September 2019 Copyright © 2019 Dell Inc. or its subsidiaries. All rights reserved. 1
Release Notes
30.08.19
RSA BSAFE
®
Micro Edition Suite 4.4
Release Notes
RSA BSAFE Micro Edition Suite 4.4 (MES) is a software development toolkit for
building cryptographic, certificate, and Transport Layer Security (TLS) security
technologies into C and C++ applications, devices and systems.
This document summarizes the new features, changes, platform information, and
resolved and known issues in this release of MES.
For details of the MES End of Primary Support dates, see the Product Version Life
Cycle Web site at
https://community.rsa.com/docs/DOC-73366.
Contents:
New Features ...................................................................................................2
Changes ............................................................................................................4
Deprecated Functionality .........................................................................6
Operating Environment Information ..............................................................7
New Operating Environments ...............................................................13
Discontinued Operating Environments ................................................13
Linux Standard Base ..............................................................................14
FIPS 140-2 Compliance .........................................................................14
Microsoft Visual C++ Redistributable Packages ................................. 15
Algorithms and Key Sizes .............................................................................16
Elliptic Curve Support .............................................................................16
FIPS 140-2 Operations .................................................................................17
Interoperability ................................................................................................17
Cipher Suites ..................................................................................................17
Hardware Devices ..........................................................................................18
Enhancements and Resolved Issues ..........................................................19
Known Issues .................................................................................................20
Documentation ...............................................................................................24
Support and Service ...................................................................................... 25
2 New Features
RSA BSAFE Micro Edition Suite 4.4 Release Notes
New Features
This release of MES is designed to include the following new features:
• Support for the FIPS 140-2 provider for applications running on an iOS operating
system.
• An iOS FIPS provider, as a static library file,
libmes_iosprov.a.
For applications running on an iOS operating system, the iOS FIPS provider
accesses the following FIPS 140-2-validated cryptographic functionality from the
iOS operating system:
– A FIPS 140-2 mode feature for the iOS FIPS provider.
Setting this feature sets the FIPS 140-2 mode filter against the library context,
which implements FIPS 140-2 mode and allows only FIPS 140-2-compliant
cryptographic algorithms to be used.
– An iOS FIPS provider prioritization filter that prioritizes resources from the
iOS FIPS provider over other providers.
– Symmetric key encryption using:
• 128-bit AES in CBC, ECB or CTR modes
• 256-bit AES in CBC mode.
– Asymmetric key encryption using RSA with PKCS #1 Optimal Asymmetric
Encryption Padding (OAEP)
– Random number generation using:
• CTR DRBG
• Default random (equivalent to CTR DRBG)
• Entropy collection.
– Message digest generation using:
• SHA-1
• SHA-224
• SHA-256
• SHA-384
• SHA-512.
–
Message Authentication Code (HMAC) generation using:
• HMAC-SHA-1
• HMAC-SHA-224
• HMAC-SHA-256
• HMAC-SHA-384
• HMAC-SHA-512.
New Features 3
RSA BSAFE Micro Edition Suite 4.4 Release Notes
–
Password-based key derivation using PBKDF2 with:
• HMAC-SHA-1
• HMAC-SHA-224
• HMAC-SHA-256
• HMAC-SHA-384
• HMAC-SHA-512.
– Digital signature generation and verification:
• Generation and verification using RSA PKCS #1 with SHA-256
• Verification only using RSA with SHA-1.
– A FIPS 140-2 mode feature for the iOS FIPS provider.
Setting this feature sets the FIPS 140-2 mode filter against the library context,
which implements FIPS 140-2 mode and allows only FIPS 140-2-compliant
cryptographic algorithms to be used.
For more information, see FIPS 140-2 Operations, and API Reference
Information > Providers > iOS Provider Objects in the RSA BSAFE Micro
Edition Suite Developers Guide.
• Support for asymmetric keywrap to CMS. Asymmetric key wrapping algorithms
usable in CMS include RSA-KEM-KWS.
• Some samples have been updated to make them compliant with RFC 5280, and to
use data which conforms to library strength requirements.
• For the new features introduced in RSA BSAFE Crypto-C Micro Edition
(Crypto-C ME), see RSA BSAFE Crypto-C Micro Edition Release Notes included
with this release.
4 Changes
RSA BSAFE Micro Edition Suite 4.4 Release Notes
Changes
This release of MES is designed to include the following changes:
• Updated operating environment support.
For more information, see Operating Environment Information.
• Fixes for specific issues.
