Hello. I was trying to run the testsuite for openssl-fips-1.2.3 but I get a problems with several tests.
Here is a piece of debug output which might be helpful: echo test normal x509v1 certificate test normal x509v1 certificate sh ./tx509 2>/dev/null testing X509 conversions p -> d make[2]: *** [test_x509] Error 1 gdb ./apps/openssl GNU gdb (GDB) 7.3.1 Copyright (C) 2011 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-unknown-linux-gnu". For bug reporting instructions, please see: <http://www.gnu.org/software/gdb/bugs/>... Reading symbols from /usr/src/openssl-fips-1.2.3/apps/openssl...done. (gdb) run Starting program: /usr/src/openssl-fips-1.2.3/apps/openssl OpenSSL> x509 Program received signal SIGILL, Illegal instruction. 0x00007ffff78d7e80 in PEM_read_bio_X509_AUX (bp=0x697590, x=0x0, cb=0x447fa7 <password_callback>, u=0x0) at pem_xaux.c:68 68 IMPLEMENT_PEM_rw(X509_AUX, X509, PEM_STRING_X509_TRUSTED, X509_AUX) (gdb) where #0 0x00007ffff78d7e80 in PEM_read_bio_X509_AUX (bp=0x697590, x=0x0, cb=0x447fa7 <password_callback>, u=0x0) at pem_xaux.c:68 #1 0x0000000000448d4a in load_cert (err=0x677010, file=0x0, format=3, pass=0x0, e=0x0, cert_descrip=0x465408 "Certificate") at apps.c:821 #2 0x0000000000433fa5 in x509_main (argc=0, argv=0x696ec8) at x509.c:632 #3 0x0000000000412eb7 in do_cmd (prog=0x691a80, argc=1, argv=0x696ec0) at openssl.c:396 #4 0x0000000000412cc9 in main (Argc=1, Argv=0x7fffffffe288) at openssl.c:347 (gdb) disas Dump of assembler code for function PEM_read_bio_X509_AUX: 0x00007ffff78d7e6c <+0>: push %rbp 0x00007ffff78d7e6d <+1>: mov %rsp,%rbp 0x00007ffff78d7e70 <+4>: mov %rdi,-0x8(%rbp) 0x00007ffff78d7e74 <+8>: mov %rsi,-0x10(%rbp) 0x00007ffff78d7e78 <+12>: mov %rdx,-0x18(%rbp) 0x00007ffff78d7e7c <+16>: mov %rcx,-0x20(%rbp) => 0x00007ffff78d7e80 <+20>: ud2 End of assembler dump. ------------------------------------------------------------------------ trsa (d -> d) ls -l f.d -rw-rw-r-- 1 guido guido 320 Feb 13 02:57 f.d gdb ../apps/openssl #rsa -in f.d -inform d -outform d >ff.d1 GNU gdb (GDB) 7.3.1 Copyright (C) 2011 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-unknown-linux-gnu". For bug reporting instructions, please see: <http://www.gnu.org/software/gdb/bugs/>... Reading symbols from /usr/src/openssl-fips-1.2.3/apps/openssl...done. (gdb) run rsa -in f.d -inform d -outform d >ff.d1 Starting program: /usr/src/openssl-fips-1.2.3/apps/openssl rsa -in f.d -inform d -outform d >ff.d1 Program received signal SIGILL, Illegal instruction. 0x00007ffff78e1ef2 in d2i_PrivateKey_bio (bp=0x6970e0, a=0x0) at x_all.c:510 510 { (gdb) where #0 0x00007ffff78e1ef2 in d2i_PrivateKey_bio (bp=0x6970e0, a=0x0) at x_all.c:510 #1 0x0000000000448fd3 in load_key (err=0x677010, file=0x7fffffffe580 "f.d", format=1, maybe_stdin=1, pass=0x0, e=0x0, key_descrip=0x46220d "Private Key") at apps.c:893 #2 0x000000000042c27f in rsa_main (argc=0, argv=0x7fffffffe268) at rsa.c:265 #3 0x0000000000412eb7 in do_cmd (prog=0x691a80, argc=7, argv=0x7fffffffe230) at openssl.c:396 #4 0x0000000000412b5d in main (Argc=7, Argv=0x7fffffffe230) at openssl.c:315 (gdb) disas Dump of assembler code for function d2i_PrivateKey_bio: 0x00007ffff78e1ee6 <+0>: push %rbp 0x00007ffff78e1ee7 <+1>: mov %rsp,%rbp 0x00007ffff78e1eea <+4>: mov %rdi,-0x8(%rbp) 0x00007ffff78e1eee <+8>: mov %rsi,-0x10(%rbp) => 0x00007ffff78e1ef2 <+12>: ud2 End of assembler dump. ------------------------------------------------------------------------ trsa (d -> p) gdb ../apps/openssl #-in f.d -inform d -outform p >ff.p1 GNU gdb (GDB) 7.3.1 Copyright (C) 2011 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-unknown-linux-gnu". For bug reporting instructions, please see: <http://www.gnu.org/software/gdb/bugs/>... Reading symbols from /usr/src/openssl-fips-1.2.3/apps/openssl...done. (gdb) run rsa -in f.d -inform d -outform p >ff.p1 Starting program: /usr/src/openssl-fips-1.2.3/apps/openssl rsa -in f.d -inform d -outform p >ff.p1 Program received signal SIGILL, Illegal instruction. 0x00007ffff78e1ef2 in d2i_PrivateKey_bio (bp=0x6970e0, a=0x0) at x_all.c:510 510 { (gdb) where #0 0x00007ffff78e1ef2 in d2i_PrivateKey_bio (bp=0x6970e0, a=0x0) at x_all.c:510 #1 0x0000000000448fd3 in load_key (err=0x677010, file=0x7fffffffe580 "f.d", format=1, maybe_stdin=1, pass=0x0, e=0x0, key_descrip=0x46220d "Private Key") at apps.c:893 #2 0x000000000042c27f in rsa_main (argc=0, argv=0x7fffffffe268) at rsa.c:265 #3 0x0000000000412eb7 in do_cmd (prog=0x691a80, argc=7, argv=0x7fffffffe230) at openssl.c:396 #4 0x0000000000412b5d in main (Argc=7, Argv=0x7fffffffe230) at openssl.c:315 (gdb) disas Dump of assembler code for function d2i_PrivateKey_bio: 0x00007ffff78e1ee6 <+0>: push %rbp 0x00007ffff78e1ee7 <+1>: mov %rsp,%rbp 0x00007ffff78e1eea <+4>: mov %rdi,-0x8(%rbp) 0x00007ffff78e1eee <+8>: mov %rsi,-0x10(%rbp) => 0x00007ffff78e1ef2 <+12>: ud2 End of assembler dump. ------------------------------------------------------------------------ tcrl (p -> d) ls -l fff.p -rw-r--r-- 1 guido guido 938 Feb 13 02:59 fff.p (gdb) run crl -in fff.p -inform p -outform d >f.d Starting program: /usr/src/openssl-fips-1.2.3/apps/openssl crl -in fff.p -inform p -outform d >f.d Program received signal SIGILL, Illegal instruction. 0x00007ffff78d7354 in PEM_read_bio_X509_CRL (bp=0x6970e0, x=0x0, cb=0, u=0x0) at pem_all.c:145 145 IMPLEMENT_PEM_rw(X509_CRL, X509_CRL, PEM_STRING_X509_CRL, X509_CRL) (gdb) where #0 0x00007ffff78d7354 in PEM_read_bio_X509_CRL (bp=0x6970e0, x=0x0, cb=0, u=0x0) at pem_all.c:145 #1 0x000000000042b79e in load_crl (infile=0x7fffffffe57e "fff.p", format=3) at crl.c:413 #2 0x000000000042b02a in crl_main (argc=0, argv=0x7fffffffe268) at crl.c:233 #3 0x0000000000412eb7 in do_cmd (prog=0x691a80, argc=7, argv=0x7fffffffe230) at openssl.c:396 #4 0x0000000000412b5d in main (Argc=7, Argv=0x7fffffffe230) at openssl.c:315 (gdb) disas Dump of assembler code for function PEM_read_bio_X509_CRL: 0x00007ffff78d7340 <+0>: push %rbp 0x00007ffff78d7341 <+1>: mov %rsp,%rbp 0x00007ffff78d7344 <+4>: mov %rdi,-0x8(%rbp) 