EVP_aes_128_cbc_hmac_sha256() not working on arm64 architecture

Matt Caswell matt at openssl.org
Tue May 7 15:44:24 UTC 2019

On 06/05/2019 16:41, Mirko J. Ploch wrote:
> Hello,
> I'm trying to use EVP_aes_128_cbc_hmac_sha256() for encryption on an iOS device
> with arm64 architecture. I was able to get it working with the x86_64
> architecture when running the iOS device simulator on an iMac. Is this just not
> capable of working on an arm64 platform?
> Looking at the code for EVP_aes_128_cbc_hmac_sha256, it does not look like it.
> I'm hoping that there is a way to get it working.
> https://github.com/openssl/openssl/blob/OpenSSL_1_1_1b/crypto/evp/e_aes_cbc_hmac_sha256.c

This cipher is a special purpose cipher not intended for general use. It is
specifically targeted at usage in TLS. Unless you're writing a TLS stack you
probably don't want to use this. It is only available on some platforms and does
runtime detection to check whether the platform is suitable or not. Most
importantly the platform must have AES-NI support.

It's usefulness even in a TLS stack is somewhat limited these days since it is
not relevant for TLSv1.3 and does not get used if encrypt-then-mac is negotiated
(which recent versions of OpenSSL will try to negotiate by default).


More information about the openssl-users mailing list