aes_cbc_hmac_sha1 implementation

Phani 2004 phani2004 at gmail.com
Mon Feb 24 13:04:00 UTC 2020


Hi Team,

"aes_cbc_hmac_sha1" implementation is currently supported on x86 platforms
only.
With which RFC is this compliant with?
This cipher is only used when the "encrypt then mac" option is disabled. Is
this understanding correct. I am using openssl s_server and s_client is i
use the below command on client side.

openssl s_client -connect 10.29.20.26 -cipher ECDHE-RSA-AES128-SHA -tls1_

Is this correct?
I have following queries:

   1. With which RFC is the current aes_cbc_hmac_sha1 implementation
   compliant with?
   2. It always does "mac then encrypt". Infact this cipher is invoked only
   when "encrypt then mac" flag is disabled. Is this correct?
   3. Is the cipher i used in above s_client command correct?

Thanks in advance.

Regards
Phani
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20200224/e9cb2ca8/attachment.html>


More information about the openssl-users mailing list