Public names for CTS cipher modes?

[simo5]

In providers/implementations/include/prov/names.h these definitions are available:
#define PROV_NAMES_AES_256_CBC_CTS "AES-256-CBC-CTS"
#define PROV_NAMES_AES_192_CBC_CTS "AES-192-CBC-CTS"
#define PROV_NAMES_AES_128_CBC_CTS "AES-128-CBC-CTS"

and I verified that AES-CTS is usable when requesting ciphers by those names.

However there is no public usable string defined in obj_mac.h or any other public header in /usr/include/openssl/*.h file.

All other AES modes have usable string in obje_mac.h as either SN_aes_* or LN_aes_* defines ...

Is this intentional?

[t8m]

We've discussed this in the OTC in past and the general consensus was that we do not want to make these PROV_NAMES_ defines public as in general the names for the algorithms are not a business of libcrypto but they should be owned by providers. I.e., we cannot provide name defines for algorithms that our providers do not provide but 3rd party providers do anyway.

We definitely do not want to run some kind of registry of algorithm names as that would unnecessarily hinder 3rd parties work on providing new algorithms if we required to have defines in libcrypto public headers for them.

[simo5]

So how is someone supposed to know these names? Just guesswork?
This algorithm is implemented in the default provider, so it is not some random 3rd party thing.

I also do not understand the registry comment, I expect a third party provider to provide their own header files with const strings for their algorithm names.

I mean I can manually construct these, but it is less error prone to have a list somewhere that removes the guesswork when available.

[t8m]

So how is someone supposed to know these names? Just guesswork?

The names (as the strings) are part of the public API/ABI for the default provider. They are documented as such in https://www.openssl.org/docs/man3.2/man7/EVP_CIPHER-AES.html so there is no guesswork.

What is the difference between using "AES-256-CBC-CTS" or some define? I do not see it.

I mean I can manually construct these, but it is less error prone to have a list somewhere that removes the guesswork when available.

All the algorithms provided are documented as such and you can verify them by using openssl list -cipher-algorithms.

[simo5]

What is the difference between using "AES-256-CBC-CTS" or some define? I do not see it.

Mostly that if you use a header defined variable that points to the correct string, and you mispell it, you get a compile error.

If you mispell the algorithm in the string, if you are lucky you get a runtime error that you have to debug in test, if unlucky you get it in production, if really unlucky you get the wrong mode.

It is not a huge deal I guess.