How does openssl_encrypt work for the AES-256-CBC method with a key less than 16 characters?

Question

How does openssl_encrypt work for the AES-256-CBC method with a key less than 16 characters?

Asked 4 years, 10 months ago

Viewed 170 times

0

A client uses AES-256-CBC encryption on a PHP system using openssl_encrypt and I need to perform the same operation on a system using C#.

However, the key it reports has only 12 characters and in C# it is not allowed to enter a key with less than 16 characters. Consulting on the internet I saw that the amount of characters required is 16 characters due to the number of bytes for the key of this encryption method.

In the current system, the method works more or less like this:

function crypto($str)
{
    $key = "123456789012";
    $iv = "1234567890123456";
    $method = 'AES-256-CBC';

    return base64_encode(openssl_encrypt($str, $method, $key, true, $iv));
}

My question is: how does the openssl_encrypt function do to complete the amount of bytes required for this encryption method getting a smaller key?

1 answer

Browser other questions tagged php openssl

You are not signed in. Login or sign up in order to post.

by Anderson Oliveira • 1 point · Answer 1 · 2019-08-29T20:27:44+00:00

I was able to solve it this way:

byte[] key = Encoding.UTF8.GetBytes("minha senha");
if (key.Length < 32)
{
    var paddedkey = new byte[32];
    Buffer.BlockCopy(key, 0, paddedkey, 0, key.Length);
    key = paddedkey;
}

And this Key stops as parameter for Createencryptor.