问题
I'm trying to use aes-128-cbc encryption with openssl, and I would expect that the key needs to be 32 digits. However, I noticed that when I put in a key length of 18, openssl does not give me an error.
echo hello | openssl enc -aes-128-cbc -A -a -nosalt -K 123456789012345678 -iv 66666666666666666666666666666666
output:zBN+65infn74QK+prfY6kw==
But if I add 0's after the key until it's 32 digits, I still get the same result.
echo hello | openssl enc -aes-128-cbc -A -a -nosalt -K 12345678901234567800000000000000 -iv 6666666666666666666666666666666
output:zBN+65infn74QK+prfY6kw==
Is there documentation anywhere that says OpenSSL adds padding to keys?
Edit: I need to reproduce this behavior in code. I'm given the key, but there is no guarantee on how many digits the key will be.
回答1:
AES with a 128-bit key is a 16-byte or 32 hex digit key. It is probably zero padding the unspecified part of the key, do not rely on key padding, that is unspecified behavior.
It is always best to provide the exact size inputs to encryption functions, specify 32 hex digits for an AES 128-bit key.
来源:https://stackoverflow.com/questions/39908767/openssl-pads-keys-in-aes-encryption