[openssl-dev] [openssl.org #4683] [BUG] Failure running openssl speed ecdh in master branch

Linsell, StevenX via RT rt at openssl.org
Thu Sep 22 15:39:13 UTC 2016 

Running against master branch (commit 39c136cc53d7b6fafdd1a0b52c035fd24358e01c - Updates CHANGES and NEWS for new release) we see a failure when running openssl speed with the ecdh parameter:

./openssl speed ecdh
Doing 160 bit  ecdh's for 10s: 35676 160-bit ECDH ops in 9.98s
Doing 192 bit  ecdh's for 10s: 29928 192-bit ECDH ops in 9.98s
Doing 224 bit  ecdh's for 10s: 21881 224-bit ECDH ops in 9.98s
Doing 256 bit  ecdh's for 10s: 91839 256-bit ECDH ops in 9.98s
Doing 384 bit  ecdh's for 10s: 9642 384-bit ECDH ops in 9.98s
Doing 521 bit  ecdh's for 10s: 4737 521-bit ECDH ops in 9.98s
Doing 163 bit  ecdh's for 10s: 32911 163-bit ECDH ops in 9.98s
Doing 233 bit  ecdh's for 10s: 25740 233-bit ECDH ops in 9.98s
Doing 283 bit  ecdh's for 10s: 14392 283-bit ECDH ops in 9.98s
Doing 409 bit  ecdh's for 10s: 9203 409-bit ECDH ops in 9.98s
Doing 571 bit  ecdh's for 10s: 3866 571-bit ECDH ops in 9.98s
Doing 163 bit  ecdh's for 10s: 31212 163-bit ECDH ops in 9.98s
Doing 233 bit  ecdh's for 10s: 24564 233-bit ECDH ops in 9.98s
Doing 283 bit  ecdh's for 10s: 13510 283-bit ECDH ops in 9.97s
Doing 409 bit  ecdh's for 10s: 8603 409-bit ECDH ops in 9.98s
Doing 571 bit  ecdh's for 10s: 3572 571-bit ECDH ops in 9.98s
ECDH failure.
140194445354752:error:100AE081:elliptic curve routines:EC_GROUP_new_by_curve_name:unknown group:crypto/ec/ec_curve.c:3100:
140194445354752:error:100AE081:elliptic curve routines:EC_GROUP_new_by_curve_name:unknown group:crypto/ec/ec_curve.c:3100:
OpenSSL 1.1.1-dev  xx XXX xxxx

This bug appears to have been introduced by the recent refactoring of X25519.
I'm not up to speed on the X25519 curve refactoring and how that curve should be used from the libCrypto interfaces now, so I'm not sure how this issue should be resolved. I could have made a pull request to just remove X25519 from the tested curves but that seemed to be a retrograde step.
Let me know if that is the route you would like to take and I can submit a pull request for that if you like.

Kind Regards,

Steve Linsell   
Intel Shannon DCG/CID Software Development Team
Stevenx.Linsell at intel.com

--------------------------------------------------------------
Intel Research and Development Ireland Limited
Registered in Ireland
Registered Office: Collinstown Industrial Park, Leixlip, County Kildare
Registered Number: 308263


This e-mail and any attachments may contain confidential material for the sole
use of the intended recipient(s). Any review or distribution by others is
strictly prohibited. If you are not the intended recipient, please contact the
sender and delete all copies.


-- 
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4683
Please log in as guest with password guest if prompted

More information about the openssl-dev mailing list