Possible flaw in MPI code w.r.t. sign flag

Heiko Stamer HeikoStamer at gmx.net
Fri May 10 21:00:25 CEST 2019


Hey developers,

during my tests I discovered IMHO a small flaw in libgcrypt's MPI code.

It seems that for zero the handling of the sign flag leads to some
trouble with comparison functions. Consider the following example:

gcry_mpi_t a = gcry_mpi_new(1), b = gcry_mpi_new(1);
gcry_mpi_set_ui(a, 42UL), gcry_mpi_set_ui(b, 42UL); // a = +42, b = +42
gcry_mpi_neg(a, a), gcry_mpi_neg(b, b); // a = -42, b = -42
gcry_mpi_sub(a, a, b); // a = -0, b = -42
gcry_mpi_set_ui(b, 0UL); // a = -0, b = +0
assert(gcry_mpi_cmp(a, b)); // SHOULD be 0, but returns -1
gcry_mpi_release(a), gcry_mpi_release(b);

Any suggestions?

--
Heiko



More information about the Gcrypt-devel mailing list