Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/jedisct1/aes-kw

A standalone AES-KW (AES Key Wrap) implementation.
https://github.com/jedisct1/aes-kw

aes aes-key-wrap aes-kw aes-kwp aeskw aeskwp c keywrap keywrapping

Last synced: about 1 month ago
JSON representation

A standalone AES-KW (AES Key Wrap) implementation.

Host: GitHub
URL: https://github.com/jedisct1/aes-kw
Owner: jedisct1
License: bsd-2-clause
Created: 2020-05-29T12:58:49.000Z (over 4 years ago)
Default Branch: master
Last Pushed: 2023-12-31T14:44:55.000Z (11 months ago)
Last Synced: 2024-10-05T04:35:42.616Z (about 2 months ago)
Topics: aes, aes-key-wrap, aes-kw, aes-kwp, aeskw, aeskwp, c, keywrap, keywrapping
Language: C
Size: 7.81 KB
Stars: 13
Watchers: 3
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

        # A standalone AES Key Wrap (KWP, NIST SP800-38F) implementation

AES Key Wrap is a construction to encrypt secret keys using a master key.

It is essentially a 5 round Feistel network using AES as the core function. One half of each AES block is used to encrypt the key, and the second half of the last permutation is used to compute a 64-bit MAC.

It doesn't require nonces, but still allows key reuse.

This is a NIST-blessed construction. Other than that, AES Key Wrap is inefficient and is generally not very useful.

## Usage

The code uses AES-NI, so you may have to add `-maes` or `-march=native` to your compilation flags.

### Key wrapping:

```c

int aes_kw_wrap(unsigned char *padded_out, size_t padded_out_len, const unsigned char *in,

                size_t in_len, const unsigned char key[aes_kw_KEYBYTES]);

```

Encrypts a key `in` of length `in_len` bytes using the AES key `key` of size `aes_kw_KEYBYTES` bytes (the code uses AES-256 by default, so `aes_kw_KEYBYTES` is 32 bytes).

The encrypted key is put into `padded_out`, whose length is `padded_out_len`.

`padded_out_len` must be `aes_kw_MACBYTES` (8 bytes) larger than the input. Extra space is needed if the wrapped key size is not a multiple of 8 bytes, but this case is virtually nonexistent in the real world.

The function returns `0` on success, `-1` or error.

### Key unwrapping:

```c

int aes_kw_unwrap(unsigned char *out, size_t out_len, size_t padded_out_len,

                  const unsigned char *padded_in, size_t padded_in_len,

                  const unsigned char key[aes_kw_KEYBYTES]);

```

Decrypt the wrapped key `padded_in` of length `padded_in_len` using the AES key `key`, and store the decrypted key of length `out_len` bytes into `out` whose size is `padded_out_len`.

Unless you are using key sizes that are not a multiple of 8 bytes, `padded_out_len` and `out_len` can be set to the same value.

The function returns `0` on success, `-1` or error.