Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
OpenHarmony
Third Party Openssl
提交
e640fa02
T
Third Party Openssl
项目概览
OpenHarmony
/
Third Party Openssl
大约 1 年 前同步成功
通知
9
Star
18
Fork
1
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
T
Third Party Openssl
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
e640fa02
编写于
1月 27, 2015
作者:
M
Matt Caswell
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Harmonise use of EVP_CTRL_GET_TAG/EVP_CTRL_SET_TAG/EVP_CTRL_SET_IVLEN
Reviewed-by:
N
Tim Hudson
<
tjh@openssl.org
>
上级
d57d135c
变更
6
显示空白变更内容
内联
并排
Showing
6 changed file
with
57 addition
and
55 deletion
+57
-55
crypto/evp/e_aes.c
crypto/evp/e_aes.c
+9
-9
crypto/evp/evp.h
crypto/evp/evp.h
+9
-10
crypto/evp/evp_test.c
crypto/evp/evp_test.c
+11
-10
demos/evp/aesccm.c
demos/evp/aesccm.c
+7
-5
demos/evp/aesgcm.c
demos/evp/aesgcm.c
+9
-6
doc/crypto/EVP_EncryptInit.pod
doc/crypto/EVP_EncryptInit.pod
+12
-15
未找到文件。
crypto/evp/e_aes.c
浏览文件 @
e640fa02
...
...
@@ -1271,7 +1271,7 @@ static int aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
gctx
->
tls_aad_len
=
-
1
;
return
1
;
case
EVP_CTRL_
GCM
_SET_IVLEN
:
case
EVP_CTRL_
AEAD
_SET_IVLEN
:
if
(
arg
<=
0
)
return
0
;
/* Allocate memory for IV if needed */
...
...
@@ -1285,14 +1285,14 @@ static int aes_gcm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
gctx
->
ivlen
=
arg
;
return
1
;
case
EVP_CTRL_
GCM
_SET_TAG
:
case
EVP_CTRL_
AEAD
_SET_TAG
:
if
(
arg
<=
0
||
arg
>
16
||
c
->
encrypt
)
return
0
;
memcpy
(
c
->
buf
,
ptr
,
arg
);
gctx
->
taglen
=
arg
;
return
1
;
case
EVP_CTRL_
GCM
_GET_TAG
:
case
EVP_CTRL_
AEAD
_GET_TAG
:
if
(
arg
<=
0
||
arg
>
16
||
!
c
->
encrypt
||
gctx
->
taglen
<
0
)
return
0
;
memcpy
(
ptr
,
c
->
buf
,
arg
);
...
...
@@ -1870,7 +1870,7 @@ static int aes_ccm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
cctx
->
len_set
=
0
;
return
1
;
case
EVP_CTRL_
CCM
_SET_IVLEN
:
case
EVP_CTRL_
AEAD
_SET_IVLEN
:
arg
=
15
-
arg
;
case
EVP_CTRL_CCM_SET_L
:
if
(
arg
<
2
||
arg
>
8
)
...
...
@@ -1878,7 +1878,7 @@ static int aes_ccm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
cctx
->
L
=
arg
;
return
1
;
case
EVP_CTRL_
CCM
_SET_TAG
:
case
EVP_CTRL_
AEAD
_SET_TAG
:
if
((
arg
&
1
)
||
arg
<
4
||
arg
>
16
)
return
0
;
if
((
c
->
encrypt
&&
ptr
)
||
(
!
c
->
encrypt
&&
!
ptr
))
...
...
@@ -1890,7 +1890,7 @@ static int aes_ccm_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
cctx
->
M
=
arg
;
return
1
;
case
EVP_CTRL_
CCM
_GET_TAG
:
case
EVP_CTRL_
AEAD
_GET_TAG
:
if
(
!
c
->
encrypt
||
!
cctx
->
tag_set
)
return
0
;
if
(
!
CRYPTO_ccm128_tag
(
&
cctx
->
ccm
,
ptr
,
(
size_t
)
arg
))
...
...
