FIPS compliant KDFs

Tomas Mraz tomas at
Thu Aug 17 19:40:52 UTC 2023

It would be better to ask such question in a github issue as a proposed
new feature.

If all these KDFs are part of some standard then I do not see why such
pull request would be rejected.

Tomas Mraz, OpenSSL

On Thu, 2023-08-17 at 17:50 +0000, Barry Fussell (bfussell) via
openssl-users wrote:
> Before submitting a PR, is there any interest in FIPS compliant KDF
> implementations for SRTP, SNMP and/or IKEv2
> for a future release of OpenSSL ?
> We maintain an implementation of each of those KDFs and have taken
> them through FIPS validation using a fork of OpenSSL 3.0.
> Cryptographic Algorithm Validation Program | CSRC (
> Thanks,
> Barry

Tomáš Mráz, OpenSSL

More information about the openssl-users mailing list