Wraps a content-encryption key with a key-encryption key.
VB6/VBA
Debug.Print "Testing CIPHER_KeyWrap ..." Dim abWK() As Byte Dim abKeyData() As Byte Dim abKek() As Byte Dim nWkLen As Long Dim nKdLen As Long Dim nKekLen As Long abKeyData = cnvBytesFromHexStr("00112233 44556677 8899aabb ccddeeff") abKek = cnvBytesFromHexStr("c17a44e8 e28d7d64 81d1ddd5 0a3b8914") nKdLen = UBound(abKeyData) + 1 nKekLen = UBound(abKek) + 1 Debug.Print "INPUT:" Debug.Print "KEK=" & cnvHexStrFromBytes(abKek) Debug.Print "KD =" & cnvHexStrFromBytes(abKeyData) Debug.Print "OUTPUT:" nWkLen = CIPHER_KeyWrap(0, 0, abKeyData(0), nKdLen, abKek(0), nKekLen, API_BC_AES128) If nWkLen <= 0 Then Debug.Print "CIPHER_KeyWrap returns " & nWkLen & ": " & apiErrorLookup(nWkLen) Exit Sub End If ReDim abWK(nWkLen - 1) nWkLen = CIPHER_KeyWrap(abWK(0), nWkLen, abKeyData(0), nKdLen, abKek(0), nKekLen, API_BC_AES128) Debug.Print "WK{AES-128}=" & cnvHexStrFromBytes(abWK) abKeyData = cnvBytesFromHexStr("8cbedec4 8d063e1b a46be8e3 69a9c398 d8e30ee5 42bc347c 4f30e928 ddd7db49") abKek = cnvBytesFromHexStr("9e84ee99 e6a84b50 c76cd414 a2d2ec05 8af41bfe 4bf3715b f894c8da 1cd445f6") nKdLen = UBound(abKeyData) + 1 nKekLen = UBound(abKek) + 1 nWkLen = CIPHER_KeyWrap(0, 0, abKeyData(0), nKdLen, abKek(0), nKekLen, API_BC_AES256) If nWkLen <= 0 Then Debug.Print "CIPHER_KeyWrap returns " & nWkLen & ": " & apiErrorLookup(nWkLen) Exit Sub End If ReDim abWK(nWkLen - 1) nWkLen = CIPHER_KeyWrap(abWK(0), nWkLen, abKeyData(0), nKdLen, abKek(0), nKekLen, API_BC_AES256) Debug.Print "WK{AES-256}=" & cnvHexStrFromBytes(abWK) abKeyData = cnvBytesFromHexStr("84e7f2d8 78f89fcc cd2d5eba fc56daf7 3300f27e f771cd68") abKek = cnvBytesFromHexStr("8ad8274e 56f46773 8edd83d4 394e5e29 af7c4089 e4f8d9f4") nKdLen = UBound(abKeyData) + 1 nKekLen = UBound(abKek) + 1 Debug.Print "INPUT:" Debug.Print "KEK=" & cnvHexStrFromBytes(abKek) Debug.Print "KD =" & cnvHexStrFromBytes(abKeyData) Debug.Print "OUTPUT:" nWkLen = CIPHER_KeyWrap(0, 0, abKeyData(0), nKdLen, abKek(0), nKekLen, API_BC_3DES) If nWkLen <= 0 Then Debug.Print "CIPHER_KeyWrap returns " & nWkLen & ": " & apiErrorLookup(nWkLen) Exit Sub End If ReDim abWK(nWkLen - 1) nWkLen = CIPHER_KeyWrap(abWK(0), nWkLen, abKeyData(0), nKdLen, abKek(0), nKekLen, API_BC_3DES) Debug.Print "WK(3DES}=" & cnvHexStrFromBytes(abWK) ' Now unwrap (decrypt)... Debug.Print "Unwrap..." Debug.Print "INPUT:" Debug.Print "ALG=3DES" Debug.Print "KEK=" & cnvHexStrFromBytes(abKek) Debug.Print "WK =" & cnvHexStrFromBytes(abWK) ' In this case, we know that the Triple DES key will be exactly 24 bytes long, so nKdLen = API_KEYSIZE_TDEA_BYTES ReDim abKeyData(nKdLen - 1) nKdLen = CIPHER_KeyUnwrap(abKeyData(0), nKdLen, abWK(0), nWkLen, abKek(0), nKekLen, API_BC_3DES) If nKdLen <= 0 Then Debug.Print "CIPHER_KeyUnwrap returns " & nKdLen & ": " & apiErrorLookup(nKdLen) Exit Sub End If Debug.Print "OUTPUT:" Debug.Print "KD =" & cnvHexStrFromBytes(abKeyData) Debug.Print "OK =84E7F2D878F89FCCCD2D5EBAFC56DAF73300F27EF771CD68"
