Re: AES encrypt expanded key is different with no-asm

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 10/12/2018 11:30, Hemant Ranvir wrote:
Dear all,
    After extracting openssl-1.1.1.tar.gz, openssl can be configured without asm by passing no-asm flag during config command.

    The expanded key can be obtained like follows:
//Getting expanded key from inside openssl
//Copied from crypto/evp/e_aes.c
typedef struct {
  union {
      double align;
      AES_KEY ks;
  } ks;
  block128_f block;
  union {
      cbc128_f cbc;
      ctr128_f ctr;
  } stream;
} EVP_AES_KEY;

EVP_CIPHER_CTX *cipher_ctx = ssl->enc_write_ctx;
EVP_AES_KEY * cipher_data = EVP_CIPHER_CTX_get_cipher_data(cipher_ctx);
printf("Encrypted Expanded Key is : ");
for(i=0;i<((cipher_ctx->cipher->key_len)/sizeof(cipher_data->ks.ks.rd_key[0])*11);i++) {
    printf("%08x", cipher_data->ks.ks.rd_key[i]);
}
printf("\n");

 To get the 128 bit encrypted key :
unsigned char* key = unsigned char* malloc(16);
  int i;
  for (i=0; i<4; i++) {
      key[4*i]   = cipher_data->ks.ks.rd_key[i] >> 24;
      key[4*i+1] = cipher_data->ks.ks.rd_key[i] >> 16;
      key[4*i+2] = cipher_data->ks.ks.rd_key[i] >> 8;
      key[4*i+3] = cipher_data->ks.ks.rd_key[i];
  }

I am using this 128 bit key and using it in *Rijndael* Key Schedule function to get the expanded key. The expanded key will be 128*11 bit long. This expanded key is equal to the expanded key obtained from accessing structures inside openssl(shown in section "Getting expanded key from inside openssl" ) which is expected.

Now if I configure openssl without no-asm flag and get the expanded key from inside openssl and compare it with the expanded key calculated using the function I wrote. They are not equal. As far as I know there is only one way to calculate expanded key. I have even checked whether the expanded key inside openssl is inverse cipher expanded key but yet it is different.
Can someone point me in the right direction.
Thanks!


There have always been multiple ways to store the expanded AES
key, each optimized a different implementation of the inner
loops in the encryption block function.  It is highly likely
the assembler implementation for any given processor uses a
different inner loop, and thus a different expanded key data
layout, than the generic C code.


Enjoy

Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S.  https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users




[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux