On Wed, Mar 03, 2010 at 02:56:07PM +0100, Dr. Stephen Henson wrote: > > I'm thinking here that we should have a standardised technique for handling > encrypt+mac which will also cover possible future needs.
As far as I can tell, there isn't even working support for plain old MAC in the engine interface. It would be rather ironic to go tearing things up for encrypt+mac when all the hardware out there which accellerates even plain-vanilla HMAC can't be used... There's plenty to fix in this area and I don't think some of the really questionable interfaces (like ENGINE) should be considered sacrosanct. Thor ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
