EVP_aes_128_cbc() is still usable to get the appropriate EVP_CIPHER reference, but is regarded legacy. With OpenSSL 3.0 and providers, the new method to get the algorithm you want is by fetching, in this case using EVP_CIPHER_fetch(). In https://www.openssl.org/docs/man3.0/man7/crypto.html#FETCHING-EXAMPLES, there is an example that demonstrates fetching exactly the algorithm your asking for, "AES-128-CBC". If you want to know exactly what algorithms are available to you (by name), 'openssl list' is your friend. For example, this command shows all the default cipher algorithms: openssl list -cipher-algorithms You will notice that the output is divided into two sections, "Legacy:" and "Provided:". The latter is more future proof set of names. Cheers, Richard On Thu, 05 Jan 2023 13:12:57 +0100, Samiya Khanum via openssl-users wrote: > > Hi All, > > We are upgrading our code to openSSL 3.0. > > I have replaced AES_set_encrypt_key and AES_encrypt with EVP_CipherInit_ex, EVP_CipherUpdate > and EVP_CipherFinal_ex. > In the below function what should be the cipher parameter(second argument). Because in AES_encryt > api, we don't mention any block cipher. > Is it EVP_aes_128_cbc() algorithm that we should use? > > int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, > const EVP_CIPHER *cipher, ENGINE *impl, > const unsigned char *key, > const unsigned char *iv, int enc); > > Thanks & Regards, > Samiya khanum > > This electronic communication and the information and any files transmitted with it, or attached > to it, are confidential and are intended solely for the use of the individual or entity to whom it > is addressed and may contain information that is confidential, legally privileged, protected by > privacy laws, or otherwise restricted from disclosure to anyone else. If you are not the intended > recipient or the person responsible for delivering the e-mail to the intended recipient, you are > hereby notified that any use, copying, distributing, dissemination, forwarding, printing, or > copying of this e-mail is strictly prohibited. If you received this e-mail in error, please return > the e-mail to the sender, delete it from your computer, and destroy any printed copy of it. > > [2 S/MIME Cryptographic Signature <application/pkcs7-signature (base64)>] > Good signature from 1E45BABBADAD646C644FE256D55EFC9561AABBFF /CN=Samiya Khanum/O=Broadcom Inc./L=Bangalore/ST=Karnataka/C=IN/EMail=samiya.khanum@xxxxxxxxxxxx (trust full) -- Richard Levitte levitte@xxxxxxxxxxx OpenSSL Project http://www.openssl.org/~levitte/
