RFC 5649 specifies a padding convention for use with the AES Key Wrap algorithm specified in RFC 3394. This convention eliminates the requirement that the length of the key is to be wrapped by a multiple of 64 bits, allowing a key of any practical length to be wrapped.

This convention should always be used instead of CKM_AES_CBC when wrapping a key from the HSM.

Data size

The maximum allowed data size for this mechanism is 64KB (64 * 1024).


FIPS approved? Yes
Supported functions Encrypt | Decrypt | Wrap | Unwrap
Functions restricted from FIPS use None
Minimum key length (bits) 128
Minimum key length for FIPS use (bits) 128
Minimum legacy key length for FIPS use (bits) N/A
Maximum key length (bits) 256
Block size 8
Digest size 0
Key types AES
Algorithms AES
Flags Extractable | Accumulating