[openssl-users] Key Deriviation Function Tests for TLS

John Foley foleyj at cisco.com
Mon Sep 28 13:13:55 UTC 2015

On 09/23/2015 08:16 AM, Steve Marquess wrote:
> John, let me elaborate on my comment above by noting that the Cisco
> contribution includes a bunch of FIPS specific code for which there is
> no counterpart on the master branch (i.e. no place to put it). A
> version which worked on master with all the FIPS stuff stripped out
> and with tests via evp_test would be a lot more interesting. -Steve M. 
Hi Steve,

We can certainly submit a pull request on the master branch.  It'll take
a little time to prepare that.  IMHO, there is value in accepting this
pull request on the FIPS branch as well.  There are OpenSSL users doing
private label FIPS validations that would benefit.  Pull request 368
contains the FIPS vector processing utility for KDF.  None of the FIPS
vector processing utilities reside in master.  The pull request we
prepare for master isn't going to include the KDF vector processing utility.

Please let me know whether we should proceed with preparing a pull
request on master.


More information about the openssl-users mailing list