Bug in internal function is_prime() from cipher/primegen.c

Werner Koch wk at gnupg.org
Sat Apr 28 18:37:43 CEST 2018

On Fri, 27 Apr 2018 18:38, HeikoStamer at gmx.net said:

> I guess the second part of the assertion is triggered, because the
> internal function _gcry_mpi_randomize() and the following lines does not
> prevent that x is 0 or 1. Right?


> If the checked mpi is a small number (say 65537), then it is more likely
> that this happens. I am not sure whether this bug has any serious
> security implications (e.g. DoS attacks), however, it should be fixed

I don't think that this is a security problem.  In fact an assert is
there to prevent this ;-).

What do you think of the attached fix?



#  Please read:  Daniel Ellsberg - The Doomsday Machine  #
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-prime-Avoid-rare-assertion-failure-in-gcry_prime_che.patch
Type: text/x-diff
Size: 2282 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gcrypt-devel/attachments/20180428/f27b4179/attachment.patch>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gcrypt-devel/attachments/20180428/f27b4179/attachment.sig>

More information about the Gcrypt-devel mailing list