> On Feb 28, 2018, at 11:32 AM, Viktor Dukhovni <openssl-us...@dukhovni.org> 
> wrote:
> 
>>> I'd like to request more opinions on
>>> https://github.com/openssl/openssl/pull/5427. Key dispute question is
>>> whether or not following fragment should work
>>> 
>>>  unsigned char *inp = buf, *out = buf;
>>> 
>>>  for (i = 0; i < sizeof(buf); i++) {
>>>      EVP_EncryptUpdate(ctx, out, &outl, inp++, 1);
>>>     out += outl;
>>>  }
>> 
>> This should work.
> 
> On second thought, perhaps not.  A block cipher cannot provide output
> synchronously on byte boundaries.

Time to stop composing email on the train... I see that the code supports
0-length output, so the block cipher can buffer internally, and periodically
output a block.  So, back to the first message, it should work, with internal
input buffering in the block cipher context until a full block is obtained or
EVP_EncryptFinal() is called.  Unless that has prohibitive performance impact
on existing callers.

-- 
        Viktor.

_______________________________________________
openssl-project mailing list
openssl-project@openssl.org
https://mta.openssl.org/mailman/listinfo/openssl-project

Reply via email to