OpenSSL, aes.h, AES_cbc_encrypt(): length parameter?

Brandon9000 · 12-04-2012, 04:00 PM

I am using the aes.h function AES_cbc_encrypt(*in, *out, length, *key, *ivec, enc). I am wondering whether the length parameter is the size of "in" array or the size of the array being used for "out?" I looked for parameter definitions on the openssl site and couldn't find such a thing (there or anywhere else).

Thanks in advance.

Brandon

ntubski · 12-05-2012, 04:25 PM

The docs on openssl.org seem to be missing the aes page, but I looked at the des one which has a similar interface:

Quote:

DES_ncbc_encrypt() encrypts/decrypts using the cipher-block-chaining (CBC) mode of DES. If the encrypt argument is non-zero, the routine cipher-block-chain encrypts the cleartext data pointed to by the input argument into the ciphertext pointed to by the output argument, using the key schedule provided by the schedule argument, and initialization vector provided by the ivec argument. If the length argument is not an integral multiple of eight bytes, the last block is copied to a temporary area and zero filled. The output is always an integral multiple of eight bytes.

So it should be the same for AES except that it will be sixteen instead of eight bytes, since AES has a blocksize of 16 bytes while the blocksize for DES is 8 bytes.

Brandon9000 · 12-05-2012, 04:37 PM

Thanks, but I'm not sure you answered the question. Does the length parameter refer to the input buffer or the output buffer?

ntubski · 12-05-2012, 07:45 PM

The length refers to both input and output, except that the output length is rounded up to the nearest multiple of the block size.

Brandon9000 · 12-06-2012, 01:02 PM

So, presumably it refers to the input length before padding?

ntubski · 12-06-2012, 04:42 PM

Quote:

Originally Posted by Brandon9000

So, presumably it refers to the input length before padding?

Yup