root
/
openssl
mirror of https://github.com/openssl/openssl.git
1
0
Fork 0
Code Issues Actions 7 Packages Projects Releases Wiki Activity

AES: Document that the XTS, SIV, WRAP modes do not support streaming 

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
(Merged from https://github.com/openssl/openssl/pull/23028)

(cherry picked from commit 8f0f814d79)
This commit is contained in:
Tomas Mraz 2023-12-13 10:06:59 +01:00
parent 8493cf0d3a
commit 6610de034b
1 changed files with 13 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
doc/man7/EVP_CIPHER-AES.pod
View File

@ -61,6 +61,19 @@ FIPS provider:
This implementation supports the parameters described in
L<EVP_EncryptInit(3)/PARAMETERS>.
=head1 NOTES
The AES-SIV and AES-WRAP mode implementations do not support streaming. That
means to obtain correct results there can be only one L<EVP_EncryptUpdate(3)>
or L<EVP_DecryptUpdate(3)> call after the initialization of the context.
The AES-XTS implementations allow streaming to be performed, but each
L<EVP_EncryptUpdate(3)> or L<EVP_DecryptUpdate(3)> call requires each input
to be a multiple of the blocksize. Only the final EVP_EncryptUpdate() or
EVP_DecryptUpdate() call can optionally have an input that is not a multiple
of the blocksize but is larger than one block. In that case ciphertext
stealing (CTS) is used to fill the block.
=head1 SEE ALSO
L<provider-cipher(7)>, L<OSSL_PROVIDER-FIPS(7)>, L<OSSL_PROVIDER-default(7)>