Add AEADs for AES-CTR with HMAC-SHA256.
Change-Id: Id035d2c6ab9c6ae034326c313ffe35e0d035dec1
Reviewed-on: https://boringssl-review.googlesource.com/3911
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/include/openssl/aead.h b/include/openssl/aead.h
index 4b8f6cd..b39939d 100644
--- a/include/openssl/aead.h
+++ b/include/openssl/aead.h
@@ -115,6 +115,15 @@
* See |EVP_aead_aes_128_key_wrap| for details. */
OPENSSL_EXPORT const EVP_AEAD *EVP_aead_aes_256_key_wrap(void);
+/* EVP_aead_aes_128_ctr_hmac_sha256 is AES-128 in CTR mode with HMAC-SHA256 for
+ * authentication. The nonce is 12 bytes; the bottom 32-bits are used as the
+ * block counter, thus the maximum plaintext size is 64GB. */
+OPENSSL_EXPORT const EVP_AEAD *EVP_aead_aes_128_ctr_hmac_sha256(void);
+
+/* EVP_aead_aes_128_ctr_hmac_sha256 is AES-256 in CTR mode with HMAC-SHA256 for
+ * authentication. See |EVP_aead_aes_128_ctr_hmac_sha256| for details. */
+OPENSSL_EXPORT const EVP_AEAD *EVP_aead_aes_256_ctr_hmac_sha256(void);
+
/* EVP_has_aes_hardware returns one if we enable hardware support for fast and
* constant-time AES-GCM. */
OPENSSL_EXPORT int EVP_has_aes_hardware(void);
diff --git a/include/openssl/cipher.h b/include/openssl/cipher.h
index 43b6cd5..1df4699 100644
--- a/include/openssl/cipher.h
+++ b/include/openssl/cipher.h
@@ -531,6 +531,9 @@
#define CIPHER_F_aes_init_key 129
#define CIPHER_F_aesni_init_key 130
#define CIPHER_F_EVP_AEAD_CTX_init_with_direction 131
+#define CIPHER_F_aead_aes_ctr_hmac_sha256_init 132
+#define CIPHER_F_aead_aes_ctr_hmac_sha256_open 133
+#define CIPHER_F_aead_aes_ctr_hmac_sha256_seal 134
#define CIPHER_R_AES_KEY_SETUP_FAILED 100
#define CIPHER_R_BAD_DECRYPT 101
#define CIPHER_R_BAD_KEY_LENGTH 102
