Re: [openssl-users] AES encrypt expanded key is different with no-asm

Mon, 10 Dec 2018 23:24:48 -0800 

On 10/12/2018 11:30, Hemant Ranvir wrote:

Dear all,
    After extracting openssl-1.1.1.tar.gz, openssl can be configured without asm by passing no-asm flag during config command. 

    The expanded key can be obtained like follows:
//Getting expanded key from inside openssl
//Copied from crypto/evp/e_aes.c
typedef struct {
  union {
      double align;
      AES_KEY ks;
  } ks;
  block128_f block;
  union {
      cbc128_f cbc;
      ctr128_f ctr;
  } stream;
} EVP_AES_KEY;

EVP_CIPHER_CTX *cipher_ctx = ssl->enc_write_ctx;
EVP_AES_KEY * cipher_data = EVP_CIPHER_CTX_get_cipher_data(cipher_ctx);
printf("Encrypted Expanded Key is : ");

for(i=0;i<((cipher_ctx->cipher->key_len)/sizeof(cipher_data->ks.ks.rd_key[0])*11);i++) 
{

    printf("%08x", cipher_data->ks.ks.rd_key[i]);
}
printf("\n");

 To get the 128 bit encrypted key :
unsigned char* key = unsigned char* malloc(16);
  int i;
  for (i=0; i<4; i++) {
      key[4*i]   = cipher_data->ks.ks.rd_key[i] >> 24;
      key[4*i+1] = cipher_data->ks.ks.rd_key[i] >> 16;
      key[4*i+2] = cipher_data->ks.ks.rd_key[i] >> 8;
      key[4*i+3] = cipher_data->ks.ks.rd_key[i];
  }


I am using this 128 bit key and using it in *Rijndael* Key Schedule 
function to get the expanded key. The expanded key will be 128*11 bit 
long.
This expanded key is equal to the expanded key obtained from accessing 
structures inside openssl(shown in section "Getting expanded key from 
inside openssl" ) which is expected.



Now if I configure openssl without no-asm flag and get the expanded 
key from inside openssl and compare it with the expanded key 
calculated using the function I wrote. They are not equal. As far as I 
know there is only one way to calculate expanded key. I have even 
checked whether the expanded key inside openssl is inverse cipher 
expanded key but yet it is different.

Can someone point me in the right direction.
Thanks!



There have always been multiple ways to store the expanded AES
key, each optimized a different implementation of the inner
loops in the encryption block function.  It is highly likely
the assembler implementation for any given processor uses a
different inner loop, and thus a different expanded key data
layout, than the generic C code.


Enjoy

Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S.  https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users






















					Reply via email to