Re: "num" parameter and expected output buffer size in EVP_CipherUpdate

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Michel,

On 15.12.2022 21:19, Michel wrote:
But don't you think that an exact value smaller than the
cipher block size might look like an hazardous 'optimization',
for a very hypothetical gain ?

The maximum possible output buffer size is *twice* the block size (due to any partial blocks that may have been updated previously). As I'm updating the cipher block by block output buffer size equal to block size should be sufficient.

I don't know much about EVP_CIPHER_CTX_num() use case,
looks new to me (OpenSSL version > 3 ?),
sorry.

It was introduced in 1.1.0 in this commit:

commit 83b06347023a573433b6aa23c8042f89df869f9e
Author: Richard Levitte <levitte@xxxxxxxxxxx>
Date:   Sun Dec 13 21:25:42 2015 +0100

    Add accessors and writers for EVP_CIPHER_CTX
New functions: - EVP_CIPHER_CTX_encrypting()
    - EVP_CIPHER_CTX_iv()
    - EVP_CIPHER_CTX_iv_noconst()
    - EVP_CIPHER_CTX_original_iv()
    - EVP_CIPHER_CTX_buf_noconst()
    - EVP_CIPHER_CTX_num()
    - EVP_CIPHER_CTX_set_num()
    - EVP_CIPHER_CTX_cipher_data()

but it appears it's not widely used outside of OpenSSL's internals (at least I didn't get any meaningful search results).

Thanks for your time!

Kind regards,
Wiktor



[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux