Topic: Problem with AES-CBC incorrect input size
I was writing some tests for my project when I realized that the input size for AES-CBC is never checked to be a multiple of the AES_BLOCK_SIZE.
This has the consequence that if e.g. an byte array of the size 17 is used as the input plaintext, only the first 16 bytes are encrypted. If the input is empty, nothing is encrypted.
No error or warning is being returned so I felt like something has to be added there otherwise people might unintentionally leak unencrypted data.
I am using version 3.11. but I also tried it on the latest release (3.13) which seems to make no difference.
For AES-CTR this is the same case, though the "not fitting" Bytes are still encrypted and the message can also be decrypted.