@@ -2217,7 +2217,7 @@ static int aes_ocb_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
octx
->
aad_buf_len
=
0
;
return
1
;
case
EVP_CTRL_SET_IVLEN
:
case
EVP_CTRL_
AEAD_
SET_IVLEN
:
/* IV len must be 1 to 15 */
if
(
arg
<=
0
||
arg
>
15
)
return
0
;
...
...
@@ -2225,7 +2225,7 @@ static int aes_ocb_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
octx
->
ivlen
=
arg
;
return
1
;
case
EVP_CTRL_SET_TAG
:
case
EVP_CTRL_
AEAD_
SET_TAG
:
if
(
!
ptr
)
{
/* Tag len must be 0 to 16 */
if
(
arg
<
0
||
arg
>
16
)
...
...
@@ -2239,7 +2239,7 @@ static int aes_ocb_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
memcpy
(
octx
->
tag
,
ptr
,
arg
);
return
1
;
case
EVP_CTRL_GET_TAG
:
case
EVP_CTRL_
AEAD_
GET_TAG
:
if
(
arg
!=
octx
->
taglen
||
!
c
->
encrypt
)
return
0
;
...
...
crypto/evp/evp.h
浏览文件 @
e640fa02
...
...
@@ -397,14 +397,17 @@ struct evp_cipher_st {
# define EVP_CTRL_RAND_KEY 0x6
# define EVP_CTRL_PBE_PRF_NID 0x7
# define EVP_CTRL_COPY 0x8
# define EVP_CTRL_GCM_SET_IVLEN 0x9
# define EVP_CTRL_GCM_GET_TAG 0x10
# define EVP_CTRL_GCM_SET_TAG 0x11
# define EVP_CTRL_AEAD_SET_IVLEN 0x9
# define EVP_CTRL_AEAD_GET_TAG 0x10
# define EVP_CTRL_AEAD_SET_TAG 0x11
# define EVP_CTRL_GCM_SET_IVLEN EVP_CTRL_AEAD_SET_IVLEN
# define EVP_CTRL_GCM_GET_TAG EVP_CTRL_AEAD_GET_TAG
# define EVP_CTRL_GCM_SET_TAG EVP_CTRL_AEAD_SET_TAG
# define EVP_CTRL_GCM_SET_IV_FIXED 0x12
# define EVP_CTRL_GCM_IV_GEN 0x13
# define EVP_CTRL_CCM_SET_IVLEN EVP_CTRL_
GCM
_SET_IVLEN
# define EVP_CTRL_CCM_GET_TAG EVP_CTRL_
GCM
_GET_TAG
# define EVP_CTRL_CCM_SET_TAG EVP_CTRL_
GCM
_SET_TAG
# define EVP_CTRL_CCM_SET_IVLEN EVP_CTRL_
AEAD
_SET_IVLEN
# define EVP_CTRL_CCM_GET_TAG EVP_CTRL_
AEAD
_GET_TAG
# define EVP_CTRL_CCM_SET_TAG EVP_CTRL_
AEAD
_SET_TAG
# define EVP_CTRL_CCM_SET_L 0x14
# define EVP_CTRL_CCM_SET_MSGLEN 0x15
/*
...
...
@@ -430,10 +433,6 @@ typedef struct {
unsigned
int
interleave
;
}
EVP_CTRL_TLS1_1_MULTIBLOCK_PARAM
;
# define EVP_CTRL_SET_IVLEN EVP_CTRL_GCM_SET_IVLEN
# define EVP_CTRL_GET_TAG EVP_CTRL_GCM_GET_TAG
# define EVP_CTRL_SET_TAG EVP_CTRL_GCM_SET_TAG
/* GCM TLS constants */
/* Length of fixed part of IV derived from PRF */
# define EVP_GCM_TLS_FIXED_IV_LEN 4
...
...
crypto/evp/evp_test.c
浏览文件 @
e640fa02
...
...
@@ -179,13 +179,13 @@ static void test1(const EVP_CIPHER *c, const unsigned char *key, int kn,
ERR_print_errors_fp
(
stderr
);
test1_exit
(
10
);
}
if
(
!
EVP_CIPHER_CTX_ctrl
(
ctx
,
EVP_CTRL_SET_IVLEN
,
in
,
NULL
))
{
if
(
!
