Topic: AES Keywrap Alogrithm
I am trying to implement the key wrap AES Key Wrap Specification described in csrc.nist.gov/groups/ST/toolkit/documents/kms/key-wrap.pdf
I am just trying to get the "encrypt" part to work right now with wolfSSL embedded SSL, and am using the "alternate algorithm."
The key wrap algorithm contains multiple AES encrypting iterations. The document gives you known values for the example inputs (located at the end of the document), but I am having no success getting it to work for the first iteration.
In the key wrap document, they say:
B = AES K (A | Ri )
Which is basically saying do an AES encryption with key K on the concatenated data, A (the initialization vector) and the i-th 64 bit data block of the data. So for the first iteration, the i-th data would be the first 64 bits of the data to be wrapped. And then put the encrypted data in B.
I see when I call AesSetKey(...) I am passing it the Initialize Vector (A). And when I call Aes...Encrypt(...) I do not pass it the IV.
Does the code automatically concatenate the IV onto the beginning of the data when you call Aes...Encrypt(...)? Or do I still need to handle that concatenation myself? If the latter, how does the IV get used in Aes...Encrypt(...)?
Also, I'm not sure which Aes...Encrypt(...) to use (CBC, CTR, GCM, etc) for this. It says "codebook" which is another kind you apparently don't support, but it also say it isn't a good one to use on the wikipedia page.