Hello,
I have a question concerning the size of the out buffer filled by EVP_CipherUpdate() and EVP_CipherFinal(). The evp man page gives the following description: EVP_EncryptUpdate() encrypts inl bytes from the buffer in and writes the encrypted version to out. [...] The amount of data written depends on the block alignment of the encrypted data: as a result the amount of data written may be anything from zero bytes to (inl + cipher_block_size - 1). If padding is enabled (the default) then EVP_EncryptFinal_ex() encrypts the ``final'' data, that is any data that remains in a partial block. I observed the following behaviour of EVP_CipherUpdate(). It fills the out buffer with (int)(inSize / cipher_block_size) blocks of data. The remaining bytes of data are written to the buffer when calling EVP_CipherFinal(). During my tests the size of the decrypted buffer always equalled the size of the encrypted buffer and vice versa. But if I understand the man page correctly this behaviour is not guaranteed as EVP_EncryptUpdate() could fill up the partial block with data and write (inl + cipher_block_size - 1) bytes to the out buffer. Is this correct and if so how can I know where my en-/decrypted data ends in the buffer? Does it still always equal the size of the in buffer even if more data is written to the out buffer? Thanks a lot for your help. Cheers Nico Flink
