Cristina Nita-Rotaru wrote:
>
> Hello,
>
> I am writing an application where I need to do encryption
> in place, on a data which is splitted on multiple buffers, avoiding
> the solution where everything is copied in one big buffer, encrypted
> and then copied back. I want to use the EVP interface and not
> lower level functions.
>
> I am using the EVP interface with Blowfish as encryption algorithm.
> I wrote a very simple test program where EVP_EncryptUpdate (each of the
>
> calls encrypts 16 bytes) is called two consecutive times, followed by
> an
> EVP_EncryptFinal which addes 8 more bytes, so the total size is 40
> bytes.
> Decryption is done in a similar manner, EVP_Decrypt update called twice
> and then
> Decrypt Final. However, the first EVP_DecryptUpdate called on the first
> 16 bytes
> returns 8 when decrypting so in the end the EVP_DecryptFinal fails.
>
> Any ideas what might be the problem?
>
That's expected behaviour. Because of the padding checks the
EVP_Decrypt*() routines need to store up to one block of data
internally. As a result you may get less data from EVP_DecryptUpdate()
(up to one block less) or more data (one byte less than one block more)
than is supplied.
Steve.
--
Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED]
Senior crypto engineer, Gemplus: http://www.gemplus.com/
Core developer of the OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]