Botan  2.4.0
Crypto and TLS for C++11
rfc3394.cpp
Go to the documentation of this file.
1 /*
2 * AES Key Wrap (RFC 3394)
3 * (C) 2011 Jack Lloyd
4 *
5 * Botan is released under the Simplified BSD License (see license.txt)
6 */
7 
8 #include <botan/rfc3394.h>
9 #include <botan/nist_keywrap.h>
10 #include <botan/block_cipher.h>
11 
12 namespace Botan {
13 
15  const SymmetricKey& kek)
16  {
17  if(kek.size() != 16 && kek.size() != 24 && kek.size() != 32)
18  throw Invalid_Argument("Bad KEK length " + std::to_string(kek.size()) + " for NIST key wrap");
19 
20  const std::string cipher_name = "AES-" + std::to_string(8*kek.size());
21  std::unique_ptr<BlockCipher> aes(BlockCipher::create_or_throw(cipher_name));
22  aes->set_key(kek);
23 
24  std::vector<uint8_t> wrapped = nist_key_wrap(key.data(), key.size(), *aes);
25  return secure_vector<uint8_t>(wrapped.begin(), wrapped.end());
26  }
27 
29  const SymmetricKey& kek)
30  {
31  if(key.size() < 16 || key.size() % 8 != 0)
32  throw Invalid_Argument("Bad input key size for NIST key unwrap");
33 
34  if(kek.size() != 16 && kek.size() != 24 && kek.size() != 32)
35  throw Invalid_Argument("Bad KEK length " + std::to_string(kek.size()) + " for NIST key unwrap");
36 
37  const std::string cipher_name = "AES-" + std::to_string(8*kek.size());
38  std::unique_ptr<BlockCipher> aes(BlockCipher::create_or_throw(cipher_name));
39  aes->set_key(kek);
40 
41  return nist_key_unwrap(key.data(), key.size(), *aes);
42  }
43 
44 }
size_t size() const
Definition: symkey.h:26
std::string to_string(const BER_Object &obj)
Definition: asn1_obj.cpp:108
std::vector< uint8_t > nist_key_wrap(const uint8_t input[], size_t input_len, const BlockCipher &bc)
Definition: alg_id.cpp:13
secure_vector< uint8_t > nist_key_unwrap(const uint8_t input[], size_t input_len, const BlockCipher &bc)
static std::unique_ptr< BlockCipher > create_or_throw(const std::string &algo_spec, const std::string &provider="")
std::vector< T, secure_allocator< T > > secure_vector
Definition: secmem.h:88
secure_vector< uint8_t > rfc3394_keywrap(const secure_vector< uint8_t > &key, const SymmetricKey &kek)
Definition: rfc3394.cpp:14
secure_vector< uint8_t > rfc3394_keyunwrap(const secure_vector< uint8_t > &key, const SymmetricKey &kek)
Definition: rfc3394.cpp:28