Skip Menu |
 

Subject: openssl k5crypto back end should not require openssl-1.0
Currently, the OpenSSL k5crypto back end requires the use of openssl-1.0, because earlier
releases did not support CTS mode. For portability reasons (and minor performance
improvement in the IOV case), we should implement CTS mode using CBC mode interfaces that
already exist in older OpenSSL releases.