According to the Changelog (http://www.openssl.org/news/changelog.html) experimental EVP support for AES-GCM is only in the (as yet unreleased) 1.1.0 branch.
Matt On 23 May 2012 16:29, Li, David <l...@cloudshield.com> wrote: > Ok, I found that. > > > > But this raises another question: what to use in EVP_* APIs for AES-GCM > mode? For instance, the following code was OK for EVN_aes_128_ecb but won’t > compile because it couldn’t find EVP_aes_256_gcm. > > > > EVP_CIPHER_CTX ctx; > > EVP_CIPHER_CTX_init(&ctx); > > EVP_EncryptInit_ex(&ctx, > > EVP_aes_128_ecb(), //can't find > EVP_aes_256_gcm > > > > - David > > - > > > > From: owner-openssl-us...@openssl.org > [mailto:owner-openssl-us...@openssl.org] On Behalf Of Matt Caswell > (fr...@baggins.org) > Sent: Tuesday, May 22, 2012 10:49 AM > To: openssl-users@openssl.org > Subject: Re: Where is EVP_aes_256_gcm? > > > > On 22/05/12 17:35, Li, David wrote: > > Hi All, > > I can’t find this function in the source tree? It seems pointing to > FIPS_aes_256_gcm. All I see is: > > > > grep -r FIPS_evp_aes_256_gcm . > > ./crypto/evp/evp_fips.c:const EVP_CIPHER *EVP_aes_256_gcm(void) { return > FIPS_evp_aes_256_gcm(); } > > > > Anyone know where it is? > > > > David > > > > Its defined in ./crypto/evp/e_aes.c > > Its cunningly hidden. See this line: > > BLOCK_CIPHER_custom(NID_aes,256,1,12,gcm,GCM, > EVP_CIPH_FLAG_FIPS|EVP_CIPH_FLAG_AEAD_CIPHER|CUSTOM_FLAGS) > > With BLOCK_CIPHER_custom defined as: > > #define BLOCK_CIPHER_custom(nid,keylen,blocksize,ivlen,mode,MODE,flags) \ > static const EVP_CIPHER aesni_##keylen##_##mode = { \ > nid##_##keylen##_##mode,blocksize, \ > (EVP_CIPH_##MODE##_MODE==EVP_CIPH_XTS_MODE?2:1)*keylen/8, ivlen, \ > flags|EVP_CIPH_##MODE##_MODE, \ > aesni_##mode##_init_key, \ > aesni_##mode##_cipher, \ > aes_##mode##_cleanup, \ > sizeof(EVP_AES_##MODE##_CTX), \ > NULL,NULL,aes_##mode##_ctrl,NULL }; \ > static const EVP_CIPHER aes_##keylen##_##mode = { \ > nid##_##keylen##_##mode,blocksize, \ > (EVP_CIPH_##MODE##_MODE==EVP_CIPH_XTS_MODE?2:1)*keylen/8, ivlen, \ > flags|EVP_CIPH_##MODE##_MODE, \ > aes_##mode##_init_key, \ > aes_##mode##_cipher, \ > aes_##mode##_cleanup, \ > sizeof(EVP_AES_##MODE##_CTX), \ > NULL,NULL,aes_##mode##_ctrl,NULL }; \ > const EVP_CIPHER *EVP_aes_##keylen##_##mode(void) \ > { return AESNI_CAPABLE?&aesni_##keylen##_##mode:&aes_##keylen##_##mode; } > > > Matt ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