0x00007ffff78d7348 <+8>: mov %rsi,-0x10(%rbp) 0x00007ffff78d734c <+12>: mov %rdx,-0x18(%rbp) 0x00007ffff78d7350 <+16>: mov %rcx,-0x20(%rbp) => 0x00007ffff78d7354 <+20>: ud2 End of assembler dump. ------------------------------------------------------------------------ tcrl (p -> p) (gdb) run crl -in fff.p -inform p -outform p >f.p Starting program: /usr/src/openssl-fips-1.2.3/apps/openssl crl -in fff.p -inform p -outform p >f.p Program received signal SIGILL, Illegal instruction. 0x00007ffff78d7354 in PEM_read_bio_X509_CRL (bp=0x6970e0, x=0x0, cb=0, u=0x0) at pem_all.c:145 145 IMPLEMENT_PEM_rw(X509_CRL, X509_CRL, PEM_STRING_X509_CRL, X509_CRL) (gdb) where #0 0x00007ffff78d7354 in PEM_read_bio_X509_CRL (bp=0x6970e0, x=0x0, cb=0, u=0x0) at pem_all.c:145 #1 0x000000000042b79e in load_crl (infile=0x7fffffffe57e "fff.p", format=3) at crl.c:413 #2 0x000000000042b02a in crl_main (argc=0, argv=0x7fffffffe268) at crl.c:233 #3 0x0000000000412eb7 in do_cmd (prog=0x691a80, argc=7, argv=0x7fffffffe230) at openssl.c:396 #4 0x0000000000412b5d in main (Argc=7, Argv=0x7fffffffe230) at openssl.c:315 (gdb) disas Dump of assembler code for function PEM_read_bio_X509_CRL: 0x00007ffff78d7340 <+0>: push %rbp 0x00007ffff78d7341 <+1>: mov %rsp,%rbp 0x00007ffff78d7344 <+4>: mov %rdi,-0x8(%rbp) 0x00007ffff78d7348 <+8>: mov %rsi,-0x10(%rbp) 0x00007ffff78d734c <+12>: mov %rdx,-0x18(%rbp) 0x00007ffff78d7350 <+16>: mov %rcx,-0x20(%rbp) => 0x00007ffff78d7354 <+20>: ud2 End of assembler dump. ------------------------------------------------------------------------ tcrl (p -> d) ls -l f.p -rw-rw-r-- 1 guido guido 0 Feb 13 02:04 f.p (gdb) run crl -in f.p -inform p -outform d > ff.d3 Starting program: /usr/src/openssl-fips-1.2.3/apps/openssl crl -in f.p -inform p -outform d > ff.d3 Program received signal SIGILL, Illegal instruction. 0x00007ffff78d7354 in PEM_read_bio_X509_CRL (bp=0x6970e0, x=0x0, cb=0, u=0x0) at pem_all.c:145 145 IMPLEMENT_PEM_rw(X509_CRL, X509_CRL, PEM_STRING_X509_CRL, X509_CRL) (gdb) where #0 0x00007ffff78d7354 in PEM_read_bio_X509_CRL (bp=0x6970e0, x=0x0, cb=0, u=0x0) at pem_all.c:145 #1 0x000000000042b79e in load_crl (infile=0x7fffffffe580 "f.p", format=3) at crl.c:413 #2 0x000000000042b02a in crl_main (argc=0, argv=0x7fffffffe268) at crl.c:233 #3 0x0000000000412eb7 in do_cmd (prog=0x691a80, argc=7, argv=0x7fffffffe230) at openssl.c:396 #4 0x0000000000412b5d in main (Argc=7, Argv=0x7fffffffe230) at openssl.c:315 (gdb) disas Dump of assembler code for function PEM_read_bio_X509_CRL: 0x00007ffff78d7340 <+0>: push %rbp 0x00007ffff78d7341 <+1>: mov %rsp,%rbp 0x00007ffff78d7344 <+4>: mov %rdi,-0x8(%rbp) 0x00007ffff78d7348 <+8>: mov %rsi,-0x10(%rbp) 0x00007ffff78d734c <+12>: mov %rdx,-0x18(%rbp) 0x00007ffff78d7350 <+16>: mov %rcx,-0x20(%rbp) => 0x00007ffff78d7354 <+20>: ud2 End of assembler dump. ------------------------------------------------------------------------ testgen (req_new) (gdb) run req -config test.cnf -new -out testreq.pem Starting program: /usr/src/openssl-fips-1.2.3/apps/openssl req -config test.cnf -new -out testreq.pem Generating a 512 bit RSA private key ..................