I tried some other simple example for OpenSSL and that only works if I compile OpenSSL from source with the decrecated flag ON.(there are no longer binary distributions for it )
So unless he also uses EVP (so evp-aes-ecb) I an out of idea's unless he really needs the deprecated code. But otherwise it would be presenting an example of highly insecure code.
Can be done, though, but I then still need more information. Do you really want/need insecure code? Or was it cbc after all and not ecb? pkcs7 for padding suggests you also need evp because they are always used in combination.
I suspect Prakash also left out the evp part? Which makes it again a different story.
Can you confirm? And are you sure it is ecb, because that is the insecure part without evp.
whould this be what you want?
const EVP_CIPHER *EVP_aes_192_ecb(void); // aes192!!!
+ the pkcs7 padding?
That looks a lot more logical to me. The above is from:
https://wiki.openssl.org/index.php/EVP- ecb on its own is not encryption, it defines how given a certain encryption like des or aes the encryption blocks should be handled.
- evp takes care of the secure key exchange and on its own may use something like DH
- pkcs takes care of the salt (the padding up to ecb block size and depadding on the original decrypted data, simply put)
If all these details, all important,
none left out, are known to me I can finally write an example.