The full output of fips_test_suite post is below. I tried changing AESNI_CAPABLE to 0 as you suggested, and all tests now succeed, as Ken also experienced.
Here's the output of fips_test_suite: POST started DRBG AES-128-CTR DF test started DRBG AES-128-CTR DF test OK DRBG AES-192-CTR DF test started DRBG AES-192-CTR DF test OK DRBG AES-256-CTR DF test started DRBG AES-256-CTR DF test OK DRBG AES-128-CTR test started DRBG AES-128-CTR test OK DRBG AES-192-CTR test started DRBG AES-192-CTR test OK DRBG AES-256-CTR test started DRBG AES-256-CTR test OK DRBG SHA1 test started DRBG SHA1 test OK DRBG SHA224 test started DRBG SHA224 test OK DRBG SHA256 test started DRBG SHA256 test OK DRBG SHA384 test started DRBG SHA384 test OK DRBG SHA512 test started DRBG SHA512 test OK X9.31 PRNG keylen=16 test started X9.31 PRNG keylen=16 test OK X9.31 PRNG keylen=24 test started X9.31 PRNG keylen=24 test OK X9.31 PRNG keylen=32 test started X9.31 PRNG keylen=32 test OK Digest SHA1 test started Digest SHA1 test OK Digest SHA1 test started Digest SHA1 test OK Digest SHA1 test started Digest SHA1 test OK HMAC SHA1 test started HMAC SHA1 test OK HMAC SHA224 test started HMAC SHA224 test OK HMAC SHA256 test started HMAC SHA256 test OK HMAC SHA384 test started HMAC SHA384 test OK HMAC SHA512 test started HMAC SHA512 test OK CMAC AES-128-CBC test started CMAC AES-128-CBC test OK CMAC AES-192-CBC test started CMAC AES-192-CBC test OK CMAC AES-256-CBC test started CMAC AES-256-CBC test OK CMAC DES-EDE3-CBC test started CMAC DES-EDE3-CBC test OK Cipher AES-128-ECB test started Cipher AES-128-ECB test OK CCM test started CCM test FAILED!! ERROR:2D091086:lib=45,func=145,reason=134:file=.\fips\aes\fips_aes_selftest.c:line=194 GCM test started GCM test OK XTS AES-128-XTS test started XTS AES-128-XTS test OK XTS AES-256-XTS test started XTS AES-256-XTS test OK Cipher DES-EDE3-ECB test started Cipher DES-EDE3-ECB test OK Cipher DES-EDE3-ECB test started Cipher DES-EDE3-ECB test OK Signature RSA test started Signature RSA test OK Signature ECDSA test started Signature ECDSA test OK Signature ECDSA test started Signature ECDSA test OK Signature DSA test started Signature DSA test OK POST Failed Power-up self test failed On Fri, Aug 5, 2011 at 4:08 AM, Dr. Stephen Henson <st...@openssl.org>wrote: > On Thu, Aug 04, 2011, Tyrel Haveman wrote: > > > Is there someone in particular who would be optimal to look into this? I > > have no knowledge of the code or algorithm in question here. > > > > What happens if you do: > > fips_test_suite post > > Please send the full output. > > Also temporarily in e_aes.c try changing the line: > > #define AESNI_CAPABLE (1<<(57-32)) > > to: > > #define AESNI_CAPABLE 0 > > and see if you still get that error. > > Steve. > -- > Dr Stephen N. Henson. OpenSSL project core developer. > Commercial tech support now available see: http://www.openssl.org > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > Development Mailing List openssl-dev@openssl.org > Automated List Manager majord...@openssl.org >