Hello, If your data to encrypt is not exactly 16 bytes (AES block length), you should add block padding before encryption and remove padding after decryption. In your case you have string "virident" (8bytes), you should add 16-8=8 bytes of padding before encryption (fill last 8 bytes with value 8). After decryption "remove" last 8 bytes (filed with value 8). For printf() you may fill this last 8 bytes to 0.
Best regards, -- Marek Marcola <marek.marc...@malkom.pl> owner-openssl-us...@openssl.org wrote on 03/29/2012 04:02:17 PM: > Prashanth kumar N <prashanth.kuma...@gmail.com> > Sent by: owner-openssl-us...@openssl.org > > 03/29/2012 04:03 PM > > Please respond to > openssl-users@openssl.org > > To > > openssl-users@openssl.org > > cc > > Subject > > Re: How to do encryption using AES in Openssl > > Bit confusing... are you saying that i need to add NULL termination at the end > of encrypted data? Isn't this wrong? I assume i shouldn't be NULL terminating the input > string which needs to be encrypted. > On Thu, Mar 29, 2012 at 7:10 PM, Ken Goldman <kgold...@us.ibm.com> wrote: > On 3/29/2012 1:40 AM, Prashanth kumar N wrote: > Thanks Ken for pointing out the mistake... after changing to > AES_Decrypt(), it worked but i still see issue when i print the > decrypted output as it has extra non-ascii characters in it. > > That's what happens in C if you try to printf an array that's not NUL terminated. The > printf just keeps going, right past the end of the buffer, until it either hits a \0 or segfaults. > > You encrypted 16 bytes, not nul terminated, decrypted to the same 16 bytes, then > pretended that it was nul terminated and tried to printf. > > Below is the input > unsigned char text[]="test12345678abc2"; > After decryption, i get the following string: Decrypted o/p: > test12345678abc2Ȳu�z�B��� ��A��S�� Few questions... > > 1. If we use AES, will decrypted files have same number of bytes as > encrypted file? (I assume it should be same) > > It depends on the mode and padding scheme. Some (CTR, OFB) don't pad, some (CFC) do pad. > > If you're just playing, fine. But if this is a real product you're designing, you > shouldn't be asking this question. It's time to hire a crypto expert. Otherwise, your > product will be insecure. > > My requirement is mainly to support AES XTS but the reason for asking the above question > was to understand if their is addition of extra bytes to encrypted data as it might > consume more space when written to a drive... does my question make sense? > > > > > > > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org
