Hash mismatch when SSHing to dropbear server

Hans-Christian Egtvedt hcegtvedt at atmel.com
Fri Oct 20 20:25:35 WST 2006

Hans-Christian Egtvedt wrote:
> Matt Johnston wrote:
>> On Tue, Aug 08, 2006 at 10:59:15AM +0200, Hans-Christian Egtvedt wrote:

<cut link to test application>

>> I've put what I see as dump2.gz, it should be the same as
>> you see on the workstation (at least for the calculations).
>> For debugging, I'd compare the two traces (avr versus x86)
>> using vimdiff or something similar. Find the first point
>> where they begin to differ in their numeric output (the
>> big-numbers printed etc), and then add more debugging
>> statements before and after that to narrow down the point
>> where they start to differ. (Note that some of the
>> hexadecimal output will differ with endianness, those should
>> be marked).
> I looked in your dump2-ppc vs. dump2, and found that in my x86 vs avr32
> I have something faulty with the lines below:
> X86
> mp_int mp_exptmod_fast X:
> 57177274837176085710416002504255433114092271661685833986820045309615224297446777341551735779854568082929739086299104916069027366371956577873538725199184070295968371188748133537718214011550432576681564852689543774176794595038388421094953024485861852872341010938808415634567578860387138830446329229275810102561
> AVR32
> mp_int mp_exptmod_fast X:
> 26144629297143774191971619660891134373249478019090098695819374263386738314451768455401121680453697629379694697503955208976597983567979834942305834318644583895981375065787344042040457278746854017585464708420108154208341890971865764261601653839167444443692604372044120220262714803272834772806762057598126328370
>> Have a look at libtommath/bn_mp_exptmod_fast.c for how I've
>> added the debugging output there - it requires the extra
>> #include up the top, and order of includes does matter.
> I'll have a look inside here to see what I find :)

<snip logs>

And then I have found the problem, and the solution.

The avr32-linux-gcc compiler had a wrong implementation of the ror and
rol functions. And the uClibc library had a bug in memcmp function.

After these were corrected dropbear and dbclient is working nicely :)

Thank you for the help with debugging.

If there are any AVR32-users who need these patches, drop me an email.

With kind regards,

Hans-Christian Egtvedt
Applications Engineer - AVR Applications Lab

