Closed
Bug 1194947
Opened 9 years ago
Closed 9 years ago
miscalculation in mp_exptmod()
Categories
(NSS :: Libraries, defect)
Tracking
(Not tracked)
RESOLVED
DUPLICATE
of bug 1190248
People
(Reporter: hanno, Unassigned)
Details
(Keywords: reporter-external, sec-high)
Attachments
(1 file)
798 bytes,
text/x-csrc
|
Details |
mp_exptmod() will sometimes calculate wrong values.
Example:
(80^fc) mod 0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0EED0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F0F7C000000000000000000000000000000000000000000000000000000000000000000000000000000000000
I have attached a sample code showing that. Using first mp_expt and then mp_mod gives a different result than mp_exptmod. Should give the same result.
As this is basically the "RSA-function" this may have security implications (but not sure, needs some skilled cryptographer to investigate whether this is exploitable in any way).
(Found with afl by comparing openssl/nss results)
Reporter | ||
Updated•9 years ago
|
Group: core-security
Updated•9 years ago
|
Flags: needinfo?(martin.thomson)
Updated•9 years ago
|
Flags: needinfo?(rrelyea)
Updated•9 years ago
|
Group: core-security → crypto-core-security
Comment 2•9 years ago
|
||
I can't reproduce this, maybe it got somehow fixed already?
Flags: needinfo?(hanno)
Reporter | ||
Comment 3•9 years ago
|
||
I just bisected which commit fixed this and it was this one:
https://hg.mozilla.org/projects/nss/diff/a555bf0fc23a/lib/freebl/mpi/mpi.c
This is the fix for bug #1190248 which was also reported by me. However in #1190248 we concluded that this likely is not a severe issue, which might be wrong. I'll comment there further.
Flags: needinfo?(hanno)
Comment 4•9 years ago
|
||
can we close this one then? (I can't see bug 1190248)
Flags: needinfo?(hanno)
Reporter | ||
Comment 5•9 years ago
|
||
Yes, I think we'll handle the issue in #1190248 (although I'd appreciate a bit more activity there).
Status: NEW → RESOLVED
Closed: 9 years ago
Flags: needinfo?(hanno)
Resolution: --- → DUPLICATE
Updated•9 years ago
|
Flags: needinfo?(rrelyea)
Flags: needinfo?(rlb)
Updated•9 years ago
|
Flags: sec-bounty?
Updated•9 years ago
|
Flags: sec-bounty? → sec-bounty-
Updated•6 months ago
|
Keywords: reporter-external
You need to log in
before you can comment on or make changes to this bug.
Description
•