John Viega wrote: > > > Additionally, with respect to counter mode, it might be best to > implement external to the EVP proper interface, just like HMAC. There > are a few issues I see that make counter mode a bit different from > other modes: > > 1) You should be able to insert your own function for choosing a > stream of counters. They don't have to be simple incrementing > counters. > > 2) Counter mode can be used in a random-access manner. For example, > if you encrypt a file with counter mode, you can then access the > blocks of that file independently, as long as you know the counter > value. >
That could be handled by passing the relevant info in a cipher ctrl call in the same way that other cipher parameters can be changed. The HMAC stuff could conceivable also be handled with ctrls at the digest level. However the ctrl functionality doesn't exist at the digest level at present and the HMAC stuff has been around since the SSLeay days. Steve. -- Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/ Personal Email: [EMAIL PROTECTED] Senior crypto engineer, Gemplus: http://www.gemplus.com/ Core developer of the OpenSSL project: http://www.openssl.org/ Business Email: [EMAIL PROTECTED] PGP key: via homepage. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
