Debug riscv64 SM2 regression

Author: bernd-edlinger

.github/workflows/cross-compiles.yml

@@ -210,7 +210,7 @@ jobs:
       if: github.event_name == 'push' && matrix.platform.tests == ''
       run: |
         .github/workflows/make-test \
-                  TESTS="-test_afalg" \
+                  TESTS="test_internal_ec" V=1 \
                   QEMU_LD_PREFIX=/usr/${{ matrix.platform.arch }}
     - name: make some tests
       if: github.event_name == 'push' && matrix.platform.tests != 'none' && matrix.platform.tests != ''

crypto/bn/bn_exp.c

@@ -309,6 +309,20 @@ int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
     return ret;
 }
 
+#ifndef OPENSSL_NO_STDIO
+extern int debug;
+int debug = 0;
+#ifdef FIPS_MODULE
+int BN_print_fp(FILE *fp, const BIGNUM *a)
+{
+    char *hex = BN_bn2hex(a);
+    fprintf(fp, "%s", hex);
+    OPENSSL_free(hex);
+    return 0;
+}
+#endif
+#endif
+
 int BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
                     const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *in_mont)
 {
@@ -337,6 +351,10 @@ int BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
     }
 
     bits = BN_num_bits(p);
+#ifndef OPENSSL_NO_STDIO
+    if (debug > 0)
+        printf("bits=%d\n", bits);
+#endif
     if (bits == 0) {
         /* x**0 mod 1, or x**0 mod -1 is still zero. */
         if (BN_abs_is_word(m, 1)) {
@@ -374,6 +392,13 @@ int BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,
         aa = val[0];
     } else
         aa = a;
+#ifndef OPENSSL_NO_STDIO
+    if (debug > 0) {
+        printf("aa=");
+        BN_print_fp(stdout, aa);
+        printf("\n");
+    }
+#endif
     if (!bn_to_mont_fixed_top(val[0], aa, mont, ctx))
         goto err;               /* 1 */
 

crypto/ec/ecp_mont.c

@@ -227,6 +227,15 @@ int ossl_ec_GFp_mont_field_inv(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a
     BN_CTX *new_ctx = NULL;
     int ret = 0;
 
+#ifndef OPENSSL_NO_STDIO
+    extern int debug;
+    if (group->meth->field_type == NID_X9_62_prime_field && debug == 0)
+        debug = 1;
+    else if (debug > 0)
+        debug = -1;
+    if (debug > 0)
+        printf("in ossl_ec_GFp_mont_field_inv\n");
+#endif
     if (group->field_data1 == NULL)
         return 0;
 
@@ -243,13 +252,30 @@ int ossl_ec_GFp_mont_field_inv(const EC_GROUP *group, BIGNUM *r, const BIGNUM *a
         goto err;
     if (!BN_sub(e, group->field, e))
         goto err;
+#ifndef OPENSSL_NO_STDIO
+    if (debug > 0) {
+        printf("a=");
+        BN_print_fp(stdout, a);
+        printf("\ne=");
+        BN_print_fp(stdout, e);
+        printf("\n");
+    }
+#endif
     /*-
      * Exponent e is public.
      * No need for scatter-gather or BN_FLG_CONSTTIME.
      */
     if (!BN_mod_exp_mont(r, a, e, group->field, ctx, group->field_data1))
         goto err;
 
+#ifndef OPENSSL_NO_STDIO
+    if (debug > 0) {
+        printf("r=");
+        BN_print_fp(stdout, r);
+        printf("\n");
+        debug = -1;
+    }
+#endif
     /* throw an error on zero */
     if (BN_is_zero(r)) {
         ERR_raise(ERR_LIB_EC, EC_R_CANNOT_INVERT);

crypto/ec/ecp_smpl.c

@@ -1387,6 +1387,15 @@ int ossl_ec_GFp_simple_field_inv(const EC_GROUP *group, BIGNUM *r,
     BN_CTX *new_ctx = NULL;
     int ret = 0;
 
+#ifndef OPENSSL_NO_STDIO
+    extern int debug;
+    if (group->meth->field_type == NID_X9_62_prime_field && debug == 0)
+        debug = 1;
+    else if (debug > 0)
+        debug = -1;
+    if (debug > 0)
+        printf("in ossl_ec_GFp_simple_field_inv\n");
+#endif
     if (ctx == NULL
             && (ctx = new_ctx = BN_CTX_secure_new_ex(group->libctx)) == NULL)
         return 0;
@@ -1400,17 +1409,48 @@ int ossl_ec_GFp_simple_field_inv(const EC_GROUP *group, BIGNUM *r,
         goto err;
     } while (BN_is_zero(e));
 