For more information, see Enhancements and Resolved Issues.
• The two separate signature files, which were used for the FIPS 140-2 module
integrity check, are now embedded into the main FIPS 140-2 module shared
library file.
• Initialization Vector (IV) generation for symmetric key encryption is updated for
compliance with the latest FIPS 140-2 Implementation Guidance (IG A.5). For
more information, see Symmetric Key Encryption > Automatic IV Generation
in the RSA BSAFE Micro Edition Suite Developers Guide.
• When using AES in XTS mode, the two keys concatenated to create the single
double-length key are checked to ensure they are different.
• A minimum security strength of 112 bits is enforced by default for cryptographic
operations that use asymmetric keys. The minimum security strength is changed
using a call to
R_LIB_CTX_set_info(), R_CR_CTX_set_info() or
R_SSL_CTX_set_info().
• Default Diffie-Hellman (DH) key exchange, key generation, and key parameter
generation are updated to use approved methods outlined in SP 800-56A instead
of the IEEE P1363 specification.
The default key exchange and key generation implementations allow the use of
legacy parameters, which might not have the sub-prime value available.
• When creating asymmetric key objects,
R_PKEY, for DH keys using
R_PKEY_from_file() or R_PKEY_from_file_ef(), a URI that
corresponds to parameters outlined in SP 800-56A can be specified.
• Elliptic curve cryptography (ECC) parameters and keys are generated using
approved methods outlined in SP 800-56A.
• For RSA key generation:
– The new default algorithm is FIPS 186-3, formerly X9.31. X9.31 cannot be
used in FIPS mode, but is still available in the FIPS library.
– Minimum key size allowed for RSA FIPS 186-4 compliant key generation,
R_CR_RSA_KEY_GENERATION_FIPS186_3 and
R_CR_RSA_KEY_GENERATION, is 2048 bits.
• Hardening of the Chinese Remainder Theory (CRT) optimization for the RSA
signature algorithm to better withstand attack.
• RSA signature generation and verification using SHA-512/256 are updated to
correct the algorithm identifier. Signature verification accepts both the new
algorithm identifier and the previous incorrect identifier value.
• The deprecated SSL context method
R_SSL_v23_method is removed.
Changes 5
RSA BSAFE Micro Edition Suite 4.4 Release Notes
• DH key reuse in a TLS session is disabled by default. Reuse, and the maximum
number of times a DH key can be reused, can be set using
R_SSL_CTX_set_info() and R_SSL_CTX_INFO_KEY_USE_COUNT, for an
SSL context, or
R_SSL_set_info() and R_SSL_INFO_KEY_USE_COUNT, for
an SSL object.
For more information, see the RSA BSAFE Micro Edition Suite Developers Guide.
• The following TLS cipher suites are removed:
– Anonymous DH, anonymous EC DH, static DH, or static EC DH as the key
exchange algorithm
– RC4 as the encryption algorithm
– NULL encryption.
• The default TLS cipher suite list, as specified by
R_SSL_DEFAULT_CIPHER_LIST,
is changed. For more information, see TLS Operations > Cipher Suites in the
RSA BSAFE Micro Edition Suite Developers Guide.
• The default list of signature algorithms for TLS 1.2 is updated to provide greater
security. For more information, see TLS Operations > Cipher Suites > TLS 1.2
Signature Algorithms in the RSA BSAFE Micro Edition Suite Developers Guide.
• API namespaces are updated to achieve greater consistency with the rest of the
source code. For more information, see Library and Header File Changes >
Header File and Namespace Changes in the RSA BSAFE Micro Edition Suite
Migration Guide.
• The interface for the application-defined memory allocation functions is changed
for the
realloc() function to include a new argument that accepts the length of
the original buffer. Customer-defined memory allocator implementations must be
updated to conform to the new interface.
• Certificate requests updated to use extensions with data larger than 128 bytes.
• Packages for the Windows
®
operating system now include the Visual Studio
version used for compilation, instead of the Visual C++ version.
For example,
mes-4_4_0_0-win-x64-vs2005.pkg.
• For all packages the static library name has changed from
ccme_swprov to
mes_swprov.
• Library files for systems running an OS X or iOS operating system are provided
as ‘Fat Libraries’ instead of separate static and dynamic library files.
• An Installation Guide is no longer included in the documentation suite.
Installation instructions are incorporated into the Get started with MES section
of the RSA BSAFE Micro Edition Suite Developers Guide.
• For changes related to the usage of cryptographic primitives and the new FIPS
module, see RSA BSAFE Crypto-C Micro Edition Release Notes included with
this release.
