diff options
author | Shane Lontis <shane.lontis@oracle.com> | 2021-08-12 18:22:50 +1000 |
---|---|---|
committer | Pauli <pauli@openssl.org> | 2021-08-18 08:38:40 +1000 |
commit | 7f5a9399d27564a7136eed2df693755a3bec2cfc (patch) | |
tree | a1f6928128e8d2efe166f68d8c84bfbb2fa38ebd /doc/man3/EVP_EncryptInit.pod | |
parent | 42281f26174dcc6ef4847894f17627f305bdfa2b (diff) |
Add support for camellia cbc cts mode
Fixes #16276
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/16286)
Diffstat (limited to 'doc/man3/EVP_EncryptInit.pod')
-rw-r--r-- | doc/man3/EVP_EncryptInit.pod | 20 |
1 files changed, 12 insertions, 8 deletions
diff --git a/doc/man3/EVP_EncryptInit.pod b/doc/man3/EVP_EncryptInit.pod index a03c31ea35..cb36629684 100644 --- a/doc/man3/EVP_EncryptInit.pod +++ b/doc/man3/EVP_EncryptInit.pod @@ -738,7 +738,8 @@ that has the flag B<EVP_CIPH_FLAG_CUSTOM_ASN1> set. =item "cts_mode" (B<OSSL_CIPHER_PARAM_CTS_MODE>) <UTF8 string> Gets or sets the cipher text stealing mode. For all modes the output size is the -same as the input size. +same as the input size. The input length must be greater than or equal to the +block size. (The block size for AES and CAMELLIA is 16 bytes). Valid values for the mode are: @@ -747,25 +748,28 @@ Valid values for the mode are: =item "CS1" The NIST variant of cipher text stealing. -For message lengths that are multiples of the block size it is equivalent to -using a "AES-CBC" cipher otherwise the second last cipher text block is a -partial block. +For input lengths that are multiples of the block size it is equivalent to +using a "AES-XXX-CBC" or "CAMELLIA-XXX-CBC" cipher otherwise the second last +cipher text block is a partial block. =item "CS2" -For message lengths that are multiples of the block size it is equivalent to -using a "AES-CBC" cipher, otherwise it is the same as "CS3". +For input lengths that are multiples of the block size it is equivalent to +using a "AES-XXX-CBC" or "CAMELLIA-XXX-CBC" cipher, otherwise it is the same as +"CS3" mode. =item "CS3" The Kerberos5 variant of cipher text stealing which always swaps the last cipher text block with the previous block (which may be a partial or full block -depending on the input length). +depending on the input length). If the input length is exactly one full block +then this is equivalent to using a "AES-XXX-CBC" or "CAMELLIA-XXX-CBC" cipher. =back The default is "CS1". -This is only supported for "AES-128-CBC-CTS", "AES-192-CBC-CTS" and "AES-256-CBC-CTS". +This is only supported for "AES-128-CBC-CTS", "AES-192-CBC-CTS", "AES-256-CBC-CTS", +"CAMELLIA-128-CBC-CTS", "CAMELLIA-192-CBC-CTS" and "CAMELLIA-256-CBC-CTS". =item "tls1multi_interleave" (B<OSSL_CIPHER_PARAM_TLS1_MULTIBLOCK_INTERLEAVE>) <unsigned integer> |