Hi,
xmm6 and xmm7 registers are not correctly restored on bn_scatter5 return.
The diff was generated using git HEAD.
I am using openssl-1.0.1e that contains the bug. On openssl git logs it
appears the bug is present since the first commit when bn_scatter5 was
implemented.
regards,
Oscar
diff --git a/crypto/bn/asm/x86_64-mont5.pl b/crypto/bn/asm/x86_64-mont5.pl
index 508564f..9325737 100755
--- a/crypto/bn/asm/x86_64-mont5.pl
+++ b/crypto/bn/asm/x86_64-mont5.pl
@@ -1327,8 +1327,8 @@ $code.=<<___;
jnz .Lgather
___
$code.=<<___ if ($win64);
- movaps %xmm6,(%rsp)
- movaps %xmm7,0x10(%rsp)
+ movaps (%rsp),%xmm6
+ movaps 0x10(%rsp),%xmm7
lea 0x28(%rsp),%rsp
___
$code.=<<___;
__
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majord...@openssl.org