1 files changed, 35 insertions, 24 deletions
diff --git a/recipes-support/nettle/nettle-2.7.1/CVE-2015-8803_8805.patch b/recipes-support/nettle/nettle-2.7.1/CVE-2015-8803_8805.patch
index a956f42..988f39e 100644
--- a/recipes-support/nettle/nettle-2.7.1/CVE-2015-8803_8805.patch
+++ b/recipes-support/nettle/nettle-2.7.1/CVE-2015-8803_8805.patch
@@ -1,3 +1,8 @@
+From f21b9f7b21067fa3630607cdc1663141b2735ae5 Mon Sep 17 00:00:00 2001
+From: Armin Kuster <akuster@mvista.com>
+Date: Thu, 2 Mar 2017 12:24:31 +0000
+Subject: [PATCH] Create meta-gplv2 from files from OE-Core
 Upstream-Status: Backport
 https://git.lysator.liu.se/nettle/nettle/commit/c71d2c9d20eeebb985e3872e4550137209e3ce4d
@@ -8,14 +13,36 @@ Same fix for both.
 Signed-off-by: Armin Kuster <akuster@mvista.com>
-Index: nettle-2.7.1/ecc-256.c
+---
-===================================================================
+ ChangeLog |  6 ++++++
--- nettle-2.7.1.orig/ecc-256.c
+ ecc-256.c | 23 ++++++++++++++++++-----
-+++ nettle-2.7.1/ecc-256.c
+ 2 files changed, 24 insertions(+), 5 deletions(-)
-@@ -96,9 +96,19 @@ ecc_256_modp (const struct ecc_curve *ec
+diff --git a/ChangeLog b/ChangeLog
+index 7b7854d..abdd974 100644
+--- a/ChangeLog
+++ b/ChangeLog
+@@ -1,3 +1,9 @@
+2015-12-10  Niels Möller  <nisse@lysator.liu.se>
+
+   * ecc-256.c (ecc_256_modp): Fixed carry propagation bug. Problem
+   reported by Hanno Böck.
+   (ecc_256_modq): Fixed another carry propagation bug.
+
+ 2013-05-28  Niels Möller  <nisse@lysator.liu.se>
+ 
+        * Released nettle-2.7.1.
+diff --git a/ecc-256.c b/ecc-256.c
+index 571cf73..7bee4c7 100644
+--- a/ecc-256.c
+++ b/ecc-256.c
+@@ -96,9 +96,19 @@ ecc_256_modp (const struct ecc_curve *ecc, mp_limb_t *rp)
       q2 += t + (q1 < t);
 
       assert (q2 < 2);
+-
+-      /* We multiply by two low limbs of p, 2^96 - 1, so we could use
+-        shifts rather than mul. */
 +      /*
 +   n-1 n-2 n-3 n-4
 +        +---+---+---+---+
@@ -25,16 +52,14 @@ Index: nettle-2.7.1/ecc-256.c
 +            +-------+---+
 +            |q2(2^.)|
 +            +-------+
- 
+
-      /* We multiply by two low limbs of p, 2^96 - 1, so we could use
-        shifts rather than mul. */
 +   We multiply by two low limbs of p, 2^96 - 1, so we could use
 +   shifts rather than mul.
 +      */
       t = mpn_submul_1 (rp + n - 4, ecc->p, 2, q1);
       t += cnd_sub_n (q2, rp + n - 3, ecc->p, 1);
       t += (-q2) & 0xffffffff;
-@@ -108,7 +118,10 @@ ecc_256_modp (const struct ecc_curve *ec
+@@ -108,7 +118,10 @@ ecc_256_modp (const struct ecc_curve *ecc, mp_limb_t *rp)
       u0 -= t;
       t = (u1 < cy);
       u1 -= cy;
@@ -46,7 +71,7 @@ Index: nettle-2.7.1/ecc-256.c
       u1 -= (-t) & 0xffffffff;
     }
   rp[2] = u0;
-@@ -195,7 +208,7 @@ ecc_256_modq (const struct ecc_curve *ec
+@@ -195,7 +208,7 @@ ecc_256_modq (const struct ecc_curve *ecc, mp_limb_t *rp)
 
       /* Conditional add of p */
       u1 += t;
@@ -55,17 +80,3 @@ Index: nettle-2.7.1/ecc-256.c
 
       t = cnd_add_n (t, rp + n - 4, ecc->q, 2);
       u1 += t;
-Index: nettle-2.7.1/ChangeLog
-===================================================================
--- nettle-2.7.1.orig/ChangeLog
-+++ nettle-2.7.1/ChangeLog
-@@ -1,3 +1,9 @@
-+2015-12-10  Niels Möller  <nisse@lysator.liu.se>
-+
-+   * ecc-256.c (ecc_256_modp): Fixed carry propagation bug. Problem
-+   reported by Hanno Böck.
-+   (ecc_256_modq): Fixed another carry propagation bug.
-+
- 2013-05-28  Niels Möller  <nisse@lysator.liu.se>
- 
-        * Released nettle-2.7.1.

