You are right, this is due to filling. Unfortunately, the vyzo / crypto lib API does not allow you to easily disable padding (and this is correct, see the Caution below).
How to disable add-on
However, based on this Thread in the Racket user mailing list, you can disable the add-on as follows:
#lang racket (require (planet vyzo/crypto) (planet vyzo/crypto/util)) (define (cipher-encrypt-unpadded type key iv) (lambda (ptext) (let ((octx (cipher-encrypt type key iv #:padding #f))) (bytes-append (cipher-update! octx ptext) (cipher-final! octx))))) (define (cipher-decrypt-unpadded type key iv) (lambda (ctext) (let ((ictx (cipher-decrypt type key iv #:padding #f))) (bytes-append (cipher-update! ictx ctext) (cipher-final! ictx))))) ; bytes-> bytes ; convenience function for encryption (define enc-aes-128-ecb-unpadded (cipher-encrypt-unpadded cipher:aes-128-ecb (string->bytes/latin-1 "0123456789ABCDEF"); 16-byte key (make-bytes 16))) ; bytes -> bytes ; convenience function for decryption (define dec-aes-128-ecb-unpadded (cipher-decrypt-unpadded cipher:aes-128-ecb (string->bytes/latin-1 "0123456789ABCDEF"); 16-byte key (make-bytes 16))) (define message (string->bytes/latin-1 "0123456789ABCDEF")) ; 16-byte data (bytes-length (enc-aes-128-ecb-unpadded message)) ; -> 16 (dec-aes-128-ecb-unpadded (enc-aes-128-ecb-unpadded message)) ; -> #"0123456789ABCDEF"
This worked well on my machine. In addition, switching to CBC mode is trivial.
Caveat
When you turn off padding, your posts should be a multiple of the block size. For AES128, which is an exact multiple of 16 bytes. Otherwise, the function will explode in your face:
(enc-aes-128-ecb-unpadded (string->bytes/latin-1 "too short!")) EVP_CipherFinal_ex: libcrypto error: data not multiple of block length [digital envelope routines:EVP_EncryptFinal_ex:101183626]