Botan  2.8.0
Crypto and TLS for C++11
rfc3394.cpp
Go to the documentation of this file.
1 /*
2 * AES Key Wrap (RFC 3394)
3 * (C) 2011 Jack Lloyd
4 *
5 * Botan is released under the Simplified BSD License (see license.txt)
6 */
7 
8 #include <botan/rfc3394.h>
9 #include <botan/nist_keywrap.h>
10 #include <botan/block_cipher.h>
11 
12 namespace Botan {
13 
15  const SymmetricKey& kek)
16  {
17  BOTAN_ARG_CHECK(kek.size() == 16 || kek.size() == 24 || kek.size() == 32,
18  "Invalid KEK length for NIST key wrap");
19 
20  const std::string cipher_name = "AES-" + std::to_string(8*kek.size());
21  std::unique_ptr<BlockCipher> aes(BlockCipher::create_or_throw(cipher_name));
22  aes->set_key(kek);
23 
24  std::vector<uint8_t> wrapped = nist_key_wrap(key.data(), key.size(), *aes);
25  return secure_vector<uint8_t>(wrapped.begin(), wrapped.end());
26  }
27 
29  const SymmetricKey& kek)
30  {
31  BOTAN_ARG_CHECK(kek.size() == 16 || kek.size() == 24 || kek.size() == 32,
32  "Invalid KEK length for NIST key wrap");
33 
34  BOTAN_ARG_CHECK(key.size() >= 16 && key.size() % 8 == 0,
35  "Bad input key size for NIST key unwrap");
36 
37  const std::string cipher_name = "AES-" + std::to_string(8*kek.size());
38  std::unique_ptr<BlockCipher> aes(BlockCipher::create_or_throw(cipher_name));
39  aes->set_key(kek);
40 
41  return nist_key_unwrap(key.data(), key.size(), *aes);
42  }
43 
44 }
size_t size() const
Definition: symkey.h:26
std::string to_string(const BER_Object &obj)
Definition: asn1_obj.cpp:210
std::vector< uint8_t > nist_key_wrap(const uint8_t input[], size_t input_len, const BlockCipher &bc)
Definition: alg_id.cpp:13
#define BOTAN_ARG_CHECK(expr, msg)
Definition: assert.h:37
secure_vector< uint8_t > nist_key_unwrap(const uint8_t input[], size_t input_len, const BlockCipher &bc)
static std::unique_ptr< BlockCipher > create_or_throw(const std::string &algo_spec, const std::string &provider="")
std::vector< T, secure_allocator< T > > secure_vector
Definition: secmem.h:88
secure_vector< uint8_t > rfc3394_keywrap(const secure_vector< uint8_t > &key, const SymmetricKey &kek)
Definition: rfc3394.cpp:14
secure_vector< uint8_t > rfc3394_keyunwrap(const secure_vector< uint8_t > &key, const SymmetricKey &kek)
Definition: rfc3394.cpp:28