On Fri, Nov 21, 2025 at 04:19:06PM +0000, Sipos, Brian J. wrote: > Ilari, > Yes, the issue that I ran into this discrepancy is the fact that the > underlying (polymorphic) algorithm families (i.e. general AES-KW) do accept > input keys of any length (provided they are valid for AES), and the > crypto-function implementation I am using also will accept input keys of > whatever you provide. But the COSE algorithm code point -5 described as "AES > Key Wrap w/ 256-bit key" strongly implies that the input key is 256-bit as > well, and the COSE library I'm using does not enforce this because... it just > isn't explicitly defined anywhere AFAIK.
AES-KW does not seem polymorphic, all the A*KW algorithms take fixed- length key: 32 bytes for -5, 24 bytes for -4 and 16 bytes for -3. However, AES-KW can encrypt any multiple of 8 bytes, so ciphertext length can vary. Checking the alg registry, seems like every algorithm taking symmetric key either takes key of fixed 16/24/32 bytes (anything based on AES or Chacha20), or key of (practically) any length (anything based on HMAC). -Ilari _______________________________________________ COSE mailing list -- [email protected] To unsubscribe send an email to [email protected]
