Hi, >With the AES Key Wrap algorithm, the wrapped key is 8 bytes longer than >the original plaintext key. By default a checkword of A6A6A6A6A6A6A6A6 >is pre-pended to the original plaintext key. In the OpenSSL code, this >is referred to as the IV. The Checkword plus plaintext key is then >subjected to several rounds of AES encryption using the Key Encryption >Key. It appears that the output buffer is used as a working area for >this process and thus initializes it with the original plaintext key.
I know quite well how AES key wrap operates and that the result is 8 bytes longer than the input data. The buffer in my case would provide the extra space without problems. At the moment, I however have to allocate another temporary buffer as destination which effectively doubles memory requirements - which is anything else but welcome on an embedded system...plus I have to copy the wrapped data back into the original buffer. Out of curiosity, I changed the memcpy() calls to memmove() and in-place operation then works as expected. The device by the way is a wireless access point, and AES key (un)wrap is used as part of the WPA key handshake. Best regards Alfred Arnold -- Alfred Arnold E-Mail: [EMAIL PROTECTED] Computer Club at the http://john.ccac.rwth-aachen.de:8000/alf/ Technical University Phone: +49-241-406526 of Aachen Fax: +49-241-406527 ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
