Evp_aes_128_ctr

2011-09-09 00:57:21 UTC
Evp_aes_128_xts

Cryptography is a fascinating subject that I would like to learn more about. While I may not make any contributions in cryptology in my career, I can certainly appreciate the mathematics, mathematicians and engineers who have helped make encryption more mainstream. Generated on 2013-Aug-29 from project openssl revision 1.0.1e Powered by Code Browser 1.4 Code Browser 1.4. // Copyright 2014 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. I need generate dll's for my project to use Qt Cryptographic Architecture, I try to go step by step as this short tutorial says. So I started with adding cmake to qt. !ctrBCCblock.6, ctr-bltmp) Description; TRUE: never evaluated: FALSE: evaluated 1054781 times by 2 tests.

Hi,
This diff needs testing, particularly on systems that support hardware
acceleration of AES via the OpenSSL EVP layer (e.g. Intel Core i7).
It uses OpenSSL's EVP AES API rather than the lower-level one and should
give an opportunity for the acceleration to work.
A useful benchmark would be
dd if=/dev/arandom bs=100000 count=1000 time ssh localhost 'cat > /dev/null'
before and after (you will need passwordless authentication setup so
as not to stall at the password prompt)
Index: cipher-ctr.c
RCS file: /cvs/src/usr.bin/ssh/cipher-ctr.c,v
retrieving revision 1.11
diff -u -p -r1.11 cipher-ctr.c
--- cipher-ctr.c 1 Oct 2010 23:05:32 -0000 1.11
+++ cipher-ctr.c 9 Sep 2011 00:49:18 -0000
@@ -30,7 +30,7 @@ void ssh_aes_ctr_iv(EVP_CIPHER_CTX *, in
struct ssh_aes_ctr_ctx
{
- AES_KEY aes_ctx;
+ EVP_CIPHER_CTX aes_evp_ctx;
u_char aes_counter[AES_BLOCK_SIZE];
};
@@ -64,7 +64,9 @@ ssh_aes_ctr(EVP_CIPHER_CTX *ctx, u_char
while ((len--) > 0) {
if (n 0) {
- AES_encrypt(c->aes_counter, buf, &c->aes_ctx);
+ if (EVP_Cipher(&c->aes_evp_ctx, buf, c->aes_counter,
+ AES_BLOCK_SIZE) 0)
+ fatal('%s: EVP_Cipher failed', __func__);
ssh_ctr_inc(c->aes_counter, AES_BLOCK_SIZE);
}
*(dest++) = *(src++) ^ buf[n];
@@ -83,9 +85,26 @@ ssh_aes_ctr_init(EVP_CIPHER_CTX *ctx, co
c = xmalloc(sizeof(*c));
EVP_CIPHER_CTX_set_app_data(ctx, c);
}
- if (key != NULL)
- AES_set_encrypt_key(key, EVP_CIPHER_CTX_key_length(ctx) * 8,
- &c->aes_ctx);
+ if (key != NULL) {
+ const EVP_CIPHER *cipher = NULL;
+
+ switch (EVP_CIPHER_CTX_key_length(ctx) * 8) {
+ case 128:
+ cipher = EVP_aes_128_ecb();
+ break;
+ case 192:
+ cipher = EVP_aes_192_ecb();
+ break;
+ case 256:
+ cipher = EVP_aes_256_ecb();
+ break;
+ default:
+ fatal('%s: invalid key length %d', __func__,
+ EVP_CIPHER_CTX_key_length(ctx) * 8);
+ }
+ if (EVP_CipherInit(&c->aes_evp_ctx, cipher, key, NULL, 1) 0)
+ fatal('%s: EVP_CipherInit failed', __func__);
+ }
if (iv != NULL)
memcpy(c->aes_counter, iv, AES_BLOCK_SIZE);
return (1);
@@ -97,6 +116,8 @@ ssh_aes_ctr_cleanup(EVP_CIPHER_CTX *ctx)
struct ssh_aes_ctr_ctx *c;
if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) != NULL) {
+ if (EVP_CIPHER_CTX_cleanup(&c->aes_evp_ctx) 0)
+ error('%s: EVP_CIPHER_CTX_cleanup failed', __func__);
