[openssl] do not use AVX instructions when osxsave bit not set add direct known answer tests for SHA2 algorith
Tomáš Mráz
tmraz at fedoraproject.org
Thu Nov 3 09:18:58 UTC 2011
commit 6f65ffce68d9edbffaab9bdade2348af01909c87
Author: Tomas Mraz <tmraz at fedoraproject.org>
Date: Thu Nov 3 10:18:52 2011 +0100
do not use AVX instructions when osxsave bit not set
add direct known answer tests for SHA2 algorithms
openssl-1.0.0-sha2test.patch | 77 ++++++++++++++++++++++++++++++++++++++++
openssl-1.0.0d-intelopts.patch | 57 +++++++++++++----------------
openssl.spec | 8 ++++-
3 files changed, 109 insertions(+), 33 deletions(-)
---
diff --git a/openssl-1.0.0-sha2test.patch b/openssl-1.0.0-sha2test.patch
new file mode 100644
index 0000000..b8bd9e5
--- /dev/null
+++ b/openssl-1.0.0-sha2test.patch
@@ -0,0 +1,77 @@
+diff -up openssl-1.0.0/crypto/fips/fips.c.sha2test openssl-1.0.0/crypto/fips/fips.c
+--- openssl-1.0.0/crypto/fips/fips.c.sha2test 2011-09-12 15:07:42.000000000 +0200
++++ openssl-1.0.0/crypto/fips/fips.c 2011-09-26 11:03:17.000000000 +0200
+@@ -163,6 +163,7 @@ int FIPS_selftest()
+ {
+
+ return FIPS_selftest_sha1()
++ && FIPS_selftest_sha2()
+ && FIPS_selftest_hmac()
+ && FIPS_selftest_aes()
+ && FIPS_selftest_des()
+@@ -323,6 +324,8 @@ FIPSCHECK_verify(const char *libname, co
+ return 0;
+
+ hmacpath = make_hmac_path(path);
++ if (hmacpath == NULL)
++ return 0;
+
+ hf = fopen(hmacpath, "r");
+ if (hf == NULL) {
+@@ -627,6 +630,45 @@ int fips_cipher_test(EVP_CIPHER_CTX *ctx
+ return 1;
+ }
+
++static const unsigned char msg_sha256[] = { 0xfa, 0x48, 0x59, 0x2a, 0xe1, 0xae, 0x1f, 0x30,
++ 0xfc };
++static const unsigned char dig_sha256[] = { 0xf7, 0x26, 0xd8, 0x98, 0x47, 0x91, 0x68, 0x5b,
++ 0x9e, 0x39, 0xb2, 0x58, 0xbb, 0x75, 0xbf, 0x01,
++ 0x17, 0x0c, 0x84, 0x00, 0x01, 0x7a, 0x94, 0x83,
++ 0xf3, 0x0b, 0x15, 0x84, 0x4b, 0x69, 0x88, 0x8a };
++
++static const unsigned char msg_sha512[] = { 0x37, 0xd1, 0x35, 0x9d, 0x18, 0x41, 0xe9, 0xb7,
++ 0x6d, 0x9a, 0x13, 0xda, 0x5f, 0xf3, 0xbd };
++static const unsigned char dig_sha512[] = { 0x11, 0x13, 0xc4, 0x19, 0xed, 0x2b, 0x1d, 0x16,
++ 0x11, 0xeb, 0x9b, 0xbe, 0xf0, 0x7f, 0xcf, 0x44,
++ 0x8b, 0xd7, 0x57, 0xbd, 0x8d, 0xa9, 0x25, 0xb0,
++ 0x47, 0x25, 0xd6, 0x6c, 0x9a, 0x54, 0x7f, 0x8f,
++ 0x0b, 0x53, 0x1a, 0x10, 0x68, 0x32, 0x03, 0x38,
++ 0x82, 0xc4, 0x87, 0xc4, 0xea, 0x0e, 0xd1, 0x04,
++ 0xa9, 0x98, 0xc1, 0x05, 0xa3, 0xf3, 0xf8, 0xb1,
++ 0xaf, 0xbc, 0xd9, 0x78, 0x7e, 0xee, 0x3d, 0x43 };
++
++int FIPS_selftest_sha2(void)
