The base64_simdutf test has a printf statement inside a double for loop
that causes a huge amount of latency when run under our perl scripts.
Average run time on my system is about 1min 58 seconds.
We shouldn't be using a printf statement there anyway (likely TEST_info
instead), but we don't need that either, so just remove the printf
entirely. This decreases the run time to around a second to complete.
Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org>
Reviewed-by: Paul Yang <paulyang.inf@gmail.com>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/29542)
Replace #ifdef FIPS_MODULE with OSSL_PROVIDER_available() runtime check
in ecdsatest.c. The compile-time check is not meaningful for test cases
as the test binary may be compiled without FIPS_MODULE but run with the
FIPS provider loaded.
Fixes#28255
CLA: trivial
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/29527)
* Modified the parsing logic to handle space-followed-by-comma patterns
* Updated the separator skipping logic to process at most one comma while allowing multiple spaces
* Added a test case with a mixed DNS and IP SAN entry that includes the problematic spacing pattern
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Norbert Pocs <norbertp@openssl.org>
Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/28471)
There is a memory leak of the addrinfo struct when
`./openssl s_server -dtls -sctp -accept 127.0.0.1:4433`
is used, but `sysctl -w net.sctp.auth_enable=1`
is not done before.
Additionally this fixes an oversight, when
`./openssl s_client -dtls -sctp -connect localhost:4433`
is used to connect to above server.
The first connect attempt is to IPv6 ::1, which might fail,
but the second attempt might still succeed, so continue to
try all addesses even when the SCTP socket fails for one of them.
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Paul Yang <paulyang.inf@gmail.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29541)
It's only use was to do some somewhat confused cruftery
inside of ossl_asn1_time_to_tm as a special case to
implement ASN1_TIME_set_string_X509.
As it turns out, you don't need the cruftery of a special
case inside of ossl_asn1_time_to_tm to implement this
function, so the flag is completely unnecessary.
This removes flag, and simplifies this to work without it.
It removes the cruft only from ossl_asn1_time_to_tm,
minimally. This function really needs some cleanup and
makes my eyes bleed but I am resisting the temptation
to do that with this PR and making this a the minimal
change needed for review. I will clean up that function
in a follow on pr.
As tests on the behaviour of ASN1_TIME_set_string_X509
were added with it, Beyonce dances happily for me and I
only need to pass the existing tests, not write as bunch
of new ones.. .
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Nikola Pajkovsky <nikolap@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29187)
Recently, the addition of some vector register save restore logic from:
https://github.com/openssl/openssl/pull/28990
Triggered an issue in our quic_multistream_test, notably causing a
connection shutdown with error code 1, rather than successful
completion.
The problem has been root caused to an error in how the ppc aes code
saves and restores vector registers.
The aes gcm code uses VSR instructions (vsldoi, etc), to maniuplate
vector registers, which only operate on the upper half of the vector
register file (VS32-63), and operands are implicitly offset to do this.
(i.e. <instr> v31 actually operates on register vs63).
However, the SAVE/RESTORE macros which save and restore those values use
stxv/lxv instructions to do the save and restore, which are VSX
instructions that have access to the full vector register file, and so
by restoring V1, rather than V33, etc, we actuall restore values to the
wrong registers, causing various issues (most notably the above
misconfiguration of the quic SSL shutdown event, which sets the error
code erroneously to 1 instead of the expected 0 value).
Fix it by offsetting the SAVE_REGS and RESTORE_REGS macros to reference
the proper registers when doing save and restore.
Fixes#29516
Reviewed-by: Saša Nedvědický <sashan@openssl.org>
Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29528)
RISC-V Cryptographic Vector Extension provides ZVK instructions which
can be used to accelerate SM3 computing.
By calculating SHA512 performance on C930 FPGA, it is proven that sm3
speed is improved from 120695K to 323844K.
Reviewed-by: Paul Yang <paulyang.inf@gmail.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/29264)
The key improvements include:code formatting unification、instruction scheduling optimization、register allocation strategy update、updates to addition/subtraction carry and borrow flag handling.
These enhancements aim to improve both the code maintainability and its execution performance, particularly on out-of-order RISC-V cores.
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/29438)
We currently support gcc 9 as a minimum compiler version. We should run
at least one ci job against that minimal version to make sure we don't
break anything.
Most notably this will help us catch errors if we attempt to use
intrinsics that aren't supported by that compiler.
Reviewed-by: Paul Yang <paulyang.inf@gmail.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/29482)
In the bn_sqr8x_mont function, a comment describing the accumulation step for the partial product a[1]*a[0] incorrectly referenced the low part ('lo') of the product. The value being added to the temporary register t[2] is actually the high part ('hi') of that multiplication.
Correct the comment from "t[2]+lo(a[1]*a[0])" to "t[2]+hi(a[1]*a[0])".
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/29436)
This patch is dedicated to improve SHA512 speed with RISCV
Cryptographic Vector Extension.
Below performance output is calculated by Xuantie C930 FPGA with VLEN256.
- sha512 speed might be improved from 197032K to 1010986KB
Reviewed-by: Paul Yang <paulyang.inf@gmail.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/29263)
