Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Reason for output buffer length to be (inl + cipher_block_size - 1)
58 views
Skip to first unread message
vaib...@gmail.com
Oct 5, 2017, 3:53:04 AM10/5/17
to
I am following the example program of File I/O OpenSSL EVP functions for AES CBC in https://www.openssl.org/docs/man1.0.2/crypto/EVP_CIPHER_CTX_cleanup.html
I am looking for examples to see why the output buffer for encryption needs to be (inl + cipher_block_size - 1).
I understand how and why PKCS#7 padding works and I am using this default padding.
However, I don't see the need for output buffer to have an extra block_size space.
Example 1:
* Block size = 16
* Input size = 16
* Output/Cipher size = 16+16
By the time we exit the for loop, we would have encrypted first 16 bytes and our ctx->buf_len would be 0. So, the EVP_CipherFinal_ex() would add the padding bytes and add 16 bytes only (which is written back to the output buffer)
Example 2:
* Block size = 16
* Input size = 15
15 bytes are not encrypted and we break out of for loop with ctx->buf_len = 15. So, EVP_CipherFinal_ex() adds 1-byte padding and encrypts 16 bytes which are written into the output buffer.
Example 3:
* Block size = 16
* Input size = 17
First 16 bytes are encrypted in the for loop and ctx->buf_len = 1. So, EVP_CipherFinal_ex() adds 15 bytes padding and encrypts the 16 bytes.
In all the above corner cases considered, the output buffer size never exceeded the input buffer size. Which are the special cases under which we need output buffer size to be input_buffer_size+block_size-1 ?
Any examples on this are appreciated.
I am looking for examples to see why the output buffer for encryption needs to be (inl + cipher_block_size - 1).
I understand how and why PKCS#7 padding works and I am using this default padding.
However, I don't see the need for output buffer to have an extra block_size space.
Example 1:
* Block size = 16
* Input size = 16
* Output/Cipher size = 16+16
By the time we exit the for loop, we would have encrypted first 16 bytes and our ctx->buf_len would be 0. So, the EVP_CipherFinal_ex() would add the padding bytes and add 16 bytes only (which is written back to the output buffer)
Example 2:
* Block size = 16
* Input size = 15
15 bytes are not encrypted and we break out of for loop with ctx->buf_len = 15. So, EVP_CipherFinal_ex() adds 1-byte padding and encrypts 16 bytes which are written into the output buffer.
Example 3:
* Block size = 16
* Input size = 17
First 16 bytes are encrypted in the for loop and ctx->buf_len = 1. So, EVP_CipherFinal_ex() adds 15 bytes padding and encrypts the 16 bytes.
In all the above corner cases considered, the output buffer size never exceeded the input buffer size. Which are the special cases under which we need output buffer size to be input_buffer_size+block_size-1 ?
Any examples on this are appreciated.
vaib...@gmail.com
Oct 5, 2017, 2:54:05 PM10/5/17
to
Example:
If my input buffer size is not a multiple of 16, let's say 10.
File size: 16 bytes
fread will first fetch the 10 bytes, but EVP_CipherUpdate() cannot encrypt it due to the size, so it's put in a buffer.
fread fetches 6 more bytes from the file and now EVP_CipherUpdate() has sufficient bytes (1 block size) to encrypt. Now if our output buffer is same as input buffer (10 bytes), obviously this is a problem.
Whereas, if our output buffer size is: 10(inl)+16(block_size)-1 = 25, it's sufficient to store the encrypted bytes.
Robert Rodriguez
Jul 19, 2023, 7:14:01 AM7/19/23
to
The company will carefully remove the broken spring https://garagedoorrepairchesapeake.com/garage-door-replacement/, thoroughly inspect it and then install a replacement spring.
Ramsha Afzal
Jul 21, 2023, 8:51:04 AM7/21/23
to
National rainbow baby day event is a commonly used term to describe a baby who is born following the loss of a previous pregnancy. This loss can occur due to miscarriage, stillbirth, ectopic pregnancy, or infant mortality. Read more at https://parentingaspetcs.com/.
In addition, just like a rainbow after a storm. These babies represent hope and healing for families who have experienced such profound loss.
Additionally, The arrival of a rainbow baby stands as a testament to the remarkable strength and resilience displayed by parents who have endured profound sorrow and loss.
National Rainbow Baby Day event provides an opportunity for families to reflect on their journey of healing and celebrate the arrival of their rainbow baby. It is a day to honor the memory of the lost child while embracing the hope and joy that the new addition brings.
In addition, many families use this day to share their stories, connect with others who have experienced similar loss. And then raise awareness about the emotional and physical challenges faced by parents after pregnancy loss.
In addition, just like a rainbow after a storm. These babies represent hope and healing for families who have experienced such profound loss.
Additionally, The arrival of a rainbow baby stands as a testament to the remarkable strength and resilience displayed by parents who have endured profound sorrow and loss.
National Rainbow Baby Day event provides an opportunity for families to reflect on their journey of healing and celebrate the arrival of their rainbow baby. It is a day to honor the memory of the lost child while embracing the hope and joy that the new addition brings.
In addition, many families use this day to share their stories, connect with others who have experienced similar loss. And then raise awareness about the emotional and physical challenges faced by parents after pregnancy loss.
Robert Rodriguez
Jul 31, 2023, 3:53:52 AM7/31/23
to
If you are looking for a company to rent a buggy https://www.buggyrentaluae.com/, Dune buggy rental is the best rental service company in Dubai.
0 new messages