TLS/SSL Libraries and /n software Toolkits
/n software toolkits can be configured to use the system implementation or internal implementations of TLS/SSL. Which setting is enabled by default and which options are available depend on the product, version, and platform.
SecureBlackbox Notes
SecureBlackbox uses an internal implementation of TLS on all platforms in all editions. This is our own implementation, it does not use any open-source, and is not related to any third-party code or library such as OpenSSL or Microsoft SChannel.
When FIPS mode is enabled on Windows the system security libraries (such as “rsaenh.dllâ€) are used for cryptographic operations only. The protocol implementation is still managed by SecureBlackbox.
IPWorks and Cloud Notes
On Windows, for all versions, the system security libraries are used by default. The Java edition uses the configured java security provider (system provider) on all platforms by default. To use the internal implementation on Windows set the UseInternalSecurityAPI config setting to true.
In version 2022 and later on Linux and macOS the internal implementation is used by default. To use OpenSSL when using the C++, PHP, or Python editions on Linux the obfuscated source code must be compiled with the ENABLE_OPENSSL define. See Version 2022 Updates for details.
Version 2020 editions on Linux use OpenSSL by default. Version 2020 C++ editions running on Linux are not affected by CVE-2022-3602 as long as the OpenSSL version is 3.07 or higher or the config setting UseInternalSecurityAPI is set to true.
We appreciate your feedback. If you have any questions, comments, or suggestions about this article please contact our support team at kb@nsoftware.com.