Any word on a resolution to this issue?
Thanks, David. > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of OpenSSL-Bugs > Sent: Friday, September 06, 2002 4:44 AM > To: [EMAIL PROTECTED] > Subject: [openssl.org #272] AutoReply: BN gives wrong result for mod_exp > (all forms) > > > > Greetings, > This message has been automatically generated in response to the > creation of a trouble ticket regarding: > "BN gives wrong result for mod_exp (all forms)", > a summary of which appears below. > > There is no need to reply to this message right now. Your ticket has been > assigned an ID of [openssl.org #272]. > > Please include the string: > > [openssl.org #272] > > in the subject line of all future correspondence about this issue. To do so, > you may reply to this message. > > Thank you, > > > ------------------------------------------------------------------------- > Hi all, > > I am using: OpenSSL 0.9.7-beta2 16 Jun 2002 > > configured with: > > ./Configure solaris-sparcv9-gcc no-asm > > gcc is "version 2.95.3 20010315 (release)" > > I had to use no-asm because of intermittent core dumps I was getting in the >accelerated bn_sub_words routine. After a lot of > debugging, it looked to me like a Sparc chip bug, so I just switched to the >non-accelerated version of the routines > (speed is not my > primary concern). [though I don't believe this is related to the bug I am reporting, >for those interested: bn_sub_words was being > called with n == 15, and for some reason, some times, the inner loop would keep >going into negative n's -- until we crossed into a > non-accessible page and core dumped. when I stepped through instruction by >instruction (using gdb) it did NOT fail, it > also did not > fail w/any conditional breakpoint set on the routine -- even if the break was not >going to occur. very strange] > > Back to the point of this bug. I am attempting to calculate a^b % m where a is 2624 >bits and b and m are only slightly smaller. > See attached files for full details. > > I believe OpenSSL is producing an incorrect result for all 3 of its modexp routines. > BN_mod_exp_recp dies with an error (see > comments around USE_RECP #define in bugexptest.c), BN_mod_exp_simple and >BN_mod_exp_mont return different results, and both appear > to be incorrect. I got the correct result from Gnu MP and by using Verilog as a big >number package (and, ironically, from the RTL > for our device under test). > > I am sending a modified exptest.c (which I called bugexptest.c) along with the >output of the run. > > bugexptest was compiled this way (from the test directory in the openssl tree): > > gcc -I.. -I../include -g -c -o bugexptest.o bugexptest.c > gcc -o bugexptest -I.. -I../include -g bugexptest.o -L.. -lcrypto > > I am sending the files as attachments because Microsoft is evil and didn't provide a >way to stop line wrapping when > sending an email > from Outlook. > > Please let me know if you have any problems/questions. > > Thanks, > > David Asher > [EMAIL PROTECTED] > > > > > > > ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
