Hi Jacob, thanks for the input. On Tue 11 Dec, 2018, 4:24 PM Jakob Bohm via openssl-users, < openssl-users@openssl.org> wrote:
> On 10/12/2018 11:30, Hemant Ranvir wrote: > > Dear all, > > After extracting openssl-1.1.1.tar.gz, openssl can be configured > > without asm by passing no-asm flag during config command. > > > > The expanded key can be obtained like follows: > > //Getting expanded key from inside openssl > > //Copied from crypto/evp/e_aes.c > > typedef struct { > > union { > > double align; > > AES_KEY ks; > > } ks; > > block128_f block; > > union { > > cbc128_f cbc; > > ctr128_f ctr; > > } stream; > > } EVP_AES_KEY; > > > > EVP_CIPHER_CTX *cipher_ctx = ssl->enc_write_ctx; > > EVP_AES_KEY * cipher_data = EVP_CIPHER_CTX_get_cipher_data(cipher_ctx); > > printf("Encrypted Expanded Key is : "); > > > for(i=0;i<((cipher_ctx->cipher->key_len)/sizeof(cipher_data->ks.ks.rd_key[0])*11);i++) > > > { > > printf("%08x", cipher_data->ks.ks.rd_key[i]); > > } > > printf("\n"); > > > > To get the 128 bit encrypted key : > > unsigned char* key = unsigned char* malloc(16); > > int i; > > for (i=0; i<4; i++) { > > key[4*i] = cipher_data->ks.ks.rd_key[i] >> 24; > > key[4*i+1] = cipher_data->ks.ks.rd_key[i] >> 16; > > key[4*i+2] = cipher_data->ks.ks.rd_key[i] >> 8; > > key[4*i+3] = cipher_data->ks.ks.rd_key[i]; > > } > > > > I am using this 128 bit key and using it in *Rijndael* Key Schedule > > function to get the expanded key. The expanded key will be 128*11 bit > > long. > > This expanded key is equal to the expanded key obtained from accessing > > structures inside openssl(shown in section "Getting expanded key from > > inside openssl" ) which is expected. > > > > Now if I configure openssl without no-asm flag and get the expanded > > key from inside openssl and compare it with the expanded key > > calculated using the function I wrote. They are not equal. As far as I > > know there is only one way to calculate expanded key. I have even > > checked whether the expanded key inside openssl is inverse cipher > > expanded key but yet it is different. > > Can someone point me in the right direction. > > Thanks! > > > > > There have always been multiple ways to store the expanded AES > key, each optimized a different implementation of the inner > loops in the encryption block function. It is highly likely > the assembler implementation for any given processor uses a > different inner loop, and thus a different expanded key data > layout, than the generic C code. > > > Enjoy > > Jakob > -- > Jakob Bohm, CIO, Partner, WiseMo A/S. https://www.wisemo.com > Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10 > This public discussion message is non-binding and may contain errors. > WiseMo - Remote Service Management for PCs, Phones and Embedded > > -- > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users >
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users