AES-NI support detection: possible bug?

Erik Nyquist eriknyquistdev at gmail.com
Tue Jul 8 12:35:36 CEST 2014


I tried compiling libgcrypt-1.5.0 on a platform with a Quark SoC (intel
low- power SoC, which does not support AES instructions):























*root at clanton:/media/mmcblk0p1# cat /proc/cpuinfoprocessor       :
0vendor_id       : GenuineIntelcpu family      : 5model           : 9model
name      : 05/09stepping        : 0cpu MHz         : 399.076cache size
 : 0 KBfdiv_bug        : nohlt_bug         : nof00f_bug        :
yescoma_bug        : nofpu             : yesfpu_exception   : yescpuid
level     : 7wp              : yesflags           : fpu vme pse tsc msr pae
cx8 apic pbe nx smepbogomips        : 798.15clflush size    :
32cache_alignment : 32address sizes   : 32 bits physical, 32 bits
virtualpower management:*

During configure, the feature detection for AES-NI appears to return with
the result that yes, AES instructions are supported (incorrectly so):

* Try using AES-NI crypto:   yes*


So at run time, I get an 'illegal instruction' error. This was initially
noticed while trying to connect to a wifi access point using
wpa_supplicant- it can also be seen when running the tests included with
libgcrypt:

*root at clanton:/media/mmcblk0p1/libgcrypt-1.5.0-beta1# make check*

*ciphers:arcfour:blowfish:cast5:des:aes:twofish:serpent:rfc2268:seed:camellia:*
*pubkeys:dsa:elgamal:rsa:ecc:*
*digests:crc:md4:md5:rmd160:sha1:sha256:sha512:tiger:whirlpool:*
*rnd-mod:linux:*
*mpi-asm:i586/mpih-add1.S:i586/mpih-sub1.S:i586/mpih-mul1.S:i586/mpih-mul2.S:i586/mpih-mul3.S:i586/mpih-lshift.S:i586/mpih-rshift.S:*
*hwflist:*
*fips-mode:n:n:*
*PASS: version*
*PASS: t-mpi-bit*
*PASS: prime*
*PASS: register*
*PASS: ac*
*PASS: ac-schemes*
*PASS: ac-data*
*/bin/sh: line 4:  7998 Illegal instruction     ${dir}$tst*
*FAIL: basic*
*PASS: mpitests*
*PASS: tsexp*
*PASS: keygen*
*PASS: pubkey*
*PASS: hmac*
*PASS: keygrip*
*PASS: fips186-dsa*
*PASS: aeswrap*
*PASS: curves*
*PASS: random*
*MD5             50ms   120ms   750ms    90ms    50ms*
*SHA1           130ms   190ms   830ms   170ms   130ms*
*RIPEMD160      140ms   200ms   850ms   190ms   140ms*
*TIGER192       250ms   360ms  1150ms   320ms   250ms*
*SHA256         290ms   430ms  1140ms   330ms   290ms*
*SHA384         500ms   720ms  1330ms   540ms   480ms*
*SHA512         490ms   730ms  1320ms   540ms   480ms*
*SHA224         290ms   440ms  1130ms   330ms   290ms*
*MD4             40ms   100ms   750ms    80ms    40ms*
*CRC32           30ms    40ms   570ms    80ms    40ms*
*CRC32RFC1510    30ms    30ms   570ms    80ms    40ms*
*CRC24RFC2440   260ms   260ms   770ms   300ms   270ms*
*WHIRLPOOL     1740ms  1950ms  2530ms  1820ms  1740ms*
*TIGER          260ms   350ms  1150ms   320ms   250ms*
*TIGER2         260ms   350ms  1150ms   320ms   250ms*

*                ECB/Stream         CBC             CFB             OFB
        CTR*
*             --------------- --------------- ---------------
--------------- ---------------*
*3DES          1160ms  1160ms  1220ms  1260ms  1200ms  1220ms  1220ms
 1210ms  1310ms  1330ms*
*CAST5          400ms   410ms   460ms   470ms   440ms   460ms   460ms
460ms   550ms   530ms*
*BLOWFISH       380ms   410ms   430ms   490ms   410ms   430ms   430ms
430ms   530ms   520ms*
*AES            340ms   350ms/bin/sh: line 4:  8244 Illegal instruction
${dir}$tst*
*FAIL: benchmark*
*========================================*
*2 of 19 tests failed*
*Please report to bug-libgcrypt at gnupg.org <bug-libgcrypt at gnupg.org>*
*========================================*
*make[2]: *** [check-TESTS] Error 1*
*make[2]: Leaving directory `/media/mmcblk0p1/libgcrypt-1.5.0-beta1/tests'*
*make[1]: *** [check-am] Error 2*
*make[1]: Leaving directory `/media/mmcblk0p1/libgcrypt-1.5.0-beta1/tests'*
*make: *** [check-recursive] Error 1*


Has anyone seen any similar issues with configure failing to detect AES
support accurately?

Erik.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20140708/b70d5e0f/attachment.html>


More information about the Gcrypt-devel mailing list