0

MDN mentions that:

AES-KW does not require an initialization vector (iv)

But when I try and encrypt my content encryption key (CEK) using the key encryption key (KEK) like below Node.js Crypto createCipheriv(algorithm, key, iv[, options]) throws an error ERR_CRYPTO_INVALID_IV. Does anyone know if AES-KW requires an iv? The Advanced Encryption Standard (AES) Key Wrap Algorithm RFC does not mention "initialization vector" at all.

let cipherCEK = createCipheriv('aes256-wrap', keyEncryptionKey, null);
let encryptedCEK = cipher.update(contentEncryptionKey);
encryptedCEK += cipher.final(); //buffer
Ronnie Royston
  • 16,778
  • 6
  • 77
  • 91

1 Answers1

1

I'm not sure why you say that RFC 3394 doesn't mention an IV. It's covered in section 2.2.3, and is used for data integrity (i.e. to make sure that the key was decrypted correctly). The default value recommended is A6A6A6A6A6A6A6A6. I haven't tested with createCipheriv, but I would recommend passing this value.

I expect that MDN says it doesn't "require" an IV because there is a default one that Microsoft automatically uses, so you don't need to pass it. I expect Node.js just isn't quite that developer-friendly.

Rob Napier
  • 286,113
  • 34
  • 456
  • 610
  • I did not understand that `initial value` and `initialization vector` were the same thing? Re MDN, it could be that the WebCrypto API (vs Node's Crypto module) defaults to that `A6A6...` IV? – Ronnie Royston Aug 26 '23 at 23:59
  • I expect that WebCrypto does if they say you don't need to pass anything. – Rob Napier Aug 27 '23 at 02:19