Hi Jeffrey, Yes, version commit is 8fa8ec9913ccd2ce44f71014322ddb7e198fef68 from yesterday. It used to work before
Regression range is Cryptopp: b3eb4c6a690d6dfb342856f2a66a71dcec8c429b:a01711e347df30a994609537ce9be2926a366a44 Regards, Philippe > Le 26 août 2019 à 22:08, Jeffrey Walton <[email protected]> a écrit : > > On Mon, Aug 26, 2019 at 2:30 PM Philippe Antoine > <[email protected]> wrote: >> >> My same is Philippe Antoine. >> I have been doing differential fuzzing about elliptic curve cryptography >> with different libraries including cryptopp. >> >> On August the 6th, oss-fuzz found the first regression after about one year. >> I think this is dut to commit >> https://github.com/weidai11/cryptopp/commit/c9ef9420e762b91cc06463d349cf06e04c749b9d >> >> My output is the following >> > point=04202020202020ffffff2020202020200020ffffffff20202020ff20ff20ff200104c8423eb699c3ace2e623855cb9238cb43971464f4b6686765c46ed4ce035dc >> > bignum=000000000000000000000000000000000000000000000000000000000000000a >> > mbedlts:045de6bae41907dbe3f0aa32b272add6b92fb2b79fdc49af35fb844be1c4c629e899295109c41cfe76a9c06c23d95b2d4be3b6f61a476acf1a67a0d848abba89e1 >> > libecc:045de6bae41907dbe3f0aa32b272add6b92fb2b79fdc49af35fb844be1c4c629e899295109c41cfe76a9c06c23d95b2d4be3b6f61a476acf1a67a0d848abba89e1 >> > libecc:045de6bae41907dbe3f0aa32b272add6b92fb2b79fdc49af35fb844be1c4c629e899295109c41cfe76a9c06c23d95b2d4be3b6f61a476acf1a67a0d848abba89e1 >> > openssl:045de6bae41907dbe3f0aa32b272add6b92fb2b79fdc49af35fb844be1c4c629e899295109c41cfe76a9c06c23d95b2d4be3b6f61a476acf1a67a0d848abba89e1 >> > gcrypt:045de6bae41907dbe3f0aa32b272add6b92fb2b79fdc49af35fb844be1c4c629e899295109c41cfe76a9c06c23d95b2d4be3b6f61a476acf1a67a0d848abba89e1 >> > cryptopp:0407f16bad8b16f5441f1a15f8e7eca364d97bb3a3c09b320bb9807ee26857b66f882ba526e55ebbf22342ae5a0186ed0ca1db8870fd001c63ae36dc72ee15f6e7 >> >> That means when I multiply by 10 the point on the curve brainpoolP256r1 >> >> x = 202020202020ffffff2020202020200020ffffffff20202020ff20ff20ff2001 >> >> y = 04c8423eb699c3ace2e623855cb9238cb43971464f4b6686765c46ed4ce035dc >> >> I get a different result than all the other libraries >> >> I will look into it a bit more, but I already wanted to let you know this... > > Thanks Philippe. > > Yeah, that's not good. Does your test include a fresh check-out and > build of the Crypto++ library? > > Jeff -- You received this message because you are subscribed to "Crypto++ Users". More information about Crypto++ and this group is available at http://www.cryptopp.com and http://groups.google.com/forum/#!forum/cryptopp-users. --- You received this message because you are subscribed to the Google Groups "Crypto++ Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/cryptopp-users/6FF181DB-7E96-4163-8F70-4BC1C2139B2E%40catenacyber.fr.
smime.p7s
Description: S/MIME cryptographic signature