Output
Testing CIPHER_KeyWrap ... INPUT: KEK=C17A44E8E28D7D6481D1DDD50A3B8914 KD =00112233445566778899AABBCCDDEEFF OUTPUT: WK{AES-128}=503D75C73630A7B02ECF51B9B29B907749310B77B0B2E054 WK{AES-256}=EAFB901F82B98D37F17497063DE3E5EC7246AB57200AE73EDDDDF24AA403DAFA0C5AE151D1746FA4 INPUT: KEK=8AD8274E56F467738EDD83D4394E5E29AF7C4089E4F8D9F4 KD =84E7F2D878F89FCCCD2D5EBAFC56DAF73300F27EF771CD68 OUTPUT: WK(3DES}=064FFE8E031ECA15936AC37D1D18FB346A8EBD04B910B341B7F5C5DC5FE68E7902D8AA2AB3AFD487 Unwrap... INPUT: ALG=3DES KEK=8AD8274E56F467738EDD83D4394E5E29AF7C4089E4F8D9F4 WK =064FFE8E031ECA15936AC37D1D18FB346A8EBD04B910B341B7F5C5DC5FE68E7902D8AA2AB3AFD487 OUTPUT: KD =84E7F2D878F89FCCCD2D5EBAFC56DAF73300F27EF771CD68 OK =84E7F2D878F89FCCCD2D5EBAFC56DAF73300F27EF771CD68
VB.NET
Console.WriteLine("Testing CIPHER_KeyWrap ...") Dim abWK() As Byte Dim abKeyData() As Byte Dim abKek() As Byte ''Dim nWkLen As Integer ''Dim nKdLen As Integer ''Dim nKekLen As Integer abKeyData = Cnv.FromHex("00112233 44556677 8899aabb ccddeeff") abKek = Cnv.FromHex("c17a44e8 e28d7d64 81d1ddd5 0a3b8914") ''nKdLen = UBound(abKeyData) + 1 ''nKekLen = UBound(abKek) + 1 Console.WriteLine("INPUT:") Console.WriteLine("KEK=" & Cnv.ToHex(abKek)) Console.WriteLine("KD =" & Cnv.ToHex(abKeyData)) Console.WriteLine("OUTPUT:") abWK = Cipher.KeyWrap(abKeyData, abKek, CipherAlgorithm.Aes128) Console.WriteLine("WK{AES-128}=" & Cnv.ToHex(abWK)) abKeyData = Cnv.FromHex("8cbedec4 8d063e1b a46be8e3 69a9c398 d8e30ee5 42bc347c 4f30e928 ddd7db49") abKek = Cnv.FromHex("9e84ee99 e6a84b50 c76cd414 a2d2ec05 8af41bfe 4bf3715b f894c8da 1cd445f6") ''nKdLen = UBound(abKeyData) + 1 ''nKekLen = UBound(abKek) + 1 abWK = Cipher.KeyWrap(abKeyData, abKek, CipherAlgorithm.Aes256) Console.WriteLine("WK{AES-256}=" & Cnv.ToHex(abWK)) abKeyData = Cnv.FromHex("84e7f2d8 78f89fcc cd2d5eba fc56daf7 3300f27e f771cd68") abKek = Cnv.FromHex("8ad8274e 56f46773 8edd83d4 394e5e29 af7c4089 e4f8d9f4") ''nKdLen = UBound(abKeyData) + 1 ''nKekLen = UBound(abKek) + 1 Console.WriteLine("INPUT:") Console.WriteLine("KEK=" & Cnv.ToHex(abKek)) Console.WriteLine("KD =" & Cnv.ToHex(abKeyData)) Console.WriteLine("OUTPUT:") abWK = Cipher.KeyWrap(abKeyData, abKek, CipherAlgorithm.Tdea) Console.WriteLine("WK(3DES}=" & Cnv.ToHex(abWK)) ' Now unwrap (decrypt)... Console.WriteLine("Unwrap...") Console.WriteLine("INPUT:") Console.WriteLine("ALG=3DES") Console.WriteLine("KEK=" & Cnv.ToHex(abKek)) Console.WriteLine("WK =" & Cnv.ToHex(abWK)) ' In this case, we know that the Triple DES key will be exactly 24 bytes long, so ''nKdLen = API_KEYSIZE_TDEA_BYTES ''ReDim abKeyData(nKdLen - 1) abKeyData = Cipher.KeyUnwrap(abWK, abKek, CipherAlgorithm.Tdea) Console.WriteLine("OUTPUT:") Console.WriteLine("KD =" & Cnv.ToHex(abKeyData)) Console.WriteLine("OK =84E7F2D878F89FCCCD2D5EBAFC56DAF73300F27EF771CD68")
[Contents]