++++++++++++ .......++++++++++++ writing new private key to 'testkey.pem' ----- You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [AU]:AU State or Province Name (full name) [Queensland]: Locality Name (eg, city) []:Brisbane Organization Name (eg, company) []:CryptSoft Pty Ltd Organizational Unit Name (eg, section) []:. Common Name (eg, YOUR name) []:Eric Young Email Address []:e...@mincom.oz.au Program received signal SIGILL, Illegal instruction. 0x00007ffff78d7314 in PEM_write_bio_X509_REQ (bp=0x697030, x=0x696fd0) at pem_all.c:141 141 IMPLEMENT_PEM_rw(X509_REQ, X509_REQ, PEM_STRING_X509_REQ, X509_REQ) (gdb) where #0 0x00007ffff78d7314 in PEM_write_bio_X509_REQ (bp=0x697030, x=0x696fd0) at pem_all.c:141 #1 0x00000000004186b9 in req_main (argc=0, argv=0x7fffffffe260) at req.c:1144 #2 0x0000000000412eb7 in do_cmd (prog=0x691a80, argc=6, argv=0x7fffffffe230) at openssl.c:396 #3 0x0000000000412b5d in main (Argc=6, Argv=0x7fffffffe230) at openssl.c:315 (gdb) disas Dump of assembler code for function PEM_write_bio_X509_REQ: 0x00007ffff78d7308 <+0>: push %rbp 0x00007ffff78d7309 <+1>: mov %rsp,%rbp 0x00007ffff78d730c <+4>: mov %rdi,-0x8(%rbp) 0x00007ffff78d7310 <+8>: mov %rsi,-0x10(%rbp) => 0x00007ffff78d7314 <+12>: ud2 End of assembler dump. ------------------------------------------------------------------------ test_verify (gdb) run verify -CApath ../certs ../certs/*.pem Starting program: /usr/src/openssl-fips-1.2.3/apps/openssl verify -CApath ../certs ../certs/*.pem Program received signal SIGILL, Illegal instruction. 0x00007ffff78d7e80 in PEM_read_bio_X509_AUX (bp=0x697450, x=0x0, cb=0x447fa7 <password_callback>, u=0x0) at pem_xaux.c:68 68 IMPLEMENT_PEM_rw(X509_AUX, X509, PEM_STRING_X509_TRUSTED, X509_AUX) (gdb) where #0 0x00007ffff78d7e80 in PEM_read_bio_X509_AUX (bp=0x697450, x=0x0, cb=0x447fa7 <password_callback>, u=0x0) at pem_xaux.c:68 #1 0x0000000000448d4a in load_cert (err=0x677010, file=0x7fffffffe420 "../certs/aol1.pem", format=3, pass=0x0, e=0x0, cert_descrip=0x45bd75 "certificate file") at apps.c:821 #2 0x0000000000413e75 in check (ctx=0x696ec0, file=0x7fffffffe420 "../certs/aol1.pem", uchain=0x0, tchain=0x0, purpose=-1, e=0x0) at verify.c:245 #3 0x0000000000413c96 in verify_main (argc=19, argv=0x7fffffffe058) at verify.c:214 #4 0x0000000000412eb7 in do_cmd (prog=0x691a80, argc=22, argv=0x7fffffffe040) at openssl.c:396 #5 0x0000000000412b5d in main (Argc=22, Argv=0x7fffffffe040) at openssl.c:315 (gdb) disas Dump of assembler code for function PEM_read_bio_X509_AUX: 0x00007ffff78d7e6c <+0>: push %rbp 0x00007ffff78d7e6d <+1>: mov %rsp,%rbp 0x00007ffff78d7e70 <+4>: mov %rdi,-0x8(%rbp) 0x00007ffff78d7e74 <+8>: mov %rsi,-0x10(%rbp) 0x00007ffff78d7e78 <+12>: mov %rdx,-0x18(%rbp) 0x00007ffff78d7e7c <+16>: mov %rcx,-0x20(%rbp) => 0x00007ffff78d7e80 <+20>: ud2 End of assembler dump. ------------------------------------------------------------------------ testss (gdb) run req -config CAss.cnf -out reqCA.ss -keyout keyCA.ss -new Starting program: /usr/src/openssl-fips-1.2.3/apps/openssl req -config CAss.cnf -out reqCA.ss -keyout keyCA.ss -new Generating a 1024 bit RSA private key ..