memset(c, 0, sizeof(*c));
xfree(c);
EVP_CIPHER_CTX_set_app_data(ctx, NULL);
Index: umac.c
RCS file: /cvs/src/usr.bin/ssh/umac.c,v
retrieving revision 1.3
diff -u -p -r1.3 umac.c
--- umac.c 12 May 2008 20:52:20 -0000 1.3
+++ umac.c 9 Sep 2011 00:49:18 -0000
@@ -65,9 +65,11 @@
#include <sys/types.h>
#include <sys/endian.h>
+#include <stdarg.h>
#include 'xmalloc.h'
#include 'umac.h'
+#include 'log.h'
#include <string.h>
#include <stdlib.h>
#include <stddef.h>
@@ -167,12 +169,30 @@ static void STORE_UINT32_REVERSED(void *
#define AES_BLOCK_LEN 16
/* OpenSSL's AES */
-#include <openssl/aes.h>
-typedef AES_KEY aes_int_key[1];
-#define aes_encryption(in,out,int_key)
- AES_encrypt((u_char *)(in),(u_char *)(out),(AES_KEY *)int_key)
-#define aes_key_setup(key,int_key)
- AES_set_encrypt_key((u_char *)(key),UMAC_KEY_LEN*8,int_key)
+#include <openssl/evp.h>
+typedef EVP_CIPHER_CTX aes_int_key[1];
+
+static void
+aes_encryption(u_char *in, u_char *out, aes_int_key int_key)
+{
+ if (EVP_Cipher((EVP_CIPHER_CTX *)int_key, out, in, AES_BLOCK_LEN) 0)
+ fatal('%s: EVP_Cipher failed', __func__);
+}
+
+static void
+aes_key_setup(u_char *key, aes_int_key int_key)
+{
+ if (EVP_CipherInit((EVP_CIPHER_CTX *)int_key, EVP_aes_128_ecb(),
+ key, NULL, 1) 0)
+ fatal('%s: EVP_CipherInit failed', __func__);
+}
+
+static void
+aes_key_cleanup(aes_int_key int_key)
+{
+ if (EVP_CIPHER_CTX_cleanup((EVP_CIPHER_CTX *)int_key) 0)
+ error('%s: EVP_CIPHER_CTX_cleanup failed', __func__);
+}
/* The user-supplied UMAC key is stretched using AES in a counter
* mode to supply all random bits needed by UMAC. The kdf function takes
@@ -228,6 +248,11 @@ static void pdf_init(pdf_ctx *pc, aes_in
aes_encryption(pc->nonce, pc->cache, pc->prf_key);
}
+static void pdf_cleanup(pdf_ctx *pc)
+{
+ aes_key_cleanup(pc->prf_key);
+}
+
static void pdf_gen_xor(pdf_ctx *pc, UINT8 nonce[8], UINT8 buf[8])
{
/* 'ndx' indicates that we'll be using the 0th or 1st eight bytes
@@ -1194,9 +1219,13 @@ int umac_reset(struct umac_ctx *ctx)
int umac_delete(struct umac_ctx *ctx)
/* Deallocate the ctx structure */
{
+ struct umac_ctx *octx;
if (ctx) {
+ pdf_cleanup(&ctx->pdf);
+ octx = ctx;
if (ALLOC_BOUNDARY)
ctx = (struct umac_ctx *)ctx->free_ptr;
+ bzero(octx, sizeof(*octx));
xfree(ctx);
}
return (1);
@@ -1224,6 +1253,7 @@ struct umac_ctx *umac_new(u_char key[])
aes_key_setup(key,prf_key);
pdf_init(&ctx->pdf, prf_key);
uhash_init(&ctx->hash, prf_key);
+ aes_key_cleanup(prf_key);
}
return (ctx);

I need generate dll's for my project to use Qt Cryptographic Architecture, I try to go step by step as this short tutorial says. So I started with adding cmake to qt.

Then downloaded qca from git://anongit.kde.org/qca.git, cause this svn in the post was outdated. After that I took extra-cmake-modules from git://anongit.kde.org/extra-cmake-modules .

Now is time for compile it, I opened in qt cmakelist.txt from extra-cmake-modules , the CmakeWizard appears and I choose the MinGw Generator without any parameters.

