OpenSSL A.00.09.08r.001, A.00.09.08r.002, and A.00.09.08r.003 Release Notes (5900-1845, July 2011)
Table Of Contents
- OpenSSL A.00.09.08r.001, A.00.09.08r.002, and A.00.09.08r.003 Release Notes
- Contents
- 1 OpenSSL A.00.09.08r.001, A.00.09.08r.002, and A.00.09.08r.003
- Announcement
- OpenSSL A.00.09.07m and A.00.09.08r features
- What is in OpenSSL A.00.09.08r
- OpenSSL components
- Defects fixed in OpenSSL version A.00.09.07m
- Defects fixed in OpenSSL version A.00.09.08r
- Known problems
- Compatibility information and installation requirements
- Installing OpenSSL
- Using the Openssl command-line tool
- OpenSSL resources
- Frequently asked questions (FAQs)
• Privacy Enhanced Mail (PEM) – Stores keys, certificates, and encrypted files.
• Public-Key Cryptography Standard 7 (PKCS#7) – Stores digitally signed files.
• Public-Key Cryptography Standard 8 (PKCS#8) – Stores private keys.
• Public-Key Cryptography Standard 12 (PKCS#12) – Stores keys and certificates in browsers.
FIPS
Federal Information Processing Standard (FIPS) 140-2 OpenSSL is now added to the OpenSSL
product. For more information about FIPS 140-2, see the following web address:
http://www.oss-institute.org/index.php?option=com_content=blogcategory=84=123
IMPORTANT: The FIPS code is certified only if it is identical with the source code released by
the Open Source Software Institute (OSSI) organization on the OpenSSL website. In the event of
a security vulnerability, HP cannot modify the source code because a modification of the source
code can invalidate the certification.
If a vulnerability is found in the FIPS code, HP will wait until the OSSI organization releases a new
FIPS 140-2 certified FIPS module before updating the HP OpenSSL product with the new FIPS code.
This release of OpenSSL also contains some minor enhancements included in OpenSSL A.00.09.07m
and A.00.09.08r. For more information, see the OpenSSL Changelog at:
http://www.openssl.org/news/changelog.html
What is in OpenSSL A.00.09.08r
OpenSSL A.00.09.08r supports all the security features that are available in OpenSSL
A.00.09.07m. In addition, OpenSSL A.00.09.08r also supports the following public-key encryptions:
• Elliptic Curve Crypto (ECC)
• Elliptic Curve Diffie-Hellman (ECDH)
• Elliptic Curve Digital Signature Algorithm (ECDSA)
OpenSSL A.00.09.08r also provides library support to the following hardware ENGINES:
• 4758cca
• aep
• atalla
• chil
• cswift
• gmp
• nuron
• sureware
• ubsec
OpenSSL components
OpenSSL A.00.09.07m and A.00.09.08r contain the following components:
• OpenSSL libraries
• The openssl command-line tool
• Strong Random Number Generator for HP-UX 11i V1
• Automatically generated self-signed host certificate
What is in OpenSSL A.00.09.08r 7