- From: Ryan Sleevi <sleevi@google.com>
- Date: Tue, 9 Jul 2013 17:14:24 -0700
- To: Mike Jones <Michael.Jones@microsoft.com>
- Cc: Jim Schaad <ietf@augustcellars.com>, Richard Barnes <rbarnes@bbn.com>, Mark Watson <watsonm@netflix.com>, "public-webcrypto@w3.org" <public-webcrypto@w3.org>
On Tue, Jul 9, 2013 at 5:01 PM, Mike Jones <Michael.Jones@microsoft.com> wrote: > I have .NET code that implements 3994 using the Rijndael class with key.Mode = CipherMode.ECB and key.Padding = PaddingMode.None. > > -- Mike Right. Which won't work for any FIPS uses, as Vijay can attest ;) I didn't realize that CALG_AES_128/192/256 didn't expose CRYPT_MODE_ECB, especially since the FIPS policy for RSAENH (CAPI) and BCrypt indicate AES-ECB being under the approved implementations... Less into the woods, 3994 is also what PKCS#11 specifies - by virtue of referencing the NIST paper on AES-KW, which 3994 was derived from.
Received on Wednesday, 10 July 2013 00:14:50 UTC