OpenSSL 在 aes 加密中填充密钥? [英] OpenSSL pads keys in aes encryption?

问题描述

我正在尝试对 openssl 使用 aes-128-cbc 加密，我希望密钥需要是 32 位数字.但是，我注意到当我输入 18 的密钥长度时，openssl 不会给我一个错误.

I'm trying to use aes-128-cbc encryption with openssl, and I would expect that the key needs to be 32 digits. However, I noticed that when I put in a key length of 18, openssl does not give me an error.

echo hello | openssl enc -aes-128-cbc -A -a -nosalt -K 123456789012345678 -iv 66666666666666666666666666666666

output:zBN+65infn74QK+prfY6kw==

但是如果我在键后添加 0 直到它是 32 位数字，我仍然得到相同的结果.

But if I add 0's after the key until it's 32 digits, I still get the same result.

echo hello | openssl enc -aes-128-cbc -A -a -nosalt -K 12345678901234567800000000000000 -iv 6666666666666666666666666666666

output:zBN+65infn74QK+prfY6kw==

是否有任何文档说 OpenSSL 向密钥添加了填充?

Is there documentation anywhere that says OpenSSL adds padding to keys?

我需要在代码中重现这种行为.我得到了钥匙，但不能保证钥匙的位数.

I need to reproduce this behavior in code. I'm given the key, but there is no guarantee on how many digits the key will be.

推荐答案

具有 128 位密钥的 AES 是 16 字节或 32 位十六进制数字密钥.可能是对键的未指定部分进行零填充，不要依赖键填充，这是未指定的行为.

AES with a 128-bit key is a 16-byte or 32 hex digit key. It is probably zero padding the unspecified part of the key, do not rely on key padding, that is unspecified behavior.

最好为加密函数提供准确的大小输入，为 AES 128 位密钥指定 32 个十六进制数字.

It is always best to provide the exact size inputs to encryption functions, specify 32 hex digits for an AES 128-bit key.

这篇关于OpenSSL 在 aes 加密中填充密钥?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！