On 12/19/2012 5:15 AM, Bill Durant wrote:
Hello:Is it not possible to build a FIPS-capable OpenSSL with assembly language optimization enabled in the fipscanister that works under non-SSE2 capable processors? On SUSE Linux Enterprise Server 10, I have built the fipscanister with assembly language optimization enabled as follows: ./config fipscanisterbuild Next I built a FIPS-capable OpenSSL using this fipscanister. And then I built a simple application that just calls FIPS_mode_set(1) to enable FIPS mode. When I run that app on a system with a processor that lacks support for the SSE2 instruction set, I get the following error: SSL: 0:755466380:fips.c:319:0:error:2D07808C:lib(45):func(120):reason(140) But when I build the fipcanister *without* assembly language optimization enabled as follows: ./config fipscanisterbuild no-asm The same app works fine and FIPS mode can be enabled. Per code inspection of the OpenSSL sources, it appears like the following code is the one that prevents FIPS enabling (in fips/fips.c): #ifdef OPENSSL_IA32_SSE2 { extern unsigned int OPENSSL_ia32cap_P[2]; if ((OPENSSL_ia32cap_P[0] & (1<<25|1<<26)) != (1<<25|1<<26)) { FIPSerr(FIPS_F_FIPS_MODULE_MODE_SET,FIPS_R_UNSUPPORTED_PLATFORM); fips_selftest_fail = 1; ret = 0; goto end; } OPENSSL_ia32cap_P[0] |= (1<<28); /* set "shared cache" */ OPENSSL_ia32cap_P[1] &= ~(1<<(60-32)); /* clear AVX */ } #endif And BTW, building the FIPS-capble OpenSSL with the no-sse2 option as follows does not fix the issue: ./config fips --prefix=$FIPSDIR no-sse2 no-idea no-mdc2 no-rc5 shared The problem is with the fipscanister itself. It needs to be built with assembly language optimization disabled in order to get into FIPS mode under non-SSE2 processors. So how to build a FIPS-capable OpenSSL with assembly language optimization enabled in the fipscanister that works under non-SSE2 capable processors? Is that not possible?
I don't know, and I am a bit scared to hear this, as the programs I link with (non-FIPS) OpenSSL are intended to work on all x86 CPUs.
I though the basic OpenSSL code had runtime checks for SSE2 availability and would then use different code paths/implementation
subroutines accordingly. It would be deeply ironic if the least changeable OpenSSL binary (the fipscanister) lacked this basic test. Enjoy Jakob -- Jakob Bohm, CIO, Partner, WiseMo A/S. http://www.wisemo.com Transformervej 29, 2730 Herlev, Denmark. Direct +45 31 13 16 10 This public discussion message is non-binding and may contain errors. WiseMo - Remote Service Management for PCs, Phones and Embedded ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
