AES encrypt expanded key is different with no-asm

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

AES encrypt expanded key is different with no-asm

UserSSL
Dear all,
    After extracting openssl-1.1.1.tar.gz, openssl can be configured without asm by passing no-asm flag during config command.

    The expanded key can be obtained like follows:
//Getting expanded key from inside openssl
//Copied from crypto/evp/e_aes.c
typedef struct {
    union {
        double align;
        AES_KEY ks;
    } ks;
    block128_f block;
    union {
        cbc128_f cbc;
        ctr128_f ctr;
    } stream;
} EVP_AES_KEY;

  EVP_CIPHER_CTX *cipher_ctx = ssl->enc_write_ctx;
  EVP_AES_KEY * cipher_data = EVP_CIPHER_CTX_get_cipher_data(cipher_ctx);
  printf("Encrypted Expanded Key is : ");
  for(i=0;i<((cipher_ctx->cipher->key_len)/sizeof(cipher_data->ks.ks.rd_key[0])*11);i++) {
      printf("%08x", cipher_data->ks.ks.rd_key[i]);
  }
  printf("\n");

 To get the 128 bit encrypted key :
unsigned char* key = unsigned char* malloc(16);
    int i;
    for (i=0; i<4; i++) {
        key[4*i]   = cipher_data->ks.ks.rd_key[i] >> 24;
        key[4*i+1] = cipher_data->ks.ks.rd_key[i] >> 16;
        key[4*i+2] = cipher_data->ks.ks.rd_key[i] >> 8;
        key[4*i+3] = cipher_data->ks.ks.rd_key[i];
    }

I am using this 128 bit key and using it in Rijndael Key Schedule function to get the expanded key. The expanded key will be 128*11 bit long.
This expanded key is equal to the expanded key obtained from accessing structures inside openssl(shown in section "Getting expanded key from inside openssl" ) which is expected.

Now if I configure openssl without no-asm flag and get the expanded key from inside openssl and compare it with the expanded key calculated using the function I wrote. They are not equal. As far as I know there is only one way to calculate expanded key. I have even checked whether the expanded key inside openssl is inverse cipher expanded key but yet it is different.
Can someone point me in the right direction.
Thanks!

--
Best Regards,
Hemant Ranvir

"To live a creative life, we must lose our fear of being wrong." - J.C.Pearce

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: AES encrypt expanded key is different with no-asm

OpenSSL - User mailing list
On 10/12/2018 11:30, Hemant Ranvir wrote:

> Dear all,
>     After extracting openssl-1.1.1.tar.gz, openssl can be configured
> without asm by passing no-asm flag during config command.
>
>     The expanded key can be obtained like follows:
> //Getting expanded key from inside openssl
> //Copied from crypto/evp/e_aes.c
> typedef struct {
>   union {
>       double align;
>       AES_KEY ks;
>   } ks;
>   block128_f block;
>   union {
>       cbc128_f cbc;
>       ctr128_f ctr;
>   } stream;
> } EVP_AES_KEY;
>
> EVP_CIPHER_CTX *cipher_ctx = ssl->enc_write_ctx;
> EVP_AES_KEY * cipher_data = EVP_CIPHER_CTX_get_cipher_data(cipher_ctx);
> printf("Encrypted Expanded Key is : ");
> for(i=0;i<((cipher_ctx->cipher->key_len)/sizeof(cipher_data->ks.ks.rd_key[0])*11);i++)
> {
>     printf("%08x", cipher_data->ks.ks.rd_key[i]);
> }
> printf("\n");
>
>  To get the 128 bit encrypted key :
> unsigned char* key = unsigned char* malloc(16);
>   int i;
>   for (i=0; i<4; i++) {
>       key[4*i]   = cipher_data->ks.ks.rd_key[i] >> 24;
>       key[4*i+1] = cipher_data->ks.ks.rd_key[i] >> 16;
>       key[4*i+2] = cipher_data->ks.ks.rd_key[i] >> 8;
>       key[4*i+3] = cipher_data->ks.ks.rd_key[i];
>   }
>
> I am using this 128 bit key and using it in *Rijndael* Key Schedule
> function to get the expanded key. The expanded key will be 128*11 bit
> long.
> This expanded key is equal to the expanded key obtained from accessing
> structures inside openssl(shown in section "Getting expanded key from
> inside openssl" ) which is expected.
>
> Now if I configure openssl without no-asm flag and get the expanded
> key from inside openssl and compare it with the expanded key
> calculated using the function I wrote. They are not equal. As far as I
> know there is only one way to calculate expanded key. I have even
> checked whether the expanded key inside openssl is inverse cipher
> expanded key but yet it is different.
> Can someone point me in the right direction.
> Thanks!
>
>
There have always been multiple ways to store the expanded AES
key, each optimized a different implementation of the inner
loops in the encryption block function.  It is highly likely
the assembler implementation for any given processor uses a
different inner loop, and thus a different expanded key data
layout, than the generic C code.


