Reputation: 405
OpenSSL EVP_CIPHER_CTX_set_padding not working
I am trying to encrypt/decrypt using AES, CBC and PKCS#7 padding using the EVP interface. I am using the example found on the Wiki.
I am doing EVP_CIPHER_CTX_set_padding(ctx, 0) after creating and initializing the context which should not add padding and fail if the plaintext is not a multiple of 16 bytes. Despite this the ciphertext always contains an extra block made up of padding only.
The code I am using is literally copied and pasted from the tutorial, I am only adding EVP_CIPHER_CTX_set_padding(ctx, 0) in both encrypt and decrypt like so:
/* Create and initialise the context */
if (!(ctx = EVP_CIPHER_CTX_new())) handleErrors();
EVP_CIPHER_CTX_set_padding(ctx, 0);
Am I doing something wrong?
Upvotes: 3
Views: 5341
Answers (1)
Reputation: 405
Apparently both EVP_DecryptInit_ex and EVP_EncryptInit_ex re-initialize the context so any context changes (such as setting the padding) should be performed after those methods have been called.
Upvotes: 8
Related Questions
- Decryption failure using openssl EVP_CipherFinal_ex
- OpenSSL AES_ecb_encrypt padding option?
- openssl command encrypt data does not match EVP_aes_128_cbc C code
- OpenSSL EVP_OpenFinal Fails, even though ciphertext is completely decrypted
- OpenSSL AES encryption doesn't seem to work properly
- After decrypting EVP cipher with OpenSSL, 8 bytes of plaintext are always incorrect
- Segmentation fault in EVP_CIPHER_CTX_new() when using OpenSSL in C
- How to set zero padding to EVP_CIPHER?
- Openssl aes encryption seems not to work for me
- Data Encryption using AES-256-CBC mode openssl , doesnt return the same size of data which doesnt need padding?