The output looks like this:

-- The C compiler identification is GNU 4.8.2 -- Check for working C compiler: C:/Qt/Qt5.3.1/Tools/mingw482_32/bin/gcc.exe -- Check for working C compiler: C:/Qt/Qt5.3.1/Tools/mingw482_32/bin/gcc.exe -- works -- Detecting C compiler ABI info -- Detecting C compiler ABI info - done -- Detecting C compile features -- Detecting C compile features - done -- Looking for Sphinx Documentation Builder... -- Sphinx Documentation Builder not found - documentation will not be built (see http://sphinx-doc.org/) -- Configuring done -- Generating done -- Build files have been written to: G:/qca_new/extra_cmake_m-build

In next step i opened the qca in qt. The CMake wizard appeard one more time and as tutorial said I added this argument:

-DECM_MODULE_PATH=G:qca_newextra_cmake_m-build

Evp_aes_128_cbc Could Not Be Located

The output looks as follows:

CMake Warning:
Manually-specified variables were not used by the project:

ECM_MODULE_PATH

Evp_aes_128_ctr

Feature file will be installed to C:/Qt/Qt5.3.1/5.3/mingw482_32/mkspecs/features Documentation will be installed to C:/Qt/Qt5.3.1/Docs/Qt-5.3/html/qca Man page will be installed to C:/Qt/Qt5.3.1/5.3/mingw482_32/man Pkg-config file will be installed to C:/Qt/Qt5.3.1/5.3/mingw482_32/lib/pkgconfig

QCA prefix is C:/Qt/Qt5.3.1/5.3/mingw482_32 Plugins will be installed to C:/Qt/Qt5.3.1/5.3/mingw482_32/plugins Binary will be installed to C:/Qt/Qt5.3.1/5.3/mingw482_32/bin Library will be installed to C:/Qt/Qt5.3.1/5.3/mingw482_32/lib Public headers will be installed to C:/Qt/Qt5.3.1/5.3/mingw482_32/include/Qca-qt5 Private headers will be installed to C:/Qt/Qt5.3.1/5.3/mingw482_32/include/Qca-qt5 [31m !!!!!!!!!!!!!!!!!!!!!ATTENTION!!!!!!!!!!!!!!!!!!!!!! !! QCA will be installed in Qt prefix !! !! If you want to install in /usr/local !! !! you MUST explicity define CMAKE_INSTALL_PREFIX !! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! [0m

qca-gcrypt off qca-gnupg on qca-logger on qca-nss off qca-ossl on qca-pkcs11 off qca-softstore on Plugins: qca-botan off qca-cyrus-sasl off

CMake Warning at plugins/qca-ossl/CMakeLists.txt:25 (message): qca-ossl will be compiled without AES CTR mode encryption support

CMake Warning at plugins/qca-ossl/CMakeLists.txt:18 (message): qca-ossl will be compiled without MD2 digest algorithm support

-- The C compiler identification is GNU 4.8.2 -- The CXX compiler identification is GNU 4.8.2 -- Check for working C compiler: C:/Qt/Qt5.3.1/Tools/mingw482_32/bin/gcc.exe -- Check for working C compiler: C:/Qt/Qt5.3.1/Tools/mingw482_32/bin/gcc.exe -- works -- Detecting C compiler ABI info -- Detecting C compiler ABI info - done -- Detecting C compile features -- Detecting C compile features - done -- Check for working CXX compiler: C:/Qt/Qt5.3.1/Tools/mingw482_32/bin/g++.exe -- Check for working CXX compiler: C:/Qt/Qt5.3.1/Tools/mingw482_32/bin/g++.exe -- works -- Detecting CXX compiler ABI info -- Detecting CXX compiler ABI info - done -- Detecting CXX compile features -- Detecting CXX compile features - done -- Could NOT find Doxygen (missing: DOXYGEN_EXECUTABLE) -- Building with Qt5 support -- Installed package is NOT relocatable -- Checking for certstore.. -- Using built in certstore. -- certstore path: G:/qca_new/qca/certs/rootcerts.pem -- Looking for include file sys/filio.h -- Looking for include file sys/filio.h - not found -- Performing Test MLOCK_TAKES_VOID -- Performing Test MLOCK_TAKES_VOID - Failed -- mlock(2) does not take a void * -- Found OpenSSL: C:/Program Files/OpenVPN/bin/ssleay32.dll;C:/Program Files/OpenVPN/bin/libeay32.dll (found version '0.9.8h') -- Looking for EVP_md2 -- Looking for EVP_md2 - not found -- Looking for EVP_aes_128_ctr -- Looking for EVP_aes_128_ctr - not found -- Configuring done -- Generating done -- Build files have been written to: G:/qca_new/qca-build

