"Excuse me please. My ear is full of milk..."

– Oliver Hardy, Going Bye Bye (1934)

Skip on down to the menu.

JavaScript Stuff

WebCrypto

Key wrapping and unwrapping.

I needed to test key wrapping and unwrapping using 128 bit AES-CBC, so I made a test page.

It may be helpful to you too. Right click on the page and choose inspect to see how it works.

You can find it here.

AES-CBC Padding Test

I was stumped about why the encrypted output of a 16 byte block (128 bits) was 32 bytes long.

The documentation on this is so sparse I didn't notice that AES-CBC encryption always does PKCS#7 padding, no matter how long the input is.

Extra bytes are added to the end of every unencrypted block. The number of bytes added will be between 1 and 16 (0x01 and 0x10 hex). for a 16 byte packet of data it will add 16 bytes of 0x10 at the end and then encrypt.

So, the lesson for me was that I can't encrypt a 16 byte packet of data and get a 16 byte encrypted packet. I needed to limit my data packet to 15 bytes, which does produce a 16 byte encrypted data packet.

Take a look and see for yourself