2 //gcc openssl_evp.c pixmap_io.o -o openssl_evp -I /usr/include/openssl/ -lcrypto -O3 -std=c99
5 #include <openssl/conf.h>
6 #include <openssl/evp.h>
7 #include <openssl/err.h>
8 #include <openssl/ssl.h>
9 #include <openssl/bio.h>
12 #include "pixmap_io.h"
14 typedef unsigned char uchar;
25 struct timeval tstart;
26 gettimeofday(&tstart,0);
27 return( (double) (tstart.tv_sec + tstart.tv_usec*1e-6) );
30 double TimeStop(double t)
34 gettimeofday(&tend,0);
35 t = (double) (tend.tv_sec + tend.tv_usec*1e-6) - t;
40 void handleErrors(void)
42 ERR_print_errors_fp(stderr);
46 int encryptgcm(unsigned char *plaintext, int plaintext_len, unsigned char *aad,
47 int aad_len, unsigned char *key, unsigned char *iv, int iv_len,
48 unsigned char *ciphertext, unsigned char *tag)
57 /* Create and initialise the context */
58 if(!(ctx = EVP_CIPHER_CTX_new())) handleErrors();
60 /* Initialise the encryption operation. */
61 if(1 != EVP_EncryptInit_ex(ctx, EVP_aes_256_gcm(), NULL, NULL, NULL))
64 /* Set IV length if default 12 bytes (96 bits) is not appropriate */
65 if(1 != EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, iv_len, NULL))
67 for(int i=0;i<nb_test;i++) {
68 /* Initialise key and IV */
69 if(1 != EVP_EncryptInit_ex(ctx, NULL, NULL, key, iv)) handleErrors();
71 /* Provide any AAD data. This can be called zero or more times as
76 if(1 != EVP_EncryptUpdate(ctx, NULL, &len, aad, aad_len))
79 /* Provide the message to be encrypted, and obtain the encrypted output.
80 * EVP_EncryptUpdate can be called multiple times if necessary
84 if(1 != EVP_EncryptUpdate(ctx, ciphertext, &len, plaintext, plaintext_len))
89 /* Finalise the encryption. Normally ciphertext bytes may be written at
90 * this stage, but this does not occur in GCM mode
92 if(1 != EVP_EncryptFinal_ex(ctx, ciphertext + len, &len)) handleErrors();
93 ciphertext_len += len;
96 if(1 != EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_GET_TAG, 16, tag))
100 EVP_CIPHER_CTX_free(ctx);
102 return ciphertext_len;
108 int decryptgcm(unsigned char *ciphertext, int ciphertext_len, unsigned char *aad,
109 int aad_len, unsigned char *tag, unsigned char *key, unsigned char *iv,
110 int iv_len, unsigned char *plaintext)
117 /* Create and initialise the context */
118 if(!(ctx = EVP_CIPHER_CTX_new())) handleErrors();
120 /* Initialise the decryption operation. */
121 if(!EVP_DecryptInit_ex(ctx, EVP_aes_256_gcm(), NULL, NULL, NULL))
124 /* Set IV length. Not necessary if this is 12 bytes (96 bits) */
125 if(!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_IVLEN, iv_len, NULL))
127 for(int i=0;i<nb_test;i++) {
128 /* Initialise key and IV */
129 if(!EVP_DecryptInit_ex(ctx, NULL, NULL, key, iv)) handleErrors();
131 /* Provide any AAD data. This can be called zero or more times as
134 if(!EVP_DecryptUpdate(ctx, NULL, &len, aad, aad_len))
137 /* Provide the message to be decrypted, and obtain the plaintext output.
138 * EVP_DecryptUpdate can be called multiple times if necessary
140 if(!EVP_DecryptUpdate(ctx, plaintext, &len, ciphertext, ciphertext_len))
144 /* Set expected tag value. Works in OpenSSL 1.0.1d and later */
145 if(!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, 16, tag))
148 /* Finalise the decryption. A positive return value indicates success,
149 * anything else is a failure - the plaintext is not trustworthy.
