That answers my questions.
Thanks Viktor.
General
-----Original Message-----
From: openssl-users <openssl-users-boun...@openssl.org> On Behalf Of Viktor
Dukhovni
Sent: Friday, July 5, 2024 08:01 AM
To: openssl-users@openssl.org
Subject: Re: Maximum encryption key length supported by AES-128 CBC
[External email: Use caution with links and attachments]
________________________________
On Thu, Jul 04, 2024 at 06:20:25PM +0000, Vishal Kevat via openssl-users wrote:
> I want to know what length of encryption key does AES-128 CBC supports?
Exactly 128 bits, no more, no less.
> I believe that it supports key length max upto 128 bits that is 16 bytes.
It makes little sense to speak of a "maximum" or "minimum", since the key
length is always exactly 128-bits. You can derive a 128-bit key using various
Password-Based-Key-Derivation-Functions (PBKDFs) from passwords of various
lengths, but the key must in the end be exactly
128 bits (or, equivalently, 16 bytes as you noted).
> What happens if I give the input key of more than 16 bytes?
You must provide a 16 byte key. If some API functions accept longer keys, the
excess bytes will be ignored.
If you're using some variant of EVP_EncryptInit(), the key length is implicit,
and the provided byte array as required and assumed to be of the expected
length, there is no mechanism by which OpenSSL would be aware of any additional
bytes, or whether the array is too short (leading to undefined behaviour).
> This question I am asking because, when I give the key more than 16
> bytes to AES 128 CBC, it still works without throwing any error.
In that case, the excess bytes were ignored.
> Similarly, what is the max key length for AES-256 CBC?
Exactly 32 bytes (256 bits), no more, no less.
--
Viktor.