6 Changes
RSA BSAFE Micro Edition Suite 4.4 Release Notes
Deprecated Functionality
With this release of MES the following element of functionality is deprecated. While
it is still available and can still be used, RSA recommends that alternatives be used.
This API entity will be removed in a future release of MES.
• ASN.1 Object Identifier (OID) identifiers are deprecated. Applications should use
the
R_OID_INFO_* set of functions and identifiers for working with OID values.
For more information about the deprecated API entities such as functions and defines,
including links to equivalent functionality, see Deprecated List in the RSA BSAFE
Micro Edition Suite Developers Guide.
Important: The National Institute for Standards and Technologies (NIST) has
published an SP 800-131A Rev 2, announcing their intention to deprecate the
3-key variant of Triple-DES, and disallow it for use in TLS and other
protocols. NIST is developing a draft deprecation timeline for the 3-key
variant of TDEA including a sunset date, and recommends migration to AES
as soon as possible.
RSA recommends caution when using Triple-DES.
Operating Environment Information 7
RSA BSAFE Micro Edition Suite 4.4 Release Notes
Operating Environment Information
The following table lists the operating environments MES is designed and tested to
support, on either physical or virtual hosts, at the time of release.
Note: Subsequent patches or hotfixes to this release of MES will be tested on
and support the latest operating system patch levels, unless otherwise
specified.
Table 1 Operating Environment Information
Operating System
CPU
Architecture
Compiler Version
FIPS
1
Package Name
Apple
iOS
2
12 ARM
®
v8 Xcode
®
9
VA ios10-multi-xcode9
iOS 11 ARMv8 Xcode 9 Yes ios10-multi-xcode9
x86_64 Xcode 9 No ios10-multi-xcode9
iOS 10 ARMv8 Xcode 9 VA ios10-multi-xcode9
ARMv7 Xcode 9 Yes ios10-multi-xcode9
x86_64 Xcode 9 No ios10-multi-xcode9
x86
macOS 10.13 x86_64 Xcode 7.3 Yes macosx-x64-xcode7
macOS 10.12 x86_64 Xcode 7.3 VA macosx-x64-xcode7
x86 Yes macosx-x86-xcode7
OS X 10.11 x86_64 Xcode 7.3 VA macosx-x64-xcode7
x86 macosx-x86-xcode7
Canonical
®
Ubuntu
®
16.04
Long Term
Support (LTS)
x86_64 LSB 4.0 and GCC 4.4 VA lsb40-x64-gcc4_4
x86 lsb40-x86-gcc4_4
ARMv7 GCC 4.8 hard float Yes linux-armv7l-gcc4_8
Ubuntu 14.04 LTS x86_64 LSB 4.0 and GCC 4.4 VA lsb40-x64-gcc4_4
x86 lsb40-x86-gcc4_4
CentOS™ Project
CentOS 7.6 x86_64 LSB 4.0 and GCC 4.4 VA lsb40-x64-gcc4_4
x86 lsb40-x86-gcc4_4
CentOS 6.10 x86_64 LSB 4.0 and GCC 4.4 VA lsb40-x64-gcc4_4
x86 lsb40-x86-gcc4_4
8 Operating Environment Information
RSA BSAFE Micro Edition Suite 4.4 Release Notes
FreeBSD
®
Foundation
FreeBSD 11.2 x86_64 Clang 4.0 Yes freebsd-x64-clang40
Google
Android™ 8.0 ARMv8 Android NDK r10e
and GCC 4.9
Yes android-multi-ndkr10e
Android 7.1.1 ARMv8 Android NDK r10e
and GCC 4.9
VA android-multi-ndkr10e
Android 6.0 ARMv8 Android NDK r10e
and GCC 4.9
VA android-multi-ndkr10e
ARMv7 Yes
Android 5.1 ARMv8 Android NDK r10e
and c 4.9
VA android-multi-ndkr10e
