On Sun, Jul 13, 2014, Matt Caswell wrote: > > > On 13/07/14 22:28, Dr. Stephen Henson wrote: > > The separate problem is that the OP has written an ENGINE that supports XTS > > mode and the requested patch was to make XTS mode work in the ENGINE. I'm > > suggesting that the OPs ENGINE implementation of XTS mode in an EVP_CIPHER > > has set the flags incorrectly (perhaps it's a generic EVP_CIPHER that > > handles > > all cases identically). Using the correct flags in the ENGINE EVP_CIPHER and > > not making any changes to OpenSSL should solve the second problem. > > It's not clear to me that the engine being used was actually written by > the OP...or whether he was just using it. See RT #2554. >
That version (and other AF_ALG versions I've seen) does not support XTS mode AFAICS. If you try and treat XTS mode like any other EVP_CIPHER in an ENGINE it will fail, hence my comment about the flags. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
