问题
I am trying to encrypt/decrypt using AES, CBC and PKCS#7 padding using the EVP interface. I am using the example found on the Wiki.
I am doing EVP_CIPHER_CTX_set_padding(ctx, 0) after creating and initializing the context which should not add padding and fail if the plaintext is not a multiple of 16 bytes. Despite this the ciphertext always contains an extra block made up of padding only.
The code I am using is literally copied and pasted from the tutorial, I am only adding EVP_CIPHER_CTX_set_padding(ctx, 0) in both encrypt and decrypt like so:
/* Create and initialise the context */
if (!(ctx = EVP_CIPHER_CTX_new())) handleErrors();
EVP_CIPHER_CTX_set_padding(ctx, 0);
Am I doing something wrong?
回答1:
Apparently both EVP_DecryptInit_ex and EVP_EncryptInit_ex re-initialize the context so any context changes (such as setting the padding) should be performed after those methods have been called.
来源:https://stackoverflow.com/questions/41474613/openssl-evp-cipher-ctx-set-padding-not-working