Hi Michel,
On 15.12.2022 21:19, Michel wrote:
But don't you think that an exact value smaller than the
cipher block size might look like an hazardous 'optimization',
for a very hypothetical gain ?
The maximum possible output buffer size is *twice* the block size (due
to any partial blocks that may have been updated previously). As I'm
updating the cipher block by block output buffer size equal to block
size should be sufficient.
I don't know much about EVP_CIPHER_CTX_num() use case,
looks new to me (OpenSSL version > 3 ?),
sorry.
It was introduced in 1.1.0 in this commit:
commit 83b06347023a573433b6aa23c8042f89df869f9e
Author: Richard Levitte <levitte@xxxxxxxxxxx>
Date: Sun Dec 13 21:25:42 2015 +0100
Add accessors and writers for EVP_CIPHER_CTX
New functions:
- EVP_CIPHER_CTX_encrypting()
- EVP_CIPHER_CTX_iv()
- EVP_CIPHER_CTX_iv_noconst()
- EVP_CIPHER_CTX_original_iv()
- EVP_CIPHER_CTX_buf_noconst()
- EVP_CIPHER_CTX_num()
- EVP_CIPHER_CTX_set_num()
- EVP_CIPHER_CTX_cipher_data()
but it appears it's not widely used outside of OpenSSL's internals (at
least I didn't get any meaningful search results).
Thanks for your time!
Kind regards,
Wiktor