ARMv7
x86 No
Android 4.4.4 ARMv7 Android NDK r10e
and c 4.9
VA android-multi-ndkr10e
HPE
HP-UX 11.31
PA-RISC 2.0W
3
HP C B.11.11.24 Yes hpux1131-pa2_0W-hp_c11
PA-RISC 2.0 hpux1131-pa2_0-hp_c11
Itanium
®
64-bit
HP C B3910B A.06.12
hpux1131-ia64-hp_cA_6_12
Itanium 32-bit
hpux1131-ia32-hp_cA_6_12
IBM
AIX
®
7.2 PowerPC
®
64-bit
XLC v11.1 Yes aix71-ppc64-ibm_c11_1
PowerPC 32-bit aix71-ppc-ibm_c11_1
AIX 7.1 PowerPC 64-bit XLC v11.1 VA aix71-ppc64-ibm_c11_1
PowerPC 32-bit aix71-ppc-ibm_c11_1
AIX 6.1 PowerPC 64-bit XLC v9.0 Yes aix61-ppc64-ibm_c9_0
PowerPC 32-bit aix61-ppc-ibm_c9_0
Micro Focus
®
SUSE
®
Linux
Enterprise Server
15
x86_64 LSB 4.0 and GCC 4.4 Yes lsb40-x64-gcc4_4
x86 LSB 4.0 and GCC 4.4 VA lsb40-x64-gcc4_4
PowerPC 64-bit GCC 4.8 VA
linux-ppc64l-gcc4_8
4
Table 1 Operating Environment Information (continued)
Operating System
CPU
Architecture
Compiler Version
FIPS
1
Package Name
Operating Environment Information 9
RSA BSAFE Micro Edition Suite 4.4 Release Notes
Micro Focus (continued)
SUSE Linux
Enterprise Server
12 SP4
x86_64 LSB 4.0 and GCC 4.4 VA lsb40-x64-gcc4_4
x86 lsb40-x86-gcc4_4
PowerPC 64-bit GCC 4.8 Yes
linux-ppc64l-gcc4_8
4
ARMv8 GCC 4.8 linux-arm64l-gcc4_8
SUSE Linux
Enterprise Server
12 SP3
x86_64 LSB 4.0 and GCC 4.4 Yes lsb40-x64-gcc4_4
x86 lsb40-x86-gcc4_4
PowerPC 64-bit GCC 4.8 Yes
linux-ppc64l-gcc4_8
4
ARMv8 GCC 4.8 linux-arm64l-gcc4_8
SUSE Linux
Enterprise Server
11 SP4
x86_64 LSB 4.0 and GCC 4.4 VA lsb40-x64-gcc4_4
x86 lsb40-x86-gcc4_4
PowerPC 64-bit GCC 3.4 Yes
linux-ppc64b-gcc3_4
5
PowerPC 32-bit linux-ppc32b-gcc3_4
Itanium2 64-bit LSB 4.0 and GCC 4.4 Yes lsb40-ia64-gcc4_4
Microsoft
®
Windows 10
Enterprise
x86_64
Visual Studio
®
2017 (/MD
6
)
VA win-x64-vs2017
Visual Studio 2017 (/MT)
Visual Studio 2013 (/MD) VA win-x64-vs2013
Visual Studio 2013 (/MT) Yes
x86 Visual Studio 2017 (/MD) VA win-x86-vs2017
Visual Studio 2017 (/MT) Yes
Visual Studio 2013 (/MD) Yes win-x86-vs2013
Visual Studio 2013 (/MT) VA
Windows 8.1
Enterprise
x86_64 Visual Studio 2017 (/MD) VA win-x64-vs2017
Visual Studio 2017 (/MT)
Visual Studio 2013 (/MD) VA win-x64-vs2013
Visual Studio 2013 (/MT)
Visual Studio 2010 (/MD) VA win-x64-vs2010
Visual Studio 2010 (/MT)
Table 1 Operating Environment Information (continued)
Operating System
CPU
Architecture
Compiler Version
FIPS
1
Package Name
10 Operating Environment Information
RSA BSAFE Micro Edition Suite 4.4 Release Notes
Microsoft (continued)
Windows 8.1
Enterprise
(continued)
x86 Visual Studio 2017 (/MD) VA win-x86-vs2017
Visual Studio 2017 (/MT)
Visual Studio 2013 (/MD) VA win-x86-vs2013
Visual Studio 2013 (/MT) Yes
Windows 7
Enterprise SP1
x86_64 Visual Studio 2017 (/MD) VA win-x64-vs2017
Visual Studio 2017 (/MT)
Visual Studio 2010 (/MD) VA win-x64-vs2010
Visual Studio 2010 (/MT)
Visual Studio 2005 (/MD) VA win-x64-vs2005
Visual Studio 2005 (/MT) Yes
x86 Visual Studio 2017 (/MD) VA win-x86-vs2017
Visual Studio 2017 (/MT)
Visual Studio 2010 (/MD) VA win-x64-vs2010
Visual Studio 2010 (/MT) Yes
