CKM_AES_KW
NIST Special Publication 800-38F describes cryptographic methods that are approved for “key wrapping,” that is, the protection of the confidentiality and integrity of cryptographic keys. In addition to describing existing methods, that publication specifies two new, deterministic authenticated-encryption modes of operation of the Advanced Encryption Standard (AES) algorithm: the AES Key Wrap (KW) mode and the AES Key Wrap With Padding (KWP) mode. Luna PCIe HSM 7 implements the AES Key Wrap (KW) mode at this time, which SP800-38F recommends as more secure than CKM_AES_CBC. This mechanism meets the requirements specified in RFC 3394 for key wrapping.
Data size
The maximum allowed data size for this mechanism is 64KB (64 * 1024).
NOTE
>NIST Special Publication 800-38F recommends this method as more secure than CKM_AES_CBC. This mechanism meets the requirements specified in RFC 3394 for key wrapping.
>For key generation or unwrap operations, the length of the new/unwrapped key must be specified with CKA_VALUE_LEN.
>This mechanism can be used to wrap/unwrap symmetric keys only. To wrap/unwrap private/asymmetric keys, use a mechanism that can wrap data of any length, such as CKM_AES_CBC_PAD, CKM_AES_GCM, or CKM_AES_KWP.
Summary
| FIPS approved? | Yes |
| Supported functions | Encrypt | Decrypt | Wrap | Unwrap |
| Functions restricted from FIPS use | None |
| Minimum key length (bits) | 128 |
| Minimum key length for FIPS use (bits) | 128 |
| Minimum legacy key length for FIPS use (bits) | N/A |
| Maximum key length (bits) | 256 |
| Block size | 8 |
| Digest size | 0 |
| Key types | AES |
| Algorithms | AES |
| Modes | KEYWRAP |
| Flags | Extractable | Accumulating |
