EVP_CIPHER_CTX_FLAG_WRAP_ALLOW
Dmitry Belyavsky
beldmit at gmail.com
Tue Nov 12 15:46:58 UTC 2019
Hello,
I'm trying to implement the new Russian GOST CMS specification. It uses the
key wrap algorithm described here:
https://tools.ietf.org/html/draft-smyshlyaev-tls12-gost-suites-06#section-8.2
I've implemented the algorithm as a cipher with the EVP_CIPH_WRAP_MODE flag.
It seems to me that the only way to avoid clearing the
EVP_CIPHER_CTX_FLAG_WRAP_ALLOW flag in the EVP_CipherInit function is
providing the ctrl function in the corresponding EVP_CIPHER object because
the EVP_CipherInit function resets the passed EVP_CIPHER_CTX object.
The EVP_CipherInit_ex does not reset the EVP_CIPHER_CTX object and
theEVP_CIPHER_CTX_FLAG_WRAP_ALLOW stays untouched, so the behavior seems a
bit controversial (and undocumented, at least for the 1.1.1 branch).
Is this difference a desired one or an accidental one? Should it be
documented or fixed?
--
SY, Dmitry Belyavsky
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20191112/6238767c/attachment.html>
More information about the openssl-users
mailing list