login about faq

Do Tectia Client/Server/ConnectSecure use OpenSSL? If so, which version and which parts of it are used?

asked Apr 30 '14 at 10:04

SSH%20KB's gravatar image

SSH KB ♦
509249246237


Tectia Client, Server and ConnectSecure releases 6.1.x and earlier do not use the OpenSSL cryptographic library.

Tectia Client, Server and ConnectSecure releases from 6.2.0 to 6.4.6 use the OpenSSL cryptographic library version 0.9.8, which is not affected by the Heartbleed vulnerability.

Tectia Client, Server and ConnectSecure 6.4.7 and 6.4.8 use two different versions of the OpenSSL cryptographic library:

  • On Linux, Windows, Solaris and HP-UX Itanium, version 1.0.1e (compiled with -DOPENSSL_NO_HEARTBEATS, and therefore not affected by the Heartbleed vulnerability)
  • On HP-UX PA-RISC and IBM AIX, version 0.9.8 (not affected by the Heartbleed vulnerability)

The full OpenSSL cryptographic library is distributed with Tectia Client/Server/ConnectSecure. However, only the algorithms provided by the fipscanister object in the library are used.

The APIs used by Tectia Client/Server/ConnectSecure from the two different versions of the OpenSSL cryptographic library are listed below.

APIs used from the OpenSSL cryptographic library version 1.0.1e:

  • Random numbers: AES/CTR DRBG based on NIST SP800-90A is used from the OpenSSL library. Function RAND_get_rand_method()
  • AES ciphers: Variants: ecb, cbc, cfb, ofb, ctr. Functions EVP_aes*
  • 3DES ciphers: Variants: ecb, cbc, cfb, ofb. Functions EVP_des_ede3_*
  • Math library: Bignum math library used by OpenSSL. Functions BN_*
  • Diffie Hellman: Functions DH_*
  • Hash functions: Variants: sha1, sha-224, sha-256, sha-384, sha-512. Functions EVP_sha*
  • Public Key: Variants: rsa and dsa. Functions RSA_*, DSA_*

APIs used from the OpenSSL cryptographic library version 0.9.8:

  • Random numbers: FIPS-approved AES PRNG based on ANSI X9.32 is used from the OpenSSL library. Functions FIPS_rand_*.
  • AES ciphers: Variants: ecb, cbc, cfb, ofb, ctr. Functions AES_*
  • DES ciphers: Variants: ecb, cbc, cfb, ofb. Functions DES_*
  • 3DES ciphers: Variants: ecb, cbc, cfb, ofb. Functions DES_*
  • Math library: Bignum math library used by OpenSSL. Functions BN_*
  • Diffie Hellman: Functions DH_*
  • Hash functions: Variants: sha1, sha-224, sha-256, sha-384, sha-512. Functions SHA1_*, SHA256_*, SHA512_*
  • Public Key: Variants: rsa and dsa. Functions RSA_*, DSA_*
link

answered Apr 30 '14 at 10:37

SSH%20KB's gravatar image

SSH KB ♦
509249246237

edited Feb 02 '15 at 15:01

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or __italic__
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Tags:

×69
×60
×31
×3

Asked: Apr 30 '14 at 10:04

Seen: 4,792 times

Last updated: Feb 02 '15 at 15:01

All user contributed content licensed under the cc-by-sa license.
Powered by OSQA.