On 06/05/2019 16:41, Mirko J. Ploch wrote:
> Hello,
>
> I'm trying to useĀ EVP_aes_128_cbc_hmac_sha256() for encryption on an iOS
> device
> with arm64 architecture. I was able to get it working with the x86_64
> architecture when running the iOS device simulator on an iMac. Is this just
> not
> capable of working on an arm64 platform?
>
> Looking at the code for EVP_aes_128_cbc_hmac_sha256, it does not look like it.
> I'm hoping that there is a way to get it working.
> https://github.com/openssl/openssl/blob/OpenSSL_1_1_1b/crypto/evp/e_aes_cbc_hmac_sha256.c
This cipher is a special purpose cipher not intended for general use. It is
specifically targeted at usage in TLS. Unless you're writing a TLS stack you
probably don't want to use this. It is only available on some platforms and does
runtime detection to check whether the platform is suitable or not. Most
importantly the platform must have AES-NI support.
It's usefulness even in a TLS stack is somewhat limited these days since it is
not relevant for TLSv1.3 and does not get used if encrypt-then-mac is negotiated
(which recent versions of OpenSSL will try to negotiate by default).
Matt
