In file openssl/crypto/evp/e_aes.c (for AESNI), the blocksize for CFB
and CTR modes is set to 1, as opposed to CBC and ECB which uses 16 bytes:
BLOCK_CIPHER_generic(nid,keylen,16,16,cbc,cbc,CBC,flags|EVP_CIPH_FLAG_DEFAULT_ASN1)
\
BLOCK_CIPHER_generic(nid,keylen,16,0,ecb,ecb,ECB,flags|EVP_CIPH_FLAG_DEFAULT_ASN1)
\
BLOCK_CIPHER_generic(nid,keylen,1,16,ofb128,ofb,OFB,flags|EVP_CIPH_FLAG_DEFAULT_ASN1)
\
BLOCK_CIPHER_generic(nid,keylen,1,16,cfb128,cfb,CFB,flags|EVP_CIPH_FLAG_DEFAULT_ASN1)
\
BLOCK_CIPHER_generic(nid,keylen,1,16,cfb1,cfb1,CFB,flags) \
BLOCK_CIPHER_generic(nid,keylen,1,16,cfb8,cfb8,CFB,flags) \
BLOCK_CIPHER_generic(nid,keylen,1,16,ctr,ctr,CTR,flags)
This is apparently to workaround the fact that the input doesn't have to
be padded to the AES block size of 16 bytes.
I have tried instead setting the blocksize to 16 instead of 1 and adding
EVP_CIPH_NO_PADDING to flags. This results in better performance and the
same results. So I'm wondering if this was just an oversight? Or is
there another reason a blocksize of 1 is used over 16?
- Dan
--
dan.ander...@oracle.com, Oracle Solaris
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majord...@openssl.org
