On 01/18/2018 02:37 AM, Peter Waltenberg wrote:
Or just add another EVP_CIPHER_CTX_ctrl() option (EVP_CTRL_CIPHER_ONE_SHOT
or similar.) and handle it the way CCM does now and finish the operation
on the first data update.
That doesn't require a new API and would probably simplify some existing
code.
Ctrls for 1-shot aead paket processing like in tls 1.2 would be the
easiest solution for tls 1.3 pakets and i agree it could also be
extended to the general case.
Though aead is in some sense more than a cipher mode of operation.
Providing a dedicated api would have some advantages but i see that
maybe i reopen a discussion:
"We are also evaluating the following new features. -New AEAD API [...]"
https://www.openssl.org/policies/roadmap.html#forthcoming
Was this already evaluated? If yes, what was the result ?
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
