0

im trying to write a program that disable padding when it encrypts a message in C language. I figured out, by reading the documentation, that the correct function to use is EVP_CIPHER_CTX_set_padding(). I used it but the program still doesn't work. Because If I compile it but commenting the function EVP_CIPHER_CTX_set_padding, the ciphertext remains the same... Can you help me?

#include <stdio.h>
#include <string.h>

#include <openssl/evp.h>


#define ENCRYPT 1
#define DECRYPT 0

int main()
{
    

    unsigned char key[] = "0123456789ABCDEF";
    unsigned char iv[]  = "1111111111111111";

    EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
    if (ctx == NULL) {
            printf("Error creating cipher context.\n");
            exit(EXIT_FAILURE);
        }

    if (EVP_CipherInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv, ENCRYPT) != 1) {
        printf("Error initializing cipher.\n");
        exit(EXIT_FAILURE);
    }

    if(EVP_CIPHER_CTX_set_padding(ctx, 0)!=1){//disabling padding
        printf("Error disabling padding.\n");
        exit(EXIT_FAILURE);
    
    }


    unsigned char plaintext[] = "This is the plaintext to encrypt."; //len 33
    unsigned char ciphertext[48];

    int update_len, final_len;
    int ciphertext_len=0;

    EVP_CipherUpdate(ctx,ciphertext,&update_len,plaintext,strlen(plaintext));
    ciphertext_len+=update_len;
    printf("update size: %d\n",ciphertext_len);

    EVP_CipherFinal_ex(ctx,ciphertext+ciphertext_len,&final_len);
    ciphertext_len+=final_len;

    EVP_CIPHER_CTX_free(ctx);

    printf("Ciphertext lenght = %d\n", ciphertext_len);

    printf("The content inside ciphertext{");
    for(int i = 0; i < ciphertext_len; i++){
        if(i==ciphertext_len-1)
            printf("%02x", ciphertext[i]);
        else
            printf("%02x-", ciphertext[i]);
    }
    printf("}");
    printf("\n");

    return 0;
}

I tried to disable padding in a encrypting a message using openssl version 3 in C

FilResto
  • 1
  • 3
  • Unable to reproduce: I get 48 bytes (3 blocks) in ciphertext with default padding on, but with padding off I get only 32 bytes (2 blocks) AND if I check the return from CipherFinal_ex (which you didn't) it returns 0 indicating error (as well as length 0), AND if I look at the error stack (which you also didn't) it says wrong final block length, which is correct because unpadded CBC encryption only works on an exact multiple of the blocksize and 33 is not an exact multiple of 16. – dave_thompson_085 Apr 02 '23 at 11:13
  • ["CBC" means "**C**ipher **BLOCK** **C**haining](https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Cipher_block_chaining_(CBC)): "In CBC mode, each **block** of plaintext is XORed with the previous ciphertext **block** before being encrypted." That will not work if the input plaintext is not an exact multiple of the block size. CBC is a *block* cipher. – Andrew Henle Apr 02 '23 at 15:19
  • So I should add some spaces in my plaintext till 48? or maybe remove a character? – FilResto Apr 03 '23 at 17:10

0 Answers0