Mailing List Archive

Re: GOST-R-34.11-94 output difference between LibreSSL and libgcrypt
Hello,

On 17.5.2019 19.00, Guido Vranken wrote:
> OSS-Fuzz recently found a new bug. Cryptofuzz always abort()s at the same place if it detects mismatching results, and this confuses OSS-Fuzz, thinking that multiple distinct bugs are the same bug. This is why nobody got an e-mail about it.
>
> But about the bug:
>
> https://oss-fuzz.com/testcase-detail/5651343798173696
>
>
>     Operation:
>     operation name: Digest
>     digest: GOST-R-34.11-94
>     cleartext: {}
>    
>     Module OpenSSL result:
>    
>     {0x98, 0x1e, 0x5f, 0x3c, 0xa3, 0x0c, 0x84, 0x14, 0x87, 0x83, 0x0f, 0x84, 0xfb, 0x43, 0x3e, 0x13,
>      0xac, 0x11, 0x01, 0x56, 0x9b, 0x9c, 0x13, 0x58, 0x4a, 0xc4, 0x83, 0x23, 0x4c, 0xd6, 0x56, 0xc0} (32 bytes)
>    
>     Module libgcrypt result:
>    
>     {0xce, 0x85, 0xb9, 0x9c, 0xc4, 0x67, 0x52, 0xff, 0xfe, 0xe3, 0x5c, 0xab, 0x9a, 0x7b, 0x02, 0x78,
>      0xab, 0xb4, 0xc2, 0xd2, 0x05, 0x5c, 0xff, 0x68, 0x5a, 0xf4, 0x91, 0x2c, 0x49, 0x49, 0x0f, 0x8d} (32 bytes)
>
>
> In LibreSSL I use EVP_gostr341194(), and in libgcrypt I use GCRY_MD_GOSTR3411_94.
>

Libgcrypt digest GCRY_MD_GOSTR3411_CP gives same output as EVP_gostr341194(). Output from gchash:

$ tests/gchash GOSTR3411_CP /dev/null
981e5f3ca30c841487830f84fb433e13ac1101569b9c13584ac483234cd656c0 /dev/null

CP in the digest name means CryptoPro parameters and appears those parameters are used by EVP_gostr341194().

-Jussi

_______________________________________________
Gcrypt-devel mailing list
Gcrypt-devel@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gcrypt-devel
Re: GOST-R-34.11-94 output difference between LibreSSL and libgcrypt [ In reply to ]
Ah, thanks! Sorry for the false positive everyone.

On Sat, May 18, 2019 at 5:46 AM Jussi Kivilinna <jussi.kivilinna@iki.fi>
wrote:

> Hello,
>
> On 17.5.2019 19.00, Guido Vranken wrote:
> > OSS-Fuzz recently found a new bug. Cryptofuzz always abort()s at the
> same place if it detects mismatching results, and this confuses OSS-Fuzz,
> thinking that multiple distinct bugs are the same bug. This is why nobody
> got an e-mail about it.
> >
> > But about the bug:
> >
> > https://oss-fuzz.com/testcase-detail/5651343798173696
> >
> >
> > Operation:
> > operation name: Digest
> > digest: GOST-R-34.11-94
> > cleartext: {}
> >
> > Module OpenSSL result:
> >
> > {0x98, 0x1e, 0x5f, 0x3c, 0xa3, 0x0c, 0x84, 0x14, 0x87, 0x83, 0x0f,
> 0x84, 0xfb, 0x43, 0x3e, 0x13,
> > 0xac, 0x11, 0x01, 0x56, 0x9b, 0x9c, 0x13, 0x58, 0x4a, 0xc4, 0x83,
> 0x23, 0x4c, 0xd6, 0x56, 0xc0} (32 bytes)
> >
> > Module libgcrypt result:
> >
> > {0xce, 0x85, 0xb9, 0x9c, 0xc4, 0x67, 0x52, 0xff, 0xfe, 0xe3, 0x5c,
> 0xab, 0x9a, 0x7b, 0x02, 0x78,
> > 0xab, 0xb4, 0xc2, 0xd2, 0x05, 0x5c, 0xff, 0x68, 0x5a, 0xf4, 0x91,
> 0x2c, 0x49, 0x49, 0x0f, 0x8d} (32 bytes)
> >
> >
> > In LibreSSL I use EVP_gostr341194(), and in libgcrypt I use
> GCRY_MD_GOSTR3411_94.
> >
>
> Libgcrypt digest GCRY_MD_GOSTR3411_CP gives same output as
> EVP_gostr341194(). Output from gchash:
>
> $ tests/gchash GOSTR3411_CP /dev/null
> 981e5f3ca30c841487830f84fb433e13ac1101569b9c13584ac483234cd656c0
> /dev/null
>
> CP in the digest name means CryptoPro parameters and appears those
> parameters are used by EVP_gostr341194().
>
> -Jussi
>