Visual Studio 2005 (/MD) Yes win-x86-vs2005
Visual Studio 2005 (/MT) VA
Windows Server
®
2016
x86_64 Visual Studio 2017 (/MD) Yes win-x64-vs2017
Visual Studio 2017 (/MT) VA
Windows Server
2012 R2 Standard
x86_64 Visual Studio 2017 (/MD) VA win-x64-vs2017
Visual Studio 2017 (/MT) Yes
Visual Studio 2013 (/MD) Yes win-x64-vs2013
Visual Studio 2013 (/MT) VA
Visual Studio 2010 (/MD) Yes win-x64-vs2010
Visual Studio 2010 (/MT) VA
Windows Server
2012 Standard
x86_64 Visual Studio 2017 (/MD) VA win-x64-vs2017
Visual Studio 2017 (/MT)
Visual Studio 2013 (/MD) VA win-x64-vs2013
Visual Studio 2013 (/MT)
Visual Studio 2010 (/MD) VA win-x64-vs2010
Visual Studio 2010 (/MT)
Table 1 Operating Environment Information (continued)
Operating System
CPU
Architecture
Compiler Version
FIPS
1
Package Name
Operating Environment Information 11
RSA BSAFE Micro Edition Suite 4.4 Release Notes
Microsoft (continued)
Windows Server
2008 Enterprise R2
SP1
x86_64 Visual Studio 2010 (/MT) Yes win-x64-vs2010
Visual Studio 2005 (/MD) Yes win-x64-vs2005
Visual Studio 2005 (/MT) VA
Windows Server
2008 Enterprise
SP2
x86_64 Visual Studio 2010 (/MD) VA win-x64-vs2010
Visual Studio 2010 (/MT)
Visual Studio 2005 (/MD) VA win-x64-vs2005
Visual Studio 2005 (/MT)
x86 Visual Studio 2005 (/MD) VA win-x86-vs2005
Visual Studio 2005 (/MT)
Itanium2 64-bit Visual Studio 2010 (/MD) VA win-ia64-vs2010
Visual Studio 2010 (/MT) Yes
Windows Server
2008 R2 SP1
x86_64 Visual Studio 2017 (/MD) VA win-x64-vs2017
Visual Studio 2017 (/MT)
Windows Server
2008 SP2
x86_64 Visual Studio 2017 (/MD) VA win-x64-vs2017
Visual Studio 2017 (/MT)
Oracle
®
Solaris
®
11.4
SPARC
®
v9-T4
Sun C 5.13 Yes sol-spv9-sun_c5_13
SPARC v8+ sol-spv8p-sun_c5_13
SPARC v8 Sun C 5.8 Yes sol-spv8-sun_c5_8
x86_64 Sun C 5.13 Yes sol-x64-sun_c5_13
Solaris 10
Update 11
SPARC v9-T4
Sun C 5.13 VA sol-spv9-sun_c5_13
SPARC v9-T2
SPARC v8+ sol-spv8p-sun_c5_13
SPARC v8 Sun C 5.8 VA sol-spv8-sun_c5_8
x86_64 Sun C 5.13 VA sol-x64-sun_c5_13
x86 Yes sol-x86-sun_c5_13
Red Hat
®
Enterprise Linux
7.6
x86_64 LSB 4.0 and GCC 4.4 VA lsb40-x64-gcc4_4
x86 lsb40-x86-gcc4_4
PowerPC 64-bit GCC 3.4 VA linux-ppc64b-gcc3_4
PowerPC 32-bit linux-ppc32b-gcc3_4
Table 1 Operating Environment Information (continued)
Operating System
CPU
Architecture
Compiler Version
FIPS
1
Package Name
12 Operating Environment Information
RSA BSAFE Micro Edition Suite 4.4 Release Notes
Note: Your RSA software license agreement might not grant you the right to
develop applications on all of the platforms listed in the tables above. Contact
your RSA sales representative for information on the development platforms
covered by your license agreement and platform/field of use restrictions.
Red Hat (continued)
Enterprise Linux
7.4
ARMv8 GCC 4.8 VA linux-arm64l-gcc4_8
Enterprise Linux
6.10
x86_64 LSB 4.0 and GCC 4.4 VA lsb40-x64-gcc4_4
x86 lsb40-x86-gcc4_4
Enterprise Linux
5.8
IBM S/390
®
x
64-bit
LSB 3.0 and GCC 4.3 Yes lsb30-s390x-gcc4_3
IBM S/390 31-bit lsb30-s390-gcc4_3
1
For more information, see FIPS 140-2 Compliance.
