pub fn tr31_wrap_with_header_string(
header_str: &str,
kbpk: &[u8],
key: &[u8],
masked_key_len: usize,
random_seed: &[u8],
) -> Result<String, Box<dyn Error>>Expand description
Wrap a cryptographic key according to TR-31 key block format version ‘D’ with a string header.
This function wraps a cryptographic key according to the TR-31 key block format version ‘D’. It takes a string representation of the key block header, the Key Block Protection Key (KBPK), the key to be protected, a masked key length, and a random seed as inputs.
§Arguments
header_str- String representation of the key block header.kbpk- Key Block Protection Key used for deriving the encryption (KBEK) and authentication (KBAK) keys.key- The cryptographic key or sensitive data to be protected.masked_key_len- Length used to mask the true length of short keys.random_seed- Random seed used for generating padding in the payload.
§Returns
A Result containing the TR-31 formatted key block as a String or an error if any
step in the key block construction process fails.
§Errors
Returns an error if:
- The key block version is not supported (currently only ‘D’ is implemented).
- The total key block length is not a multiple of the of the block size for the underlying algorithms.
- There are issues with key derivation, payload construction, MAC computation, or encryption.
- The header or payload data are improperly formatted.