Re: aes_cbc_hmac_sha1 implementation

2020-03-02 Thread Matt Caswell
tion should i do mte only? Yes. > If hardware engine can do both operations in a single request and save > time. Also, say there is a flag which indicates whether its mte or etm. > How should my aes_cbc_hmac_sha1 implementation look like? That cipher only does mte. > Should it do only

Re: aes_cbc_hmac_sha1 implementation

2020-03-01 Thread Phani 2004
on of combined mode cipher > aes_cbc_hmac_sha1. > So in my aes_cbc_hmac_sha1_cipher implementation should i do mte only? > > If hardware engine can do both operations in a single request and save > time. Also, say there is a flag which indicates whether its mte or etm. > How should my

Re: aes_cbc_hmac_sha1 implementation

2020-02-28 Thread Phani 2004
tions in a single request and save time. Also, say there is a flag which indicates whether its mte or etm. How should my aes_cbc_hmac_sha1 implementation look like? Should it do only mte always? Should i have two ciphers, one for etm and other for mte. But how to i tell openssl to use this cipher for etm

Re: aes_cbc_hmac_sha1 implementation

2020-02-27 Thread Matt Caswell
On 27/02/2020 18:30, Phani 2004 wrote: > Thanks for the reply. > > In ssl_get_evp_cipher api when etm flag is enabled the > aesni_cbc_hmac_sha1_cipher is not used. In this cipher only it > implements mte. This part is not clear to me? Support I implement one > cipher func which needs to handle

Re: aes_cbc_hmac_sha1 implementation

2020-02-27 Thread Phani 2004
Thanks for the reply. In ssl_get_evp_cipher api when etm flag is enabled the aesni_cbc_hmac_sha1_cipher is not used. In this cipher only it implements mte. This part is not clear to me? Support I implement one cipher func which needs to handle both etm as well as mte, at the cipher api level how d

Re: aes_cbc_hmac_sha1 implementation

2020-02-26 Thread Hubert Kario
On Wednesday, 26 February 2020 08:59:01 CET, Phani 2004 wrote: Thanks for the quick response Matt. My command was : openssl s_client -connect 10.29.20.26 -cipher ECDHE-RSA-AES128-SHA -tls1_2. I did not realise that "2" was not copied. I am trying to implement combined algo support on our engine

Re: aes_cbc_hmac_sha1 implementation

2020-02-25 Thread Phani 2004
. Regards Phani On Tue, Feb 25, 2020 at 10:31 AM Matt Caswell wrote: > > > On 24/02/2020 13:04, Phani 2004 wrote: > > Hi Team, > > > > "aes_cbc_hmac_sha1" implementation is currently supported on x86 > > platforms only. > > With which RFC is this

Re: aes_cbc_hmac_sha1 implementation

2020-02-24 Thread Matt Caswell
On 24/02/2020 13:04, Phani 2004 wrote: > Hi Team, > > "aes_cbc_hmac_sha1" implementation is currently supported on x86 > platforms only. > With which RFC is this compliant with? > This cipher is only used when the "encrypt then mac" option is disabled.

aes_cbc_hmac_sha1 implementation

2020-02-24 Thread Phani 2004
Hi Team, "aes_cbc_hmac_sha1" implementation is currently supported on x86 platforms only. With which RFC is this compliant with? This cipher is only used when the "encrypt then mac" option is disabled. Is this understanding correct. I am using openssl s_server and s_clien