Thanks Marek. If i select CBC mode encryption and i have data which is not aligned to block, i assume padding will be taken by the API's itself.
-Prashanth On Thu, Mar 29, 2012 at 7:50 PM, <marek.marc...@malkom.pl> wrote: > Hello, > > If your data to encrypt is not exactly 16 bytes (AES block length), you > should add block > padding before encryption and remove padding after decryption. > In your case you have string "virident" (8bytes), you should add 16-8=8 > bytes > of padding before encryption (fill last 8 bytes with value 8). > After decryption "remove" last 8 bytes (filed with value 8). > For printf() you may fill this last 8 bytes to 0. > > Best regards, > -- > Marek Marcola <marek.marc...@malkom.pl> > > > owner-openssl-us...@openssl.org wrote on 03/29/2012 04:02:17 PM: > > > Prashanth kumar N <prashanth.kuma...@gmail.com> > > Sent by: owner-openssl-us...@openssl.org > > > > 03/29/2012 04:03 PM > > > > Please respond to > > openssl-users@openssl.org > > > > To > > > > openssl-users@openssl.org > > > > cc > > > > Subject > > > > Re: How to do encryption using AES in Openssl > > > > Bit confusing... are you saying that i need to add NULL termination at > the end > > of encrypted data? Isn't this wrong? I assume i shouldn't be NULL > terminating the input > > string which needs to be encrypted. > > > On Thu, Mar 29, 2012 at 7:10 PM, Ken Goldman <kgold...@us.ibm.com> > wrote: > > On 3/29/2012 1:40 AM, Prashanth kumar N wrote: > > Thanks Ken for pointing out the mistake... after changing to > > AES_Decrypt(), it worked but i still see issue when i print the > > decrypted output as it has extra non-ascii characters in it. > > > > That's what happens in C if you try to printf an array that's not NUL > terminated. The > > printf just keeps going, right past the end of the buffer, until it > either hits a \0 or segfaults. > > > > You encrypted 16 bytes, not nul terminated, decrypted to the same 16 > bytes, then > > pretended that it was nul terminated and tried to printf. > > > > > Below is the input > > unsigned char text[]="test12345678abc2"; > > After decryption, i get the following string: Decrypted o/p: > > test12345678abc2Ȳu�z�B��� ��A��S�� Few questions... > > > > 1. If we use AES, will decrypted files have same number of bytes as > > encrypted file? (I assume it should be same) > > > > It depends on the mode and padding scheme. Some (CTR, OFB) don't pad, > some (CFC) do pad. > > > > If you're just playing, fine. But if this is a real product you're > designing, you > > shouldn't be asking this question. It's time to hire a crypto expert. > Otherwise, your > > product will be insecure. > > > > My requirement is mainly to support AES XTS but the reason for asking > the above question > > was to understand if their is addition of extra bytes to encrypted data > as it might > > consume more space when written to a drive... does my question make > sense? > > > > > > > > > > > > > > > > ______________________________________________________________________ > > OpenSSL Project http://www.openssl.org > > User Support Mailing List openssl-users@openssl.org > > Automated List Manager majord...@openssl.org >