EVP_CIPHER_CTX_ctrl
(
ctx
,
EVP_CTRL_
AEAD_
SET_IVLEN
,
in
,
NULL
))
{
fprintf
(
stderr
,
"IV length set failed
\n
"
);
ERR_print_errors_fp
(
stderr
);
test1_exit
(
11
);
}
if
((
mode
==
EVP_CIPH_OCB_MODE
)
&&
!
EVP_CIPHER_CTX_ctrl
(
ctx
,
EVP_CTRL_SET_TAG
,
tn
,
NULL
))
{
!
EVP_CIPHER_CTX_ctrl
(
ctx
,
EVP_CTRL_
AEAD_
SET_TAG
,
tn
,
NULL
))
{
fprintf
(
stderr
,
"Tag length set failed
\n
"
);
ERR_print_errors_fp
(
stderr
);
test1_exit
(
15
);
...
...
@@ -206,12 +206,12 @@ static void test1(const EVP_CIPHER *c, const unsigned char *key, int kn,
ERR_print_errors_fp
(
stderr
);
test1_exit
(
10
);
}
if
(
!
EVP_CIPHER_CTX_ctrl
(
ctx
,
EVP_CTRL_
CCM_
SET_IVLEN
,
in
,
NULL
))
{
if
(
!
EVP_CIPHER_CTX_ctrl
(
ctx
,
EVP_CTRL_SET_IVLEN
,
in
,
NULL
))
{
fprintf
(
stderr
,
"IV length set failed
\n
"
);
ERR_print_errors_fp
(
stderr
);
test1_exit
(
11
);
}
if
(
!
EVP_CIPHER_CTX_ctrl
(
ctx
,
EVP_CTRL_
CCM_
SET_TAG
,
tn
,
NULL
))
{
if
(
!
EVP_CIPHER_CTX_ctrl
(
ctx
,
EVP_CTRL_SET_TAG
,
tn
,
NULL
))
{
fprintf
(
stderr
,
"Tag length set failed
\n
"
);
ERR_print_errors_fp
(
stderr
);
test1_exit
(
11
);
...
...
@@ -273,7 +273,7 @@ static void test1(const EVP_CIPHER *c, const unsigned char *key, int kn,
||
(
mode
==
EVP_CIPH_CCM_MODE
))
{
unsigned
char
rtag
[
16
];
if
(
!
EVP_CIPHER_CTX_ctrl
(
ctx
,
EVP_CTRL_GET_TAG
,
tn
,
rtag
))
{
if
(
!
EVP_CIPHER_CTX_ctrl
(
ctx
,
EVP_CTRL_
AEAD_
GET_TAG
,
tn
,
rtag
))
{
fprintf
(
stderr
,
"Get tag failed
\n
"
);
ERR_print_errors_fp
(
stderr
);
test1_exit
(
14
);
...
...
@@ -294,13 +294,13 @@ static void test1(const EVP_CIPHER *c, const unsigned char *key, int kn,
ERR_print_errors_fp
(
stderr
);
test1_exit
(
10
);
}
if
(
!
EVP_CIPHER_CTX_ctrl
(
ctx
,
EVP_CTRL_SET_IVLEN
,
in
,
NULL
))
{
if
(
!
EVP_CIPHER_CTX_ctrl
(
ctx
,
EVP_CTRL_
AEAD_
SET_IVLEN
,
in
,
NULL
))
{
fprintf
(
stderr
,
"IV length set failed
\n
"
);
ERR_print_errors_fp
(
stderr
);
test1_exit
(
11
);
}
if
((
mode
==
EVP_CIPH_OCB_MODE
)
&&
!
EVP_CIPHER_CTX_ctrl
(
ctx
,
EVP_CTRL_SET_TAG
,
tn
,
NULL
))
{
!
EVP_CIPHER_CTX_ctrl
(
ctx
,
EVP_CTRL_
AEAD_
SET_TAG
,
tn
,
NULL
))
{
fprintf
(
stderr
,
"Tag length set failed
\n
"
);
ERR_print_errors_fp
(
stderr
);
test1_exit
(
15
);
...
...
@@ -310,7 +310,8 @@ static void test1(const EVP_CIPHER *c, const unsigned char *key, int kn,
ERR_print_errors_fp
(
stderr
);
test1_exit
(
12
);
}
if
(
!