2
Apple iOS packages (that is, for ARMv7, ARMv7s, ARMv8, and the x86 and x86_64 simulators) are included in a single package.
3
Support for the PA-RISC CPU architecture is discontinued by HP. See Discontinued Operating Environments.
4
PowerPC little-endian platform.
5
PowerPC big-endian platform.
6
Multi-threaded dynamic linked runtime library (MD) and multi-threaded static linked runtime library (MT).
Table 1 Operating Environment Information (continued)
Operating System
CPU
Architecture
Compiler Version
FIPS
1
Package Name
Operating Environment Information 13
RSA BSAFE Micro Edition Suite 4.4 Release Notes
New Operating Environments
This release of MES is designed to include support for new operating environments:
• Apple:
– iOS 12 on ARMv8
– iOS 11 on ARMv8 and x86_64
– iOS 10 on ARMv8, ARMv7, x86_64, and x86
–
macOS 10.13 and 10.12 on x86_64 and x86
• Canonical Ubuntu 16.04 LTS on x86_64, x86, and ARMv7
• FreeBSD 11.2 on x86_64
• Google Android 7.x on ARMv8
• IBM AIX 7.2 on PowerPC 32-bit and 64-bit
• Micro Focus SUSE Linux Enterprise Server 12 SP4, on x86_64, x86, ARMv8 and
PowerPC 64-bit
• Micro Focus SUSE Linux Enterprise Server 12 SP3, on PowerPC 64-bit
• Microsoft Windows Server 2016 on x86_64.
Discontinued Operating Environments
This release of MES discontinues support for the following operating environments:
• Apple iOS 8
• Canonical Ubuntu 12.04 LTS
• Fedora 20 and 22
• FreeBSD 10
• Micro Focus SUSE Linux Enterprise Server 10
• Microsoft Windows Server 2008 on Itanium, compiled using Visual Studio 2005
• Red Hat Enterprise Linux 5.11 and 5.11 SE.
Support for the HP-UX 11.31 on PA-RISC 2.0 (32-bit) and PA-RISC 2.0W (64-bit)
operating environments is discontinued by HP, but is retained by RSA for this release.
In the next release of MES, support for these operating environments is discontinued.
For subsequent releases of MES going forward, where a vendor discontinues
mainstream support for an operating system and platform combination, RSA
discontinues support from the same date.
14 Operating Environment Information
RSA BSAFE Micro Edition Suite 4.4 Release Notes
Linux Standard Base
The goal of the LSB project is to deliver interoperability between applications and the
Linux operating system. The distributions of MES built using the LSB 4.0 Software
Development Kits (SDKs) are designed to be compatible with Linux operating
systems that support LSB 4.0 on the CPU architectures listed in Table 1.
FIPS 140-2 Compliance
For all operating environments, MES
uses RSA BSAFE Crypto-C Micro Edition 4.1.4
(Crypto-C ME) to provide FIPS 140-2 Level 1 and Level 2 validated cryptographic
functionality, and directly exposes the Crypto-C ME API.
For applications running on an iOS operating system, MES incorporates an iOS FIPS
provider to access FIPS 140-2-validated cryptographic functionality from the iOS
operating system.
• For more information about the iOS FIPS provider, see Get Started with MES >
Providers in the RSA BSAFE Micro Edition Suite Developers Guide.
• For information about iOS FIPS 140-2 compliance, see the Apple iOS Security
Policy document.
In Table 1 the FIPS column indicates the operating environments tested for FIPS
140-2 compliance by an accredited FIPS 140-2 testing laboratory. These operating
environments are listed on the FIPS 140-2 certificate.
VA indicates the operating environment is not specifically listed on the FIPS 140-2
certificate, but RSA affirms FIPS 140-2 compliance. Vendor affirmation of
compliance is defined in Section G.5, “Maintaining Validation Compliance of
Software or Firmware Cryptographic Modules,” in Implementation Guidance for
FIPS PUB 140-2 and the Cryptographic Module Validation Program.
For the complete list of FIPS 140-2 tested and vendor affirmed operating
environments, and for detailed information about the
Crypto-C ME
FIPS 140-2
cryptographic module and the secure operation of MES, see the RSA BSAFE Micro
Edition Suite Security Policy and RSA BSAFE Crypto-C Micro Edition Security Policy
documents included with the MES release documentation.
