HP SSL Version 1.3 for OpenVMS

This document, "HP Open Source Security for OpenVMS Volume 2: HP SSL for OpenVMS," provides detailed information about HP SSL Version 1.3 for OpenVMS, based on OpenSSL 0.9.7e, released in July 2006.

Key aspects covered include:

• Installation and Prerequisites: It outlines hardware and software requirements for installing HP SSL on OpenVMS I64 (Version 8.2 or higher) and OpenVMS Alpha (Version 7.3-2 or higher), including necessary TCP/IP services. It also details automatic installation during OpenVMS upgrades (Version 8.3 and higher) and manual installation from a web site.
• New Features and Release Notes: Highlights new features in Version 1.3, such as automatic integration into OpenVMS, bug fixes from OpenSSL 0.9.7e, and changes to APIs. It also lists known problems and provides legal cautions regarding cryptographic algorithms.
• Directory Structure: Describes the directory structure created after installation, including locations for executable images, command procedures, examples, documentation, and shareable images.
• Application Development: Explains how to build HP SSL applications using both 64-bit and 32-bit APIs, including compilation and linking instructions.
• OpenSSL Documentation Differences: Notes key differences between UNIX-style OpenSSL documentation and OpenVMS, particularly regarding file and directory formats.
• SSL Overview: Provides an overview of the Secure Sockets Layer (SSL) protocol, including SSL handshake, public key encryption, certificates, cipher suites, and digital signatures.
• Certificate Tool: Details the menu-driven Certificate Tool for viewing, creating, signing, and revoking SSL certificates and Certificate Revocation Lists (CRLs).
• SSL Programming Concepts: Offers a tutorial on using OpenSSL APIs for application programming, covering data structures (SSL_CTX, SSL, SSL_METHOD, SSL_CIPHER, CERT/X509, BIO), certificate configuration, setting up TCP/IP connections, performing SSL handshakes, transmitting data, and closing connections. It also discusses SSL session reuse and renegotiation.
• Example Programs: Lists and describes various example programs included in the HP SSL kit, such as simple client/server programs, AES encryption, BIO-based communication, client certificate verification, session reuse, and renegotiation demonstrations.
• OpenSSL Command Line Interface (CLI): Provides a comprehensive reference for OpenSSL commands, covering tasks like creating key parameters, X.509 certificates, CSRs, CRLs, calculating message digests, encryption/decryption, and testing SSL/TLS clients and servers.
• API References: Includes extensive reference sections for CRYPTO Application Programming Interface (API) and SSL Application Programming Interface (API), detailing various functions for tasks like ASN.1 object manipulation, BIO operations, BIGNUM arithmetic, DES encryption, DSA/DH/RSA key management, error handling, EVP cipher and digest routines, PKCS#7/PKCS#12 processing, random number generation, S/MIME utilities, and X.509 certificate handling.
• Open Source Notices: Contains the OpenSSL Open Source License and the Original SSLeay License.

In essence, the document serves as a comprehensive guide for application developers and system administrators on utilizing HP SSL Version 1.3 for OpenVMS, focusing on its security capabilities, installation, configuration, and programming interfaces.