chaoyu3
commented
1 week ago Hello, can you check latest crypto library?
/opt/intel/oneapi/ippcp/2025.0/lib/libippcp.so.12
I run these test code, by disabling/enabling the following code, the test can pass the test? cpu_features &= ~(ippCPUID_AVX512IFMA);
thanks, Chao
I've tested
ippcp_2021.12.1, built from source againstopenssl-3.0.12, on Ubuntu 22.04, on aIntel(R) Xeon(R) Gold 6312U.I've attached a patch which can be applied on the
ippcp_2021.12.1, which adds an example highlighting the issue. When building with examples you'll have a new executable that will print "Passed" or "Failed" depending on whether the verification result was valid or not.The sample uses a PRNG with default values, initializes a GF, EC, Private Key, Public Key, Ephemeral Private Key, the message and message digest and finally, signs and verifies. At the top of the
mainfunction you can find a commented out line tweaking the CPU features.The signature verification result is invalid when AVX512IFMA is enabled, but valid when I disable AVX512IFMA via the
ippcpSetCpuFeatures.There has been a previous report of a suspected bug here:
🔗 https://community.intel.com/t5/Intel-Integrated-Performance/Suspected-Bug-ippsGFpECSignDSA-generates-small-signatures-when/m-p/1511674.
Can you please investigate and share your findings here? It would be nice to know which other parts of IPPCP may be affected by AVX512, if you find out the issue isn't exclusive to ECC DSA.
Thank you.
ecc_avx512ifma_example.txt