++ {
++ unsigned char md[SHA512_DIGEST_LENGTH];
++
++ EVP_Digest(msg_sha256, sizeof(msg_sha256), md, NULL, EVP_sha256(), NULL);
++ if(memcmp(dig_sha256, md, sizeof(dig_sha256)))
++ {
++ FIPSerr(FIPS_F_FIPS_MODE_SET, FIPS_R_SELFTEST_FAILED);
++ return 0;
++ }
++
++ EVP_Digest(msg_sha512, sizeof(msg_sha512), md, NULL, EVP_sha512(), NULL);
++ if(memcmp(dig_sha512, md, sizeof(dig_sha512)))
++ {
++ FIPSerr(FIPS_F_FIPS_MODE_SET, FIPS_R_SELFTEST_FAILED);
++ return 0;
++ }
++
++ return 1;
++ }
++
+ #if 0
+ /* The purpose of this is to ensure the error code exists and the function
+ * name is to keep the error checking script quiet
+diff -up openssl-1.0.0/crypto/fips/fips.h.sha2test openssl-1.0.0/crypto/fips/fips.h
+--- openssl-1.0.0/crypto/fips/fips.h.sha2test 2011-09-12 15:07:42.000000000 +0200
++++ openssl-1.0.0/crypto/fips/fips.h 2011-09-26 11:00:55.000000000 +0200
+@@ -72,6 +72,7 @@ int FIPS_selftest_failed(void);
+ void FIPS_selftest_check(void);
+ void FIPS_corrupt_sha1(void);
+ int FIPS_selftest_sha1(void);
++int FIPS_selftest_sha2(void);
+ void FIPS_corrupt_aes(void);
+ int FIPS_selftest_aes(void);
+ void FIPS_corrupt_des(void);
diff --git a/openssl-1.0.0d-intelopts.patch b/openssl-1.0.0d-intelopts.patch
index 99957b3..6aba7b3 100644
--- a/openssl-1.0.0d-intelopts.patch
+++ b/openssl-1.0.0d-intelopts.patch
@@ -1,6 +1,6 @@
diff -up openssl-1.0.0d/crypto/aes/asm/aesni-x86.pl.intelopts openssl-1.0.0d/crypto/aes/asm/aesni-x86.pl
---- openssl-1.0.0d/crypto/aes/asm/aesni-x86.pl.intelopts 2011-08-24 12:36:33.000000000 +0200
-+++ openssl-1.0.0d/crypto/aes/asm/aesni-x86.pl 2011-08-24 12:36:34.000000000 +0200
+--- openssl-1.0.0d/crypto/aes/asm/aesni-x86.pl.intelopts 2011-08-24 12:50:55.000000000 +0200
++++ openssl-1.0.0d/crypto/aes/asm/aesni-x86.pl 2011-08-24 12:50:56.000000000 +0200
@@ -1,4 +1,4 @@
-#!/usr/bin/env perl
+#!/usr/bin/perl
@@ -1021,8 +1021,8 @@ diff -up openssl-1.0.0d/crypto/aes/asm/aesni-x86.pl.intelopts openssl-1.0.0d/cry
&$movekey ("xmm0",&QWP(0,$key)); # inverse middle
diff -up openssl-1.0.0d/crypto/aes/asm/aesni-x86_64.pl.intelopts openssl-1.0.0d/crypto/aes/asm/aesni-x86_64.pl
---- openssl-1.0.0d/crypto/aes/asm/aesni-x86_64.pl.intelopts 2011-08-24 12:36:33.000000000 +0200
-+++ openssl-1.0.0d/crypto/aes/asm/aesni-x86_64.pl 2011-08-24 12:36:34.000000000 +0200
+--- openssl-1.0.0d/crypto/aes/asm/aesni-x86_64.pl.intelopts 2011-08-24 12:50:55.000000000 +0200
++++ openssl-1.0.0d/crypto/aes/asm/aesni-x86_64.pl 2011-08-24 12:50:56.000000000 +0200
@@ -1,4 +1,4 @@