EVP_CIPHER_CTX_ctrl
(
ctx
,
EVP_CTRL_SET_TAG
,
tn
,
(
void
*
)
tag
))
{
if
(
!
EVP_CIPHER_CTX_ctrl
(
ctx
,
EVP_CTRL_AEAD_SET_TAG
,
tn
,
(
void
*
)
tag
))
{
fprintf
(
stderr
,
"Set tag failed
\n
"
);
ERR_print_errors_fp
(
stderr
);
test1_exit
(
14
);
...
...
@@ -326,13 +327,13 @@ static void test1(const EVP_CIPHER *c, const unsigned char *key, int kn,
ERR_print_errors_fp
(
stderr
);
test1_exit
(
10
);
}
if
(
!
EVP_CIPHER_CTX_ctrl
(
ctx
,
EVP_CTRL_
CCM
_SET_IVLEN
,
in
,
NULL
))
{
if
(
!
EVP_CIPHER_CTX_ctrl
(
ctx
,
EVP_CTRL_
AEAD
_SET_IVLEN
,
in
,
NULL
))
{
fprintf
(
stderr
,
"IV length set failed
\n
"
);
ERR_print_errors_fp
(
stderr
);
test1_exit
(
11
);
}
if
(
!
EVP_CIPHER_CTX_ctrl
(
ctx
,
EVP_CTRL_
CCM
_SET_TAG
,
tn
,
(
void
*
)
tag
))
{
(
ctx
,
EVP_CTRL_
AEAD
_SET_TAG
,
tn
,
(
void
*
)
tag
))
{
fprintf
(
stderr
,
"Tag length set failed
\n
"
);
ERR_print_errors_fp
(
stderr
);
test1_exit
(
11
);
...
...
demos/evp/aesccm.c
浏览文件 @
e640fa02
...
...
@@ -50,9 +50,10 @@ void aes_ccm_encrypt(void)
/* Set cipher type and mode */
EVP_EncryptInit_ex
(
ctx
,
EVP_aes_192_ccm
(),
NULL
,
NULL
,
NULL
);
/* Set nonce length if default 96 bits is not appropriate */
EVP_CIPHER_CTX_ctrl
(
ctx
,
EVP_CTRL_CCM_SET_IVLEN
,
sizeof
(
ccm_nonce
),
NULL
);
EVP_CIPHER_CTX_ctrl
(
ctx
,
EVP_CTRL_AEAD_SET_IVLEN
,
sizeof
(
ccm_nonce
),
NULL
);
/* Set tag length */
EVP_CIPHER_CTX_ctrl
(
ctx
,
EVP_CTRL_
CCM
_SET_TAG
,
sizeof
(
ccm_tag
),
NULL
);
EVP_CIPHER_CTX_ctrl
(
ctx
,
EVP_CTRL_
AEAD
_SET_TAG
,
sizeof
(
ccm_tag
),
NULL
);
/* Initialise key and IV */
EVP_EncryptInit_ex
(
ctx
,
NULL
,
NULL
,
ccm_key
,
ccm_nonce
);
/* Set plaintext length: only needed if AAD is used */
...
...
@@ -67,7 +68,7 @@ void aes_ccm_encrypt(void)
/* Finalise: note get no output for CCM */
EVP_EncryptFinal_ex
(
ctx
,
outbuf
,
&
outlen
);
/* Get tag */
EVP_CIPHER_CTX_ctrl
(
ctx
,
EVP_CTRL_
CCM
_GET_TAG
,
16
,
outbuf
);
EVP_CIPHER_CTX_ctrl
(
ctx
,
EVP_CTRL_
AEAD
_GET_TAG
,
16
,
outbuf
);
/* Output tag */
printf
(
"Tag:
\n
"
);
BIO_dump_fp
(
stdout
,
outbuf
,
16
);
...
...
