It's gross, and I do it, but just call EVP_ENCRYPT for both encrypt and
decrypt operations. Don't bother with the EVP_FINAL at all.
You can't call EVP_DECRYPT because it always holds on to one block in
case it needs to interpret the data for padding purposes. EVP_ENCRYPT, on the
other hand, will always write out the complete block (assuming you give an even
blocksize as input).
Works, got around a big problem for me, hope they don't change the
behaviour in the future.
-lee
-----Original Message-----
From: Bob McGrew [mailto:[EMAIL PROTECTED]]
Sent: Monday, May 13, 2002 4:33 AM
To: [EMAIL PROTECTED]
Subject: unpadded triple DESIn my application (a variant on onion routing) I know that my data comes in 16-byte blocks, so there's no need for padding. Since I'm repeatedly encrypting data, it's very difficult to use PKCS padding, as that increases the length of the data at each encryption. How can I turn off padding? The online docs say that EVP_CIPHER_CTX_set_padding() should work, but as far as I can tell, that function is not in the current distribution (0.9.6d). Am I (and my compiler) missing the definition somewhere? Is there another way to do desede3_cbc unpadded with EVP?
Thanks,
Bob
(650) 497-9018-----Complaints that disinterestedness is a myth, along with "objectivity", usually come from academics seeking to justify their own ideological biases.
Denis Dutton