-#!/usr/bin/env perl
+#!/usr/bin/perl
@@ -2315,7 +2315,7 @@ diff -up openssl-1.0.0d/crypto/aes/asm/aesni-x86_64.pl.intelopts openssl-1.0.0d/
___
diff -up openssl-1.0.0d/crypto/cryptlib.c.intelopts openssl-1.0.0d/crypto/cryptlib.c
--- openssl-1.0.0d/crypto/cryptlib.c.intelopts 2010-11-19 01:11:27.000000000 +0100
-+++ openssl-1.0.0d/crypto/cryptlib.c 2011-08-24 12:36:33.000000000 +0200
++++ openssl-1.0.0d/crypto/cryptlib.c 2011-08-24 12:50:55.000000000 +0200
@@ -662,22 +662,23 @@ const char *CRYPTO_get_lock_name(int typ
defined(__x86_64) || defined(__x86_64__) || defined(_M_AMD64) || defined(_M_X64)
@@ -2344,8 +2344,8 @@ diff -up openssl-1.0.0d/crypto/cryptlib.c.intelopts openssl-1.0.0d/crypto/cryptl
* |(1<<10) sets a reserved bit to signal that variable
* was initialized already... This is to avoid interference
diff -up openssl-1.0.0d/crypto/engine/eng_aesni.c.intelopts openssl-1.0.0d/crypto/engine/eng_aesni.c
---- openssl-1.0.0d/crypto/engine/eng_aesni.c.intelopts 2011-08-24 12:36:33.000000000 +0200
-+++ openssl-1.0.0d/crypto/engine/eng_aesni.c 2011-08-24 12:36:33.000000000 +0200
+--- openssl-1.0.0d/crypto/engine/eng_aesni.c.intelopts 2011-08-24 12:50:55.000000000 +0200
++++ openssl-1.0.0d/crypto/engine/eng_aesni.c 2011-08-24 12:50:55.000000000 +0200
@@ -157,16 +157,20 @@ typedef unsigned __int64 IA32CAP;
typedef unsigned long long IA32CAP;
#endif
@@ -2373,8 +2373,8 @@ diff -up openssl-1.0.0d/crypto/engine/eng_aesni.c.intelopts openssl-1.0.0d/crypt
/* Register everything or return with an error */
diff -up openssl-1.0.0d/crypto/fips/fips_standalone_sha1.c.intelopts openssl-1.0.0d/crypto/fips/fips_standalone_sha1.c
---- openssl-1.0.0d/crypto/fips/fips_standalone_sha1.c.intelopts 2011-08-24 12:36:33.000000000 +0200
-+++ openssl-1.0.0d/crypto/fips/fips_standalone_sha1.c 2011-08-24 12:36:33.000000000 +0200
+--- openssl-1.0.0d/crypto/fips/fips_standalone_sha1.c.intelopts 2011-08-24 12:50:55.000000000 +0200
++++ openssl-1.0.0d/crypto/fips/fips_standalone_sha1.c 2011-08-24 12:50:55.000000000 +0200
@@ -62,6 +62,8 @@ void OPENSSL_cleanse(void *p,size_t len)
#ifdef OPENSSL_FIPS
@@ -2386,7 +2386,7 @@ diff -up openssl-1.0.0d/crypto/fips/fips_standalone_sha1.c.intelopts openssl-1.0
{
diff -up openssl-1.0.0d/crypto/perlasm/x86asm.pl.intelopts openssl-1.0.0d/crypto/perlasm/x86asm.pl
--- openssl-1.0.0d/crypto/perlasm/x86asm.pl.intelopts 2008-12-17 20:56:47.000000000 +0100
-+++ openssl-1.0.0d/crypto/perlasm/x86asm.pl 2011-08-24 12:36:34.000000000 +0200
