diff options
author | Shane Lontis <shane.lontis@oracle.com> | 2020-06-08 14:33:27 +1000 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2020-07-15 23:11:50 +0200 |
commit | 7cc355c2e4e081dca3c6c345a75a2ab16800c807 (patch) | |
tree | af03550512bc59ca961934e9009c6c8fd4be5656 /providers/defltprov.c | |
parent | c35b8535768e22cd3b7743f4887a72e53a621a5f (diff) |
Add AES_CBC_CTS ciphers to providers
Added Algorithm names AES-128-CBC-CTS, AES-192-CBC-CTS and AES-256-CBC-CTS.
CS1, CS2 and CS3 variants are supported.
Only single shot updates are supported.
The cipher returns the mode EVP_CIPH_CBC_MODE (Internally it shares the aes_cbc cipher code). This
would allow existing code that uses AES_CBC to switch to the CTS variant without breaking code that
tests for this mode. Because it shares the aes_cbc code the cts128.c functions could not be used directly.
The cipher returns the flag EVP_CIPH_FLAG_CTS.
EVP_CIPH_FLAG_FIPS & EVP_CIPH_FLAG_NON_FIPS_ALLOW have been deprecated.
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12094)
Diffstat (limited to 'providers/defltprov.c')
-rw-r--r-- | providers/defltprov.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/providers/defltprov.c b/providers/defltprov.c index c92736e547..d404585afd 100644 --- a/providers/defltprov.c +++ b/providers/defltprov.c @@ -154,6 +154,9 @@ static const OSSL_ALGORITHM_CAPABLE deflt_ciphers[] = { ALG("AES-256-CBC", aes256cbc_functions), ALG("AES-192-CBC", aes192cbc_functions), ALG("AES-128-CBC", aes128cbc_functions), + ALG("AES-128-CBC-CTS", aes128cbc_cts_functions), + ALG("AES-192-CBC-CTS", aes192cbc_cts_functions), + ALG("AES-256-CBC-CTS", aes256cbc_cts_functions), ALG("AES-256-OFB", aes256ofb_functions), ALG("AES-192-OFB", aes192ofb_functions), ALG("AES-128-OFB", aes128ofb_functions), |