summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorArmin Kuster <akuster@mvista.com>2016-07-16 16:04:12 -0700
committerRichard Purdie <richard.purdie@linuxfoundation.org>2016-07-20 10:28:51 +0100
commitc0dbed63c6f1d7ac758672f20489ffaea3736758 (patch)
tree8a1613878d73f4c6e640c84e571ea8758d2de944
parent03f6074ad4027e87abac34c189069d26e5d6a86b (diff)
downloadpoky-c0dbed63c6f1d7ac758672f20489ffaea3736758.tar.gz
openssl: Security fix CVE-2016-2178
affects openssl <= 1.0.2h CVSS v2 Base Score: 2.1 LOW (From OE-Core rev: 5b3df0c5e8885ea34f66b41fcf209a9960fbbf5e) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r--meta/recipes-connectivity/openssl/openssl/CVE-2016-2178.patch51
-rw-r--r--meta/recipes-connectivity/openssl/openssl_1.0.2h.bb1
2 files changed, 52 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2016-2178.patch b/meta/recipes-connectivity/openssl/openssl/CVE-2016-2178.patch
new file mode 100644
index 0000000000..27ade4e7d2
--- /dev/null
+++ b/meta/recipes-connectivity/openssl/openssl/CVE-2016-2178.patch
@@ -0,0 +1,51 @@
1From 399944622df7bd81af62e67ea967c470534090e2 Mon Sep 17 00:00:00 2001
2From: Cesar Pereida <cesar.pereida@aalto.fi>
3Date: Mon, 23 May 2016 12:45:25 +0300
4Subject: [PATCH] Fix DSA, preserve BN_FLG_CONSTTIME
5
6Operations in the DSA signing algorithm should run in constant time in
7order to avoid side channel attacks. A flaw in the OpenSSL DSA
8implementation means that a non-constant time codepath is followed for
9certain operations. This has been demonstrated through a cache-timing
10attack to be sufficient for an attacker to recover the private DSA key.
11
12CVE-2016-2178
13
14Reviewed-by: Richard Levitte <levitte@openssl.org>
15Reviewed-by: Matt Caswell <matt@openssl.org>
16
17Upstream-Status: Backport
18CVE: CVE-2016-2178
19
20Signed-off-by: Armin Kuster <akuster@mvista.com>
21
22---
23 crypto/dsa/dsa_ossl.c | 9 +++++----
24 1 file changed, 5 insertions(+), 4 deletions(-)
25
26Index: openssl-1.0.2h/crypto/dsa/dsa_ossl.c
27===================================================================
28--- openssl-1.0.2h.orig/crypto/dsa/dsa_ossl.c
29+++ openssl-1.0.2h/crypto/dsa/dsa_ossl.c
30@@ -248,9 +248,6 @@ static int dsa_sign_setup(DSA *dsa, BN_C
31 if (!BN_rand_range(&k, dsa->q))
32 goto err;
33 while (BN_is_zero(&k)) ;
34- if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0) {
35- BN_set_flags(&k, BN_FLG_CONSTTIME);
36- }
37
38 if (dsa->flags & DSA_FLAG_CACHE_MONT_P) {
39 if (!BN_MONT_CTX_set_locked(&dsa->method_mont_p,
40@@ -282,6 +279,11 @@ static int dsa_sign_setup(DSA *dsa, BN_C
41 } else {
42 K = &k;
43 }
44+
45+ if ((dsa->flags & DSA_FLAG_NO_EXP_CONSTTIME) == 0) {
46+ BN_set_flags(K, BN_FLG_CONSTTIME);
47+ }
48+
49 DSA_BN_MOD_EXP(goto err, dsa, r, dsa->g, K, dsa->p, ctx,
50 dsa->method_mont_p);
51 if (!BN_mod(r, r, dsa->q, ctx))
diff --git a/meta/recipes-connectivity/openssl/openssl_1.0.2h.bb b/meta/recipes-connectivity/openssl/openssl_1.0.2h.bb
index e7d1106d27..4f91e551be 100644
--- a/meta/recipes-connectivity/openssl/openssl_1.0.2h.bb
+++ b/meta/recipes-connectivity/openssl/openssl_1.0.2h.bb
@@ -40,6 +40,7 @@ SRC_URI += "file://find.pl;subdir=${BP}/util/ \
40 file://configure-musl-target.patch \ 40 file://configure-musl-target.patch \
41 file://parallel.patch \ 41 file://parallel.patch \
42 file://CVE-2016-2177.patch \ 42 file://CVE-2016-2177.patch \
43 file://CVE-2016-2178.patch \
43 " 44 "
44SRC_URI[md5sum] = "9392e65072ce4b614c1392eefc1f23d0" 45SRC_URI[md5sum] = "9392e65072ce4b614c1392eefc1f23d0"
45SRC_URI[sha256sum] = "1d4007e53aad94a5b2002fe045ee7bb0b3d98f1a47f8b2bc851dcd1c74332919" 46SRC_URI[sha256sum] = "1d4007e53aad94a5b2002fe045ee7bb0b3d98f1a47f8b2bc851dcd1c74332919"