GOST-R-34.11-94 output difference between LibreSSL and libgcrypt
Jussi Kivilinna
jussi.kivilinna at iki.fi
Sat May 18 05:46:01 CEST 2019
Hello,
On 17.5.2019 19.00, Guido Vranken wrote:
> OSS-Fuzz recently found a new bug. Cryptofuzz always abort()s at the same place if it detects mismatching results, and this confuses OSS-Fuzz, thinking that multiple distinct bugs are the same bug. This is why nobody got an e-mail about it.
>
> But about the bug:
>
> https://oss-fuzz.com/testcase-detail/5651343798173696
>
>
> Operation:
> operation name: Digest
> digest: GOST-R-34.11-94
> cleartext: {}
>
> Module OpenSSL result:
>
> {0x98, 0x1e, 0x5f, 0x3c, 0xa3, 0x0c, 0x84, 0x14, 0x87, 0x83, 0x0f, 0x84, 0xfb, 0x43, 0x3e, 0x13,
> 0xac, 0x11, 0x01, 0x56, 0x9b, 0x9c, 0x13, 0x58, 0x4a, 0xc4, 0x83, 0x23, 0x4c, 0xd6, 0x56, 0xc0} (32 bytes)
>
> Module libgcrypt result:
>
> {0xce, 0x85, 0xb9, 0x9c, 0xc4, 0x67, 0x52, 0xff, 0xfe, 0xe3, 0x5c, 0xab, 0x9a, 0x7b, 0x02, 0x78,
> 0xab, 0xb4, 0xc2, 0xd2, 0x05, 0x5c, 0xff, 0x68, 0x5a, 0xf4, 0x91, 0x2c, 0x49, 0x49, 0x0f, 0x8d} (32 bytes)
>
>
> In LibreSSL I use EVP_gostr341194(), and in libgcrypt I use GCRY_MD_GOSTR3411_94.
>
Libgcrypt digest GCRY_MD_GOSTR3411_CP gives same output as EVP_gostr341194(). Output from gchash:
$ tests/gchash GOSTR3411_CP /dev/null
981e5f3ca30c841487830f84fb433e13ac1101569b9c13584ac483234cd656c0 /dev/null
CP in the digest name means CryptoPro parameters and appears those parameters are used by EVP_gostr341194().
-Jussi
More information about the Gcrypt-devel
mailing list