[openssl-dev] [openssl.org #4568] Enhancement request: Capability vector accessor function for arm and ppc

Loic Etienne via RT rt at openssl.org
Wed Jun 15 15:09:23 UTC 2016 

Two more observations.

OPENSSL_ia32cap_loc() alters the underlying OPENSSL_ia32cap_P, the bits not fitting into the expected integer size being zeroed. I do not know if it is practically relevant, but it is strange that a read has side effects. It would be a good reason for dedicated, architecture independent setters and getters.

The documentation (https://www.openssl.org/docs/man1.0.2/crypto/OPENSSL_ia32cap.html<https://www.openssl.org/docs/manmaster/crypto/OPENSSL_ia32cap.html>) says:
unsigned int *OPENSSL_ia32cap_loc(void)
it should say:
unsigned long *OPENSSL_ia32cap_loc(void)
like in openssl-1.0.2h/crypto/crypto.h



________________________________
From: Loic Etienne
Sent: Wednesday, June 15, 2016 10:17:17 AM
To: rt at openssl.org
Cc: openssl-dev at openssl.org
Subject: Re: [openssl-dev] [openssl.org #4568] Enhancement request: Capability vector accessor function for arm and ppc


Identifying the bits relevant to openssl for each architecture and making them available through architecture-independent functions (getter and setters) would be very convenient, indeed. At the risk that future architectures do not fit into the pattern defined today.


If this approach is implemented, I suggest a copy of original capability vector to be kept, for the setter to fail if a bit is tentatively set on an unsuitable processor (otherwise, subsequent cryptographic operations affected by the bit in question would fail anyway). Thus a setter could return the previous value (0 or 1) on success, and -1 on failure.


I think that implementing the architecture specific functions suggested in this ticket is easy and already useful. Defining architecture-independent functions probably requires more hard thinking, and could be done in a later step.

________________________________
From: Salz, Rich via RT <rt at openssl.org>
Sent: Tuesday, June 14, 2016 6:41:02 PM
To: Loic Etienne
Cc: openssl-dev at openssl.org
Subject: RE: [openssl-dev] [openssl.org #4568] Enhancement request: Capability vector accessor function for arm and ppc

Doesn't it make more sense to have a single API that returns the platform-specific flags?


--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4568
Please log in as guest with password guest if prompted


-- 
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4568
Please log in as guest with password guest if prompted

More information about the openssl-dev mailing list