Closed Bug 1194947 Opened 9 years ago Closed 9 years ago

miscalculation in mp_exptmod()

Categories

(NSS :: Libraries, defect)

3.19.2
defect
Not set
normal

Tracking

(Not tracked)

RESOLVED DUPLICATE of bug 1190248

People

(Reporter: hanno, Unassigned)

Details

(Keywords: reporter-external, sec-high)

Attachments

(1 file)

mp_exptmod() will sometimes calculate wrong values. Example: (80^fc) mod 0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0EED0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F7C000000000000000000000000000000000000000000000000000000000000000000000000000000000000 I have attached a sample code showing that. Using first mp_expt and then mp_mod gives a different result than mp_exptmod. Should give the same result. As this is basically the "RSA-function" this may have security implications (but not sure, needs some skilled cryptographer to investigate whether this is exploitable in any way). (Found with afl by comparing openssl/nss results)
Group: core-security
Flags: needinfo?(martin.thomson)
Buck passing.
Flags: needinfo?(martin.thomson) → needinfo?(rlb)
Flags: needinfo?(rrelyea)
Group: core-security → crypto-core-security
I can't reproduce this, maybe it got somehow fixed already?
Flags: needinfo?(hanno)
I just bisected which commit fixed this and it was this one: https://hg.mozilla.org/projects/nss/diff/a555bf0fc23a/lib/freebl/mpi/mpi.c This is the fix for bug #1190248 which was also reported by me. However in #1190248 we concluded that this likely is not a severe issue, which might be wrong. I'll comment there further.
Flags: needinfo?(hanno)
can we close this one then? (I can't see bug 1190248)
Flags: needinfo?(hanno)
Yes, I think we'll handle the issue in #1190248 (although I'd appreciate a bit more activity there).
Status: NEW → RESOLVED
Closed: 9 years ago
Flags: needinfo?(hanno)
Resolution: --- → DUPLICATE
Flags: needinfo?(rrelyea)
Flags: needinfo?(rlb)
Flags: sec-bounty?
Flags: sec-bounty? → sec-bounty-
Group: crypto-core-security
Keywords: sec-high
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: