On Mon, Mar 26, 2012 at 1:49 AM, Prashanth kumar N
prashanth.kuma...@gmail.com wrote:
[SNIP]
: In my case, i would be storing the wrapped key and
not the original
key. So when user tries to decrypt the wrapped key, he would get the
original key but how do i make sure that is the
Hi Dave,
I was going through the RFC of AES and it does say we get the IV upon
unwrapping . Check the below link
http://www.ietf.org/rfc/rfc3394.txt
-Prashanth
pkumarn wrote:
Let me go to my white board and see what best i can choose. Issue is we
don't want to sore any keys as it is, so
Hi Dave,
I was going through the RFC of AES and it does say we get the IV upon
unwrapping . Check the below link
http://www.ietf.org/rfc/rfc3394.txt
-Prashanth
On Fri, Mar 23, 2012 at 9:24 AM, Dave Thompson dthomp...@prinpay.comwrote:
From: owner-openssl-us...@openssl.org On Behalf Of
Let me go to my white board and see what best i can choose. Issue is we don't
want to sore any keys as it is, so is the reason to choose key wrapping.
pkumarn wrote:
One more thanks from side for replying to this query.,.. my comments
inline...
So are you saying that their is no way
From: owner-openssl-us...@openssl.org On Behalf Of pkumarn
Sent: Wednesday, 21 March, 2012 02:02
One more thanks from side for replying to this query.,.. my comments
inline...
Aside: Usenet convention is response lines, including 'inline'
ones, have no prefix, and (all) quoted lines do,
One more thanks from side for replying to this query.,.. my comments
inline...
So are you saying that their is no way to extract IV and check back if the
decrypted key matches the encrypted key? I feel this would give space for
more vulnerabilities as one needs to make sure before using the
From: owner-openssl-us...@openssl.org On Behalf Of pkumarn
Sent: Monday, 19 March, 2012 09:17
I have a requirement of wrapping a 512-bit DEK witk 256 bit
KEK. I picked up
openssl API and figured out that it provides AES_wrap_key()
to do the job. I
OpenSSL's AES_{wrap,unwrap}_key does *a*
Hi,
I have a requirement of wrapping a 512-bit DEK witk 256 bit KEK. I picked up
openssl API and figured out that it provides AES_wrap_key() to do the job. I
wrote a small program (snippet below) to get the job done but when i check
out the values in dek, i see all values as zero. Not sure what