Manualshelf

OpenSSL A.00.09.08y.001, A.00.09.08y.002, and A.00.09.08y.003 Release Notes (5900-3078, March 2013)

ManualsBrandsHP ManualsSoftwareHP-UX OpenSSL Software
12345678910
Certificates
A digital certificate is a file that uniquely identifies users and resources over a network.
OpenSSL A.00.09.07m and A.00.09.08y support the following digital certificates:
X.509
X.509 Version 3
Certificate Revocation List (CRL)
Encoding
Before a message is sent over a network, the message is encoded such that the receiver can
understand the message. OpenSSL A.00.09.07m and A.00.09.08y support the following file
formats for encoding keys, certificates, and digitally signed files:
ASN.1 Abstract Syntax Notation One.
Distinguished Encoding Rules (DER) Stores ASN.1 structures containing keys and certificates.
Privacy Enhanced Mail (PEM) Stores keys, certificates, and encrypted files.
Public-Key Cryptography Standard 7 (PKCS#7) Stores digitally signed files.
Public-Key Cryptography Standard 8 (PKCS#8) Stores private keys.
Public-Key Cryptography Standard 12 (PKCS#12) Stores keys and certificates in browsers.
FIPS
Federal Information Processing Standard (FIPS) 140-2 OpenSSL is now added to the OpenSSL
product. For more information about FIPS 140-2, see the following web address:
http://www.oss-institute.org/index.php?option=com_content=blogcategory=84=123
IMPORTANT: The FIPS code is certified only if it is identical with the source code released by
the Open Source Software Institute (OSSI) organization on the OpenSSL website. In the event of
a security vulnerability, HP cannot modify the source code because a modification of the source
code can invalidate the certification.
If a vulnerability is found in the FIPS code, HP will wait until the OSSI organization releases a new
FIPS 140-2 certified FIPS module before updating the HP OpenSSL product with the new FIPS code.
This release of OpenSSL also contains some minor enhancements included in OpenSSL A.00.09.07m
and A.00.09.08y. For more information, see the OpenSSL Changelog at:
http://www.openssl.org/news/changelog.html
What is in OpenSSL A.00.09.08y
OpenSSL A.00.09.08y supports all the security features that are available in OpenSSL
A.00.09.07m. In addition, OpenSSL A.00.09.08y also supports the following public-key
encryptions:
Elliptic Curve Crypto (ECC)
Elliptic Curve Diffie-Hellman (ECDH)
Elliptic Curve Digital Signature Algorithm (ECDSA)
OpenSSL A.00.09.08y also provides library support to the following hardware ENGINES:
4758cca
aep
atalla
What is in OpenSSL A.00.09.08y 7