If AES is a part of the OpenSSL FIPS module validation, then (since the same code is used in the non-validated code) it's pretty much NIST-certified.
-Kyle H On 10/3/06, Chip Masters <[EMAIL PROTECTED]> wrote:
OpenSSL Development Team, When do you expect that a NIST certified version of AES will be released in OpenSSL? I notice from the NIST reference website of validated AES implementations that version 1.1 FIPS Object Module Library was validated on 7/20/2006. Is this version included in any of the new releases? Thanks, Chip Masters On 9/28/06, Mark J Cox <[EMAIL PROTECTED]> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > > OpenSSL version 0.9.8d and 0.9.7l released > ========================================== > > OpenSSL - The Open Source toolkit for SSL/TLS > http://www.openssl.org/ > > The OpenSSL project team is pleased to announce the release of > version 0.9.8d of our open source toolkit for SSL/TLS. This new > OpenSSL version is a security and bugfix release and incorporates > changes and bugfixes to the toolkit. For a complete list of > changes, please see http://www.openssl.org/source/exp/CHANGES. > > This release fixes four security vulnerabilities, CVE-2006-2937, > CVE-2006-2940, CVE-2006-3738, CVE-2006-4343. Please see > http://www.openssl.org/news/secadv_20060928.txt > > We also release 0.9.7l, which contains the security update and > bugfixes compared to 0.9.7k. > > We consider OpenSSL 0.9.8d to be the best version of OpenSSL > available and we strongly recommend that users of older versions > upgrade as soon as possible. OpenSSL 0.9.8d is available for > download via HTTP and FTP from the following master locations (you > can find the various FTP mirrors under > http://www.openssl.org/source/mirror.html ): > > * http://www.openssl.org/source/ > * ftp://ftp.openssl.org/source/ > > For those who want or have to stay with the 0.9.7 series of > OpenSSL, we strongly recommend that you upgrade to OpenSSL 0.9.7l > as soon as possible. It's available in the same location as > 0.9.8d. > > The distribution file names are: > > o openssl-0.9.8d.tar.gz > MD5 checksum: 8ed1853538e1d05a1f5ada61ebf8bffa > SHA1 checksum: 4136fba00303a3d319d2052bfa8e1f09a2e12fc2 > > o openssl-0.9.7l.tar.gz > MD5 checksum: b21d6e10817ddeccf5fbe1379987333e > SHA1 checksum: f0e4136639b10cbd1227c4f7350ff7ad406e575d > > The checksums were calculated using the following commands: > > openssl md5 openssl-0.9.*.tar.gz > openssl sha1 openssl-0.9.*.tar.gz > > Yours, > > The OpenSSL Project Team... > > Mark J. Cox Nils Larsch Ulf Möller > Ralf S. Engelschall Ben Laurie Andy Polyakov > Dr. Stephen Henson Richard Levitte Geoff Thorpe > Lutz Jänicke Bodo Möller > > > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.2.2 (GNU/Linux) > > iQCVAwUBRRvCTe6tTP1JpWPZAQIRbgP/aIb5s19eiSBrdGpSy36Ce1piAtBfqPPM > Bw/j9Y6fWTQYS5z/ZNDnFLmbQw269bR5nYIMT6da5dyKmSt9v6dUJHdQXI7i/gf4 > o3JPEZwqRqqz1tyhhBNFMNAx3hV73noLOXUUuak+2Zw9VtKGTb4HoRGGmXq8VUSn > zeeX2KgXEwg= > =fiHy > -----END PGP SIGNATURE----- > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > Development Mailing List [email protected] > Automated List Manager [EMAIL PROTECTED] >
-- -Kyle H
