[openssl-users] EVP_EncryptUpdate and EVP_CIPHER callback do_cipher

Matt Caswell matt at openssl.org
Mon Apr 18 15:00:58 UTC 2016



On 18/04/16 15:55, Dmitry Belyavsky wrote:
> Hello,
> 
> Could anybody explain how to deal with the output length in the
> EVP_EncryptUpdate?
> 
> The function EVP_EncryptUpdate has the outl output parameter, which is
> designed for returning the length of the resulting ciphertext. Then
> internally it calls the do_cipher callback which does not take such a
> parameter.
> 
> Is there a way to return an expected buffer length from the callback?
> It may be necessary when we call the EVP_EncryptUpdate some times, and
> we get the case when ctx->buf from the previous calls has enough bytes
> to be processed together with the input buffer so the output is longer
> then the input.

The man page advises that the size of the output buffer should be:

inl + cipher_block_size - 1

This should cater for all eventualities.

Matt


More information about the openssl-users mailing list