1

One of my professors mentioned in class that there is a way of using PKCS#7 padding to have the padding persistent after decryption.

For example, if I encrypt a 20-byte file using

openssl enc -aes-128-ecb -in input.txt -out encrypted.txt -K 0123456789 -v

I obviously get the padded difference of:

bytes read   :       20
bytes written:       32

So 12 bytes of padding was added.

After decryption of the file, I want the padding to remain.

The only method I could think of was making the bytes in the original input.txt file the same character that PKCS#7 uses to pad, so that when it's time to unpad, it doesn't know what to unpad. I haven't been able to find exactly which character it uses, or if it's not a character. I've read some about the standard here and here, but with no real luck.

I'm still reading on it, but I haven't had any eureka moments yet.

An example of what I'm looking for would be if I gave it a 4-byte file such as:

AAAA

And it encrypted it, but added 12 bytes of C at the end, I'd want the decrypted file to be:

AAAACCCCCCCCCCCC
Community
  • 1
trueCamelType
  • 113
  • 1
  • 5

1 Answers1

3

In OpenSSL there is an -nopad option. If you don't want the OpenSSL removing the padding bytes, add the -nopad option.

openssl enc -d  -nopad -aes-128-ecb -in  encrypted.txt -K 0123456789 -v -out decrypted.txt

Note that you cannot see as C because the OpenSSL doesn't print in hex.

To see in hex you can use xxd command

 xxd -r decrypted.txt

00000000: 3132 3334 3534 3334 3837 3433 3733 3838  1234543487437388
00000010: 3431 3431 3433 3436 410a 0606 0606 0606  41414346A.......

See, the 6 06 and the plaintext was

123454348743738841414346A

Note: Note: In PKCS#7 padding with 128-bit block cipher we don't see Cs, but we have 0C, 1C,2C,3C,4C,5C,6C,7C. What you mention is PKCS#5. See the difference in What is the difference between PKCS#5 padding and PKCS#7 padding

kelalaka
  • 48,443
  • 11
  • 116
  • 196