The branch OpenSSL_1_1_1-stable has been updated via d251c4ecc11c19628fe86d82b4b4c47cfea97c17 (commit) from d0771a9fdb93bdff992a079f596829139b8b12c0 (commit)
- Log ----------------------------------------------------------------- commit d251c4ecc11c19628fe86d82b4b4c47cfea97c17 Author: Matt Caswell <m...@openssl.org> Date: Thu Apr 2 09:58:59 2020 +0100 Expand the XTS documentation Explain that XTS does not support streaming, and that the IV value is the tweak. Reviewed-by: Tomas Mraz <tm...@fedoraproject.org> Reviewed-by: Paul Dale <paul.d...@oracle.com> (Merged from https://github.com/openssl/openssl/pull/11461) (cherry picked from commit 70d80ef9898ddbe03841efd2df2f526b71829d7f) ----------------------------------------------------------------------- Summary of changes: doc/man3/EVP_aes.pod | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/doc/man3/EVP_aes.pod b/doc/man3/EVP_aes.pod index 4192a9ec36..7db48a427f 100644 --- a/doc/man3/EVP_aes.pod +++ b/doc/man3/EVP_aes.pod @@ -160,6 +160,13 @@ In particular, XTS-AES-128 (B<EVP_aes_128_xts>) takes input of a 256-bit key to achieve AES 128-bit security, and XTS-AES-256 (B<EVP_aes_256_xts>) takes input of a 512-bit key to achieve AES 256-bit security. +The XTS implementation in OpenSSL does not support streaming. That is there must +only be one L<EVP_EncryptUpdate(3)> call per L<EVP_EncryptInit_ex(3)> call (and +similarly with the "Decrypt" functions). + +The I<iv> parameter to L<EVP_EncryptInit_ex(3)> or L<EVP_DecryptInit_ex(3)> is +the XTS "tweak" value. + =back =head1 RETURN VALUES