That answers my questions. Thanks Viktor. General -----Original Message----- From: openssl-users +ADw-openssl-users-bounces+AEA-openssl.org+AD4- On Behalf Of Viktor Dukhovni Sent: Friday, July 5, 2024 08:01 AM To: openssl-users+AEA-openssl.org Subject: Re: Maximum encryption key length supported by AES-128 CBC +AFs-External email: Use caution with links and attachments+AF0- +AF8AXwBfAF8AXwBfAF8AXwBfAF8AXwBfAF8AXwBfAF8AXwBfAF8AXwBfAF8AXwBfAF8AXwBfAF8AXwBfAF8AXw- On Thu, Jul 04, 2024 at 06:20:25PM +-0000, Vishal Kevat via openssl-users wrote: +AD4- I want to know what length of encryption key does AES-128 CBC supports? Exactly 128 bits, no more, no less. +AD4- I believe that it supports key length max upto 128 bits that is 16 bytes. It makes little sense to speak of a +ACI-maximum+ACI- or +ACI-minimum+ACI-, since the key length is always exactly 128-bits. You can derive a 128-bit key using various Password-Based-Key-Derivation-Functions (PBKDFs) from passwords of various lengths, but the key must in the end be exactly 128 bits (or, equivalently, 16 bytes as you noted). +AD4- What happens if I give the input key of more than 16 bytes? You must provide a 16 byte key. If some API functions accept longer keys, the excess bytes will be ignored. If you're using some variant of EVP+AF8-EncryptInit(), the key length is implicit, and the provided byte array as required and assumed to be of the expected length, there is no mechanism by which OpenSSL would be aware of any additional bytes, or whether the array is too short (leading to undefined behaviour). +AD4- This question I am asking because, when I give the key more than 16 +AD4- bytes to AES 128 CBC, it still works without throwing any error. In that case, the excess bytes were ignored. +AD4- Similarly, what is the max key length for AES-256 CBC? Exactly 32 bytes (256 bits), no more, no less. -- Viktor.