[openssl-dev] [openssl.org #4284] Bug in nistz256 assembly code.

Billy Brumley via RT rt at openssl.org
Wed Feb 3 11:05:34 UTC 2016


> Thanks! Verify attached diff.

Without looking too closely at the asm, at least the output now looks OK to me:

Input point: P
ad4cfe7307736330 5a390846abdb19e5 bc92e079b12de03f 3a6b3ebcbf24755d
5ed0dbce609dcf3b 091a794357eca9ee acb4d5512ea7232f 09d787c5915c070a
d482c016856ed40a 4a9e64127c9216d7 308267a3a3c72f6c 99a4ef25b90c6499
after ecp_nistz256_point_add(A, P, P)
52d422c756922166 033fb71af0fd3251 b38e0f88b5a2b2a4 bd964cc28ad2bf39
61c01cf1c0a9b7f9 5acaf8aa07f449fc 62b8600cf22cec6b ab80a212e72fb53d
b4a67dfe55eb1133 ec19e9f97640f280 1a3caeebc962ab48 19a5d850b22fa55b
after ecp_nistz256_point_double(B, P)
52d422c756922166 033fb71af0fd3251 b38e0f88b5a2b2a4 bd964cc28ad2bf39
61c01cf1c0a9b7f9 5acaf8aa07f449fc 62b8600cf22cec6b ab80a212e72fb53d
b4a67dfe55eb1133 ec19e9f97640f280 1a3caeebc962ab48 19a5d850b22fa55b

I will say that I don't understand how ecp_nistz256_point_add_affine
does not have these conditions. Maybe that's a question for the
original authors.

BBB




More information about the openssl-dev mailing list