Fixed (with dkg's suggested wording change):
https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=2097a17c576f2395a10b05f14490688bc5f45a07
Matt
__
OpenSSL Project http://www.openssl.org
On Sun, Jul 13, 2014, Dr. Stephen Henson wrote:
On Sat, Jul 12, 2014, Jitendra Lulla wrote:
Also the changes I am proposing may not be acceptable for similar reasons.
It may be that your implementation of an AF_ALG EVP_CIPHER for XTS can be
changed so it works with unmodified OpenSSL.
Also the changes I am proposing may not be acceptable for similar reasons.
It may be that your implementation of an AF_ALG EVP_CIPHER for XTS can be
changed so it works with unmodified OpenSSL. The OpenSSL XTS implementation
is a software implementation and some techniques it uses wont be
On Sun, Jul 13, 2014, Andy Polyakov wrote:
Also the changes I am proposing may not be acceptable for similar reasons.
It may be that your implementation of an AF_ALG EVP_CIPHER for XTS can be
changed so it works with unmodified OpenSSL. The OpenSSL XTS implementation
is a software
On 13/07/14 22:28, Dr. Stephen Henson wrote:
The separate problem is that the OP has written an ENGINE that supports XTS
mode and the requested patch was to make XTS mode work in the ENGINE. I'm
suggesting that the OPs ENGINE implementation of XTS mode in an EVP_CIPHER
has set the flags
Dr. Stephen Henson wrote:
On Sun, Jul 13, 2014, Andy Polyakov wrote:
Also the changes I am proposing may not be acceptable for similar reasons.
It may be that your implementation of an AF_ALG EVP_CIPHER for XTS can be
changed so it works with unmodified OpenSSL. The OpenSSL XTS
On Sun, Jul 13, 2014, Matt Caswell wrote:
On 13/07/14 22:28, Dr. Stephen Henson wrote:
The separate problem is that the OP has written an ENGINE that supports XTS
mode and the requested patch was to make XTS mode work in the ENGINE. I'm
suggesting that the OPs ENGINE implementation of
The separate problem is that the OP has written an ENGINE that supports XTS
mode and the requested patch was to make XTS mode work in the ENGINE. I'm
suggesting that the OPs ENGINE implementation of XTS mode in an EVP_CIPHER
has set the flags incorrectly (perhaps it's a generic EVP_CIPHER that
I propose the following patch to deal with this ticket (for master, 1.0.2 and
1.0.1), i.e. disable XTS for the enc utility.
Any objections?
Matt
diff --git a/apps/enc.c b/apps/enc.c
index 928d16b..48f1f8b 100644
--- a/apps/enc.c
+++ b/apps/enc.c
@@ -339,6 +339,12 @@ bad:
goto end;
}
+ if
On 07/13/2014 06:33 PM, Matt Caswell via RT wrote:
I propose the following patch to deal with this ticket (for master, 1.0.2 and
1.0.1), i.e. disable XTS for the enc utility.
Any objections?
Matt
diff --git a/apps/enc.c b/apps/enc.c
index 928d16b..48f1f8b 100644
--- a/apps/enc.c
+++
On 11 July 2014 11:56, Andy Polyakov ap...@openssl.org wrote:
Bottom line [still] is that enc is not the place to perform XTS,
*unless* it's treated specially. In other words question should not be
about setting IV, but about *if* XTS should be supported by enc, and if
so, how exactly.
It
Doh.ThanksPete
-owner-openssl-...@openssl.org wrote: -
To: openssl-dev@openssl.orgFrom: "Dr. Stephen Henson" <st...@openssl.org>
Sent by: owner-openssl-...@openssl.orgDate: 07/12/2014 10:16PM
Subject: Re: Re: Re: [openssl.org #3442] [patch] AES XTS: supporting custom iv
: [openssl.org #3442] [patch] AES XTS: supporting custom iv from openssl
enc command
On Wed Jul 09 16:24:04 2014, lull...@yahoo.com wrote:
Hi,
openssl enc command with -aes-xxx-xts doesnt work if an IV is specified
When you say it doesn't work, what do you mean? Do you get an error? If so
what
openssl enc command with -aes-xxx-xts doesnt work if an IV is specified
When you say it doesn't work, what do you mean? Do you get an error? If so
what is it?
If only it was the actual problem. The thing is that *if* one wants to
make enc work with XTS, it has to be treated specially, i.e.
Bottom line [still] is that enc is not the place to perform XTS,
*unless* it's treated specially. In other words question should not be
about setting IV, but about *if* XTS should be supported by enc, and if
so, how exactly.
It seems to me this is why jamming modes like XTS into standard
d'origine -
De: Andy Polyakov ap...@openssl.org
À: openssl-dev@openssl.org
Cc: lull...@yahoo.com
Envoyé: Fri, 11 Jul 2014 12:56:50 +0200 (CEST)
Objet: Re: [openssl.org #3442] [patch] AES XTS: supporting custom iv from
openssl enc command
Bottom line [still] is that enc is not the place to perform
: -
To: openssl-dev@openssl.orgFrom: nicolas@free.frSent by: owner-openssl-...@openssl.org
Date: 07/11/2014 11:46PMSubject: Re: Re: [openssl.org #3442] [patch] AES XTS: supporting custom iv from openssl enc command
Hi and sorry to interfere,
I had to review all ciphers available in openssl
On Wed Jul 09 16:24:04 2014, lull...@yahoo.com wrote:
Hi,
openssl enc command with -aes-xxx-xts doesnt work if an IV is specified
When you say it doesn't work, what do you mean? Do you get an error? If so
what is it?
as below:
openssl enc -engine af_alg -aes-256-xts -in plaintext_file
Hi,
openssl enc command with -aes-xxx-xts doesnt work if an IV is specified
as below:
openssl enc -engine af_alg -aes-256-xts -in plaintext_file -out
output_encrypted_file -K
0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef -iv
I am proposing a
To:
Cc: openssl-dev@openssl.org
Sent: Wednesday, July 9, 2014 7:54 PM
Subject: [openssl.org #3442] [patch] AES XTS: supporting custom iv from openssl
enc command
Hi,
openssl enc command with -aes-xxx-xts doesnt work if an IV is specified
as below:
openssl enc -engine af_alg -aes-256-xts
20 matches
Mail list logo