1
Supported0.9.8g supportedHMAC-SHA2
Frequently Asked Questions (FAQs) 25