Quoting Julien ALLANOS <[EMAIL PROTECTED]>:
Quoting Nils Larsch <[EMAIL PROTECTED]>:
Julien ALLANOS wrote:
Hello, I want to use AES encryption in my C application, but I am missing
documentation. I only have openssl/aes.h but there isn't any manpage. Can
someone points me to any how-to or source code? Thanks for you help.
consider using the EVP_Cipher* etc. functions (see EVP_CipherInit_ex
Thanks Nils. This manpage shows a great example of an encryption/decryption
function using this high-level API. However, I have a last question: is there
any limit on the input buffer size for EVP_CipherUpdate()? I see in
that you're using 1024 bytes buffers inside a for loop. In my
of the buffers I'm encrypting using AES-192 are <1024 bytes, but
there might be
cases where a buffer has a greater size (not so much though). I'm
calling EVP_CipherUpdate() only once would be generic enough to handle these
situations, or if I should use a for loop as you did. Thanks for any help.
Actually, I have tested the following:
EVP_CipherInit_ex(&ctx, EVP_aes_192_ecb(), NULL, key->data, NULL, 1);
if (!EVP_CipherUpdate(&ctx, ciphertext->data, (int *) &ciphertext->length,
plaintext->data, (int) plaintext->length))
if (!EVP_CipherFinal_ex(&ctx, ciphertext->data,
(int *) &ciphertext->length))
Here, key, plaintext and ciphertext are structs with an unsigned char * 'data'
field and a size_t 'length' field. plaintext->length is 59 (in bytes), so I
have allocated 59 + 16 bytes for ciphertext->data before the snippet of code
above. But after encryption, ciphertext->length is only 16 bytes long! Do I
have to call EVP_CipherUpdate multiple times (and manage an offset for both
plaintext and ciphertext) to encrypt the entire incoming data? If so, what's
the purpose of the inl parameter if only a block length (16 bytes for AES) is
read per call? Thanks for any enlightenment.
OpenSSL Project http://www.openssl.org
User Support Mailing List firstname.lastname@example.org
Automated List Manager [EMAIL PROTECTED]