I am hoping that someone can clear this up for me.

The tls1_PRF() function uses both the md5 and sha1 algorithms to generate
pseudo-random data. Since this function is used for TLS key derivation, is
the md5 algorithm allowed for key derivation while operating in FIPS mode?

If it is OK, I am curious how this is handled. With FIPS mode enabled, is
the SSL library itself allowed to call non-FIPS algorithms? The reason I
ask is that I notice the SSL library doesn't necessarily check return values.


__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majordomo@openssl.org