Page MenuHome GnuPG

assertion failure mulm_25519: different sizes in Libgrypt 1.9
Closed, ResolvedPublic

Description

This was posted by @grothoff on gcrypt-devel in 2018 and materialized again at their tracker yesterday.
It is likely that we forgot about this given that there was no followup on the ML.
(https://lists.gnupg.org/pipermail/gcrypt-devel/2018-August/004534.html)//

libgcrypt from git master causes an assertion on my AMD 1950X when
running GNUnet's src/util/test_crypto_ecc_dlog logic:

.Ohhhh jeeee: mulm_25519: different sizes
FAIL test_crypto_ecc_dlog (exit status: 134)

With GDB:
.Ohhhh jeeee: mulm_25519: different sizes

Program received signal SIGABRT, Aborted.
__GI_raise (sig=sig at entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51
51	../sysdeps/unix/sysv/linux/raise.c: No such file or directory.
(gdb) ba
#0  __GI_raise (sig=sig at entry=6) at ../sysdeps/unix/sysv/linux/raise.c:51
#1  0x00007ffff7b242f1 in __GI_abort () at abort.c:79
#2  0x00007ffff7e8e587 in _gcry_logv (level=50, fmt=0x7ffff7f2c4a4
"mulm_25519: different sizes\n", arg_ptr=0x7fffffffdd18) at misc.c:142
#3  0x00007ffff7e8e94d in _gcry_log_bug (fmt=0x7ffff7f2c4a4 "mulm_25519:
different sizes\n") at misc.c:229
#4  0x00007ffff7f157b1 in ec_mulm_25519 (w=0x55555555a1f0,
u=0x55555555b6d0, v=0x55555555b630, ctx=0x55555555a010) at ec.c:431
#5  0x00007ffff7f1760d in add_points_edwards (result=0x55555555b8a0,
p1=0x55555555b670, p2=0x55555555b750, ctx=0x55555555a010) at ec.c:1305
#6  0x00007ffff7f17cc7 in _gcry_mpi_ec_add_points
(result=0x55555555b8a0, p1=0x55555555b670, p2=0x55555555b750,
ctx=0x55555555a010) at ec.c:1416
#7  0x00007ffff7e8c659 in gcry_mpi_ec_add (w=0x55555555b8a0,
u=0x55555555b670, v=0x55555555b750, ctx=0x55555555a000) at visibility.c:580
#8  0x00007ffff7f70fd9 in GNUNET_CRYPTO_ecc_dlog (edc=0x555555559bd0,
input=0x55555555b670) at crypto_ecc_dlog.c:259
#9  0x0000555555555580 in test_dlog (edc=0x555555559bd0) at
test_crypto_ecc_dlog.c:99
#10 0x0000555555555972 in main (argc=1, argv=0x7fffffffe138) at
test_crypto_ecc_dlog.c:186

Note that on the same system using Debian's 1.8.3-1 package things work,
so either it is the build or a regression.

I used:

./configure  --prefix=/home/grothoff
--with-libgpg-error-prefix=/home/grothoff --enable-ciphers="blowfish aes
twofish" --enable-digests="crc md5 sha1 sha256 sha512"
--enable-kdfs=scrypt CFLAGS=-g -O0 -Wall

Details

External Link
https://bugs.gnunet.org/view.php?id=6818
Version
1.9

Event Timeline

werner added projects: libgcrypt, Bug Report.
werner changed External Link from https://lists.gnupg.org/pipermail/gcrypt-devel/2018-August/004534.html to https://lists.gnupg.org/pipermail/gcrypt-devel/2018-August/004534.html https://bugs.gnunet.org/view.php?id=6818.
werner set Version to 1.9.
werner added a subscriber: gniibe.
werner added a project: !assert.
werner changed External Link from https://lists.gnupg.org/pipermail/gcrypt-devel/2018-August/004534.html https://bugs.gnunet.org/view.php?id=6818 to https://bugs.gnunet.org/view.php?id=6818.

The optimization introduced for curve 25519 and curve 448 en-bugged for usage of direct MPI.

gniibe triaged this task as Normal priority.
gniibe changed the task status from Open to Testing.Tue, Apr 13, 3:16 AM