Hi,
I have a requirement of wrapping a 512-bit DEK witk 256 bit KEK. I picked up
openssl API and figured out that it provides AES_wrap_key() to do the job. I
wrote a small program (snippet below) to get the job done but when i check
out the values in "dek", i see all values as zero. Not sure what i am
missing?
Also is their anyway i can extract the "IV" when i do the reverse of above
logic using AES_unwrap_key()?
#define KEY_LEN 32
u8 dek[KEY_LEN + 8];
static const unsigned char default_iv[] = {
0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6,
};
for(n = 0; n < KEY_LEN; n++)
actx.rd_key[n] = kek[n];
/* Here KEK is got as a function parameter
Byte contains DEK key
I am able to successfully print KEK and DEK values and they are as expected
*/
ret = AES_wrap_key(&actx, default_iv, dek, byte, KEY_LEN - 1);
for(n = 0; n < (KEY_LEN + 8); n++)
printf(" %02x", dek[n]); // this prints all zeros
printf("\n");
--
View this message in context:
http://old.nabble.com/How-to-use-AES_wrap_key%28%29-in-openssl-tp33531413p33531413.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [email protected]
Automated List Manager [email protected]