Operating Environment Information 15
RSA BSAFE Micro Edition Suite 4.4 Release Notes
Microsoft Visual C++ Redistributable Packages
For customers developing on a Microsoft Windows operating system, building
applications using the MES libraries is supported using Microsoft Visual Studio 2005,
Visual Studio 2010, or Visual Studio 2013.
To run MES applications on systems that do not have Visual Studio or Visual C++
installed, a Visual C++ Redistributable Package is required to install specific Visual
C++ runtime components.
For customers using the MES libraries built using Visual Studio 2005, the
Redistributable Package is available from the following locations for systems with an:
• x86 (32-bit) processor
www.microsoft.com/en-us/download/details.aspx?id=5638
• x86_64 (64-bit) processor
www.microsoft.com/en-us/download/details.aspx?id=18471
• Itanium (64-bit) processor
www.microsoft.com/en-us/download/details.aspx?id=13360.
For customers using the MES libraries built using Visual Studio 2010, the
Redistributable Package is available from the following locations for systems with an
• x86 (32-bit) processor
www.microsoft.com/en-us/download/details.aspx?id=5555
• x86_64 (64-bit) processor
www.microsoft.com/en-us/downloads/details.aspx?id=14632
• Itanium (64-bit) processor
www.microsoft.com/en-us/downloads/details.aspx?id=2054.
For customers using the MES libraries built using Visual Studio 2013, the
Redistributable Packages are available at
www.microsoft.com/en-us/download/details.aspx?id=40784.
For customers using the MES libraries built using Visual Studio 2017, the
Redistributable Packages are available from
https://go.microsoft.com/fwlink/?LinkId=746572.
16 Algorithms and Key Sizes
RSA BSAFE Micro Edition Suite 4.4 Release Notes
Algorithms and Key Sizes
For the supported algorithms and key sizes, see Algorithms and Key Sizes in the
RSA BSAFE Crypto-C Micro Edition Release Notes included with this release.
Elliptic Curve Support
The following table lists the named elliptic curves this release of MES is designed to
support for cryptographic operations in software and on PKCS #11 hardware devices.
For more information, see
Hardware Devices
.
Note: All elliptic curves with a bit strength of 112 or less are disallowed for
use in FIPS compliant applications, and not available for EC operations by
default. For more details, see SP 800-131A, Rev 1, the RSA BSAFE Crypto-C
Micro Edition Security Policy documents included in this release, and
R_LIB_CTX_INFO_ID_MIN_STRENGTH and related identifiers in the
RSA BSAFE Micro Edition Suite Developers Guide.
Table 2 Supported Named Elliptic Curves
Named Elliptic Curve
Equivalent Symmetric
Cipher Strength (bits)
Binary Curve B-163 80
Koblitz Curve K-163 80
Prime Curve P-192 96
Binary Curve B-233 112
Koblitz Curve K-233 112
Prime Curve P-224 112
Binary Curve B-283 128
Koblitz Curve K-283 128
Prime Curve P-256 128
Binary Curve B-409 192
Koblitz Curve K-409 192
Prime Curve P-384 192
Binary Curve B-571 256
Koblitz Curve K-571 256
Prime Curve P-521 256
FIPS 140-2 Operations 17
RSA BSAFE Micro Edition Suite 4.4 Release Notes
FIPS 140-2 Operations
For all operating environments, FIPS 140-2 providers, created using
R_PROV_FIPS140_new(), provide both FIPS 140-2-approved and non-approved
algorithms and resources. By default these providers provide only FIPS 140-2
approved algorithms.
Applications can change the mode on the library context to control the algorithms
available by calling
R_LIB_CTX_set_mode() with an appropriate
R_MODE_FILTER identifier.
Interoperability
The following table lists the vendor products tested with MES to provide TLS
interoperability:
Note: Only browser versions currently supported by their manufacturer are
tested for interoperability.
Cipher Suites
For the list of cipher suites this release of MES is designed to support, see TLS
Operations > Cipher Suites > Supported Cipher Suites in the RSA BSAFE Micro
Edition Suite Developers Guide.
Table 3 TLS Interoperability
Product Version
RSA BSAFE Micro Edition Suite 3.2.6 and 4.1.6
RSA BSAFE SSL-J (SSL-J and JSSE APIs) 6.2.1 and 6.2.4
Google Chrome 69
Microsoft Edge 41
Microsoft IE 11
Microsoft IIS 7.5, 8.0, 8.5 and 10
Mozilla Firefox 62
OpenSSL 1.0.1u, 1.0.2o, and 1.1.0h
Safari 12
18 Hardware Devices
RSA BSAFE Micro Edition Suite 4.4 Release Notes
Hardware Devices
While MES cryptographic and certificate functionality can be delegated to a variety of
PKCS #11 hardware devices, PKCS #11 functionality is not tested for this release.
