On 2006.12.26 at 20:06:49 +0100, Andy Polyakov wrote: > > > >Perhaps ccgost is using the BIGNUM library in a way that other routines > >don't > >and that is triggering a problem.
If so, should it be considered bug or feature of ccgost engine? I.e. if I discover difference between way of using BIGNUM library in core ECDSA code and my code, should I fix it and, may be provide some patches for bignum documentation with explanation how to avoid it, or rather provide tests into core test suite that make sure that such way of using is possible? Since ccgost is just reference implementation, I've tried to write as straightforward code as possible. > crypto/bn/asm/x86-mont.pl was heavily modified recently... As > alternative to pulling down whole snapshots you can simply try to > replace this particular file with earlier versions from > http://cvs.openssl.org/rlog?f=openssl/crypto/bn/asm/x86-mont.pl. If it Reverting this file to version 1.6 makes problem go away. > turns to be culprit, then note that there are two code pathes, sse2 and > integer-only, the latter has separate squaring procedure, and we have to > figure out which one fails... To switch off squaring procedure, comment > out '&jz (&label("bn_sqr_mont"));' line #273. To switch off integer-only > path altogether replace 'if (0)' around line #248 with 'if (1)'. You Commenting out line #273 fixes problem with following configuration (output of make report): OpenSSL self-test report: OpenSSL version: 0.9.9-dev Last change: Very *very* experimental PKCS#7 streaming encoder suppo... Options: enable-shared enable-zlib no-gmp no-krb5 no-mdc2 no-rc5 no-rfc3779 no-zlib-dynamic OS (uname): Linux lynx 2.6.16-athlon #1 Tue May 30 12:23:37 MSD 2006 i686 GNU/Linux OS (config): i686-whatever-linux2 Target (default): linux-elf Target: linux-elf Compiler: Configured with: ../src/configure -v --enable-languages=c,c++,java,f77,pascal,objc,ada,treelang --prefix=/usr --mandir=/usr/share/man -- infodir=/usr/share/info --with-gxx-include-dir=/usr/include/c++/3.3 --enable- shared --enable-__cxa_atexit --with-system-zlib --enable-nls --without-included-gettext --enable-clocale=gnu --enable-debug --enable-java-gc=boehm --enable-java-awt=xlib --enable-objc-gc i486-linux Thread model: posix gcc version 3.3.5 (Debian 1:3.3.5-13) Test passed. Config line was used ./config -g zlib shared no-sse2 same result is achieved without no-sse2 option - fail without commenting line #273 and pass with it. > mention that you test Solaris x86 8, where sse2 is not an option [kernel > does not support it]. Do you compile sse2 support on other platforms? A. We are now building with no-sse2 on all platforms except FreeBSD 6 on AMD64 Solaris Sparc 64-builds (where everything is good now)- no-ripemd BTW, are core develpers interesting in access to logs of our nightly builds and tests? ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [EMAIL PROTECTED]
