[openssl-users] AES encrypt expanded key is different with no-asm

Hemant Ranvir hemantranvir at gmail.com
Tue Dec 11 07:37:22 UTC 2018


Hi Jacob, thanks for the input.

On Tue 11 Dec, 2018, 4:24 PM Jakob Bohm via openssl-users, <
openssl-users at openssl.org> wrote:

> On 10/12/2018 11:30, Hemant Ranvir wrote:
> > Dear all,
> >     After extracting openssl-1.1.1.tar.gz, openssl can be configured
> > without asm by passing no-asm flag during config command.
> >
> >     The expanded key can be obtained like follows:
> > //Getting expanded key from inside openssl
> > //Copied from crypto/evp/e_aes.c
> > typedef struct {
> >   union {
> >       double align;
> >       AES_KEY ks;
> >   } ks;
> >   block128_f block;
> >   union {
> >       cbc128_f cbc;
> >       ctr128_f ctr;
> >   } stream;
> > } EVP_AES_KEY;
> >
> > EVP_CIPHER_CTX *cipher_ctx = ssl->enc_write_ctx;
> > EVP_AES_KEY * cipher_data = EVP_CIPHER_CTX_get_cipher_data(cipher_ctx);
> > printf("Encrypted Expanded Key is : ");
> >
> for(i=0;i<((cipher_ctx->cipher->key_len)/sizeof(cipher_data->ks.ks.rd_key[0])*11);i++)
>
> > {
> >     printf("%08x", cipher_data->ks.ks.rd_key[i]);
> > }
> > printf("\n");
> >
> >  To get the 128 bit encrypted key :
> > unsigned char* key = unsigned char* malloc(16);
> >   int i;
> >   for (i=0; i<4; i++) {
> >       key[4*i]   = cipher_data->ks.ks.rd_key[i] >> 24;
> >       key[4*i+1] = cipher_data->ks.ks.rd_key[i] >> 16;
> >       key[4*i+2] = cipher_data->ks.ks.rd_key[i] >> 8;
> >       key[4*i+3] = cipher_data->ks.ks.rd_key[i];
> >   }
> >
> > I am using this 128 bit key and using it in *Rijndael* Key Schedule
> > function to get the expanded key. The expanded key will be 128*11 bit
> > long.
> > This expanded key is equal to the expanded key obtained from accessing
> > structures inside openssl(shown in section "Getting expanded key from
> > inside openssl" ) which is expected.
> >
> > Now if I configure openssl without no-asm flag and get the expanded
> > key from inside openssl and compare it with the expanded key
> > calculated using the function I wrote. They are not equal. As far as I
> > know there is only one way to calculate expanded key. I have even
> > checked whether the expanded key inside openssl is inverse cipher
> > expanded key but yet it is different.
> > Can someone point me in the right direction.
> > Thanks!
> >
> >
> There have always been multiple ways to store the expanded AES
> key, each optimized a different implementation of the inner
> loops in the encryption block function.  It is highly likely
> the assembler implementation for any given processor uses a
> different inner loop, and thus a different expanded key data
> layout, than the generic C code.
>
>
> Enjoy
>
> Jakob
> --
> Jakob Bohm, CIO, Partner, WiseMo A/S.  https://www.wisemo.com
> Transformervej 29, 2860 Søborg, Denmark.  Direct +45 31 13 16 10
> This public discussion message is non-binding and may contain errors.
> WiseMo - Remote Service Management for PCs, Phones and Embedded
>
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20181211/5fc3441b/attachment.html>


More information about the openssl-users mailing list