Page MenuHome GnuPG

RSA decryption failure
Closed, ResolvedPublic

Description

Given the hex MPIs for RSA

N:9773838E13FDC32F398AD92747DD7DDBC28DD114092E7CCC5008E360D78AE1F44509EA41C26C4B70513B4EFB1B93102DFD361AD41185F37DF48375899096EC6B0AF6E5D1B20D59D353FD9566EFE2C34B43DA27FE0E304C7F5895F02A49A0490D451761EF1D74E5DC606529D021296691A10D82416FDA66C02C787CD52A713E353A9466BDF8DA4E5E49D5B8791CA9AAF1DD8E3A5E4F5C810F1A2302CE004304EFABA97F8BDDD97D8C8E32505D78829ABDF05D80CB4DFE2806994BCEB625F796480D2753641B281E8F2568FBCF0F5F371676176A3DF4A0515B208B3F5D091536E5415D4B95E9718FD02D2E6D072FDB1688998EEACF0F061F0424BBBB906FED4BE9
E:10001
D:90443CE0AE326027300D0F65D793293C994B360A7BE48884A708906FC3624C72BF00FEE0BD2F237D4E23CCCC6E2BDC91B24E43A817391E04B15238385E3F25DDA18826CB656C4A50800562B7B772AECD9748CC27B9A4507A4E0C25C6627408A2575A3AB3E7BF5EE659FC83A3FAB2D13D8FC8AA7762F10C47AB14EAF4B38543D73EE8CD3DF2A6DBE9F8C4155ED022D5B0EE5D30ED94BCEE492848D1D33661E8FBCE200F63C9B113CD0BBA91E83CC90C906C884725A95E1985865B1B44302AD1401442D033BBAFFA3F553836B41D1FF7F2B9C7CA63D26B8A2CE310DDD19EBBF0599EC27FE80FAE90917BAB20F52FEC99ECF1D25ECED67FF9B9D12F3F9258F8F671
P:DCCEB325CA9ACD948ABC02BBCBD94E5E6E55CDBF65E9382A4C46C7AD225B18DC4E19CCF42C09DDBE403BAC9CC4237E2A1E93553AF53980123285D764F055C58865A6A7552C02852507AD33A2409098E59F32067147A680453A96AAD3F530BA34C13ADB2C6E7C31C0BD587350E924C70A66849F42434EC9213D071477AD706133
Q:AF96F814E8A17FF6EAD276A02D8EAD4BA7B83D12E3D48AA0C5529A1E0FA28A5F7A8352D9773B94FCD76BD919907E3D21919E646455EE74887CC0271E3F7E8B1B421EF11672783AA8666EDA4850F284FC213D74CF97929B7674FF73A330585C62C12382C1A19396B7389AD2F35F9687D06D99F2F829EC40145D42C7DCF80BD673
U:4B068919706F1C9DE8852EE75AB66AB7030D2C19951646516658CB8A0227E13527412646EB43EC09830B6830D3E3439D079AB8B44F991738A29238E040120A0A8BC3C13DB4D028B9BFD1BCD9D944A85E2F07565C840C5D6DD3AD1B7B0F88A11FC8D760C6ACC297411B7E8B90A68EC0AB81AE543049FE07E3DCF1ACA18A8ADC7E

.. decryption fails in cipher/rsa.c when using the default #if 1 branch.
Decrytion works without a problem when using standard mpi_powm(output, input,
skey->d, skey->n ) with the #if 0 branch.

Keys have been generated independently from gnupg.

Details

Version
1.4.11

Event Timeline

mischmerz added projects: gnupg, Bug Report.
mischmerz added a subscriber: mischmerz.

Given the hex MPIs for RSA

N:9773838E13FDC32F398AD92747DD7DDBC28DD114092E7CCC5008E360D78AE1F44509EA41C26C4B70513B4EFB1B93102DFD361AD41185F37DF48375899096EC6B0AF6E5D1B20D59D353FD9566EFE2C34B43DA27FE0E304C7F5895F02A49A0490D451761EF1D74E5DC606529D021296691A10D82416FDA66C02C787CD52A713E353A9466BDF8DA4E5E49D5B8791CA9AAF1DD8E3A5E4F5C810F1A2302CE004304EFABA97F8BDDD97D8C8E32505D78829ABDF05D80CB4DFE2806994BCEB625F796480D2753641B281E8F2568FBCF0F5F371676176A3DF4A0515B208B3F5D091536E5415D4B95E9718FD02D2E6D072FDB1688998EEACF0F061F0424BBBB906FED4BE9
E:10001
D:90443CE0AE326027300D0F65D793293C994B360A7BE48884A708906FC3624C72BF00FEE0BD2F237D4E23CCCC6E2BDC91B24E43A817391E04B15238385E3F25DDA18826CB656C4A50800562B7B772AECD9748CC27B9A4507A4E0C25C6627408A2575A3AB3E7BF5EE659FC83A3FAB2D13D8FC8AA7762F10C47AB14EAF4B38543D73EE8CD3DF2A6DBE9F8C4155ED022D5B0EE5D30ED94BCEE492848D1D33661E8FBCE200F63C9B113CD0BBA91E83CC90C906C884725A95E1985865B1B44302AD1401442D033BBAFFA3F553836B41D1FF7F2B9C7CA63D26B8A2CE310DDD19EBBF0599EC27FE80FAE90917BAB20F52FEC99ECF1D25ECED67FF9B9D12F3F9258F8F671
P:DCCEB325CA9ACD948ABC02BBCBD94E5E6E55CDBF65E9382A4C46C7AD225B18DC4E19CCF42C09DDBE403BAC9CC4237E2A1E93553AF53980123285D764F055C58865A6A7552C02852507AD33A2409098E59F32067147A680453A96AAD3F530BA34C13ADB2C6E7C31C0BD587350E924C70A66849F42434EC9213D071477AD706133
Q:AF96F814E8A17FF6EAD276A02D8EAD4BA7B83D12E3D48AA0C5529A1E0FA28A5F7A8352D9773B94FCD76BD919907E3D21919E646455EE74887CC0271E3F7E8B1B421EF11672783AA8666EDA4850F284FC213D74CF97929B7674FF73A330585C62C12382C1A19396B7389AD2F35F9687D06D99F2F829EC40145D42C7DCF80BD673
U:4B068919706F1C9DE8852EE75AB66AB7030D2C19951646516658CB8A0227E13527412646EB43EC09830B6830D3E3439D079AB8B44F991738A29238E040120A0A8BC3C13DB4D028B9BFD1BCD9D944A85E2F07565C840C5D6DD3AD1B7B0F88A11FC8D760C6ACC297411B7E8B90A68EC0AB81AE543049FE07E3DCF1ACA18A8ADC7E

.. decryption fails in cipher/rsa.c when using the default #if 1 branch.
Decrytion works without a problem when using standard mpi_powm(output, input,
skey->d, skey->n ) with the #if 0 branch.

Keys have been generated independently from gnupg. But seems to exist in 2.0.18
as well (decryption fails), but I haven't verified it in the source.

mischmerz claimed this task.

My bad. Sorry. Got confused with the RSA Coeff and u value. Case closed.