Re: AES_unwrap_key returns 0

InMotion Man <inmotiont@xxxxxxxxx> · Fri, 5 Jan 2018 10:29:17 -0800

Hello Dave,
Your guess exactly right. This is my first time using the OpenSSL
library and I didn't know there was a different function to create
encryption and decryption AES_KEY.
Thank you for the help and sorry for the newbie question.
Cheers,
IMM.

On Fri, Jan 5, 2018 at 5:44 AM, Dave Coombs <dcoombs@xxxxxxxxxxx> wrote:
> Hello,
>
> This is just a guess, but try AES_set_decrypt_key() before trying to unwrap?
>
>   -Dave
>
>
> On Jan 4, 2018, at 13:08, InMotion Man <inmotiont@xxxxxxxxx> wrote:
>
> Hello all,
> I'm having trouble using the AES_unwrap_key function. I have tried different
> things but it always returns 0 and the out buffer does not get written to.
>
> I can wrap a key with the AES_wrap_key. Then I pass the wrapped key output
> to AES_unwrap_key and it is not able to unwrap it. This is regardless if I
> use the default IV (passing NULL to the function) or pass an explicit IV.See
> sample code below.
>
> Has anybody seen this issue? Any help will be appreciated.
> I'm using OpenSSL 1.1.0.f
>
> #include <aes.h>
>
> int
> main(int argc, char **argv)
> {
>     int i;
>     int ret;
>     unsigned char wrappedKeyData[24];
>     unsigned char KEK[] = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
> 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F};
>     unsigned char keyData[] = {0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66,
> 0x77, 0x88, 0x99, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF};
>     unsigned char IV[8] = {0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6, 0xA6};
>
>     AES_KEY wrp_key;
>     AES_set_encrypt_key(KEK, 128, &wrp_key);
>
>     /* wrapping  */
>     ret = AES_wrap_key(&wrp_key, NULL, wrappedKeyData, keyData, 16);
>     printf("openssl wrapping returns %i\n", ret);
>     printf("wrapped keyData: ");
>     for (i = 0; i < ret; i++) {
>         printf ("%02x", wrappedKeyData[i]);
>     }
>     printf("\n");
>
>     /* unwrapping */
>     unsigned char keyDataOut[16];
>     ret = AES_unwrap_key(&wrp_key, NULL, keyDataOut, wrappedKeyData, 24);
>     printf("unwrapping openssl returns %i\n", ret);
>     printf("unwrapped keyData: ");
>     for (i = 0; i < 16; i++) {
>         printf ("%02x", keyDataOut[i]) ;
>     }
>     printf("\n");
>
>     return EXIT_SUCCESS;
> }
>
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
>
>
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users