++++ openssl-1.0.0d/crypto/perlasm/x86asm.pl 2011-08-24 12:50:56.000000000 +0200
@@ -1,4 +1,4 @@
-#!/usr/bin/env perl
+#!/usr/bin/perl
@@ -2453,7 +2453,7 @@ diff -up openssl-1.0.0d/crypto/perlasm/x86asm.pl.intelopts openssl-1.0.0d/crypto
$label="000";
diff -up openssl-1.0.0d/crypto/perlasm/x86gas.pl.intelopts openssl-1.0.0d/crypto/perlasm/x86gas.pl
--- openssl-1.0.0d/crypto/perlasm/x86gas.pl.intelopts 2008-12-17 20:56:47.000000000 +0100
-+++ openssl-1.0.0d/crypto/perlasm/x86gas.pl 2011-08-24 12:36:34.000000000 +0200
++++ openssl-1.0.0d/crypto/perlasm/x86gas.pl 2011-08-24 12:50:56.000000000 +0200
@@ -1,4 +1,4 @@
-#!/usr/bin/env perl
+#!/usr/bin/perl
@@ -2487,7 +2487,7 @@ diff -up openssl-1.0.0d/crypto/perlasm/x86gas.pl.intelopts openssl-1.0.0d/crypto
sub ::align
diff -up openssl-1.0.0d/crypto/perlasm/x86_64-xlate.pl.intelopts openssl-1.0.0d/crypto/perlasm/x86_64-xlate.pl
--- openssl-1.0.0d/crypto/perlasm/x86_64-xlate.pl.intelopts 2010-10-10 23:14:17.000000000 +0200
-+++ openssl-1.0.0d/crypto/perlasm/x86_64-xlate.pl 2011-08-24 12:36:34.000000000 +0200
++++ openssl-1.0.0d/crypto/perlasm/x86_64-xlate.pl 2011-08-24 12:50:56.000000000 +0200
@@ -1,4 +1,4 @@
-#!/usr/bin/env perl
+#!/usr/bin/perl
@@ -2781,8 +2781,8 @@ diff -up openssl-1.0.0d/crypto/perlasm/x86_64-xlate.pl.intelopts openssl-1.0.0d/
printf "\t%s",$opcode->out();
}
diff -up openssl-1.0.0d/crypto/rc4/asm/rc4-x86_64.pl.intelopts openssl-1.0.0d/crypto/rc4/asm/rc4-x86_64.pl
---- openssl-1.0.0d/crypto/rc4/asm/rc4-x86_64.pl.intelopts 2011-08-24 12:36:33.000000000 +0200
-+++ openssl-1.0.0d/crypto/rc4/asm/rc4-x86_64.pl 2011-08-24 12:49:09.000000000 +0200
+--- openssl-1.0.0d/crypto/rc4/asm/rc4-x86_64.pl.intelopts 2011-08-24 12:50:55.000000000 +0200
++++ openssl-1.0.0d/crypto/rc4/asm/rc4-x86_64.pl 2011-08-24 12:50:56.000000000 +0200
@@ -1,4 +1,4 @@
-#!/usr/bin/env perl
+#!/usr/bin/perl
@@ -3229,8 +3229,8 @@ diff -up openssl-1.0.0d/crypto/rc4/asm/rc4-x86_64.pl.intelopts openssl-1.0.0d/cr
print $code;
diff -up openssl-1.0.0d/crypto/rc4/asm/rc4-586.pl.intelopts openssl-1.0.0d/crypto/rc4/asm/rc4-586.pl
---- openssl-1.0.0d/crypto/rc4/asm/rc4-586.pl.intelopts 2011-08-24 12:36:33.000000000 +0200
-+++ openssl-1.0.0d/crypto/rc4/asm/rc4-586.pl 2011-08-24 12:50:40.000000000 +0200
+--- openssl-1.0.0d/crypto/rc4/asm/rc4-586.pl.intelopts 2011-08-24 12:50:55.000000000 +0200
++++ openssl-1.0.0d/crypto/rc4/asm/rc4-586.pl 2011-08-24 12:50:56.000000000 +0200
@@ -1,4 +1,4 @@
-#!/usr/bin/env perl
+#!/usr/bin/perl
