EVP_aes_128_cbc_hmac_sha256() not working on arm64 architecture
Mirko J. Ploch
openssl at mirko.wtf
Wed May 8 14:43:56 UTC 2019
Thank you Matt. You have been very helpful.
On Tue, May 7, 2019 at 6:40 PM Matt Caswell <matt at openssl.org> wrote:
> On 07/05/2019 20:47, Mirko J. Ploch wrote:
> > Thank you for your response. You answered my question. It is not
> available on my
> > target platform architecture (arm64).
> > I do have a specific need for that cipher, and it does not have anything
> to do
> > with TLS. An app that I am working on requires it for JSON Web
> Encryption (JWE)
> > as the required encryption algorithm.
> Then (in spite of the name) this is not the cipher you want to use. This
> can *only* do the AAD specified for TLS - it is not a general purpose
> cipher and
> so will not be capable of doing the AAD specified in that draft.
> You can probably achieve what you want using EVP_aes_128_cbc() and then
> HMAC-SHA256 separately.
> > Best Regards,
> > Mirko
> > On Tue, May 7, 2019 at 11:45 AM Matt Caswell <matt at openssl.org
> > <mailto:matt at openssl.org>> wrote:
> > On 06/05/2019 16:41, Mirko J. Ploch wrote:
> > > Hello,
> > >
> > > I'm trying to use EVP_aes_128_cbc_hmac_sha256() for encryption on
> an iOS
> > device
> > > with arm64 architecture. I was able to get it working with the
> > > architecture when running the iOS device simulator on an iMac. Is
> > just not
> > > capable of working on an arm64 platform?
> > >
> > > Looking at the code for EVP_aes_128_cbc_hmac_sha256, it does not
> look like it.
> > > I'm hoping that there is a way to get it working.
> > >
> > This cipher is a special purpose cipher not intended for general
> use. It is
> > specifically targeted at usage in TLS. Unless you're writing a TLS
> stack you
> > probably don't want to use this. It is only available on some
> platforms and does
> > runtime detection to check whether the platform is suitable or not.
> > importantly the platform must have AES-NI support.
> > It's usefulness even in a TLS stack is somewhat limited these days
> since it is
> > not relevant for TLSv1.3 and does not get used if encrypt-then-mac
> is negotiated
> > (which recent versions of OpenSSL will try to negotiate by default).
> > Matt
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the openssl-users