Project

General

Profile

action #100554

[sle][security][sle15sp4][feature][manual] SLE-21227 - QA: FIPS: implement the IPSEC KDF for strongswan in openssl

Added by bchou about 2 months ago.

Status:
New
Priority:
Normal
Assignee:
Category:
New test
Target version:
-
Start date:
2021-10-07
Due date:
% Done:

0%

Estimated time:
Difficulty:

Description

https://jira.suse.com/browse/SLE-21227

OpenSSL in its master branch as a KDF (Key Derivation Function) framework.

As our FIPS strongswan certificate is only for the key derivation function we could save a lot of trouble and effort to move this functionality into openssl.

A similar thing openssl has done with the SSH KDF already, and we could do it for IPSEC too.

Upstream so far does not have it there.

Also available in: Atom PDF