Allow to disable reference of AES-256-XTS for Themis iOS #329
Conversation
src/soter/boringssl/soter_sym.c
Outdated
| @@ -65,8 +65,13 @@ const EVP_CIPHER* algid_to_evp(uint32_t alg){ | |||
| return EVP_aes_192_ctr(); | |||
| case SOTER_SYM_AES_CTR|SOTER_SYM_128_KEY_LENGTH: | |||
| return EVP_aes_128_ctr(); | |||
| // Workaround for using BoringSSL on iOS, because XTS is not included in BoringSSL pod implementation. | |||
| // see https://github.com/CocoaPods/Specs/blob/master/Specs/0/8/a/BoringSSL/10.0.6/BoringSSL.podspec.json#L44 | |||
| // see https://github.com/cossacklabs/themis/issues/223#issuecomment-432720576 | |||
There was a problem hiding this comment.
Please, use consistent comments as the rest of the file.
There was a problem hiding this comment.
what kind of comment style would you prefer? because i don't see any consistency across comments in all soter files.
There was a problem hiding this comment.
Well, at least in this file we have /* ... */ at the top. I generally prefer C-style comments in C files.
There was a problem hiding this comment.
sure, changed.
when i was reading other files, I noticed rather mixed style of comments, but my pleasure is to make it more consistent :)
Themis for iOS is not built via Makefile, so no need to change it. |
Currently building Themis iOS with BoringSSL as backend leads to error:
AES-256-XTS implementation is missing in BoringSSL CocoaPod. BoringSSL CocoaPod is rather popular and used in thousands apps, and probably they had a reason to exclude XTS, so I won't suggest them to change their podspec.
However, Themis is not really using XTS mode (see search results), but
soter_symhas two references on it (see soter/openssl/soter_sym and soter/boringssl/soter_sym).I suggest to have a way to exclude references to
EVP_aes_256_xtsfor Themis iOS using#define SOTER_BORINGSSL_DISABLE_XTS.This change won't affect other platforms, but will be used only in
themis.podspecfor iOS.