FW: BN_mod_exp() issue

[Amritha Thorath <AThorath@xxxxxxxxxx>]

 

 

Thanks,	Amritha Thorath Cryptographic Software Developer
	O: 703-267-6050 x 119
	E: athorath@xxxxxxxxxx
	Website | Blog | Facebook | Twitter | LinkedIn
	Opening Markets Through Security Certifications

 

 

From: Amritha Thorath
Sent: Monday, July 15, 2019 10:34 AM
To: 'openssl-users@xxxxxxxxxxx' <openssl-users@xxxxxxxxxxx>
Subject: BN_mod_exp() issue

 

Hi,

 

I’m trying to implement RSA decryption primitive (Refer https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Br2.pdf; section 7.1.2.1) using OpenSSL.

I’ve tried to implement in the same manner shown in some testcases (https://github.com/openssl/openssl/blob/master/test/bntest.c).

From the documentation, it is evident that message m can be generated with the below equation:

m = (c^d) mod n

I use BN_mod_exp() to do this. My values for N, D and C are shown below:

N : bff722714050aebb23a9bd018c3e9ba26a47f53816eeac7e10543958702d9265c8d67784fe03c07bfceac05e7f2a434971dfa2a5ea461893450ced52fcb3f143a85fb3a9194417ff220258840a3359a104079ccd201afec091bab6587d4cfe0b95bba34ef74a70b392a92a93f026c9bed41eb4ec80452492a2ad524e6b0333c5787b34ee941829020bb75ee5dd216b3734823ddd547d50f8a7e711f8a24fd7dbc0bd2f062ccaba98cdbf62c15d2521b39ce44c53125604493e482ae35f945c4efff1d01414b0aad33de77b020ea4aedf3d88171fe51b22881bc70c639f8b6f1b5a70ed39aa121a8f44887dcbbfce29e1e508d1b0f0666693b476d81faa6a18bd

 

D : a13aec8eba3a09c7dc18404b0083c52c10a00771e8b0e5e7abc751b2d9e52cc4987ea93be62d3889eacf306b2ddb4d506e782a9fb7b8d0034147ae3cb94a59253e51c3100fcc856b2021603ee66262b13e3536998291a9ce0b980a7720267e693485b890265b3b75578505e1e31e70ebfa3520385333bf97f9522183039658efd9b09fc0bd67a7d3c32e23adada71320ada2135f1d06a9144033ff9e0037a3b7ed1f5729b6db5f02470ecdde9eb2d97c759c73d13889bae550ab97205b67ce2f91eefb487f18c19bc6dd8831a43b0d699c771e1a9c55a1d5d2ae975691789b5c0a814c4f5e3d6a8e9e5f75419194b2d7dfe06700f6891cae8b712b3af1f9ec71

 

C : 534d1f57d948cac580b88b922bc47bc3d64c8cd1262bbf0944b99833ec94d072c1a1496be44d47a9c419dc403855a4b1cb2bb30e56e0cc5fd557d34373d785dbe70d67e30355fc228a353b05432a40874ba84253af5cc52d3ab4118e8ca1e28e6c9c610760e753f87a15912774ccb80b00ca21e85926143c1ed8385a607c4e55fa531f1f208bb3f23bc0c4eff4c272068f9939157bc61f5427cc32f017ef31f6363c8a736ec984da763ebea5eb94d83fa31d70223ec5503cfd97e598d883f43aca5e884b702a2f76d298659181cb5180e25faf56c9aa0ebe49413b9acbbefde95ec102ee4e351a8ff8d5a3fbdcee448ff466dffb45fdc0a0b3d31b3d192bb5cb

 

I keep getting a seg fault and I’m not sure why. My code and the error are shown below:

 

Code:

 

          BIGNUM *m = NULL, *n = NULL, *d = NULL, *c = NULL;

          int isValid = -1;

 

          n = BN_bin2bn(N, 256, n);

          d = BN_bin2bn(D, 256, d);

          c = BN_bin2bn(ciphertext, 256, d);

 

          if (c == NULL || n == NULL || d == NULL)

                    printf("\n\nC,N,D is NULL, BN_bin2bn() failed!!\n\n");

  

          isValid = BN_mod_exp(m, c, d, n, NULL);

         

          BN_free(n); BN_free(d); BN_free(c); BN_free(m);

 

The error is :

 

Program received signal SIGSEGV, Segmentation fault.

0x00007ffff792fd39 in fips_bn_ctx_start (ctx=0x0) at bn_ctx.c:261

261             if(ctx->err_stack || ctx->too_many)

(gdb) bt

#0  0x00007ffff792fd39 in fips_bn_ctx_start (ctx=0x0) at bn_ctx.c:261

#1  0x00007ffff7932a55 in fips_bn_mod_exp_mont (rr=0x0, a=0x6a9b30, p=0x6a9b30, m=0x6a99c0, ctx=0x0, in_mont=0x0) at bn_exp.c:417

#2  0x00007ffff79320f0 in fips_bn_mod_exp (r=0x0, a=0x6a9b30, p=0x6a9b30, m=0x6a99c0, ctx=0x0) at bn_exp.c:237

Thanks,	Amritha Thorath Cryptographic Software Developer
	O: 703-267-6050 x 119
	E: athorath@xxxxxxxxxx
	Website | Blog | Facebook | Twitter | LinkedIn
	Opening Markets Through Security Certifications