"num" parameter and expected output buffer size in EVP_CipherUpdate

Michel michel.sales at online.fr
Thu Dec 15 18:17:13 UTC 2022

Hi Wiktor,

> and, more importantly,
> - given EVP_CIPHER_CTX object and the length of the input buffer, is 
> it possible to calculate the needed output buffer size without 
> explicitly keeping external state?

I may not have understood your question, but, as stated in [1], isn't :
"the amount of data written can be anything from zero bytes to (inl + cipher_block_size) bytes" (at a maximum)
what you are asking for ?

Resulting in cipher_block_size bytes needed (at max, may be 0) when calling EVP_CipherFinal() ?

>From : https://www.openssl.org/docs/manmaster/man3/EVP_EncryptUpdate.html
“The encrypted final data is written to out which should have sufficient space for one cipher block”.

Hope this helps,



[1]: https://mta.openssl.org/pipermail/openssl-users/2022-November/015623.html
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20221215/6b1081e2/attachment.htm>

More information about the openssl-users mailing list