[openssl-users] [openssl-dev] Failed TLSv1.2 handshake with error 67702888--bad signature

Nounou Dadoun nounou.dadoun at avigilon.com
Mon Feb 29 19:39:03 UTC 2016

Back in the office today - the sha1 and sha256 tests passed but the sha512 failed immediately as below.

# ./sha1test
test 1 ok
test 2 ok
test 3 ok
# ./sha256t
Testing SHA-256 ... passed.
Testing SHA-224 ... passed.
# ./sha512t
Testing SHA-512
TEST 1 of 3 failed.

Took a quick look at the code and it looks pretty straightforward, do you have a version you'd like me to run that dumps the result over and above doing a straight memcmp (funny that it doesn't do that anyway on failure) or just let me know what you'd like dumped and what format you'd like it in.  And maybe remove the returns so it goes through all the tests?  

Happy to help root cause this issue if I can.

Haven't tried the no-asm option yet, I might try that next.

Nou Dadoun
Senior Firmware Developer, Security Specialist

Office: 604.629.5182 ext 2632 

-----Original Message-----
From: openssl-users [mailto:openssl-users-bounces at openssl.org] On Behalf Of Dr. Stephen Henson
Sent: Sunday, February 28, 2016 4:58 AM
To: openssl-users at openssl.org
Subject: Re: [openssl-users] [openssl-dev] Failed TLSv1.2 handshake with error 67702888--bad signature

On Sun, Feb 28, 2016, Nounou Dadoun wrote:

> We're cross-compiling on a linux x86 vm, does "make test" produce something that I can run on the target?

"make test" wont be very useful then. The binary test/sha512t you can copy to the target and run it. I'd be interested in the output.

Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

More information about the openssl-users mailing list