{"id":15370368,"url":"https://github.com/jedisct1/aes-kw","last_synced_at":"2025-04-15T13:53:58.610Z","repository":{"id":66081546,"uuid":"267858500","full_name":"jedisct1/aes-kw","owner":"jedisct1","description":"A standalone AES-KW (AES Key Wrap) implementation.","archived":false,"fork":false,"pushed_at":"2023-12-31T14:44:55.000Z","size":8,"stargazers_count":13,"open_issues_count":0,"forks_count":1,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-03-28T20:46:43.490Z","etag":null,"topics":["aes","aes-key-wrap","aes-kw","aes-kwp","aeskw","aeskwp","c","keywrap","keywrapping"],"latest_commit_sha":null,"homepage":null,"language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-2-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/jedisct1.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-05-29T12:58:49.000Z","updated_at":"2024-03-09T23:55:24.000Z","dependencies_parsed_at":null,"dependency_job_id":"b24f9812-9f78-4593-b986-51b7021e4df9","html_url":"https://github.com/jedisct1/aes-kw","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jedisct1%2Faes-kw","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jedisct1%2Faes-kw/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jedisct1%2Faes-kw/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jedisct1%2Faes-kw/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/jedisct1","download_url":"https://codeload.github.com/jedisct1/aes-kw/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":249085475,"owners_count":21210267,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aes","aes-key-wrap","aes-kw","aes-kwp","aeskw","aeskwp","c","keywrap","keywrapping"],"created_at":"2024-10-01T13:41:22.439Z","updated_at":"2025-04-15T13:53:58.587Z","avatar_url":"https://github.com/jedisct1.png","language":"C","funding_links":[],"categories":[],"sub_categories":[],"readme":"# A standalone AES Key Wrap (KWP, NIST SP800-38F) implementation\n\nAES Key Wrap is a construction to encrypt secret keys using a master key.\n\nIt is essentially a 5 round Feistel network using AES as the core function. One half of each AES block is used to encrypt the key, and the second half of the last permutation is used to compute a 64-bit MAC.\n\nIt doesn't require nonces, but still allows key reuse.\n\nThis is a NIST-blessed construction. Other than that, AES Key Wrap is inefficient and is generally not very useful.\n\n## Usage\n\nThe code uses AES-NI, so you may have to add `-maes` or `-march=native` to your compilation flags.\n\n### Key wrapping:\n\n```c\nint aes_kw_wrap(unsigned char *padded_out, size_t padded_out_len, const unsigned char *in,\n                size_t in_len, const unsigned char key[aes_kw_KEYBYTES]);\n```\n\nEncrypts a key `in` of length `in_len` bytes using the AES key `key` of size `aes_kw_KEYBYTES` bytes (the code uses AES-256 by default, so `aes_kw_KEYBYTES` is 32 bytes).\n\nThe encrypted key is put into `padded_out`, whose length is `padded_out_len`.\n\n`padded_out_len` must be `aes_kw_MACBYTES` (8 bytes) larger than the input. Extra space is needed if the wrapped key size is not a multiple of 8 bytes, but this case is virtually nonexistent in the real world.\n\nThe function returns `0` on success, `-1` or error.\n\n### Key unwrapping:\n\n```c\nint aes_kw_unwrap(unsigned char *out, size_t out_len, size_t padded_out_len,\n                  const unsigned char *padded_in, size_t padded_in_len,\n                  const unsigned char key[aes_kw_KEYBYTES]);\n```\n\nDecrypt the wrapped key `padded_in` of length `padded_in_len` using the AES key `key`, and store the decrypted key of length `out_len` bytes into `out` whose size is `padded_out_len`.\n\nUnless you are using key sizes that are not a multiple of 8 bytes, `padded_out_len` and `out_len` can be set to the same value.\n\nThe function returns `0` on success, `-1` or error.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjedisct1%2Faes-kw","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjedisct1%2Faes-kw","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjedisct1%2Faes-kw/lists"}