How to solve this 'EVP_DecryptFinal_ex:wrong final block length' error?

Question

I would like to encrypt the architecture of a neural network, so I could protect the knowledge property of my research.

An example of one of these files, have similar structure as this example.

The code compiles, but I get a runtime error that I don't know how to solve. The error message is digital envelope routines:EVP_DecryptFinal_ex:wrong final block length.

Im using OpenSSL version 1.1.1a 20 Nov 2018

Most relevant includes

#include <openssl/evp.h>
#include <openssl/aes.h>
#include <openssl/err.h> 

Most relevant code for ENCRYPTION

Open and read file to encrypt

std::ifstream in_file(file_name, std::ios::binary);

in_file.seekg(0, in_file.end);
long size = in_file.tellg();
in_file.seekg(0, in_file.beg);

std::vector<unsigned char> binarydata(size);
in_file.read((char*)binarydata.data(), size);
in_file.close();

Encrypt

EVP_CIPHER_CTX *en;
en = EVP_CIPHER_CTX_new();

unsigned char *salt = (unsigned char *)"12345678";
unsigned char *key_data = (unsigned char *)"super_secret_key_with_32_charact";
int k_len = strlen((const char*)key_data);
int nrounds = 5;
unsigned char key[32], iv[32];

EVP_BytesToKey(
        EVP_aes_256_cbc(), EVP_sha1(), 
        salt, 
        key_data, k_len, nrounds, 
        key, iv);

EVP_CIPHER_CTX_init(en);

// I don't know why, but all examples that I have founded, 
// calls this function twice, so I am doing it too.
EVP_EncryptInit_ex(en, EVP_aes_256_cbc(), NULL, key, iv);
EVP_EncryptInit_ex(en, NULL, NULL, NULL, NULL);

int c_len = size + AES_BLOCK_SIZE, f_len = 0;
std::vector<unsigned char> ciphertext(c_len);

EVP_EncryptUpdate(en, ciphertext.data(), &c_len, binarydata.data(), size);
EVP_EncryptFinal_ex(en, ciphertext.data()+c_len, &f_len);
EVP_CIPHER_CTX_free(en)

Write ciphertext to a new file

std::ofstream out_file(output_file, std::ios::binary);
out_file.write((char*)ciphertext.data(), ciphertext.size() * 
sizeof(char));
out_file.close();

Most relevant code for DECRYPTION

Open and read encrypted file

std::ifstream in_file(file_name, std::ios::binary);

in_file.seekg(0, in_file.end);
int size = in_file.tellg();
in_file.seekg(0, in_file.beg);

std::vector<unsigned char> ciphertext(size);
in_file.read((char*)ciphertext.data(), size);
in_file.close();

Decrypt

EVP_CIPHER_CTX *de;
de = EVP_CIPHER_CTX_new();

unsigned char *salt = (unsigned char *)"12345";
unsigned char *key_data = (unsigned char *)"super_secret_key_with_32_charact";
int k_len = strlen((const char*)key_data);
int nrounds = 5;
unsigned char key[32], iv[32];

EVP_BytesToKey(
        EVP_aes_256_cbc(), EVP_sha1(), 
        salt, 
        key_data, k_len, nrounds, 
        key, iv)

EVP_CIPHER_CTX_init(de);

// I don't know why, but all examples that I have founded, 
// calls this function twice, so I am doing it too.
EVP_DecryptInit_ex(de, EVP_aes_256_cbc(), NULL, key, iv);
EVP_DecryptInit_ex(de, NULL, NULL, NULL, NULL);

int p_len = size, f_len = 0;
std::vector<unsigned char> plaintext(p_len);
EVP_DecryptUpdate(de, plaintext.data(), &p_len, ciphertext.data(), size);
EVP_DecryptFinal_ex(de, plaintext.data()+p_len, &f_len);

EVP_CIPHER_CTX_free(de);

return plaintext;

I would like to have some help on how to solve this problem.

Answer 1

I don't know if this is still an issue. I had the exact same issue and I solved the problem with adapting the length of the ciphertext after encryption:

EVP_EncryptFinal_ex(en, ciphertext.data()+c_len, &f_len);
ciphertext.erase(ciphertext.begin() + c_len + f_len, ciphertext.end());

With this, the length of ciphertext should be n * AES_BLOCK_SIZE.