{"schema":"libjg2-1", "vpath":"/git/", "avatar":"/git/avatar/", "alang":"", "gen_ut":1756675663, "reponame":"openssl", "desc":"OpenSSL", "owner": { "name": "Andy Green", "email": "andy@warmcat.com", "md5": "c50933ca2aa61e0fe2c43d46bb6b59cb" },"url":"https://warmcat.com/repo/openssl", "f":3, "items": [ {"schema":"libjg2-1", "cid":"0f28811ae3da0aaab66f2f2b53f21baf", "commit": {"type":"commit", "time": 1450111179, "time_ofs": 60, "oid_tree": { "oid": "faf6956c8b1394033183f0e3422e42723aa6f305", "alias": []}, "oid":{ "oid": "d911097d7c93e4cfeab624b34d73fe51da158b69", "alias": []}, "msg": "Fix a ** 0 mod 1 \u003d 0 for real this time.", "sig_commit": { "git_time": { "time": 1450111179, "offset": 60 }, "name": "Emilia Kasper", "email": "emilia@openssl.org", "md5": "ed7c7cd0bbbda5ebcb1a10a4000e62ce" }, "sig_author": { "git_time": { "time": 1450107495, "offset": 60 }, "name": "Emilia Kasper", "email": "emilia@openssl.org", "md5": "ed7c7cd0bbbda5ebcb1a10a4000e62ce" }}, "body": "Fix a ** 0 mod 1 \u003d 0 for real this time.\n\nCommit 2b0180c37fa6ffc48ee40caa831ca398b828e680 attempted to do this but\nonly hit one of many BN_mod_exp codepaths. Fix remaining variants and add\na test for each method.\n\nThanks to Hanno Boeck for reporting this issue.\n\nReviewed-by: Rich Salz \u003crsalz@openssl.org\u003e\nReviewed-by: Dr. Stephen Henson \u003csteve@openssl.org\u003e\n" , "diff": "diff --git a/crypto/bn/bn_exp.c b/crypto/bn/bn_exp.c\nindex 66feddc..e252593 100644\n--- a/crypto/bn/bn_exp.c\n+++ b/crypto/bn/bn_exp.c\n@@ -282,9 +282,14 @@ int BN_mod_exp_recp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,\n }\n \n bits \u003d BN_num_bits(p);\n-\n if (bits \u003d\u003d 0) {\n- ret \u003d BN_one(r);\n+ /* x**0 mod 1 is still zero. */\n+ if (BN_is_one(m)) {\n+ ret \u003d 1;\n+ BN_zero(r);\n+ } else {\n+ ret \u003d BN_one(r);\n+ }\n return ret;\n }\n \n@@ -418,7 +423,13 @@ int BN_mod_exp_mont(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,\n }\n bits \u003d BN_num_bits(p);\n if (bits \u003d\u003d 0) {\n- ret \u003d BN_one(rr);\n+ /* x**0 mod 1 is still zero. */\n+ if (BN_is_one(m)) {\n+ ret \u003d 1;\n+ BN_zero(rr);\n+ } else {\n+ ret \u003d BN_one(rr);\n+ }\n return ret;\n }\n \n@@ -671,7 +682,13 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM *a, const BIGNUM *p,\n \n bits \u003d BN_num_bits(p);\n if (bits \u003d\u003d 0) {\n- ret \u003d BN_one(rr);\n+ /* x**0 mod 1 is still zero. */\n+ if (BN_is_one(m)) {\n+ ret \u003d 1;\n+ BN_zero(rr);\n+ } else {\n+ ret \u003d BN_one(rr);\n+ }\n return ret;\n }\n \n@@ -1180,8 +1197,9 @@ int BN_mod_exp_mont_word(BIGNUM *rr, BN_ULONG a, const BIGNUM *p,\n if (BN_is_one(m)) {\n ret \u003d 1;\n BN_zero(rr);\n- } else\n+ } else {\n ret \u003d BN_one(rr);\n+ }\n return ret;\n }\n if (a \u003d\u003d 0) {\n@@ -1295,9 +1313,14 @@ int BN_mod_exp_simple(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,\n }\n \n bits \u003d BN_num_bits(p);\n-\n- if (bits \u003d\u003d 0) {\n- ret \u003d BN_one(r);\n+ if (bits \u003d\u003d 0) {\n+ /* x**0 mod 1 is still zero. */\n+ if (BN_is_one(m)) {\n+ ret \u003d 1;\n+ BN_zero(r);\n+ } else {\n+ ret \u003d BN_one(r);\n+ }\n return ret;\n }\n \ndiff --git a/test/exptest.c b/test/exptest.c\nindex 97b74d9..170de09 100644\n--- a/test/exptest.c\n+++ b/test/exptest.c\n@@ -73,14 +73,34 @@ static const char rnd_seed[] \u003d\n \u0022string to make the random number generator think it has entropy\u0022;\n \n /*\n+ * Test that r \u003d\u003d 0 in test_exp_mod_zero(). Returns one on success,\n+ * returns zero and prints debug output otherwise.