@@ -3449,7 +3449,7 @@ diff -up openssl-1.0.0d/crypto/rc4/asm/rc4-586.pl.intelopts openssl-1.0.0d/crypt
&function_end_B("RC4_options");
diff -up openssl-1.0.0d/crypto/sha/asm/sha1-x86_64.pl.intelopts openssl-1.0.0d/crypto/sha/asm/sha1-x86_64.pl
--- openssl-1.0.0d/crypto/sha/asm/sha1-x86_64.pl.intelopts 2010-01-17 17:58:56.000000000 +0100
-+++ openssl-1.0.0d/crypto/sha/asm/sha1-x86_64.pl 2011-08-24 12:36:34.000000000 +0200
++++ openssl-1.0.0d/crypto/sha/asm/sha1-x86_64.pl 2011-08-24 12:50:56.000000000 +0200
@@ -1,4 +1,4 @@
-#!/usr/bin/env perl
+#!/usr/bin/perl
@@ -4765,7 +4765,7 @@ diff -up openssl-1.0.0d/crypto/sha/asm/sha1-x86_64.pl.intelopts openssl-1.0.0d/c
diff -up openssl-1.0.0d/crypto/sha/asm/sha1-586.pl.intelopts openssl-1.0.0d/crypto/sha/asm/sha1-586.pl
--- openssl-1.0.0d/crypto/sha/asm/sha1-586.pl.intelopts 2008-07-17 11:50:56.000000000 +0200
-+++ openssl-1.0.0d/crypto/sha/asm/sha1-586.pl 2011-08-24 12:36:34.000000000 +0200
++++ openssl-1.0.0d/crypto/sha/asm/sha1-586.pl 2011-08-24 12:50:56.000000000 +0200
@@ -1,4 +1,4 @@
-#!/usr/bin/env perl
+#!/usr/bin/perl
@@ -5972,7 +5972,7 @@ diff -up openssl-1.0.0d/crypto/sha/asm/sha1-586.pl.intelopts openssl-1.0.0d/cryp
&asm_finish();
diff -up openssl-1.0.0d/crypto/x86cpuid.pl.intelopts openssl-1.0.0d/crypto/x86cpuid.pl
--- openssl-1.0.0d/crypto/x86cpuid.pl.intelopts 2010-02-12 18:02:12.000000000 +0100
-+++ openssl-1.0.0d/crypto/x86cpuid.pl 2011-08-24 12:36:34.000000000 +0200
++++ openssl-1.0.0d/crypto/x86cpuid.pl 2011-11-03 09:55:42.000000000 +0100
@@ -1,4 +1,4 @@
-#!/usr/bin/env perl
+#!/usr/bin/perl
@@ -6021,7 +6021,7 @@ diff -up openssl-1.0.0d/crypto/x86cpuid.pl.intelopts openssl-1.0.0d/crypto/x86cp
&set_label("intel");
&cmp ("edi",4);
-@@ -85,27 +92,52 @@ for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA3
+@@ -85,27 +92,45 @@ for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA3
&set_label("nocacheinfo");
&mov ("eax",1);
&cpuid ();
@@ -6059,20 +6059,13 @@ diff -up openssl-1.0.0d/crypto/x86cpuid.pl.intelopts openssl-1.0.0d/crypto/x86cp
+ &mov ("esi","edx");
+ &or ("ebp","ecx"); # merge AMD XOP flag
+
-+ &bt ("ecx",26); # check XSAVE bit
-+ &jnc (&label("done"));
+ &bt ("ecx",27); # check OSXSAVE bit
-+ &jnc (&label("clear_xmm"));
-+ &xor ("ecx","ecx");
++ &jnc (&label("clear_avx"));
++ &xor ("ecx","ecx"); # XCR0
+ &data_byte(0x0f,0x01,0xd0); # xgetbv
-+ &and ("eax",6);
++ &and ("eax",6); # isolate XMM and YMM state support
+ &cmp ("eax",6);
+ &je (&label("done"));
-+ &cmp ("eax",2);
-+ &je (&label("clear_avx"));
-+&set_label("clear_xmm");
