Botan 3.6.1
Crypto and TLS for C&
rfc3394.cpp
Go to the documentation of this file.
1/*
2* AES Key Wrap (RFC 3394)
3* (C) 2011 Jack Lloyd
4*
5* Botan is released under the Simplified BSD License (see license.txt)
6*/
7
8#include <botan/rfc3394.h>
9
10#include <botan/block_cipher.h>
11#include <botan/nist_keywrap.h>
12
13namespace Botan {
14
15secure_vector<uint8_t> rfc3394_keywrap(const secure_vector<uint8_t>& key, const SymmetricKey& kek) {
16 BOTAN_ARG_CHECK(kek.size() == 16 || kek.size() == 24 || kek.size() == 32, "Invalid KEK length for NIST key wrap");
17
18 const std::string cipher_name = "AES-" + std::to_string(8 * kek.size());
19 auto aes = BlockCipher::create_or_throw(cipher_name);
20 aes->set_key(kek);
21
22 std::vector<uint8_t> wrapped = nist_key_wrap(key.data(), key.size(), *aes);
23 return secure_vector<uint8_t>(wrapped.begin(), wrapped.end());
24}
25
26secure_vector<uint8_t> rfc3394_keyunwrap(const secure_vector<uint8_t>& key, const SymmetricKey& kek) {
27 BOTAN_ARG_CHECK(kek.size() == 16 || kek.size() == 24 || kek.size() == 32, "Invalid KEK length for NIST key wrap");
28
29 BOTAN_ARG_CHECK(key.size() >= 16 && key.size() % 8 == 0, "Bad input key size for NIST key unwrap");
30
31 const std::string cipher_name = "AES-" + std::to_string(8 * kek.size());
32 auto aes = BlockCipher::create_or_throw(cipher_name);
33 aes->set_key(kek);
34
35 return nist_key_unwrap(key.data(), key.size(), *aes);
36}
37
38} // namespace Botan
BOTAN_ARG_CHECK
#define BOTAN_ARG_CHECK(expr, msg)
Definition assert.h:29
Botan::BlockCipher::create_or_throw
static std::unique_ptr< BlockCipher > create_or_throw(std::string_view algo_spec, std::string_view provider="")
Definition block_cipher.cpp:266
Botan::OctetString::size
size_t size() const
Definition symkey.h:29
Botan::nist_key_wrap
std::vector< uint8_t > nist_key_wrap(const uint8_t input[], size_t input_len, const BlockCipher &bc)
Definition nist_keywrap.cpp:90
Botan::rfc3394_keywrap
secure_vector< uint8_t > rfc3394_keywrap(const secure_vector< uint8_t > &key, const SymmetricKey &kek)
Definition rfc3394.cpp:15
Botan::rfc3394_keyunwrap
secure_vector< uint8_t > rfc3394_keyunwrap(const secure_vector< uint8_t > &key, const SymmetricKey &kek)
Definition rfc3394.cpp:26
Botan::secure_vector
std::vector< T, secure_allocator< T > > secure_vector
Definition secmem.h:61
Botan::nist_key_unwrap
secure_vector< uint8_t > nist_key_unwrap(const uint8_t input[], size_t input_len, const BlockCipher &bc)
Definition nist_keywrap.cpp:116
Generated by doxygen 1.12.0