\n+ */\n+static int a_is_zero_mod_one(const char *method, const BIGNUM *r,\n+ const BIGNUM *a) {\n+ if (!BN_is_zero(r)) {\n+ fprintf(stderr, \u0022%s failed:\u005cn\u0022, method);\n+ fprintf(stderr, \u0022a ** 0 mod 1 \u003d r (should be 0)\u005cn\u0022);\n+ fprintf(stderr, \u0022a \u003d \u0022);\n+ BN_print_fp(stderr, a);\n+ fprintf(stderr, \u0022\u005cnr \u003d \u0022);\n+ BN_print_fp(stderr, r);\n+ fprintf(stderr, \u0022\u005cn\u0022);\n+ return 0;\n+ }\n+ return 1;\n+}\n+\n+/*\n * test_exp_mod_zero tests that x**0 mod 1 \u003d\u003d 0. It returns zero on success.\n */\n static int test_exp_mod_zero()\n {\n BIGNUM *a \u003d NULL, *p \u003d NULL, *m \u003d NULL;\n BIGNUM *r \u003d NULL;\n+ BN_ULONG one_word \u003d 1;\n BN_CTX *ctx \u003d BN_CTX_new();\n- int ret \u003d 1;\n+ int ret \u003d 1, failed \u003d 0;\n \n m \u003d BN_new();\n if (!m)\n@@ -100,22 +120,65 @@ static int test_exp_mod_zero()\n r \u003d BN_new();\n if (!r)\n goto err;\n- BN_mod_exp(r, a, p, m, ctx);\n- BN_CTX_free(ctx);\n \n- if (BN_is_zero(r))\n- ret \u003d 0;\n- else {\n- printf(\u00221**0 mod 1 \u003d \u0022);\n- BN_print_fp(stdout, r);\n- printf(\u0022, should be 0\u005cn\u0022);\n+ if (!BN_rand(a, 1024, 0, 0))\n+ goto err;\n+\n+ if (!BN_mod_exp(r, a, p, m, ctx))\n+ goto err;\n+\n+ if (!a_is_zero_mod_one(\u0022BN_mod_exp\u0022, r, a))\n+ failed \u003d 1;\n+\n+ if (!BN_mod_exp_recp(r, a, p, m, ctx))\n+ goto err;\n+\n+ if (!a_is_zero_mod_one(\u0022BN_mod_exp_recp\u0022, r, a))\n+ failed \u003d 1;\n+\n+ if (!BN_mod_exp_simple(r, a, p, m, ctx))\n+ goto err;\n+\n+ if (!a_is_zero_mod_one(\u0022BN_mod_exp_simple\u0022, r, a))\n+ failed \u003d 1;\n+\n+ if (!BN_mod_exp_mont(r, a, p, m, ctx, NULL))\n+ goto err;\n+\n+ if (!a_is_zero_mod_one(\u0022BN_mod_exp_mont\u0022, r, a))\n+ failed \u003d 1;\n+\n+ if (!BN_mod_exp_mont_consttime(r, a, p, m, ctx, NULL)) {\n+ goto err;\n }\n \n+ if (!a_is_zero_mod_one(\u0022BN_mod_exp_mont_consttime\u0022, r, a))\n+ failed \u003d 1;\n+\n+ /*\n+ * A different codepath exists for single word multiplication\n+ * in non-constant-time only.\n+ */\n+ if (!BN_mod_exp_mont_word(r, one_word, p, m, ctx, NULL))\n+ goto err;\n+\n+ if (!BN_is_zero(r)) {\n+ fprintf(stderr, \u0022BN_mod_exp_mont_word failed:\u005cn\u0022);\n+ fprintf(stderr, \u00221 ** 0 mod 1 \u003d r (should be 0)\u005cn\u0022);\n+ fprintf(stderr, \u0022r \u003d \u0022);\n+ BN_print_fp(stderr, r);\n+ fprintf(stderr, \u0022\u005cn\u0022);\n+ return 0;\n+ }\n+\n+ ret \u003d failed;\n+\n err:\n BN_free(r);\n BN_free(a);\n BN_free(p);\n BN_free(m);\n+ BN_CTX_free(ctx);\n \n return ret;\n }\n","s":{"c":1756675663,"u": 10193}} ],"g": 12011,"chitpc": 0,"ehitpc": 0,"indexed":0 , "ab": 0, "si": 0, "db":0, "di":0, "sat":0, "lfc": "0000"}