[openssl.org #272] BN gives wrong result for mod_exp (all forms)
[appro - Fri Dec 20 10:50:43 2002]: The bugexptest.c problem is already addressed in 0.9.7-beta6. As for HEAD/0.9.8 it will be addressed next year. Therefore the ticken remains open. If I understand you correctly, the 0.9.7 related part of the problem is resolved. Therefore the Milestone should be moved to 0.9.8, shouldn't it? Best regards, Lutz __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: [openssl.org #272] BN gives wrong result for mod_exp (all forms)
If I understand you correctly, the 0.9.7 related part of the problem is resolved. Yes. Therefore the Milestone should be moved to 0.9.8, shouldn't it? Done. A. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[openssl.org #272] BN gives wrong result for mod_exp (all forms)
The bugexptest.c problem is already addressed in 0.9.7-beta6. As for HEAD/0.9.8 it will be addressed next year. Therefore the ticken remains open. As for intermittent core dumps in the accelerated bn_sub_words routine, I couldn't reproduce it and we therefore omit it from further discussions unless more details are provided. A. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: [openssl.org #272] BN gives wrong result for mod_exp (all forms)
Gotten anywhere? Not yet. Well, I can tell that it's not assembler fault (it fails even if I compile with no-asm) and it's the same fault with both cc and gcc. Weird... Is this part of the things you and I have discussed today? No. A. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: [openssl.org #272] BN gives wrong result for mod_exp (all forms)
Gotten anywhere? Not yet. Well, I can tell that it's not assembler fault (it fails even if I compile with no-asm) and it's the same fault with both cc and gcc. Weird... Is this part of the things you and I have discussed today? No. A. ^^ But it probably should be! A. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[openssl.org #272] BN gives wrong result for mod_exp (all forms)
Gotten anywhere? Is this part of the things you and I have discussed today? [appro - Mon Dec 9 14:46:00 2002]: I managed to reproduce the problem and am looking into it. A. -- Richard Levitte __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
RE: [openssl.org #272] BN gives wrong result for mod_exp (all forms)
ummm... I think you sent this to the wrong person... I reported the bug. David. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Richard Levitte via RT Sent: Thursday, December 12, 2002 1:21 PM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: [openssl.org #272] BN gives wrong result for mod_exp (all forms) Gotten anywhere? Is this part of the things you and I have discussed today? [appro - Mon Dec 9 14:46:00 2002]: I managed to reproduce the problem and am looking into it. A. -- Richard Levitte __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: [openssl.org #272] BN gives wrong result for mod_exp (all forms)
In message [EMAIL PROTECTED] on Thu, 12 Dec 2002 20:17:52 +0100 (MET), David Asher via RT [EMAIL PROTECTED] said: rt ummm... I think you sent this to the wrong person... I reported the bug. Don't worry about it. You're the registered requestor, that's why you got a copy directly. Andy is a member of openssl-dev, so he'll see the mail as well. -- Richard Levitte \ Spannvägen 38, II \ [EMAIL PROTECTED] Redakteur@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47 \ SWEDEN \ or +46-708-26 53 44 Procurator Odiosus Ex Infernis-- [EMAIL PROTECTED] Member of the OpenSSL development team: http://www.openssl.org/ Unsolicited commercial email is subject to an archival fee of $400. See http://www.stacken.kth.se/~levitte/mail/ for more info. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[openssl.org #272] BN gives wrong result for mod_exp (all forms)
I managed to reproduce the problem and am looking into it. A. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[openssl.org #272] BN gives wrong result for mod_exp (all forms)
Hi all, I am using: OpenSSL 0.9.7-beta2 16 Jun 2002 configured with: ./Configure solaris-sparcv9-gcc no-asm gcc is version 2.95.3 20010315 (release) I had to use no-asm because of intermittent core dumps I was getting in the accelerated bn_sub_words routine. After a lot of debugging, it looked to me like a Sparc chip bug, so I just switched to the non-accelerated version of the routines (speed is not my primary concern). [though I don't believe this is related to the bug I am reporting, for those interested: bn_sub_words was being called with n == 15, and for some reason, some times, the inner loop would keep going into negative n's -- until we crossed into a non-accessible page and core dumped. when I stepped through instruction by instruction (using gdb) it did NOT fail, it also did not fail w/any conditional breakpoint set on the routine -- even if the break was not going to occur. very strange] Back to the point of this bug. I am attempting to calculate a^b % m where a is 2624 bits and b and m are only slightly smaller. See attached files for full details. I believe OpenSSL is producing an incorrect result for all 3 of its modexp routines. BN_mod_exp_recp dies with an error (see comments around USE_RECP #define in bugexptest.c), BN_mod_exp_simple and BN_mod_exp_mont return different results, and both appear to be incorrect. I got the correct result from Gnu MP and by using Verilog as a big number package (and, ironically, from the RTL for our device under test). I am sending a modified exptest.c (which I called bugexptest.c) along with the output of the run. bugexptest was compiled this way (from the test directory in the openssl tree): gcc -I.. -I../include -g -c -o bugexptest.o bugexptest.c gcc -o bugexptest -I.. -I../include -g bugexptest.o -L.. -lcrypto I am sending the files as attachments because Microsoft is evil and didn't provide a way to stop line wrapping when sending an email from Outlook. Please let me know if you have any problems/questions. Thanks, David Asher [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]