151 ret = EVP_DecryptFinal_ex(ctx, plaintext + len, &len);
156 EVP_CIPHER_CTX_free(ctx);
161 plaintext_len += len;
162 return plaintext_len;
171 /* int encrypt(unsigned char *plaintext, int plaintext_len, unsigned char *key, */
172 /* unsigned char *iv, unsigned char *ciphertext, int ctr, int index) */
174 /* EVP_CIPHER_CTX *ctx; */
178 /* int ciphertext_len; */
180 /* /\* Create and initialise the context *\/ */
181 /* if(!(ctx = EVP_CIPHER_CTX_new())) handleErrors(); */
183 /* /\* Initialise the encryption operation. IMPORTANT - ensure you use a key */
184 /* * and IV size appropriate for your cipher */
185 /* * In this example we are using 256 bit AES (i.e. a 256 bit key). The */
186 /* * IV size for *most* modes is the same as the block size. For AES this */
187 /* * is 128 bits *\/ */
188 /* //static double time=0; */
190 /* //t=TimeStart(); */
194 /* if(1 != EVP_EncryptInit_ex(ctx, EVP_aes_128_ctr(), NULL, key, iv)) */
195 /* handleErrors(); */
198 /* if(1 != EVP_EncryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv)) */
199 /* handleErrors(); */
201 /* //time+=TimeStop(t); */
202 /* //printf("Time init %f\n",time); */
205 /* // int cipherBlockSize = EVP_CIPHER_CTX_block_size(ctx); */
206 /* // printf("INFO(evp_encrypt): block size: %d\n", cipherBlockSize); */
209 /* /\* Provide the message to be encrypted, and obtain the encrypted output. */
210 /* * EVP_EncryptUpdate can be called multiple times if necessary */
214 /* static double time=0; */
218 /* for(int i=0;i<nb_test;i++) */
221 /* if(1 != EVP_EncryptUpdate(ctx, ciphertext, &len, plaintext, plaintext_len)) */
222 /* handleErrors(); */
223 /* ciphertext_len = len; */
226 /* /\* time+=TimeStop(t); */
227 /* // if(index==nb_test-1) */
228 /* printf("Time encrypt %f\n",time); */
233 /* /\* Finalise the encryption. Further ciphertext bytes may be written at */
236 /* if(1 != EVP_EncryptFinal_ex(ctx, ciphertext + len, &len)) handleErrors(); */
237 /* ciphertext_len += len; */
239 /* /\* Clean up *\/ */
240 /* EVP_CIPHER_CTX_free(ctx); */
242 /* return ciphertext_len; */
245 /* int decrypt(unsigned char *ciphertext, int ciphertext_len, unsigned char *key, */
246 /* unsigned char *iv, unsigned char *plaintext, int ctr, int index) */
248 /* EVP_CIPHER_CTX *ctx; */
252 /* int plaintext_len; */
254 /* /\* Create and initialise the context *\/ */
255 /* if(!(ctx = EVP_CIPHER_CTX_new())) handleErrors(); */
257 /* /\* Initialise the decryption operation. IMPORTANT - ensure you use a key */
258 /* * and IV size appropriate for your cipher */
259 /* * In this example we are using 256 bit AES (i.e. a 256 bit key). The */
260 /* * IV size for *most* modes is the same as the block size. For AES this */
261 /* * is 128 bits *\/ */
267 /* if(1 != EVP_DecryptInit_ex(ctx, EVP_aes_128_ctr(), NULL, key, iv)) */
268 /* handleErrors(); */
271 /* if(1 != EVP_DecryptInit_ex(ctx, EVP_aes_128_cbc(), NULL, key, iv)) */
272 /* handleErrors(); */
274 /* /\* Provide the message to be decrypted, and obtain the plaintext output. */
275 /* * EVP_DecryptUpdate can be called multiple times if necessary */
278 /* /\* static double time=0; */
282 /* for(int i=0;i<nb_test;i++) */
284 /* plaintext_len = 0; */
285 /* if(1 != EVP_DecryptUpdate(ctx, plaintext, &len, ciphertext, ciphertext_len)) */
286 /* handleErrors(); */
287 /* plaintext_len = len; */
289 /* /\* time+=TimeStop(t); */
290 /* // if(index==nb_test-1) */
291 /* printf("Time decrypt %f\n",time); */
295 /* /\* Finalise the decryption. Further plaintext bytes may be written at */
