On Sat, Jul 12, 2014, Peter Waltenberg wrote: > Or extend EVP_CIPHER_CTX_ctrl() to handle things like changing IV's ? Modes > like XTS may gain a lot from that, you could use EVP_CIPHER_CTX_copy() to > avoid repeated key expansion costs, change the IV with EVP_CIPHER_CTX_ctrl() > and do the next block.
There is already a method to change IVs without expnanding the key again which should work for XTS (looking at code, not tried it explicitly). You set all parameters to EVP_EcnryptInit_ex et al to NULL apart from the context and IV. Subsequenty calls to EVP_EncryptUpdate etc should then use the new IV. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
