[openssl-project] to fully overlap or not to
Matt Caswell
matt at openssl.org
Wed Feb 28 16:37:33 UTC 2018
On 28/02/18 16:32, Viktor Dukhovni wrote:
>
>
>> On Feb 28, 2018, at 11:25 AM, Viktor Dukhovni <openssl-users at dukhovni.org> wrote:
>>
>>> I'd like to request more opinions on
>>> https://github.com/openssl/openssl/pull/5427. Key dispute question is
>>> whether or not following fragment should work
>>>
>>> unsigned char *inp = buf, *out = buf;
>>>
>>> for (i = 0; i < sizeof(buf); i++) {
>>> EVP_EncryptUpdate(ctx, out, &outl, inp++, 1);
>>> out += outl;
>>> }
>>
>> This should work.
>
> On second thought, perhaps not. A block cipher cannot provide output
> synchronously on byte boundaries.
>
It should still work IMO. With a block size of 16 you should get 15
invocations of EVP_EncryptUpdate where outl is set to 0 afterwards,
followed by 1 invocation where outl is set to 16 afterwards. This should
still be the case for in-place encryption.
Matt
More information about the openssl-project
mailing list