diff options
author | Matt Caswell <matt@openssl.org> | 2020-04-02 09:58:59 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2020-04-03 11:13:16 +0100 |
commit | 70d80ef9898ddbe03841efd2df2f526b71829d7f (patch) | |
tree | cf116287f653e8f3f1837b7cb77bf8fca9d90e6c /doc/man3 | |
parent | 94468c775c8e23dae8549ca15b4f9e0718650b0c (diff) |
Expand the XTS documentation
Explain that XTS does not support streaming, and that the IV value is the
tweak.
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11461)
Diffstat (limited to 'doc/man3')
-rw-r--r-- | doc/man3/EVP_aes_128_gcm.pod | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/doc/man3/EVP_aes_128_gcm.pod b/doc/man3/EVP_aes_128_gcm.pod index 1ca893a738..56ae74040a 100644 --- a/doc/man3/EVP_aes_128_gcm.pod +++ b/doc/man3/EVP_aes_128_gcm.pod @@ -160,6 +160,13 @@ In particular, XTS-AES-128 (B<EVP_aes_128_xts>) takes input of a 256-bit key to achieve AES 128-bit security, and XTS-AES-256 (B<EVP_aes_256_xts>) takes input of a 512-bit key to achieve AES 256-bit security. +The XTS implementation in OpenSSL does not support streaming. That is there must +only be one L<EVP_EncryptUpdate(3)> call per L<EVP_EncryptInit_ex(3)> call (and +similarly with the "Decrypt" functions). + +The I<iv> parameter to L<EVP_EncryptInit_ex(3)> or L<EVP_DecryptInit_ex(3)> is +the XTS "tweak" value. + =back =head1 RETURN VALUES |