On Sun, Jul 15, 2018 at 08:24:44PM +0200, Theo Buehler wrote: > As found by jsg the hard way, the first version of the EC constant time > crypto overhaul broke ssh on sparc64 and made several regress tests > fail. > > The issue (as tracked down by Nicola Tuveri) is that on sparc64 some asm > bits aren't enabled in libcrypto, so EC_GFp_nist_method() are used as > default method. Unfortunately, the pull request didn't include the part > of the patch that explicitly sets .mul_generator_ct, etc. in this method > (ecp_nist.c below), which led to EC_POINT_mul() erroring out. > > Only sparc64 should be affected by this mistake. I don't have access to > this architecture, so I would appreciate if someone could try it. > Any other tests are of course also welcome. > > To test this, build and install libcrypto and run the libcrypto > regression tests in /usr/src/regress/lib/libcrypto (make obj && make). > If these pass, this should be good enough to know that this particular > problem is fixed.
With this version the regress tests that were previously failing on sparc64 pass and ssh still works.
