[with pull request now]
Hi, openssl enc command with -aes-xxx-xts doesnt work if an IV is specified as below: openssl enc -engine af_alg -aes-256-xts -in <plaintext_file> -out <output_encrypted_file> -K 0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef -iv 00000000000000000000000000000000 I am proposing a minor enhancement in EVP_CipherInit_ex() to include case EVP_CIPH_XTS_MODE which currently is not present. pull request: https://github.com/openssl/openssl/pull/150 Regards, Jitendra Lulla ----- Original Message ----- From: Jitendra Lulla via RT <[email protected]> To: Cc: [email protected] Sent: Wednesday, July 9, 2014 7:54 PM Subject: [openssl.org #3442] [patch] AES XTS: supporting custom iv from openssl enc command Hi, openssl enc command with -aes-xxx-xts doesnt work if an IV is specified as below: openssl enc -engine af_alg -aes-256-xts -in <plaintext_file> -out <output_encrypted_file> -K 0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef -iv 00000000000000000000000000000000 I am proposing a minor enhancement in EVP_CipherInit_ex() to include case EVP_CIPH_XTS_MODE which currently is not present. Please consider the patch [attached as well as pasted below] --- /root/jlulla/evp_enc.c 2014-07-04 04:23:48.000000000 -0700 +++ crypto/evp/evp_enc.c 2014-07-04 03:21:29.000000000 -0700 @@ -242,6 +242,10 @@ skip_to_init: if(iv) memcpy(ctx->iv, iv, EVP_CIPHER_CTX_iv_length(ctx)); break; + case EVP_CIPH_XTS_MODE: + if(iv) + memcpy(ctx->iv, iv, EVP_CIPHER_CTX_iv_length(ctx)); + break; default: return 0; ~Jitendra Lulla
openssl_xts_patch
Description: Binary data