++++++ ......................++++++ writing new private key to 'keyCA.ss' ----- You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [AU]:AU Organization Name (eg, company) []:Dodgy Brothers Common Name (eg, YOUR name) []:Dodgy CA Program received signal SIGILL, Illegal instruction. 0x00007ffff78d7314 in PEM_write_bio_X509_REQ (bp=0x697040, x=0x69a0a0) at pem_all.c:141 141 IMPLEMENT_PEM_rw(X509_REQ, X509_REQ, PEM_STRING_X509_REQ, X509_REQ) (gdb) where #0 0x00007ffff78d7314 in PEM_write_bio_X509_REQ (bp=0x697040, x=0x69a0a0) at pem_all.c:141 #1 0x00000000004186b9 in req_main (argc=0, argv=0x7fffffffe250) at req.c:1144 #2 0x0000000000412eb7 in do_cmd (prog=0x691a80, argc=8, argv=0x7fffffffe210) at openssl.c:396 #3 0x0000000000412b5d in main (Argc=8, Argv=0x7fffffffe210) at openssl.c:315 (gdb) disas Dump of assembler code for function PEM_write_bio_X509_REQ: 0x00007ffff78d7308 <+0>: push %rbp 0x00007ffff78d7309 <+1>: mov %rsp,%rbp 0x00007ffff78d730c <+4>: mov %rdi,-0x8(%rbp) 0x00007ffff78d7310 <+8>: mov %rsi,-0x10(%rbp) => 0x00007ffff78d7314 <+12>: ud2 End of assembler dump. ------------------------------------------------------------------------ ------------------------------------------------------------------------ OpenSSL self-test report: OpenSSL version: 1.2 Last change: Add option --with-fipslibdir to specify location of fip... Options: --prefix=/usr --openssldir=/usr/lib64/openssl/fips-1.0 fipscanisterbuild no-asm no-camellia no-gmp no-krb5 no-mdc2 no-rc5 no-rfc3779 no-seed no-zlib no-zlib-dynamic OS (uname): Linux vortex 3.0.4 #3 SMP Tue Nov 15 03:02:52 CET 2011 x86_64 GNU/Linux OS (config): x86_64-whatever-linux2 Target (default): linux-x86_64 Target: linux-x86_64 Compiler: Using built-in specs. COLLECT_GCC=gcc COLLECT_LTO_WRAPPER=/usr/libexec/gcc/x86_64-unknown-linux-gnu/4.6.1/lto-wrapper Target: x86_64-unknown-linux-gnu Configured with: /usr/src/gcc-4.6.1/configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var --enable-lto --enable-shared --enable-threads --with-cpu=corei7 --with-arch=corei7 --with-tune=corei7 --with-fpmath=sse --enable-languages=c,c++,java,fortran --with-gmp --with-mpfr Thread model: posix gcc version 4.6.1 (GCC) Failure! [...] Some of the problems (x509), appear to be similar to a problem reported on the mailing list back in 2008: http://marc.info/?l=openssl-dev&m=122754206420842&w=2 Hope it helps. -- This email and any attachments are intended only for the person to which this email is addressed and may contain confidential and/or privileged information. If you received this email in error, please do not disclose the contents to anyone, but notify the sender immediately and delete this email (and any attachments) from your system. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
