Hello, let's say that I'm reading the algorithm to use for symmetric encryption from a config file, and using EVP_get_cipherbyname().
What is the best way to tell if the EVP_CIPHER returned is performing authenticated encryption? By just reading the man page and poking briefly at the code: 1) I could use EVP_cipher_flags() & EVP_CIPH_FLAG_AEAD_CIPHER, however this will tell me if the algorithm has Authenticated Encryption for Additional Data, correct? (not really documented in the .h) so does not cover algorithms that can't do the additional data bit? Eg, by peeking at the code, I don't see CCM modes marked with this flag. 2) I could use EVP_cipher_mode() and verify that the algorithm is in CCM or GCM mode? but this won't be very future proof, and won't cover algorithms such as -hmac-sha... ? correct? 3) Just whitelist / blacklist the algorithms that my code is willing to use? Other? Thanks, Carlo ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