-+ &and ("ebp",0xfdfffffd); # clear AESNI and PCLMULQDQ bits
-+ &and ("esi",0xfeffffff); # clear FXSR
+&set_label("clear_avx");
+ &and ("ebp",0xefffe7ff); # clear AVX, FMA and AMD XOP bits
&set_label("done");
@@ -6083,7 +6076,7 @@ diff -up openssl-1.0.0d/crypto/x86cpuid.pl.intelopts openssl-1.0.0d/crypto/x86cp
&function_end("OPENSSL_ia32_cpuid");
&external_label("OPENSSL_ia32cap_P");
-@@ -199,8 +231,9 @@ for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA3
+@@ -199,8 +224,9 @@ for (@ARGV) { $sse2=1 if (/-DOPENSSL_IA3
&bt (&DWP(0,"ecx"),1);
&jnc (&label("no_x87"));
if ($sse2) {
@@ -6097,7 +6090,7 @@ diff -up openssl-1.0.0d/crypto/x86cpuid.pl.intelopts openssl-1.0.0d/crypto/x86cp
&pxor ("xmm2","xmm2");
diff -up openssl-1.0.0d/crypto/x86_64cpuid.pl.intelopts openssl-1.0.0d/crypto/x86_64cpuid.pl
--- openssl-1.0.0d/crypto/x86_64cpuid.pl.intelopts 2010-04-14 21:25:09.000000000 +0200
-+++ openssl-1.0.0d/crypto/x86_64cpuid.pl 2011-08-24 12:36:34.000000000 +0200
++++ openssl-1.0.0d/crypto/x86_64cpuid.pl 2011-08-24 12:50:56.000000000 +0200
@@ -1,4 +1,4 @@
-#!/usr/bin/env perl
+#!/usr/bin/perl
diff --git a/openssl.spec b/openssl.spec
index 2a3ce57..bd07689 100644
--- a/openssl.spec
+++ b/openssl.spec
@@ -21,7 +21,7 @@
Summary: A general purpose cryptography library with TLS implementation
Name: openssl
Version: 1.0.0e
-Release: 2%{?dist}
+Release: 3%{?dist}
# We remove certain patented algorithms from the openssl source tarball
# with the hobble-openssl script which is included below.
Source: openssl-%{version}-usa.tar.bz2
@@ -76,6 +76,7 @@ Patch62: openssl-1.0.0-fips-aesni.patch
Patch63: openssl-1.0.0d-xmpp-starttls.patch
Patch64: openssl-1.0.0d-intelopts.patch
Patch65: openssl-1.0.0e-chil-fixes.patch
+Patch66: openssl-1.0.0-sha2test.patch
# Backported fixes including security fixes
Patch81: openssl-1.0.0d-padlock64.patch
@@ -173,6 +174,7 @@ from other formats to the formats used by the OpenSSL toolkit.
%patch63 -p1 -b .starttls
%patch64 -p1 -b .intelopts
%patch65 -p1 -b .chil
+%patch66 -p1 -b .sha2test
%patch81 -p1 -b .padlock64
@@ -424,6 +426,10 @@ rm -rf $RPM_BUILD_ROOT/%{_libdir}/fipscanister.*
%postun -p /sbin/ldconfig
%changelog
+* Thu Nov 3 2011 Tomas Mraz <tmraz at redhat.com> 1.0.0e-3
+- do not use AVX instructions when osxsave bit not set
+- add direct known answer tests for SHA2 algorithms
+
* Wed Sep 21 2011 Tomas Mraz <tmraz at redhat.com> 1.0.0e-2
- fix missing initialization of variable in CHIL engine
More information about the scm-commits
mailing list