[openssl-project] to fully overlap or not to

Wed Feb 28 18:48:03 UTC 2018

On 02/28/18 17:25, Viktor Dukhovni wrote:
> 
> 
>> On Feb 28, 2018, at 5:39 AM, Andy Polyakov <appro at openssl.org> wrote:
>>
>> I'd like to request more opinions on
>> https://github.com/openssl/openssl/pull/5427. Key dispute question is
>> whether or not following fragment should work
>>
>>     unsigned char *inp = buf, *out = buf;
>>
>>     for (i = 0; i < sizeof(buf); i++) {
>>         EVP_EncryptUpdate(ctx, out, &outl, inp++, 1);
>> 	out += outl;
>>     }
> 
> This should work.
> 

It does only work, if you know that ctx->buf_len == 0
before the loop is entered.

It does not work with CFB1, CCM, XTS and WRAP modes.

There is no access function to get the internal state of the cipher
context.

I the documentation does not cover this at all, and most of
all I really wonder how the wording could look like.

Bernd.