And after that I'm stuck. I try to build project qca but I get the errors

...qcapluginsqca-osslqca-ossl.cpp:5808: error: 'SSL_SESSION_get_compress_id' was not declared in this scope sessInfo.isCompressed = (0 != SSL_SESSION_get_compress_id(ssl->session));

I searched for it and I found that somebody already created ticket connected with this issue. When this path didn't give me needed result, I went other way.

I commented some code in virtual method to avoid error during bulding.
Right now I can build 3 dll's:

  • libqca-qt5,

  • libqca-logger,

  • libqca-gnupg,
    and when qt tries to build libqca-ossl.dll the error apears:

    C:/Program Files/OpenVPN/bin/ssleay32.dll: file not recognized: File format not recognized collect2.exe: error: ld returned 1 exit status pluginsqca-osslCMakeFilesqca-ossl.dirbuild.make:104: recipe for target 'lib/qca-qt5/crypto/libqca-ossl.dll' failed mingw32-make[2]: *** [lib/qca-qt5/crypto/libqca-ossl.dll] Error 1 CMakeFilesMakefile2:395: recipe for target 'plugins/qca-ossl/CMakeFiles/qca-ossl.dir/all' failed mingw32-make[1]: *** [plugins/qca-ossl/CMakeFiles/qca-ossl.dir/all] Error 2 Makefile:137: recipe for target 'all' failed mingw32-make: *** [all] Error 2 15:17:12: The process 'C:QtQt5.3.1Toolsmingw482_32binmingw32-make.exe' exited with code 2.

I'm curious why it goes to openVpn folder at all.

I tried with cmake-gui as well like in this tutorial.
My parameters are source code (this qca repo which I downloaded from git) and my path to folder where binaries should be build. Configure and generate clicked and this is the output.

Evp_aes_128_xts

Could NOT find Doxygen (missing: DOXYGEN_EXECUTABLE) Building with Qt5 support Installed package is NOT relocatable Checking for certstore.. Using built in certstore. certstore path: G:/qca_new/qca/certs/rootcerts.pem mlock(2) does not take a void * CMake Warning at plugins/qca-ossl/CMakeLists.txt:18 (message): qca-ossl will be compiled without MD2 digest algorithm support

CMake Warning at plugins/qca-ossl/CMakeLists.txt:25 (message): qca-ossl will be compiled without AES CTR mode encryption support

Plugins: qca-botan off qca-cyrus-sasl off qca-gcrypt off qca-gnupg on qca-logger on qca-nss off qca-ossl on qca-pkcs11 off qca-softstore on

Evp_aes_128_ctr example

QCA prefix is C:/Qt/Qt5.3.1/5.3/mingw482_32 Plugins will be installed to C:/Qt/Qt5.3.1/5.3/mingw482_32/plugins Binary will be installed to C:/Qt/Qt5.3.1/5.3/mingw482_32/bin Library will be installed to C:/Qt/Qt5.3.1/5.3/mingw482_32/lib Public headers will be installed to C:/Qt/Qt5.3.1/5.3/mingw482_32/include/Qca-qt5 Private headers will be installed to C:/Qt/Qt5.3.1/5.3/mingw482_32/include/Qca-qt5 Feature file will be installed to C:/Qt/Qt5.3.1/5.3/mingw482_32/mkspecs/features Documentation will be installed to C:/Qt/Qt5.3.1/Docs/Qt-5.3/html/qca Man page will be installed to C:/Qt/Qt5.3.1/5.3/mingw482_32/man Pkg-config file will be installed to C:/Qt/Qt5.3.1/5.3/mingw482_32/lib/pkgconfig

Configuring done Generating done

After that I searched for any dll's but nothing appears, this both method generated build folders with content,but I don't know what to do to get all dll's and add it to project.

Tree of folder where build content appeared looks like this

Evp_aes_128_ctr example

Evp_aes_128_ccm

I would be grateful for any help in solving this problem.