Output buffer length in EVP_EncryptUpdate for ECB mode
Wiktor Kwapisiewicz
wiktor at metacode.biz
Fri Nov 4 08:43:57 UTC 2022
Matt,
> EVP_EncryptUpdate() can be called repeatedly, incrementally feeding in
> the data to be encrypted. The ECB mode (when used with AES-128) will
> encrypt input data 16 bytes at a time, and the output size will also be
> 16 bytes per input block. If the data that you feed in to
> EVP_EncryptUpdate() is not a multiple of 16 bytes then the amount of
> data that is over a multiple of 16 bytes will be cached until a
> subsequent call where it does have 16 bytes.
>
> Let's say you call EVP_EncryptUpdate() with 15 bytes of data. In that
> case all 15 bytes will be cached and 0 bytes will be output.
>
> If you then call it again with 17 bytes of data, then added to the 15
> bytes already cached we have a total of 32 bytes. This is a multiple of
> 16, so 2 blocks (32 bytes) will be output, so:
>
> (inl + cipher_block_size - 1) = (17 + 16 - 1) = 32
This explanation makes perfect sense. Thank you!
The context I asked is that the rust-openssl wrapper always requires the
output buffer to be at least as big as the input buffer + the cipher's
block size [0] (assuming pessimistic case). That is even if I always
feed the EVP_EncryptUpdate with blocks exactly 16 bytes long the wrapper
requires 32 byte output buffers, while, based on your description 16
byte output buffers should be sufficient.
Thank you for your time!
Kind regards,
Wiktor
[0]: https://docs.rs/openssl/latest/src/openssl/cipher_ctx.rs.html#504
More information about the openssl-users
mailing list