Enjoy

Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S.  https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: AES encrypt expanded key is different with no-asm

UserSSL
Hi Jacob, thanks for the input. 

On Tue 11 Dec, 2018, 4:24 PM Jakob Bohm via openssl-users, <[hidden email]> wrote:
On 10/12/2018 11:30, Hemant Ranvir wrote:
> Dear all,
>     After extracting openssl-1.1.1.tar.gz, openssl can be configured
> without asm by passing no-asm flag during config command.
>
>     The expanded key can be obtained like follows:
> //Getting expanded key from inside openssl
> //Copied from crypto/evp/e_aes.c
> typedef struct {
>   union {
>       double align;
>       AES_KEY ks;
>   } ks;
>   block128_f block;
>   union {
>       cbc128_f cbc;
>       ctr128_f ctr;
>   } stream;
> } EVP_AES_KEY;
>
> EVP_CIPHER_CTX *cipher_ctx = ssl->enc_write_ctx;
> EVP_AES_KEY * cipher_data = EVP_CIPHER_CTX_get_cipher_data(cipher_ctx);
> printf("Encrypted Expanded Key is : ");
> for(i=0;i<((cipher_ctx->cipher->key_len)/sizeof(cipher_data->ks.ks.rd_key[0])*11);i++)
> {
>     printf("%08x", cipher_data->ks.ks.rd_key[i]);
> }
> printf("\n");
>
>  To get the 128 bit encrypted key :
> unsigned char* key = unsigned char* malloc(16);
>   int i;
>   for (i=0; i<4; i++) {
>       key[4*i]   = cipher_data->ks.ks.rd_key[i] >> 24;
>       key[4*i+1] = cipher_data->ks.ks.rd_key[i] >> 16;
>       key[4*i+2] = cipher_data->ks.ks.rd_key[i] >> 8;
>       key[4*i+3] = cipher_data->ks.ks.rd_key[i];
>   }
>
> I am using this 128 bit key and using it in *Rijndael* Key Schedule
> function to get the expanded key. The expanded key will be 128*11 bit
> long.
> This expanded key is equal to the expanded key obtained from accessing
> structures inside openssl(shown in section "Getting expanded key from
> inside openssl" ) which is expected.
>
> Now if I configure openssl without no-asm flag and get the expanded
> key from inside openssl and compare it with the expanded key
> calculated using the function I wrote. They are not equal. As far as I
> know there is only one way to calculate expanded key. I have even
> checked whether the expanded key inside openssl is inverse cipher
> expanded key but yet it is different.
> Can someone point me in the right direction.
> Thanks!
>
>
There have always been multiple ways to store the expanded AES
key, each optimized a different implementation of the inner
loops in the encryption block function.  It is highly likely
the assembler implementation for any given processor uses a
different inner loop, and thus a different expanded key data
layout, than the generic C code.


Enjoy

Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S.  https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users