[openssl-users] Extracting decrypt key for AES from openssl on client side

Hemant Ranvir hemantranvir at gmail.com
Wed Nov 14 11:54:55 UTC 2018 

I have implemented AES 128 encrypt and decrypt functions and tested it with
sample data and it checks out perfectly. I used the following reference:
https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.197.pdf

Next I implemented a dummy SSL client and SSL server which uses openssl to
send and receive data. It is working without any error and the messages are
exchanged seamlessly.

My main goal here is to use openssl for initial handshake sequence. Once
the connection is established between server and client, decrypt the
incoming message (this time not using the openssl api but rather by using
the decrypt AES function implemented earlier) and print and similarly for
outgoing message. We will focus on incoming messages.

For this of course I will need the decrypt key and IV. I got the decrypt
key(read key) on client side like following: (ssl is the SSL* structure of
openssl for the established connection, I am accessing the source code
structures of openssl directly)

//following struct copied from crypto/evp/e_aes.c
typedef struct {
    union {
        double align;
        AES_KEY ks;
    } ks;
    block128_f block;
    union {
        cbc128_f cbc;
        ctr128_f ctr;
    } stream;
} EVP_AES_KEY;

[Client Side]
EVP_AES_KEY *cipher_data;
cipher_data = EVP_CIPHER_CTX_get_cipher_data(ssl->enc_read_ctx);
cipher_data->ks.ks.rd_key  --> this is the decrypt key

I used this key to decrypt the incoming message with the AES decrypt
function but in vain.

Now AES is symmetric encryption so I thought let me check the
encrypt(write) key on the server side. The encrypt key on server should be
equal to decrypt key on client side. I got the encrypt key on server like
following:

[Server Side]
EVP_AES_KEY *cipher_data;
cipher_data = EVP_CIPHER_CTX_get_cipher_data(ssl->enc_write_ctx);
cipher_data->ks.ks.rd_key  --> this is the encrypt key

To my surprise they are different. Now if I use the above encrypt key of
server to decrypt the message on the client side. The message is decrypted
successfully.(as expected, the key used for encrypting the message is used
to decrypt the message in AES standard).

So I reach the following inferences:

   1. The decrypt key which is acquired on the client side is encrypted in
   some way in openssl?
   2. My method for getting the decrypt key on client side is wrong.

How can I get the decrypt key on the client side which I can use in the AES
decryption routine?

-- 
Best Regards,
Hemant Ranvir

*"To live a creative life, we must lose our fear of being wrong.**" -
J.C.Pearce*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20181114/60da0c2a/attachment.html>

More information about the openssl-users mailing list