OpenSSL with AES-256-CTR cipher

Question

I have installed OpenSSL on my OS X box and it provides the AES-256-CTR cipher. When I install OpenSSL on Windows, then the AES-256-CTR cipher isn't available. Can anyone explain why there is a difference?

I need the AES-CTR cipher, because it works with different blocks than AES-CBC...

My Windows box has OpenSSL v1.0.0k installed, but my OS X box has v1.0.1l installed. Unfortunately, the v1.0.0k version doesn't support AES-256-CTR. I tried to find v1.0.1l that is compatible with Ruby (it requires a libssl.dll.a). — Ramon de Klein, Feb 09 '15 at 14:44
You should be able to build OpenSSL from the source code. v1.0.1l source code — RoraΖ, Feb 09 '15 at 17:29

score 3 · Accepted Answer · answered Feb 10 '15 at 09:14

AES-CTR-256 is only available since OpenSSL v1.0.1. It's possible to view the encoding ciphers by issueing the following command

openssl enc help

It will show all the available encoding ciphers. To check the current version of OpenSSL run the following command

openssl version

Note that the 0.9.8, 1.0.0 and 1.0.1 branches have been maintained in parallel. OpenSSL 0.9.8zc might be newer than 1.0.1e, so focus on the version instead of the date.

Some applications (i.e. Ruby) don't use the openssl executable, but link to libssl instead and inherit the abilities of the library. Upgrading OpenSSL to a newer version doesn't help much in that case. If the application uses dynamic linking, then it might suffice to upgrade libssl to a newer version. If it's linked statically, then the entire application needs to be recompiled with a newer libssl (or you might check if there is a newer version).

Ruby programmer's can check which OpenSSL version is installed by issueing the following command

ruby -ropenssl -e 'puts OpenSSL::OPENSSL_VERSION'

OpenSSL with AES-256-CTR cipher

1 Answers1