AES-Wrap
Werner Koch
wk at gnupg.org
Wed Dec 9 11:12:46 CET 2009
Hi!
I just finished an implementation of the AES-Wrap algorithm as
specified in rfc3394 and a similar NIST spec. It is implemented as a
new cipher mode so that the algorithm may optionally be used with any
128 bit block cipher.
Example encryption code:
gcry_error_t err;
gcry_cipher_hd_t hd;
unsigned char outbuf[32+8];
size_t outbuflen;
int i;
err = gcry_cipher_open (&hd, GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_AESWRAP, 0);
if (err)
{
fail ("gcrypt_cipher_open failed: %s\n", gpg_strerror (err));
return;
}
err = gcry_cipher_setkey (hd, kek, 128/8);
if (err)
{
fail ("grcy_cipher_setkey failed: %s\n", gpg_strerror (err));
return;
}
outbuflen = datalen + 8;
if (outbuflen > sizeof outbuf)
err = gpg_error (GPG_ERR_INTERNAL);
else
err = gcry_cipher_encrypt (hd, outbuf, outbuflen, data, datalen);
if (err)
{
fail ("grcy_cipher_encrypt failed: %s\n", gpg_strerror (err));
return;
}
fprintf (stderr, "Ciphertext:");
for (i = 0; i < outbuflen; i++)
fprintf (stderr, " %02x", outbuf[i]);
putc ('\n', stderr);
decryption is similar:
... create handle and set key ...
outbuflen = datalen - 8;
if (outbuflen > sizeof outbuf)
err = gpg_error (GPG_ERR_INTERNAL);
else
err = gcry_cipher_decrypt (hd, outbuf, outbuflen, data, datalen);
if (err)
{
fail ("grcy_cipher_decrypt failed: %s\n", gpg_strerror (err));
return;
}
fprintf (stderr, "Plaintext:");
for (i = 0; i < outbuflen; i++)
fprintf (stderr, " %02x", outbuf[i]);
putc ('\n', stderr);
Salam-Shalom,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
More information about the Gcrypt-devel
mailing list