AES Encrypt/Decrypt raw byte[] vs string with openssl

Question

I followed the advice in this question to use EVP, and found the example code on the open ssl wiki. I'm having a problem with byte input (vs char*) I think because I have zeros in my data which is being interpreted as the null terminator. I don't think it's the same issue as this question.

I get the correct output with a string: Plaintext buffer is:

0000 - 48 65 6c 6c 6f 20 66 72-6f 6d 20 42 69 72 6d 69   Hello from Birmi 
Ciphertext is: 
0000 - 97 24 23 31 cd 36 47 75-c9 e9 56 a8 44 9a e4 9c   .$#1.6Gu..V.D... 
0010 - 93 6e 0b 35 e2 03                      .n.5.. 
Decrypted text is: Hello from Birmingham! 
0000 - 48 65 6c 6c 6f 20 66 72-6f 6d 20 42 69 72 6d 69   Hello from Birmi 
0010 - 6e 67 68 61 6d 21                                 ngham!

I added the plaintext buffer print to the example code for this next case with byte input:

Converted raw bytes to ☺Plaintext buffer is:
0000 - 01 00 01 02 00 00 00 00-00 00 00 00 00 00 00 00   ................
Ciphertext is:
0000 - de                                                .
Decrypted text is:
☺
0000 - 01                                                .

How do I encrypt a 0?

Steps to reproduce. 1 Take code from wiki. 2 replace:

/* Message to be encrypted */
unsigned char *plaintext =
    (unsigned char *)"The quick brown fox jumps over the lazy dog";

with

unsigned char bytearray[16] = {1,0,1,2};
unsigned char* plaintext = &bytearray[0];

It should be done by specifying the input size manually, not obtaining via `strlen()`. Where is your code ([Minimal, Reproducible Example](https://stackoverflow.com/help/minimal-reproducible-example))? — MikeCAT, Mar 02 '23 at 15:33
You told the EVP_EncryptUpdate function how many bytes to decrypt, didn't you? It's the last parameter. So, just tell it the correct number, instead of the wrong number. Tell it to encrypt 16 bytes instead of 1 byte. — user253751, Mar 02 '23 at 15:39
@MikeCAT make an answer and I will accept. That was my issue following the example. — MikeF, Mar 02 '23 at 15:43
OT: `unsigned char* plaintext = &bytearray[0];` -> `unsigned char* plaintext = bytearray;`, it's the same thing, but latter is less convoluted and it's the usual way it's done. — Jabberwocky, Mar 02 '23 at 16:05
@MikeF you _do_ know what `strlen(plaintext)` returns with your modification? — Jabberwocky, Mar 02 '23 at 16:06

score 1 · Accepted Answer · answered Mar 02 '23 at 16:05

strlen() is for measuring a length of strings (null-terminated sequence of characters), not of arbitrary binary data.

Don't use that for arbitrary binary data and instead manually specify the data length.

When you are dealing with arrays (not pointers, for example passed as function arguments), the sizeof operator is useful to get number of bytes like sizeof(bytearray).

AES Encrypt/Decrypt raw byte[] vs string with openssl

1 Answers1