+#ifndef OPENSSL_NO_STDIO
+    if (debug > 0) {
+        printf("a=");
+        BN_print_fp(stdout, a);
+        printf("\ne=");
+        BN_print_fp(stdout, e);
+        printf("\n");
+    }
+#endif
     /* r := a * e */
     if (!group->meth->field_mul(group, r, a, e, ctx))
         goto err;
+#ifndef OPENSSL_NO_STDIO
+    if (debug > 0) {
+        printf("a*e=");
+        BN_print_fp(stdout, r);
+        printf("\n");
+    }
+#endif
     /* r := 1/(a * e) */
     if (!BN_mod_inverse(r, r, group->field, ctx)) {
         ERR_raise(ERR_LIB_EC, EC_R_CANNOT_INVERT);
         goto err;
     }
+#ifndef OPENSSL_NO_STDIO
+    if (debug > 0) {
+        printf("1/(a*e)=");
+        BN_print_fp(stdout, r);
+        printf("\n");
+    }
+#endif
     /* r := e/(a * e) = 1/a */
     if (!group->meth->field_mul(group, r, r, e, ctx))
         goto err;
+#ifndef OPENSSL_NO_STDIO
+    if (debug > 0) {
+        printf("r=");
+        BN_print_fp(stdout, r);
+        printf("\n");
+        debug = -1;
+    }
+#endif
 
     ret = 1;
 

test/ec_internal_test.c

@@ -72,6 +72,7 @@ static int group_field_tests(const EC_GROUP *group, BN_CTX *ctx)
     return ret;
 }
 
+#if 0
 /* wrapper for group_field_tests for explicit curve params and EC_METHOD */
 static int field_tests(const EC_METHOD *meth, const unsigned char *params,
                        int len)
@@ -214,6 +215,7 @@ static int field_tests_ec2_simple(void)
                        sizeof(params_b283) / 3);
 }
 #endif
+#endif
 
 /* test default method for a named curve */
 static int field_tests_default(int n)
@@ -239,6 +241,7 @@ static int field_tests_default(int n)
     return ret;
 }
 
+#if 0
 #ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
 /*
  * Tests a point known to cause an incorrect underflow in an old version of
@@ -545,6 +548,7 @@ static int named_group_creation_test(void)
     EC_GROUP_free(group);
     return ret;
 }
+#endif
 
 int setup_tests(void)
 {
@@ -553,25 +557,14 @@ int setup_tests(void)
         || !TEST_true(EC_get_builtin_curves(curves, crv_len)))
         return 0;
 
-    ADD_TEST(field_tests_ecp_simple);
-    ADD_TEST(field_tests_ecp_mont);
-#ifndef OPENSSL_NO_EC2M
-    ADD_TEST(ec2m_field_sanity);
-    ADD_TEST(field_tests_ec2_simple);
-#endif
-    ADD_ALL_TESTS(field_tests_default, (int)crv_len);
-#ifndef OPENSSL_NO_EC_NISTP_64_GCC_128
-    ADD_TEST(underflow_test);
-#endif
-    ADD_TEST(set_private_key);
-    ADD_TEST(decoded_flag_test);
-    ADD_ALL_TESTS(ecpkparams_i2d2i_test, (int)crv_len);
-    ADD_TEST(named_group_creation_test);
+    curves += crv_len - 1;
+    ADD_ALL_TESTS(field_tests_default, 1);
 
     return 1;
 }
 
 void cleanup_tests(void)
 {
+    curves -= crv_len - 1;
     OPENSSL_free(curves);
 }

test/recipes/80-test_ssl_old.t

@@ -79,9 +79,9 @@ my $client_sess="client.ss";
 # If you're adding tests here, you probably want to convert them to the
 # new format in ssl_test.c and add recipes to 80-test_ssl_new.t instead.
 plan tests =>
-   ($no_fips ? 0 : 7)     # testssl with fips provider
+   ($no_fips ? 0 : 6)     # testssl with fips provider
     + 1                   # For testss
-    + 5                   # For the testssl with default provider
+    + 4                   # For the testssl with default provider
     + 1                   # For security level 0 failure tests
     ;
 
@@ -499,6 +499,7 @@ sub testssl {
         }
     };
 
+    if (0) {
     subtest "Testing ciphersuites" => sub {
 
         my @exkeys = ();
@@ -598,6 +599,7 @@ sub testssl {
             }
         }
     };
+    }
 
     subtest 'SSL security level failure tests' => sub {
         ######################################################################

util/checkplatformsyms.pl

@@ -21,6 +21,7 @@
 my $OBJFH;
 my $cmd;
 
+exit 0;
 if ($Config{osname} eq "MSWin32") {
         my $currentdll = "";
         $cmd = "dumpbin /imports " . $objfilelist;