module
JOSE::JWA::AES_KW
Overview
AES Key Wrap (RFC 3394) — wrap and unwrap a key using AES-ECB.
Defined in:
jose/jwa/aes_kw.crConstant Summary
-
DEFAULT_IV =
Bytes[166, 166, 166, 166, 166, 166, 166, 166] -
The RFC 3394 default IV (
0xA6× 8) used to verify unwrap integrity.
Class Method Summary
-
.unwrap(kek : Bytes, ciphertext : Bytes) : Bytes
Unwraps ciphertext using kek.
-
.wrap(kek : Bytes, plaintext : Bytes) : Bytes
Wraps plaintext using kek (Key Encryption Key) per RFC 3394.
Class Method Detail
def self.unwrap(kek : Bytes, ciphertext : Bytes) : Bytes
#
Unwraps ciphertext using kek.
Returns the original key bytes. Raises ArgumentError if the IV
integrity check fails.
def self.wrap(kek : Bytes, plaintext : Bytes) : Bytes
#
Wraps plaintext using kek (Key Encryption Key) per RFC 3394. Returns the wrapped key bytes.