Maximum encryption key length supported by AES-128 CBC

Viktor Dukhovni openssl-users at dukhovni.org
Fri Jul 5 02:31:00 UTC 2024


On Thu, Jul 04, 2024 at 06:20:25PM +0000, Vishal Kevat via openssl-users wrote:

> I want to know what length of encryption key does AES-128 CBC supports?

Exactly 128 bits, no more, no less.

> I believe that it supports key length max upto 128 bits that is 16 bytes.

It makes little sense to speak of a "maximum" or "minimum", since the
key length is always exactly 128-bits.  You can derive a 128-bit key
using various Password-Based-Key-Derivation-Functions (PBKDFs) from
passwords of various lengths, but the key must in the end be exactly
128 bits (or, equivalently, 16 bytes as you noted).

> What happens if I give the input key of more than 16 bytes?

You must provide a 16 byte key.  If some API functions accept longer
keys, the excess bytes will be ignored.

If you're using some variant of EVP_EncryptInit(), the key length is
implicit, and the provided byte array as required and assumed to be of
the expected length, there is no mechanism by which OpenSSL would be
aware of any additional bytes, or whether the array is too short
(leading to undefined behaviour).

> This question I am asking because, when I give the key more than 16
> bytes to AES 128 CBC, it still works without throwing any error.

In that case, the excess bytes were ignored.

> Similarly, what is the max key length for AES-256 CBC?

Exactly 32 bytes (256 bits), no more, no less.

-- 
    Viktor.


More information about the openssl-users mailing list