Question about AES/CBC encryption/decryption key handling
Opened this issue · 0 comments
Dear navneet83
I have a question regarding the handling of the key during AES/CBC encryption and decryption.
When converting a key to a SHA-256 hash, the typical approach is to convert the resulting hash (in hexadecimal format) into a full byte array using methods like fromhex. However, I noticed that instead of using the full byte array, the library directly converts the hexadecimal string representation to UTF-8 and then truncates it to the required key length.
Could you explain why this method was chosen? I am concerned about potential issues that might arise from this approach compared to using the complete byte array. Could you please confirm if this method is reliable and secure for encryption and decryption processes?
Thank you for your clarification and support.
Best regards,
Chulpyo Kim.