diff options
Diffstat (limited to 'recipes-support/nettle/nettle-2.7.1/CVE-2015-8803_8805.patch')
-rw-r--r-- | recipes-support/nettle/nettle-2.7.1/CVE-2015-8803_8805.patch | 59 |
1 files changed, 35 insertions, 24 deletions
diff --git a/recipes-support/nettle/nettle-2.7.1/CVE-2015-8803_8805.patch b/recipes-support/nettle/nettle-2.7.1/CVE-2015-8803_8805.patch index a956f42..988f39e 100644 --- a/recipes-support/nettle/nettle-2.7.1/CVE-2015-8803_8805.patch +++ b/recipes-support/nettle/nettle-2.7.1/CVE-2015-8803_8805.patch | |||
@@ -1,3 +1,8 @@ | |||
1 | From f21b9f7b21067fa3630607cdc1663141b2735ae5 Mon Sep 17 00:00:00 2001 | ||
2 | From: Armin Kuster <akuster@mvista.com> | ||
3 | Date: Thu, 2 Mar 2017 12:24:31 +0000 | ||
4 | Subject: [PATCH] Create meta-gplv2 from files from OE-Core | ||
5 | |||
1 | Upstream-Status: Backport | 6 | Upstream-Status: Backport |
2 | https://git.lysator.liu.se/nettle/nettle/commit/c71d2c9d20eeebb985e3872e4550137209e3ce4d | 7 | https://git.lysator.liu.se/nettle/nettle/commit/c71d2c9d20eeebb985e3872e4550137209e3ce4d |
3 | 8 | ||
@@ -8,14 +13,36 @@ Same fix for both. | |||
8 | 13 | ||
9 | Signed-off-by: Armin Kuster <akuster@mvista.com> | 14 | Signed-off-by: Armin Kuster <akuster@mvista.com> |
10 | 15 | ||
11 | Index: nettle-2.7.1/ecc-256.c | 16 | --- |
12 | =================================================================== | 17 | ChangeLog | 6 ++++++ |
13 | --- nettle-2.7.1.orig/ecc-256.c | 18 | ecc-256.c | 23 ++++++++++++++++++----- |
14 | +++ nettle-2.7.1/ecc-256.c | 19 | 2 files changed, 24 insertions(+), 5 deletions(-) |
15 | @@ -96,9 +96,19 @@ ecc_256_modp (const struct ecc_curve *ec | 20 | |
21 | diff --git a/ChangeLog b/ChangeLog | ||
22 | index 7b7854d..abdd974 100644 | ||
23 | --- a/ChangeLog | ||
24 | +++ b/ChangeLog | ||
25 | @@ -1,3 +1,9 @@ | ||
26 | +2015-12-10 Niels Möller <nisse@lysator.liu.se> | ||
27 | + | ||
28 | + * ecc-256.c (ecc_256_modp): Fixed carry propagation bug. Problem | ||
29 | + reported by Hanno Böck. | ||
30 | + (ecc_256_modq): Fixed another carry propagation bug. | ||
31 | + | ||
32 | 2013-05-28 Niels Möller <nisse@lysator.liu.se> | ||
33 | |||
34 | * Released nettle-2.7.1. | ||
35 | diff --git a/ecc-256.c b/ecc-256.c | ||
36 | index 571cf73..7bee4c7 100644 | ||
37 | --- a/ecc-256.c | ||
38 | +++ b/ecc-256.c | ||
39 | @@ -96,9 +96,19 @@ ecc_256_modp (const struct ecc_curve *ecc, mp_limb_t *rp) | ||
16 | q2 += t + (q1 < t); | 40 | q2 += t + (q1 < t); |
17 | 41 | ||
18 | assert (q2 < 2); | 42 | assert (q2 < 2); |
43 | - | ||
44 | - /* We multiply by two low limbs of p, 2^96 - 1, so we could use | ||
45 | - shifts rather than mul. */ | ||
19 | + /* | 46 | + /* |
20 | + n-1 n-2 n-3 n-4 | 47 | + n-1 n-2 n-3 n-4 |
21 | + +---+---+---+---+ | 48 | + +---+---+---+---+ |
@@ -25,16 +52,14 @@ Index: nettle-2.7.1/ecc-256.c | |||
25 | + +-------+---+ | 52 | + +-------+---+ |
26 | + |q2(2^.)| | 53 | + |q2(2^.)| |
27 | + +-------+ | 54 | + +-------+ |
28 | 55 | + | |
29 | - /* We multiply by two low limbs of p, 2^96 - 1, so we could use | ||
30 | - shifts rather than mul. */ | ||
31 | + We multiply by two low limbs of p, 2^96 - 1, so we could use | 56 | + We multiply by two low limbs of p, 2^96 - 1, so we could use |
32 | + shifts rather than mul. | 57 | + shifts rather than mul. |
33 | + */ | 58 | + */ |
34 | t = mpn_submul_1 (rp + n - 4, ecc->p, 2, q1); | 59 | t = mpn_submul_1 (rp + n - 4, ecc->p, 2, q1); |
35 | t += cnd_sub_n (q2, rp + n - 3, ecc->p, 1); | 60 | t += cnd_sub_n (q2, rp + n - 3, ecc->p, 1); |
36 | t += (-q2) & 0xffffffff; | 61 | t += (-q2) & 0xffffffff; |
37 | @@ -108,7 +118,10 @@ ecc_256_modp (const struct ecc_curve *ec | 62 | @@ -108,7 +118,10 @@ ecc_256_modp (const struct ecc_curve *ecc, mp_limb_t *rp) |
38 | u0 -= t; | 63 | u0 -= t; |
39 | t = (u1 < cy); | 64 | t = (u1 < cy); |
40 | u1 -= cy; | 65 | u1 -= cy; |
@@ -46,7 +71,7 @@ Index: nettle-2.7.1/ecc-256.c | |||
46 | u1 -= (-t) & 0xffffffff; | 71 | u1 -= (-t) & 0xffffffff; |
47 | } | 72 | } |
48 | rp[2] = u0; | 73 | rp[2] = u0; |
49 | @@ -195,7 +208,7 @@ ecc_256_modq (const struct ecc_curve *ec | 74 | @@ -195,7 +208,7 @@ ecc_256_modq (const struct ecc_curve *ecc, mp_limb_t *rp) |
50 | 75 | ||
51 | /* Conditional add of p */ | 76 | /* Conditional add of p */ |
52 | u1 += t; | 77 | u1 += t; |
@@ -55,17 +80,3 @@ Index: nettle-2.7.1/ecc-256.c | |||
55 | 80 | ||
56 | t = cnd_add_n (t, rp + n - 4, ecc->q, 2); | 81 | t = cnd_add_n (t, rp + n - 4, ecc->q, 2); |
57 | u1 += t; | 82 | u1 += t; |
58 | Index: nettle-2.7.1/ChangeLog | ||
59 | =================================================================== | ||
60 | --- nettle-2.7.1.orig/ChangeLog | ||
61 | +++ nettle-2.7.1/ChangeLog | ||
62 | @@ -1,3 +1,9 @@ | ||
63 | +2015-12-10 Niels Möller <nisse@lysator.liu.se> | ||
64 | + | ||
65 | + * ecc-256.c (ecc_256_modp): Fixed carry propagation bug. Problem | ||
66 | + reported by Hanno Böck. | ||
67 | + (ecc_256_modq): Fixed another carry propagation bug. | ||
68 | + | ||
69 | 2013-05-28 Niels Möller <nisse@lysator.liu.se> | ||
70 | |||
71 | * Released nettle-2.7.1. | ||