1 files changed, 0 insertions, 54 deletions
diff --git a/recipes-connectivity/openssl/openssl/CVE-2016-2178.patch b/recipes-connectivity/openssl/openssl/CVE-2016-2178.patch
deleted file mode 100644
index 07b1310..0000000
--- a/recipes-connectivity/openssl/openssl/CVE-2016-2178.patch
+++ /dev/null
@@ -1,54 +0,0 @@
-From 621eaf49a289bfac26d4cbcdb7396e796784c534 Mon Sep 17 00:00:00 2001
-From: Cesar Pereida <cesar.pereida@aalto.fi>
-Date: Mon, 23 May 2016 12:45:25 +0300
-Subject: [PATCH] Fix DSA, preserve BN_FLG_CONSTTIME
-Operations in the DSA signing algorithm should run in constant time in
-order to avoid side channel attacks. A flaw in the OpenSSL DSA
-implementation means that a non-constant time codepath is followed for
-certain operations. This has been demonstrated through a cache-timing
-attack to be sufficient for an attacker to recover the private DSA key.
-CVE-2016-2178
-Reviewed-by: Richard Levitte <levitte@openssl.org>
-Reviewed-by: Matt Caswell <matt@openssl.org>
-Upstream-Status: Backport
-CVE: CVE-2016-2178
-Signed-off-by: Armin Kuster <akuster@mvista.com>
---
- crypto/dsa/dsa_ossl.c | 6 +++---
- 1 file changed, 3 insertions(+), 3 deletions(-)
-diff --git a/crypto/dsa/dsa_ossl.c b/crypto/dsa/dsa_ossl.c
-index efc4f1b..b29eb4b 100644
--- a/crypto/dsa/dsa_ossl.c
-+++ b/crypto/dsa/dsa_ossl.c
-@@ -248,9 +248,6 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
-         if (!BN_rand_range(&k, dsa->q))
-             goto err;
-     while (BN_is_zero(&k)) ;
-    if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0) {
-        BN_set_flags(&k, BN_FLG_CONSTTIME);
-    }
- 
-     if (dsa->flags & DSA_FLAG_CACHE_MONT_P) {
-         if (!BN_MONT_CTX_set_locked(&dsa->method_mont_p,
-@@ -279,9 +276,12 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp,
-         }
- 
-         K = &kq;
-+
-+        BN_set_flags(K, BN_FLG_CONSTTIME);
-     } else {
-         K = &k;
-     }
-+
-     DSA_BN_MOD_EXP(goto err, dsa, r, dsa->g, K, dsa->p, ctx,
-                    dsa->method_mont_p);
-     if (!BN_mod(r, r, dsa->q, ctx))
-- 
-2.7.4

diff --git a/recipes-connectivity/openssl/openssl/CVE-2016-2178.patch b/recipes-connectivity/openssl/openssl/CVE-2016-2178.patch deleted file mode 100644 index 07b1310..0000000 --- a/recipes-connectivity/openssl/openssl/CVE-2016-2178.patch +++ /dev/null
@@ -1,54 +0,0 @@
1	From 621eaf49a289bfac26d4cbcdb7396e796784c534 Mon Sep 17 00:00:00 2001
2	From: Cesar Pereida <cesar.pereida@aalto.fi>
3	Date: Mon, 23 May 2016 12:45:25 +0300
4	Subject: [PATCH] Fix DSA, preserve BN_FLG_CONSTTIME
5
6	Operations in the DSA signing algorithm should run in constant time in
7	order to avoid side channel attacks. A flaw in the OpenSSL DSA
8	implementation means that a non-constant time codepath is followed for
9	certain operations. This has been demonstrated through a cache-timing
10	attack to be sufficient for an attacker to recover the private DSA key.
11
12	CVE-2016-2178
13
14	Reviewed-by: Richard Levitte <levitte@openssl.org>
15	Reviewed-by: Matt Caswell <matt@openssl.org>
16
17	Upstream-Status: Backport
18	CVE: CVE-2016-2178
19	Signed-off-by: Armin Kuster <akuster@mvista.com>
20
21	---
22	crypto/dsa/dsa_ossl.c \| 6 +++---
23	1 file changed, 3 insertions(+), 3 deletions(-)
24
25	diff --git a/crypto/dsa/dsa_ossl.c b/crypto/dsa/dsa_ossl.c
26	index efc4f1b..b29eb4b 100644
27	--- a/crypto/dsa/dsa_ossl.c
28	+++ b/crypto/dsa/dsa_ossl.c
29	@@ -248,9 +248,6 @@ static int dsa_sign_setup(DSA dsa, BN_CTX ctx_in, BIGNUM **kinvp,
30	if (!BN_rand_range(&k, dsa->q))
31	goto err;
32	while (BN_is_zero(&k)) ;
33	- if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0) {
34	- BN_set_flags(&k, BN_FLG_CONSTTIME);
35	- }
36
37	if (dsa->flags & DSA_FLAG_CACHE_MONT_P) {
38	if (!BN_MONT_CTX_set_locked(&dsa->method_mont_p,
39	@@ -279,9 +276,12 @@ static int dsa_sign_setup(DSA dsa, BN_CTX ctx_in, BIGNUM **kinvp,
40	}
41
42	K = &kq;
43	+
44	+ BN_set_flags(K, BN_FLG_CONSTTIME);
45	} else {
46	K = &k;
47	}
48	+
49	DSA_BN_MOD_EXP(goto err, dsa, r, dsa->g, K, dsa->p, ctx,
50	dsa->method_mont_p);
51	if (!BN_mod(r, r, dsa->q, ctx))
52	--
53	2.7.4
54