@@ -86,9 +87,10 @@ void aes_ccm_decrypt(void)
/* Select cipher */
EVP_DecryptInit_ex
(
ctx
,
EVP_aes_192_ccm
(),
NULL
,
NULL
,
NULL
);
/* Set nonce length, omit for 96 bits */
EVP_CIPHER_CTX_ctrl
(
ctx
,
EVP_CTRL_CCM_SET_IVLEN
,
sizeof
(
ccm_nonce
),
NULL
);
EVP_CIPHER_CTX_ctrl
(
ctx
,
EVP_CTRL_AEAD_SET_IVLEN
,
sizeof
(
ccm_nonce
),
NULL
);
/* Set expected tag value */
EVP_CIPHER_CTX_ctrl
(
ctx
,
EVP_CTRL_
CCM
_SET_TAG
,
EVP_CIPHER_CTX_ctrl
(
ctx
,
EVP_CTRL_
AEAD
_SET_TAG
,
sizeof
(
ccm_tag
),
(
void
*
)
ccm_tag
);
/* Specify key and IV */
EVP_DecryptInit_ex
(
ctx
,
NULL
,
NULL
,
ccm_key
,
ccm_nonce
);
...
...
demos/evp/aesgcm.c
浏览文件 @
e640fa02
...
...
@@ -50,7 +50,7 @@ void aes_gcm_encrypt(void)
/* Set cipher type and mode */
EVP_EncryptInit_ex
(
ctx
,
EVP_aes_256_gcm
(),
NULL
,
NULL
,
NULL
);
/* Set IV length if default 96 bits is not appropriate */
EVP_CIPHER_CTX_ctrl
(
ctx
,
EVP_CTRL_
GCM
_SET_IVLEN
,
sizeof
(
gcm_iv
),
NULL
);
EVP_CIPHER_CTX_ctrl
(
ctx
,
EVP_CTRL_
AEAD
_SET_IVLEN
,
sizeof
(
gcm_iv
),
NULL
);
/* Initialise key and IV */
EVP_EncryptInit_ex
(
ctx
,
NULL
,
NULL
,
gcm_key
,
gcm_iv
);
/* Zero or more calls to specify any AAD */
...
...
@@ -63,7 +63,7 @@ void aes_gcm_encrypt(void)
/* Finalise: note get no output for GCM */
EVP_EncryptFinal_ex
(
ctx
,
outbuf
,
&
outlen
);
/* Get tag */
EVP_CIPHER_CTX_ctrl
(
ctx
,
EVP_CTRL_
GCM
_GET_TAG
,
16
,
outbuf
);
EVP_CIPHER_CTX_ctrl
(
ctx
,
EVP_CTRL_
AEAD
_GET_TAG
,
16
,
outbuf
);
/* Output tag */
printf
(
"Tag:
\n
"
);
BIO_dump_fp
(
stdout
,
outbuf
,
16
);
...
...
@@ -82,7 +82,7 @@ void aes_gcm_decrypt(void)
/* Select cipher */
EVP_DecryptInit_ex
(
ctx
,
EVP_aes_256_gcm
(),
NULL
,
NULL
,
NULL
);
/* Set IV length, omit for 96 bits */
EVP_CIPHER_CTX_ctrl
(
ctx
,
EVP_CTRL_
GCM
_SET_IVLEN
,
sizeof
(
gcm_iv
),
NULL
);
EVP_CIPHER_CTX_ctrl
(
ctx
,
EVP_CTRL_
AEAD
_SET_IVLEN
,
sizeof
(
gcm_iv
),
NULL
);
/* Specify key and IV */
EVP_DecryptInit_ex
(
ctx
,
NULL
,
NULL
,
gcm_key
,
gcm_iv
);
#if 0
...
...
@@ -90,7 +90,7 @@ void aes_gcm_decrypt(void)
* Set expected tag value. A restriction in OpenSSL 1.0.1c and earlier
* required the tag before any AAD or ciphertext
*/
EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_
GCM
_SET_TAG, sizeof(gcm_tag), gcm_tag);
EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_
AEAD
_SET_TAG, sizeof(gcm_tag), gcm_tag);
#endif
/* Zero or more calls to specify any AAD */
EVP_DecryptUpdate
(
ctx
,
NULL
,
&
outlen
,
gcm_aad
,
sizeof
(
gcm_aad
));
...
...
