Skip to content
A Ruby implementation of AES Key Wrap, a.k.a RFC 3394, a.k.a NIST Key Wrap.
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
bin
lib
spec
.gitignore
.rspec
.ruby-version
.travis.yml
Gemfile
LICENSE.txt
README.md
Rakefile
aes_key_wrap.gemspec

README.md

Build Status Test Coverage

AESKeyWrap

A Ruby implementation of AES Key Wrap, a.k.a RFC 3394, a.k.a NIST Key Wrap.

Usage

To wrap a key, call AESKeyWrap.wrap with:

  • The plain text key
  • A key-encrypting key (KEK)
  • An "initial value" (optional)
require 'aes_key_wrap'
plaintext_key = ['00112233445566778899AABBCCDDEEFF'].pack('H*') #binary string
kek =  ['000102030405060708090A0B0C0D0E0F'].pack('H*') # binary string
iv = 0xDEADBEEFC0FFEEEE
wrapped_key = AESKeyWrap.wrap(plaintext_key, kek, iv)

To unwrap a key, call AESKeyWrap.unwrap:

unwrapped = AESKeyWrap.unwrap(wrapped_key, kek, iv)

There also unwrap!, which throws an exception if unwrapping fails, instead of returning nil.

Contributing

Make sure it's got tests, then do the usual fork and pull request hooha.

You can’t perform that action at this time.