[openssl-dev] [openssl.org #4485] big number tests and Math::BigInt changes

Craig A. Berry via RT rt at openssl.org
Fri Mar 25 20:51:10 UTC 2016

I’ve seen test failures in a recent build from git master that look like:

Failed! -9494949494FAFFFFFFE0000000000000001111111164646464 / 4000000000000000000000000 - -25252525253EBFFFFFF8000000 => -0x1
Failed! -9494949494FAFFFFFFE0000000000000001111111164646464 / 8000000000000000000000000 - -12929292929F5FFFFFFC000000 => -0x1
Failed! -9494949494FAFFFFFFE0000000000000001111111164646464 / 10000000000000000000000000 - -9494949494FAFFFFFFE000000 => -0x1

    #   Failed test 'verify test BN_rshift'
    #   at [.recipes]10-test_bn.t line 55.

and it is BN_rshift, BN_div, and BN_div_recp that all fail this way (in other words. always big number division).  

Then I noticed that these failures don’t happen when I’m using Perl 5.22.1, but they do fail when I’m using a development snapshot of what will become Perl 5.24.0 in a month or two.  

And that in turn is because the development stream of Perl contains Math::BigInt 1.999701, which gives -0x1 as the result of the following test program, whereas the result was 0x0 (as expected by the OpenSSL test suite) with previous versions of Math::BigInt:

$ cat testcase.pl
use strict;
use warnings;

use Math::BigInt;

my $operand1 = Math::BigInt->from_hex('-F7C3C3DADA0000FFA028FFFFFFFF4CFF737300000000003E3E');
my $operand2 = Math::BigInt->from_hex('4');
my $operand3 = Math::BigInt->from_hex('-3DF0F0F6B680003FE80A3FFFFFFFD33FDCDCC0000000000F8F');

print $operand1->as_hex() . "\n";
exit ($operand1->as_hex() eq '0x0' ? 0 : 1);

I reported this to the Math::BigInt maintainer, who explains that the change fixes a bug in which, "The code did truncated division whereas the documentation said that floored division was used" and he changed the code to match the documentation.  See:


So, does the big number library in OpenSSL need a similar fix?

Or is there something about the test generation code in test/bntest.c that is doing truncated division unintentionally when it really means to be doing floored division?

Or is truncated division intentional and we now have a problem using Math::BigInt as a reference since that’s not what it does anymore?

Something else I’ve missed?

I don’t know the answers to those questions, but I would hate to see either OpenSSL 1.1.0 or Perl 5.24.0 considered duff releases because there are test failures when used in combination.

The above reproducer should be sensitive only to Math::BigInt version.  The environment where I first encountered the test failures was a default configuration of:

$ git describe


$ cc/vers
HP C V7.3-020 on OpenVMS IA64 V8.4

but I have also reproduced the test failures on OS X by just doing:

$ sudo cpan -i Math::BigInt

before building OpenSSL from a git checkout.

Craig A. Berry
mailto:craigberry at mac.com

"... getting out of a sonnet is much more
 difficult than getting in."
                 Brad Leithauser

Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4485
Please log in as guest with password guest if prompted

More information about the openssl-dev mailing list