298 /* if(1 != EVP_DecryptFinal_ex(ctx, plaintext + len, &len)) handleErrors(); */
299 /* plaintext_len += len; */
303 /* /\* Clean up *\/ */
304 /* EVP_CIPHER_CTX_free(ctx); */
306 /* return plaintext_len; */
312 int main (int argc, char** argv)
314 /* Set up the key and iv. Do I need to say to not hard code these in a
315 * real application? :-)
322 for(int i=1; i<argc; i++){
323 if(strncmp(argv[i],"nb",2)==0) nb_test = atoi(&(argv[i][2])); //nb of test
324 if(strncmp(argv[i],"ctr",3)==0) ctr = atoi(&(argv[i][3])); //CTR ? 1 otherwise CBC like
325 if(strncmp(argv[i],"sizebuf",7)==0) size_buf = atoi(&(argv[i][7])); //SIZE of the buffer
326 if(strncmp(argv[i],"lena",4)==0) lena = atoi(&(argv[i][4])); //Use Lena or buffer
329 /* printf("nb times %d\n",nb_test);
330 printf("ctr %d\n",ctr);
331 printf("lena %d\n",lena);
332 printf("size_buf %d\n",size_buf);
339 // unsigned char *key = (unsigned char *)"01234567890123456789012345678901";
340 unsigned char *key = (unsigned char *)"01234567890123450123456789012345";
343 unsigned char *iv = (unsigned char *)"0123456789012345";
345 unsigned char *tag= malloc(16);
347 /* Message to be encrypted */
349 /* Buffer for ciphertext. Ensure the buffer is long enough for the
350 * ciphertext which may be longer than the plaintext, dependant on the
356 uchar *data_R, *data_G, *data_B;
362 load_RGB_pixmap("lena.ppm", &width, &height, &data_R, &data_G, &data_B);
363 imsize=width*height*3;
364 // load_RGB_pixmap("No_ecb_mode_picture.ppm", &width, &height, &data_R, &data_G, &data_B);
370 buffer=malloc(imsize*sizeof(uchar));
371 for(int i=0;i<imsize;i++) {
378 int oneD=width*height;
379 uchar *plaintext = malloc(imsize+1000); //add that for cbc
381 for(int i=0;i<oneD;i++) {
382 plaintext[i]=data_R[i];
383 plaintext[oneD+i]=data_G[i];
384 plaintext[2*oneD+i]=data_B[i];
389 for(int i=0;i<oneD;i++) {
390 plaintext[i]=buffer[i];
396 uchar *ciphertext = malloc(imsize+1000); //add that for cbc
398 /* Buffer for the decrypted text */
399 uchar *decryptedtext = malloc(imsize+1000); //add that for cbc
401 int decryptedtext_len, ciphertext_len;
403 /* Initialise the library */
404 /* ERR_load_crypto_strings();
405 OpenSSL_add_all_algorithms();
406 OPENSSL_config(NULL);
410 double time_encrypt=0;
411 double time_decrypt=0;
412 double t=TimeStart();
415 /* Encrypt the plaintext */
422 /* for(int i=0;i<16;i++)
423 printf("%d ",tag[i]);
426 // for(i=0;i<nb_test;i++)
428 ciphertext_len = encryptgcm (plaintext, imsize, plaintext, imsize, key, iv,16,
431 /* for(int i=0;i<16;i++) {
432 printf("%d ",tag[i]);
435 time_encrypt+=TimeStop(t);
437 // printf("Time encrypt %f\n",time);
438 printf("%f\t",(double)imsize*nb_test/time_encrypt);
441 for(int i=0;i<oneD;i++) {
442 data_R[i]=ciphertext[i];
443 data_G[i]=ciphertext[oneD+i];
444 data_B[i]=ciphertext[2*oneD+i];
446 store_RGB_pixmap("lena2.ppm", data_R, data_G, data_B, width, height);
455 // for(int i=0;i<nb_test;i++)
457 /* Decrypt the ciphertext */
458 decryptedtext_len = decryptgcm(ciphertext, ciphertext_len,ciphertext, ciphertext_len,tag, key, iv, 16,
462 time_decrypt+=TimeStop(t);
464 //printf("Time decrypt %f\n",time);
465 printf("%f\t",(double)imsize*nb_test/time_decrypt);
468 for(int i=0;i<oneD;i++) {
469 data_R[i]=decryptedtext[i];
470 data_G[i]=decryptedtext[oneD+i];
471 data_B[i]=decryptedtext[2*oneD+i];
473 store_RGB_pixmap("lena3.ppm", data_R, data_G, data_B, width, height);
477 for(int i=0;i<imsize;i++) {
478 //cout<<(int)buffer[i]<<endl;
479 if(buffer[i]!=decryptedtext[i]) {
483 // printf("RESULT CORRECT: %d\n",equal);