diff options
| author | Shane Lontis <shane.lontis@oracle.com> | 2020-06-08 14:33:27 +1000 |
|---|---|---|
| committer | Richard Levitte <levitte@openssl.org> | 2020-07-15 23:11:50 +0200 |
| commit | 7cc355c2e4e081dca3c6c345a75a2ab16800c807 (patch) | |
| tree | af03550512bc59ca961934e9009c6c8fd4be5656 /CHANGES.md | |
| parent | c35b8535768e22cd3b7743f4887a72e53a621a5f (diff) | |
| download | openssl-7cc355c2e4e081dca3c6c345a75a2ab16800c807.zip openssl-7cc355c2e4e081dca3c6c345a75a2ab16800c807.tar.gz openssl-7cc355c2e4e081dca3c6c345a75a2ab16800c807.tar.bz2 | |
Add AES_CBC_CTS ciphers to providers
Added Algorithm names AES-128-CBC-CTS, AES-192-CBC-CTS and AES-256-CBC-CTS.
CS1, CS2 and CS3 variants are supported.
Only single shot updates are supported.
The cipher returns the mode EVP_CIPH_CBC_MODE (Internally it shares the aes_cbc cipher code). This
would allow existing code that uses AES_CBC to switch to the CTS variant without breaking code that
tests for this mode. Because it shares the aes_cbc code the cts128.c functions could not be used directly.
The cipher returns the flag EVP_CIPH_FLAG_CTS.
EVP_CIPH_FLAG_FIPS & EVP_CIPH_FLAG_NON_FIPS_ALLOW have been deprecated.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12094)
Diffstat (limited to 'CHANGES.md')
| -rw-r--r-- | CHANGES.md | 5 |
1 files changed, 5 insertions, 0 deletions
@@ -23,6 +23,11 @@ OpenSSL 3.0 ### Changes between 1.1.1 and 3.0 [xx XXX xxxx] + * Added ciphertext stealing algorithms AES-128-CBC-CTS, AES-192-CBC-CTS and + AES-256-CBC-CTS to the providers. CS1, CS2 and CS3 variants are supported. + + *Shane Lontis* + * 'Configure' has been changed to figure out the configuration target if none is given on the command line. Consequently, the 'config' script is now only a mere wrapper. All documentation is changed to only mention |