Is possible to set Zero Padding when using EVP_CIPHER.
I know that the default padding for EVP_EncryptInit_ex is enabled and it uses PKCS padding.
And with EVP_CIPHER_CTX_set_padding you can only enable and disable the padding.
Asked
Active
Viewed 1,366 times
3
jww
- 97,681
- 90
- 411
- 885
Alex Terente
- 12,006
- 5
- 51
- 71
-
Good question. Grepping the sources, I don't believe you can do it. Maybe someone on the [OpenSSL mailing list](http://groups.google.com/forum/#!searchin/mailing.openssl.users) could say for sure. – jww Jun 27 '14 at 21:54
1 Answers
2
As Wikipedia correctly notes, zero-padding is not standardized for encryption. It may not be deterministic if the plaintext can end with 00 bytes. Furthermore, there are implementations that add an additional block if the plaintext contains an integral number of blocks, others do not add an additional block.
I haven't seen zero-padding in the EVP cipher suite, but it is very simple to implement yourself by simply performing the padding yourself, and then disabling the padding. One method is to copying the plaintext to a block of zero values, e.g. created by memset. The only problem with the approach is that you cannot simply switch between padding modes, it remains a special case.
If possible, try to use PKCS#7 compatible padding scheme instead. If you have to go with zero padding, make sure you can retrieve the size of the plaintext and define in advance if an additional block of zero's is added or not (PHP, for instance, does not, Bouncy Castle does).
Maarten Bodewes
- 90,524
- 13
- 150
- 263