On 4/5/2012 8:54 PM, Jeffrey Walton wrote:
On Wed, Apr 4, 2012 at 5:41 AM, pkumarn<prashanth.kuma...@gmail.com> wrote:
Hi,
I had earlier posted query on AES_Keywrap() usage and had good response on
the same and got lot of things clarified. Now i am successful in using
AES_wrap_key() API but i am running into a new problem.
I need to wrap 512bit key with 256 bit KEK key. When i do this, i am hitting
seg fault in AES_wrap_key(). When i do gdb, it points to memcpy(). From the
code i didn't see any limitation of not using 512 bit key. Am i missing
something? Below is my sample code which works successfully for 256 bit Key.
Below code can be enabled for 512 bit with the macro KEY512.
Forgive my ignorance (I did not refer to the RFC), but is a 256
KEK/512 CEK a valid combination?
Perhaps you can "stretch" the 256 key with two iterations of SHA-256.
It won't affect your choice of security levels, and will match KEK/CEK
key sizes.
While current cryptanalytic attacks cannot penetrate such stretching, this
might not be true of future (or current unpublished) attacks. While I am
not that familiar with the API in question, in general a key wrapping
method should be able to securely transport keys of a different size than
the KEK, the classic (but not only) example being to transport an RSA
private key with a same security level AES key.
Enjoy
Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S. http://www.wisemo.com
Transformervej 29, 2730 Herlev, Denmark. Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
