Reputation: 7867
OpenSSL command line input data length
With the OpenSSL CLI, I am getting an error with a 16-byte input string
echo -e "abcdefgh\x08\x08\x08\x08\x08\x08\x08\x08" | openssl enc -aes-256-cbc -nopad -a -K 6162636465666768696A6B6C6D6E6F707172737475767778797A303132333435 -iv 61636567696B6D6F7173757779303234
stating
bad decrypt 140550741059328:error:0607F08A:digital envelope routines:EVP_EncryptFinal_ex:data not multiple of block length:crypto/evp/evp_enc.c:437
but if I alter the input string length to 15 bytes, abcdefgh\x08\x08\x08\x08\x08\x08\x08, the error does not occur. It occurs for 13, 14, 16 and 17-byte input. Not tried other lengths.
Given AES 256 CBC has a block length of 16 bytes, I don't see what I'm doing wrong.
Upvotes: 0
Views: 677
Answers (1)
Reputation: 13239
The echo adds a carriage return after the string, making the data to encrypt 17 bytes instead of 16.
So the openssl error is correct: data not multiple of block length
You should use the -n option of echo:
echo -ne "abcdefgh\x08\x08\x08\x08\x08\x08\x08\x08" | openssl enc -aes-256-cbc -nopad -K 6162636465666768696A6B6C6D6E6F707172737475767778797A303132333435 -iv 61636567696B6D6F7173757779303234
Upvotes: 1
Related Questions
- How can I pass in multiple answers into openssl shell command?
- openssl encrypt text single line of output
- openssl AES encryption adds a blocksize worth of bytes to output
- Calculating maximum length of AES encrypted message
- Pass a data variable to encrypt/decrypt in line command OpenSSL using C
- OpenSSL - How to determine the right length of an rsa encrypted string?
- Specify input string length in AES_encrypt function while decryption
- Openssl sha1 length
- OpenSSL decrypted text length
- OpenSSL request length- how to calculate size?