EVP_EncryptUpdate() can be called repeatedly, incrementally feeding in the data to be encrypted. The ECB mode (when used with AES-128) will encrypt input data 16 bytes at a time, and the output size will also be 16 bytes per input block. If the data that you feed in to EVP_EncryptUpdate() is not a multiple of 16 bytes then the amount of data that is over a multiple of 16 bytes will be cached until a subsequent call where it does have 16 bytes.

Let's say you call EVP_EncryptUpdate() with 15 bytes of data. In that case all 15 bytes will be cached and 0 bytes will be output.

If you then call it again with 17 bytes of data, then added to the 15 bytes already cached we have a total of 32 bytes. This is a multiple of 16, so 2 blocks (32 bytes) will be output, so:

(inl + cipher_block_size - 1) = (17 + 16 - 1) = 32

This explanation makes perfect sense. Thank you!

The context I asked is that the rust-openssl wrapper always requires the output buffer to be at least as big as the input buffer + the cipher's block size [0] (assuming pessimistic case). That is even if I always feed the EVP_EncryptUpdate with blocks exactly 16 bytes long the wrapper requires 32 byte output buffers, while, based on your description 16 byte output buffers should be sufficient.

Thank you for your time!

Kind regards,


Reply via email to