Date: Sun, 05 Mar 2017 00:02:34 +0000 From: Andrew Gierth <andrew@tao11.riddles.org.uk> To: Mark Millard <markmi@dsl-only.net> Cc: "freebsd-arm\@freebsd.org" <freebsd-arm@freebsd.org> Subject: Re: Is CPUTYPE=cortex-A7 supposed to work? Message-ID: <87lgsk1udz.fsf@news-spur.riddles.org.uk> In-Reply-To: <644D1F49-BF5D-409D-BFC4-4F7E6E73085B@dsl-only.net> (Mark Millard's message of "Sat, 4 Mar 2017 15:32:52 -0800") References: <871suc3nv8.fsf@news-spur.riddles.org.uk> <CANCZdfq4EwH%2B_9FVNai8s6Y-gdTjHJ8dNkJwSrnF%2BSAkdwvYdg@mail.gmail.com> <87tw7820fc.fsf@news-spur.riddles.org.uk> <644D1F49-BF5D-409D-BFC4-4F7E6E73085B@dsl-only.net>
next in thread | previous in thread | raw e-mail | index | archive | help
>>>>> "Mark" == Mark Millard <markmi@dsl-only.net> writes: Mark> Trying (1) on a bpim3 with head instead (still clang 3.9.1 Mark> based), I get such notices for: Mark> Doing 512 bit public rsa's for 10s: RSA verify failure Mark> Doing 2048 bit public rsa's for 10s: RSA verify failure Mark> Doing 4096 bit public rsa's for 10s: RSA verify failure Mark> I also get: Mark> Doing 512 bit sign dsa's for 10s: 10527 512 bit DSA signs in 10.09s Mark> DSA verify failure. No DSA verify will be done. Mark> Doing 1024 bit sign dsa's for 10s: 4035 1024 bit DSA signs in 10.02s Mark> Doing 1024 bit verify dsa's for 10s: DSA verify failure Mark> 1 1024 bit DSA verify in 10.00s Mark> Doing 2048 bit sign dsa's for 10s: 1239 2048 bit DSA signs in 10.07s Mark> DSA verify failure. No DSA verify will be done. Mark> Doing 409 bit verify ecdsa's for 10s: ECDSA verify failure Mark> 1 409 bit ECDSA verify in 10.02s Yes, that seems identical to what I got. Just to be clear: what compile options is that with? But I'm not convinced this is a problem in openssl (rather than somewhere else). Here's why: 1. When looking at git, I tried logging the input and output of all the SHA1 calls, and replaying them through a test program that called the same openssl functions on the same data (with the same alignment); the test program always got the correct hashes, even for cases where the logged data showed that the hash had been computed incorrectly 2. Running openssl speed under gdb with a conditional breakpoint set to look for padding failures stops the error from occurring at all (!). 3. The errors aren't consistent at all. For example, sometimes I run openssl speed rsa512 and it succeeds without error. When testing with git, the failures were not always at the same place. -- Andrew.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?87lgsk1udz.fsf>