"num" parameter and expected output buffer size in EVP_CipherUpdate
Wiktor Kwapisiewicz
wiktor at metacode.biz
Thu Dec 15 19:44:05 UTC 2022
Hi Michel,
On 15.12.2022 19:17, Michel wrote:
> ///"the amount of data written can be anything from zero bytes to (inl +
> cipher_block_size) bytes"/(at a maximum)
>
> what you are asking for ?
>
> Resulting in///cipher_block_size/bytesneeded (at max, may be 0) when
> callingEVP_CipherFinal() ?
>
> “///The encrypted final data is written to////out////which should have
> sufficient space for one cipher block/”.
This gives a range and I'm looking for exact value. That value can be
calculated using Matt's description [0]. I'm wondering if that can be
done without keeping external state, just using cipher API.
The "num" parameter looked like exactly what I was looking for but
either I'm holding it wrong or I misunderstood its purpose.
The use case I have in mind is to provide safe API that checks if the
client provided buffer big enough for next call to CipherUpdate. In some
cases, for example when encrypting data block by block by the client,
the output buffer of one block is sufficient.
I hope that clarifies the use case I have in mind.
Have a nice day!
Kind regards,
Wiktor
[0]:
https://mta.openssl.org/pipermail/openssl-users/2022-November/015623.html
More information about the openssl-users
mailing list