On Thu, Mar 29, 2012, Prashanth kumar N wrote: > Thanks Marek. I will try the attached code in the attached files. > In many of the examples i have come across, i see IV is always being. Is it > not possible to use this API by setting IV to NULL? (As i understand for > CBC IV is a must) . In AES_Encrypt(), we don't use IV. Does this mean this > does stream ciphering (byte by byte)? >
The IV should be random and must be set to the same value on encrypt and decrypt. The information isn't security sensitive and can be sent in plain text. If you use AES_encrypt you're effectively using ECB mode. > Does any one know if Openssl supports AES-XTS? Reason is we are exploring > to see if we can employ this. > When i Googled, i did see some change request log which said AES-XTS has > been added to Openssl in v1.1.0 which i am not able to find for download... > Any idea on this? > XTS mode is very new and only supported in OpenSSL 1.0.1 and later. You use EVP_CIPHER functions EVP_aes_128_xts() and EVP_aes_256_xts(). Note that the key length is double that for nomal AES. You can get the key length of any cipher (provided you use EVP) using EVP_CIPHER_key_length(). Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