@@ -99,8 +99,11 @@ void aes_gcm_decrypt(void)
/* Output decrypted block */
printf
(
"Plaintext:
\n
"
);
BIO_dump_fp
(
stdout
,
outbuf
,
outlen
);
/* Set expected tag value. Works in OpenSSL 1.0.1d and later */
EVP_CIPHER_CTX_ctrl
(
ctx
,
EVP_CTRL_GCM_SET_TAG
,
sizeof
(
gcm_tag
),
gcm_tag
);
/*
* Set expected tag value. Works in OpenSSL 1.0.1d and later
* In versions prior to OpenSSL 1.1.0 you should use EVP_CTRL_GCM_SET_TAG
*/
EVP_CIPHER_CTX_ctrl
(
ctx
,
EVP_CTRL_AEAD_SET_TAG
,
sizeof
(
gcm_tag
),
gcm_tag
);
/* Finalise: note get no output for GCM */
rv
=
EVP_DecryptFinal_ex
(
ctx
,
outbuf
,
&
outlen
);
/*
...
...
doc/crypto/EVP_EncryptInit.pod
浏览文件 @
e640fa02
...
...
@@ -399,41 +399,38 @@ indicates if the operation was successful. If it does not indicate success
the authentication operation has failed and any output data B<MUST NOT>
be used as it is corrupted.
The following ctrl is supported in OCB mode only:
EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_OCB_SET_TAGLEN, taglen, NULL);
Sets the tag length: this call can only be made before specifying an IV. If
not called a default tag length is used. For OCB AES the default is 16 (i.e. 128
bits). This is also the maximum tag length.
The following ctrls are supported in both GCM and OCB modes:
EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_SET_IVLEN, ivlen, NULL);
EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_
AEAD_
SET_IVLEN, ivlen, NULL);
Sets the IV length: this call can only be made before specifying an IV. If
not called a default IV length is used. For GCM AES and OCB AES the default is
12 (i.e. 96 bits). For OCB mode the maximum is 15.
EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GET_TAG, taglen, tag);
EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_
AEAD_
GET_TAG, taglen, tag);
Writes B<taglen> bytes of the tag value to the buffer indicated by B<tag>.
This call can only be made when encrypting data and B<after> all data has been
processed (e.g. after an EVP_EncryptFinal() call). For OCB mode the taglen must
either be 16 or the value previously set via EVP_CTRL_OCB_SET_TAGLEN.
EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_SET_TAG, taglen, tag);
EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_
AEAD_
SET_TAG, taglen, tag);
Sets the expected tag to B<taglen> bytes from B<tag>. This call is only legal
when decrypting data and must be made B<before> any data is processed (e.g.
before any EVP_DecryptUpdate() call). For OCB mode the taglen must
either be 16 or the value previously set via EVP_CTRL_OCB_SET_TAGLEN.
either be 16 or the value previously set via EVP_CTRL_AEAD_SET_TAG.
In OCB mode calling this with B<tag> set to NULL sets the tag length. The tag
length can only be set before specifying an IV. If not called a default tag
length is used. For OCB AES the default is 16 (i.e. 128 bits). This is also the
maximum tag length for OCB.
See L<EXAMPLES> below for an example of the use of GCM mode.
=head1 CCM Mode
The behaviour of CCM mode ciphers is similar to
C
CM mode but with a few
The behaviour of CCM mode ciphers is similar to
G
CM mode but with a few
additional requirements and different ctrl values.
Like GCM and OCB modes any additional authenticated data (AAD) is passed by calling
...
...
@@ -445,7 +442,7 @@ set to B<NULL> and the length passed in the B<inl> parameter.
The following ctrls are supported in CCM mode:
EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_
CCM
_SET_TAG, taglen, tag);
EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_
AEAD
_SET_TAG, taglen, tag);
This call is made to set the expected B<CCM> tag value when decrypting or
the length of the tag (with the B<tag> parameter set to NULL) when encrypting.
...
...
@@ -456,7 +453,7 @@ used (12 for AES).
Sets the CCM B<L> value. If not set a default is used (8 for AES).
EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_
CCM
_SET_IVLEN, ivlen, NULL);
EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_
AEAD
_SET_IVLEN, ivlen, NULL);
Sets the CCM nonce (IV) length: this call can only be made before specifying
an nonce value. The nonce length is given by B<15 - L> so it is 7 by default
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录