mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-02-17 14:32:04 +08:00
Code Issues Packages Projects Releases Wiki Activity

Expand the XTS documentation

Browse Source 
Explain that XTS does not support streaming, and that the IV value is the
tweak.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/11461)
This commit is contained in:
Matt Caswell 2020-04-02 09:58:59 +01:00
parent 94468c775c
commit 70d80ef989
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
doc/man3/EVP_aes_128_gcm.pod
View File

@ -160,6 +160,13 @@ In particular, XTS-AES-128 (B<EVP_aes_128_xts>) takes input of a 256-bit key to
achieve AES 128-bit security, and XTS-AES-256 (B<EVP_aes_256_xts>) takes input
of a 512-bit key to achieve AES 256-bit security.
The XTS implementation in OpenSSL does not support streaming. That is there must
only be one L<EVP_EncryptUpdate(3)> call per L<EVP_EncryptInit_ex(3)> call (and
similarly with the "Decrypt" functions).
The I<iv> parameter to L<EVP_EncryptInit_ex(3)> or L<EVP_DecryptInit_ex(3)> is
the XTS "tweak" value.
=back
=head1 RETURN VALUES