diff --git a/recipes-support/nettle/nettle-2.7.1/CVE-2015-8803_8805.patch b/recipes-support/nettle/nettle-2.7.1/CVE-2015-8803_8805.patch index a956f42..988f39e 100644 --- a/recipes-support/nettle/nettle-2.7.1/CVE-2015-8803_8805.patch +++ b/recipes-support/nettle/nettle-2.7.1/CVE-2015-8803_8805.patch
@@ -1,3 +1,8 @@
		1	From f21b9f7b21067fa3630607cdc1663141b2735ae5 Mon Sep 17 00:00:00 2001
		2	From: Armin Kuster <akuster@mvista.com>
		3	Date: Thu, 2 Mar 2017 12:24:31 +0000
		4	Subject: [PATCH] Create meta-gplv2 from files from OE-Core
		5
1	Upstream-Status: Backport	6	Upstream-Status: Backport
2	https://git.lysator.liu.se/nettle/nettle/commit/c71d2c9d20eeebb985e3872e4550137209e3ce4d	7	https://git.lysator.liu.se/nettle/nettle/commit/c71d2c9d20eeebb985e3872e4550137209e3ce4d
3		8
@@ -8,14 +13,36 @@ Same fix for both.
8		13
9	Signed-off-by: Armin Kuster <akuster@mvista.com>	14	Signed-off-by: Armin Kuster <akuster@mvista.com>
10		15
11	Index: nettle-2.7.1/ecc-256.c	16	---
12	===================================================================	17	ChangeLog \| 6 ++++++
13	--- nettle-2.7.1.orig/ecc-256.c	18	ecc-256.c \| 23 ++++++++++++++++++-----
14	+++ nettle-2.7.1/ecc-256.c	19	2 files changed, 24 insertions(+), 5 deletions(-)
15	@@ -96,9 +96,19 @@ ecc_256_modp (const struct ecc_curve *ec	20
		21	diff --git a/ChangeLog b/ChangeLog
		22	index 7b7854d..abdd974 100644
		23	--- a/ChangeLog
		24	+++ b/ChangeLog
		25	@@ -1,3 +1,9 @@
		26	+2015-12-10 Niels Möller <nisse@lysator.liu.se>
		27	+
		28	+ * ecc-256.c (ecc_256_modp): Fixed carry propagation bug. Problem
		29	+ reported by Hanno Böck.
		30	+ (ecc_256_modq): Fixed another carry propagation bug.
		31	+
		32	2013-05-28 Niels Möller <nisse@lysator.liu.se>
		33
		34	* Released nettle-2.7.1.
		35	diff --git a/ecc-256.c b/ecc-256.c
		36	index 571cf73..7bee4c7 100644
		37	--- a/ecc-256.c
		38	+++ b/ecc-256.c
		39	@@ -96,9 +96,19 @@ ecc_256_modp (const struct ecc_curve ecc, mp_limb_t rp)
16	q2 += t + (q1 < t);	40	q2 += t + (q1 < t);
17		41
18	assert (q2 < 2);	42	assert (q2 < 2);
		43	-
		44	- /* We multiply by two low limbs of p, 2^96 - 1, so we could use
		45	- shifts rather than mul. */
19	+ /*	46	+ /*
20	+ n-1 n-2 n-3 n-4	47	+ n-1 n-2 n-3 n-4
21	+ +---+---+---+---+	48	+ +---+---+---+---+
@@ -25,16 +52,14 @@ Index: nettle-2.7.1/ecc-256.c
25	+ +-------+---+	52	+ +-------+---+
26	+ \|q2(2^.)\|	53	+ \|q2(2^.)\|
27	+ +-------+	54	+ +-------+
28		55	+
29	- /* We multiply by two low limbs of p, 2^96 - 1, so we could use
30	- shifts rather than mul. */
31	+ We multiply by two low limbs of p, 2^96 - 1, so we could use	56	+ We multiply by two low limbs of p, 2^96 - 1, so we could use
32	+ shifts rather than mul.	57	+ shifts rather than mul.
33	+ */	58	+ */
34	t = mpn_submul_1 (rp + n - 4, ecc->p, 2, q1);	59	t = mpn_submul_1 (rp + n - 4, ecc->p, 2, q1);
35	t += cnd_sub_n (q2, rp + n - 3, ecc->p, 1);	60	t += cnd_sub_n (q2, rp + n - 3, ecc->p, 1);
36	t += (-q2) & 0xffffffff;	61	t += (-q2) & 0xffffffff;
37	@@ -108,7 +118,10 @@ ecc_256_modp (const struct ecc_curve *ec	62	@@ -108,7 +118,10 @@ ecc_256_modp (const struct ecc_curve ecc, mp_limb_t rp)
38	u0 -= t;	63	u0 -= t;
39	t = (u1 < cy);	64	t = (u1 < cy);
40	u1 -= cy;	65	u1 -= cy;
@@ -46,7 +71,7 @@ Index: nettle-2.7.1/ecc-256.c
46	u1 -= (-t) & 0xffffffff;	71	u1 -= (-t) & 0xffffffff;
47	}	72	}
48	rp[2] = u0;	73	rp[2] = u0;
49	@@ -195,7 +208,7 @@ ecc_256_modq (const struct ecc_curve *ec	74	@@ -195,7 +208,7 @@ ecc_256_modq (const struct ecc_curve ecc, mp_limb_t rp)
50		75
51	/* Conditional add of p */	76	/* Conditional add of p */
52	u1 += t;	77	u1 += t;
@@ -55,17 +80,3 @@ Index: nettle-2.7.1/ecc-256.c
55		80
56	t = cnd_add_n (t, rp + n - 4, ecc->q, 2);	81	t = cnd_add_n (t, rp + n - 4, ecc->q, 2);
57	u1 += t;	82	u1 += t;
58	Index: nettle-2.7.1/ChangeLog
59	===================================================================
60	--- nettle-2.7.1.orig/ChangeLog
61	+++ nettle-2.7.1/ChangeLog
62	@@ -1,3 +1,9 @@
63	+2015-12-10 Niels Möller <nisse@lysator.liu.se>
64	+
65	+ * ecc-256.c (ecc_256_modp): Fixed carry propagation bug. Problem
66	+ reported by Hanno Böck.
67	+ (ecc_256_modq): Fixed another carry propagation bug.
68	+
69	2013-05-28 Niels Möller <nisse@lysator.liu.se>
70
71	* Released nettle-2.7.1.