On 01/18/2018 02:37 AM, Peter Waltenberg wrote:
Or just add another EVP_CIPHER_CTX_ctrl() option (EVP_CTRL_CIPHER_ONE_SHOT
or similar.) and handle it the way CCM does now and finish the operation
on the first data update.

That doesn't require a new API and would probably simplify some existing

Ctrls for 1-shot aead paket processing like in tls 1.2 would be the easiest solution for tls 1.3 pakets and i agree it could also be extended to the general case.

Though aead is in some sense more than a cipher mode of operation. Providing a dedicated api would have some advantages but i see that maybe i reopen a discussion:

"We are also evaluating the following new features. -New AEAD API [...]"

Was this already evaluated? If yes, what was the result ?
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Reply via email to