Chilkat HOME Android™ Classic ASP C C++ C# Mono C# .NET Core C# C# UWP/WinRT DataFlex Delphi ActiveX Delphi DLL Visual FoxPro Java Lianja MFC Objective-C Perl PHP ActiveX PHP Extension PowerBuilder PowerShell PureBasic CkPython Chilkat2-Python Ruby SQL Server Swift 2 Swift 3,4,5... Tcl Unicode C Unicode C++ Visual Basic 6.0 VB.NET VB.NET UWP/WinRT VBScript Xojo Plugin Node.js Excel Go
(MFC) AES Key Wrap / UnwrapDemonstrates the AesKeyWrap and AesKeyUnwrap methods that were added to Chilkat v9.5.0.66. This example implements the AES Key Wrap Algorithm as described in RFC 3394. It demonstrates wrapping and unwrapping the test data provided in the RFC. This example requires Chilkat v9.5.0.66 or later.
#include <CkCrypt2.h> void ChilkatSample(void) { CkString strOut; // This example assumes the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. // Note: This example requires Chilkat v9.5.0.66 or later. CkCrypt2 crypt; // The KEK is the Key Encryption Key. It's the AES key that is used // to wrap another AES key which is called the "Key Data". // The KEK can be 128-bit, 192-bit, or 256-bit. // (In other words, it can be 16 bytes, 24 bytes, or 32 bytes) // The Key Data must be a multiple of 64-bits in length. (i.e. a multiple of 8 bytes) // The AES Key Wrap algorithm can wrap not only AES keys, but any data that is a // multiple of 8 bytes in size. const char *kek = 0; const char *keyData = 0; const char *wrappedKey = 0; const char *expected = 0; const char *unwrappedKey = 0; const char *encoding = "hex"; // Use a 128-bit KEK to wrap a 128-bit AES key. kek = "000102030405060708090A0B0C0D0E0F"; keyData = "00112233445566778899AABBCCDDEEFF"; expected = "1FA68B0A8112B447AEF34BD8FB5A7B829D3E862371D2CFE5"; strOut.append("---- Use a 128-bit KEK to wrap a 128-bit AES key."); strOut.append("\r\n"); strOut.append("kek = "); strOut.append(kek); strOut.append("\r\n"); strOut.append("keyData = "); strOut.append(keyData); strOut.append("\r\n"); strOut.append("expected = "); strOut.append(expected); strOut.append("\r\n"); wrappedKey = crypt.aesKeyWrap(kek,keyData,encoding); strOut.append("computed = "); strOut.append(wrappedKey); strOut.append("\r\n"); unwrappedKey = crypt.aesKeyUnwrap(kek,wrappedKey,encoding); strOut.append("unwrapped = "); strOut.append(unwrappedKey); strOut.append("\r\n"); strOut.append("----"); strOut.append("\r\n"); // Use a 192-bit KEK to wrap a 128-bit AES key. kek = "000102030405060708090A0B0C0D0E0F1011121314151617"; keyData = "00112233445566778899AABBCCDDEEFF"; expected = "96778B25AE6CA435F92B5B97C050AED2468AB8A17AD84E5D"; strOut.append("---- Use a 192-bit KEK to wrap a 128-bit AES key."); strOut.append("\r\n"); strOut.append("kek = "); strOut.append(kek); strOut.append("\r\n"); strOut.append("keyData = "); strOut.append(keyData); strOut.append("\r\n"); strOut.append("expected = "); strOut.append(expected); strOut.append("\r\n"); wrappedKey = crypt.aesKeyWrap(kek,keyData,encoding); strOut.append("computed = "); strOut.append(wrappedKey); strOut.append("\r\n"); unwrappedKey = crypt.aesKeyUnwrap(kek,wrappedKey,encoding); strOut.append("unwrapped = "); strOut.append(unwrappedKey); strOut.append("\r\n"); strOut.append("----"); strOut.append("\r\n"); // Use a 256-bit KEK to wrap a 128-bit AES key. kek = "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F"; keyData = "00112233445566778899AABBCCDDEEFF"; expected = "64E8C3F9CE0F5BA263E9777905818A2A93C8191E7D6E8AE7"; strOut.append("---- Use a 256-bit KEK to wrap a 128-bit AES key."); strOut.append("\r\n"); strOut.append("kek = "); strOut.append(kek); strOut.append("\r\n"); strOut.append("keyData = "); strOut.append(keyData); strOut.append("\r\n"); strOut.append("expected = "); strOut.append(expected); strOut.append("\r\n"); wrappedKey = crypt.aesKeyWrap(kek,keyData,encoding); strOut.append("computed = "); strOut.append(wrappedKey); strOut.append("\r\n"); unwrappedKey = crypt.aesKeyUnwrap(kek,wrappedKey,encoding); strOut.append("unwrapped = "); strOut.append(unwrappedKey); strOut.append("\r\n"); strOut.append("----"); strOut.append("\r\n"); // Use a 192-bit KEK to wrap a 192-bit AES key. kek = "000102030405060708090A0B0C0D0E0F1011121314151617"; keyData = "00112233445566778899AABBCCDDEEFF0001020304050607"; expected = "031D33264E15D33268F24EC260743EDCE1C6C7DDEE725A936BA814915C6762D2"; strOut.append("---- Use a 192-bit KEK to wrap a 192-bit AES key."); strOut.append("\r\n"); strOut.append("kek = "); strOut.append(kek); strOut.append("\r\n"); strOut.append("keyData = "); strOut.append(keyData); strOut.append("\r\n"); strOut.append("expected = "); strOut.append(expected); strOut.append("\r\n"); wrappedKey = crypt.aesKeyWrap(kek,keyData,encoding); strOut.append("computed = "); strOut.append(wrappedKey); strOut.append("\r\n"); unwrappedKey = crypt.aesKeyUnwrap(kek,wrappedKey,encoding); strOut.append("unwrapped = "); strOut.append(unwrappedKey); strOut.append("\r\n"); strOut.append("----"); strOut.append("\r\n"); // Use a 256-bit KEK to wrap a 192-bit AES key. kek = "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F"; keyData = "00112233445566778899AABBCCDDEEFF0001020304050607"; expected = "A8F9BC1612C68B3FF6E6F4FBE30E71E4769C8B80A32CB8958CD5D17D6B254DA1"; strOut.append("---- Use a 256-bit KEK to wrap a 192-bit AES key."); strOut.append("\r\n"); strOut.append("kek = "); strOut.append(kek); strOut.append("\r\n"); strOut.append("keyData = "); strOut.append(keyData); strOut.append("\r\n"); strOut.append("expected = "); strOut.append(expected); strOut.append("\r\n"); wrappedKey = crypt.aesKeyWrap(kek,keyData,encoding); strOut.append("computed = "); strOut.append(wrappedKey); strOut.append("\r\n"); unwrappedKey = crypt.aesKeyUnwrap(kek,wrappedKey,encoding); strOut.append("unwrapped = "); strOut.append(unwrappedKey); strOut.append("\r\n"); strOut.append("----"); strOut.append("\r\n"); // Use a 256-bit KEK to wrap a 256-bit AES key. kek = "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F"; keyData = "00112233445566778899AABBCCDDEEFF000102030405060708090A0B0C0D0E0F"; expected = "28C9F404C4B810F4CBCCB35CFB87F8263F5786E2D80ED326CBC7F0E71A99F43BFB988B9B7A02DD21"; strOut.append("---- Use a 256-bit KEK to wrap a 256-bit AES key."); strOut.append("\r\n"); strOut.append("kek = "); strOut.append(kek); strOut.append("\r\n"); strOut.append("keyData = "); strOut.append(keyData); strOut.append("\r\n"); strOut.append("expected = "); strOut.append(expected); strOut.append("\r\n"); wrappedKey = crypt.aesKeyWrap(kek,keyData,encoding); strOut.append("computed = "); strOut.append(wrappedKey); strOut.append("\r\n"); unwrappedKey = crypt.aesKeyUnwrap(kek,wrappedKey,encoding); strOut.append("unwrapped = "); strOut.append(unwrappedKey); strOut.append("\r\n"); strOut.append("----"); strOut.append("\r\n"); // The output: // // ---- Use a 128-bit KEK to wrap a 128-bit AES key. // kek = 000102030405060708090A0B0C0D0E0F // keyData = 00112233445566778899AABBCCDDEEFF // expected = 1FA68B0A8112B447AEF34BD8FB5A7B829D3E862371D2CFE5 // computed = 1FA68B0A8112B447AEF34BD8FB5A7B829D3E862371D2CFE5 // unwrapped = 00112233445566778899AABBCCDDEEFF // ---- // ---- Use a 192-bit KEK to wrap a 128-bit AES key. // kek = 000102030405060708090A0B0C0D0E0F1011121314151617 // keyData = 00112233445566778899AABBCCDDEEFF // expected = 96778B25AE6CA435F92B5B97C050AED2468AB8A17AD84E5D // computed = 96778B25AE6CA435F92B5B97C050AED2468AB8A17AD84E5D // unwrapped = 00112233445566778899AABBCCDDEEFF // ---- // ---- Use a 256-bit KEK to wrap a 128-bit AES key. // kek = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F // keyData = 00112233445566778899AABBCCDDEEFF // expected = 64E8C3F9CE0F5BA263E9777905818A2A93C8191E7D6E8AE7 // computed = 64E8C3F9CE0F5BA263E9777905818A2A93C8191E7D6E8AE7 // unwrapped = 00112233445566778899AABBCCDDEEFF // ---- // ---- Use a 192-bit KEK to wrap a 192-bit AES key. // kek = 000102030405060708090A0B0C0D0E0F1011121314151617 // keyData = 00112233445566778899AABBCCDDEEFF0001020304050607 // expected = 031D33264E15D33268F24EC260743EDCE1C6C7DDEE725A936BA814915C6762D2 // computed = 031D33264E15D33268F24EC260743EDCE1C6C7DDEE725A936BA814915C6762D2 // unwrapped = 00112233445566778899AABBCCDDEEFF0001020304050607 // ---- // ---- Use a 256-bit KEK to wrap a 192-bit AES key. // kek = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F // keyData = 00112233445566778899AABBCCDDEEFF0001020304050607 // expected = A8F9BC1612C68B3FF6E6F4FBE30E71E4769C8B80A32CB8958CD5D17D6B254DA1 // computed = A8F9BC1612C68B3FF6E6F4FBE30E71E4769C8B80A32CB8958CD5D17D6B254DA1 // unwrapped = 00112233445566778899AABBCCDDEEFF0001020304050607 // ---- // ---- Use a 256-bit KEK to wrap a 256-bit AES key. // kek = 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F // keyData = 00112233445566778899AABBCCDDEEFF000102030405060708090A0B0C0D0E0F // expected = 28C9F404C4B810F4CBCCB35CFB87F8263F5786E2D80ED326CBC7F0E71A99F43BFB988B9B7A02DD21 // computed = 28C9F404C4B810F4CBCCB35CFB87F8263F5786E2D80ED326CBC7F0E71A99F43BFB988B9B7A02DD21 // unwrapped = 00112233445566778899AABBCCDDEEFF000102030405060708090A0B0C0D0E0F // ---- // SetDlgItemText(IDC_EDIT1,strOut.getUnicode()); } |
© 2000-2022 Chilkat Software, Inc. All Rights Reserved.