OpenSSL A.00.09.08q.001, A.00.09.08q.002, and A.00.09.08q.003 release notes (5900-1560, February 2011)
OpenSSL A.00.09.08q has the following options:
./Configure threads zlib shared no-rc5 no-idea no-krb5
--openssldir=/opt/openssl hpux-cc
FIPS Capable OpenSSL (based on OpenSSL A.00.09.07m and linked against FIPS-1.1.2 module)
is built with the following options:
./Configure threads zlib shared no-rc5 no-idea no-krb5 no-mdc2
--openssldir=/opt/openssl hpux-cc
FIPS Capable OpenSSL (based on OpenSSL A.00.09.08q and linked against FIPS-1.2 module) is
built with the following options:
./Configure threads zlib shared no-rc5 no-idea no-krb5
--openssldir=/opt/openssl hpux-cc
Where:
threads Creates a library suitable for multi threaded applications.
zlib Provides support for zlib compression.
shared Builds shared libraries.
no-rc5 Builds OpenSSL without the Rivest encryption Cipher 5 (RC5) cipher algorithm.
no-idea Builds OpenSSL without the International Data Encryption Algorithm (IDEA) cipher.
no-krb5 Directs OpenSSL not to compile in any Kerberos 5 (KRB5) library or code.
no-mdc2 (MDC2) library or code.
--prefix Specifies the prefix for the OpenSSL include, lib, and bin directories.
OpenSSL Versions A.00.09.07m and A.00.09.08q use different cryptographic algorithms to
perform operations, such as authenticating the server and client to each other, transmitting
certificates, and establishing session keys.
OpenSSL A.00.09.07m and A.00.09.08q features
OpenSSL A.00.09.07m and A.00.09.08q support the following security features:
• Ciphers
• Message Digest
• Public key encryption
• Certificates
• Encoding
• FIPS
The following sections discuss each of the security features in detail.
Ciphers
A cipher algorithm is a mechanism used to encrypt or decrypt a message. OpenSSL A.00.09.07m
and A.00.09.08q support the following ciphers:
• Blowfish
• Carlisle Adams and Stafford Tavares (CAST)
• Advanced Encryption Standard (AES)
OpenSSL A.00.09.07m and A.00.09.08q features 5