On Wed, 2018-12-19 at 08:57 +0300, Dmitry Belyavsky wrote: > > I would have thought that the true maximum would be round-up(inl, > > cipher_block_size); that is, for inl values 1-15 you'd get 16 > > bytes, and for inl values 16-31 you'd get 32 bytes, etc. (I'm not > > actually sure whether inl of 16 gets you 16 or 32 bytes...) > > > > Am I wrong about that? Would some ciphers/modes write beyond the > > end of the current "block" and into the next one? > > When you use a block cipher and pass data less than block size, it is > stored in the internal buffer. In this case you do not get encrypted > data until there is enough plain text to encrypt the full block. > > When you add more data, if you pass enough data to finalize a > previously unfinished block, you get more long ciphertext than > plaintext passed in a particular call of CipherUpdate. I see. So you potentially need enough for an almost full previous block, plus the current data. That makes sense. Thanks! -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
