On Tue, Dec 18, 2012 at 11:15 PM, Bill Durant <cipherte...@gmail.com> wrote:
> Is it not possible to build a FIPS-capable OpenSSL with assembly language
> optimization enabled in the fipscanister that works under non-SSE2 capable
> processors?
>
> On SUSE Linux Enterprise Server 10, I have built the fipscanister with
> assembly language optimization enabled as follows:
>
> ./config fipscanisterbuild
>
> Next I built a FIPS-capable OpenSSL using this fipscanister.
>
> And then I built a simple application that just calls FIPS_mode_set(1) to
> enable FIPS mode.
>
> When I run that app on a system with a processor that lacks support for the
> SSE2 instruction set, I get the following error:
>
> SSL:
> 0:755466380:fips.c:319:0:error:2D07808C:lib(45):func(120):reason(140)
>
> But when I build the fipcanister *without* assembly language optimization
> enabled as follows:
>
> ./config fipscanisterbuild no-asm
>
> The same app works fine and FIPS mode can be enabled.
>
> Per code inspection of the OpenSSL sources, it appears like the following
> code is the one that prevents FIPS enabling (in fips/fips.c):
>
> #ifdef OPENSSL_IA32_SSE2
> {
> extern unsigned int OPENSSL_ia32cap_P[2];
> if ((OPENSSL_ia32cap_P[0] & (1<<25|1<<26)) != (1<<25|1<<26))
> {
> FIPSerr(FIPS_F_FIPS_MODULE_MODE_SET,FIPS_R_UNSUPPORTED_PLATFORM);
> fips_selftest_fail = 1;
> ret = 0;
> goto end;
> }
> OPENSSL_ia32cap_P[0] |= (1<<28); /* set "shared cache" */
> OPENSSL_ia32cap_P[1] &= ~(1<<(60-32)); /* clear AVX */
> }
> #endif
>
> And BTW, building the FIPS-capble OpenSSL with the no-sse2 option as follows
> does not fix the issue:
>
> ./config fips --prefix=$FIPSDIR no-sse2 no-idea no-mdc2 no-rc5 shared
>
> The problem is with the fipscanister itself. It needs to be built with
> assembly language optimization disabled in order to get into FIPS mode under
> non-SSE2 processors.
>
> So how to build a FIPS-capable OpenSSL with assembly language optimization
> enabled in the fipscanister that works under non-SSE2 capable processors?
>
> Is that not possible?
No (first question); Yes (second question) (if I count questions
correctly). From the User Guide 2.0 (page 24-25):
Note that for x86 there are three possible optimization levels:
1. No optimization (plain C)
2. SSE2 optimization
3. AES-NI+PCLMULQDQ+SSSE3 optimization
Note that other theoretically possible combinations (e.g. AES-NI only,
or SSE3 only) are not enabled individually15, so that a processor
which does not support all three of AES-NI, PCLMULQDQ, and SSSE3 will
fall back to using only SSE2 optimization.
Jeff
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