If PKCS #11 functionality is required, it can be requested through RSA Customer
Support.
Enhancements and Resolved Issues 19
RSA BSAFE Micro Edition Suite 4.4 Release Notes
Enhancements and Resolved Issues
The following table lists the enhancements and resolved issues in this release of MES.
Table 4 Enhancements and Resolved Issues
ID Description
BSFMES-2377 MES is potentially vulnerable to an Information Exposure Through
Timing Discrepancy. A malicious remote user could potentially exploit
this vulnerability to extract information leaving data at risk of exposure -
CVE-2019-3731.
BSFMES-2278 MES is vulnerable to an oracle padding attack - CVE-2019-3730.
BSFMES-2275 Update the default TLS cipher suite list.
BSFMES-2175 R_SSL_CTX_set_ex_data/R_SSL_set_ex_data with user defined
memory allocator causes memory violation.
BSFMES-2142 Possible Denial of Service vulnerability on the client side when using large
DH keys - CVE-2018-15769.
BSFMES-2125 When BER encoding (unsigned) bignums prefix a leading zero byte, and
the MSBit is set as BER, encoding defines integer to be signed values.
BSFMES-2121 The public key implementation cannot read or write the PKCS #8 format
for DH private keys used by OpenSSL.
BSFMES-2118 The sample, crl_util, generates CRLs that are not compliant with
RFC 5280.
BSFMES-2092 Some sample programs use asymmetric keys that have security strengths
that are less than the currently accepted minimum security strength.
BSFMES-2074 An internal error can allow an invalid server identity certificate to be
chosen in a TLS handshake.
BSFMES-2020 When processing PKCS #12 messages and CMS messages sensitive data is
sometimes not cleared before memory is freed.
BSFMES-2013 TLS APIs still allow the use of 512-bit and 1024-bit DH keys by default.
The TLS API is updated to disallow the use of identifiers for 512-bit DH
keys, and to allow the use of identifiers for 1024-bit DH keys only after an
explicit application call.
BSFMES-1999 The single-step KDF cannot use APIs that include arguments of type
R_ALG_PARAMS.
BSFMES-1995 Covert timing channel vulnerability during RSA decryption
- CVE-2019-3732.
BSFMES-1963 The CMS API is to be enhanced with RSA-KEM-KWS support for key
transport in enveloped messages.
20 Known Issues
RSA BSAFE Micro Edition Suite 4.4 Release Notes
Known Issues
The following table lists the known issues in this release of MES.
Workarounds, where
possible, are provided for the issues
.
BSFMES-1952 Certificates with RSA PSS signatures cannot be verified.
BSFMES-1842 Triple-DES is removed from default cipher suite list.
BSFMES-1561 A sample makefile for systems running an OS X operating system needs
undocumented environment variables.
BSFMES-1426 MES is potentially vulnerable to a heap-based buffer overflow when
parsing ECDSA signature. A malicious user with adjacent network access
could potentially exploit this vulnerability to cause a crash in the library of
the affected system - CVE-2019-3729.
BSFMES-1143 R_CERT_REQ_sign() returns R_ERROR_BUFFER_TOO_SMALL
when signing a certificate request with extension data greater than 128
bytes.
BSFMES-1005 R_SSL_CTX_get_ex_new_id_ef() and
R_SSL_get_ex_new_id_ef() can return R_ERROR values as well as an
index.
Table 5 Known Issues
ID Description
BSFMES-1863 Unable to sign or verify from the software provider or FIPS 140
provider where the digest is provided by the iOS FIPS provider.
BSFMES-1761 R_SSL_put_error() and R_SSL_put_error_state() do not
limit the number of errors stored in the stack, which risks continuous
memory growth and possible out of memory errors.
BSFMES-1649 Certificate request messages with more than seven certificate type
definitions are not read properly by a TLS client.
BSFMES-1644 R_VERIFY_CTX_INFO_OCSP_SIG_ALG manages an array of three
R_CR_ALG_ID values.
BSFMES-1592 R_SSL_SESSION_print() does not print elliptic curve point
formats correctly.
Table 4 Enhancements and Resolved Issues (continued)
ID Description
Page is loading ...
Page is loading ...
Page is loading ...
Page is loading ...
Page is loading ...
/
