openssl: fix CVE-2018-0735 for 1.1.1

Backport patch to fix CVE-2018-0735 for openssl 1.1.1. (From OE-Core rev: 78e751e33d3ec4394d96391e737cc39cad960ebe) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Kai Kang <kai.kang@windriver.com> 2018-11-02 16:02:14 +0800
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2018-11-07 23:08:54 +0000
commit: faacc5048746c5bd0366881cdf46470bfeef4300 (patch)
tree: b54d8ada3c6f6d06483ab8fbc0600c136284e9eb /meta/recipes-connectivity/openssl
parent: d5fe5c654b7d36dcbea03231320cb6edbb6788c0 (diff)
download: poky-faacc5048746c5bd0366881cdf46470bfeef4300.tar.gz
2 files changed, 51 insertions, 0 deletions
diff --git a/meta/recipes-connectivity/openssl/openssl/0003-fix-CVE-2018-0735.patch b/meta/recipes-connectivity/openssl/openssl/0003-fix-CVE-2018-0735.patch
new file mode 100644
index 0000000000..736323f0ce
--- /dev/null
+++ b/meta/recipes-connectivity/openssl/openssl/0003-fix-CVE-2018-0735.patch
@@ -0,0 +1,50 @@
+CVE: CVE-2018-0735
+Upstream-Status: Backport
+Signed-off-by: Kai Kang <kai.kang@windriver.com>
+From b1d6d55ece1c26fa2829e2b819b038d7b6d692b4 Mon Sep 17 00:00:00 2001
+From: Pauli <paul.dale@oracle.com>
+Date: Fri, 26 Oct 2018 10:54:58 +1000
+Subject: [PATCH] Timing vulnerability in ECDSA signature generation
+ (CVE-2018-0735)
+Preallocate an extra limb for some of the big numbers to avoid a reallocation
+that can potentially provide a side channel.
+Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
+(Merged from https://github.com/openssl/openssl/pull/7486)
+(cherry picked from commit 99540ec79491f59ed8b46b4edf130e17dc907f52)
+---
+ crypto/ec/ec_mult.c | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+diff --git a/crypto/ec/ec_mult.c b/crypto/ec/ec_mult.c
+index 7e1b3650e7..0e0a5e1394 100644
+--- a/crypto/ec/ec_mult.c
+++ b/crypto/ec/ec_mult.c
+@@ -206,8 +206,8 @@ int ec_scalar_mul_ladder(const EC_GROUP *group, EC_POINT *r,
+      */
+     cardinality_bits = BN_num_bits(cardinality);
+     group_top = bn_get_top(cardinality);
+-    if ((bn_wexpand(k, group_top + 1) == NULL)
+-        || (bn_wexpand(lambda, group_top + 1) == NULL)) {
+    if ((bn_wexpand(k, group_top + 2) == NULL)
+        || (bn_wexpand(lambda, group_top + 2) == NULL)) {
+         ECerr(EC_F_EC_SCALAR_MUL_LADDER, ERR_R_BN_LIB);
+         goto err;
+     }
+@@ -244,7 +244,7 @@ int ec_scalar_mul_ladder(const EC_GROUP *group, EC_POINT *r,
+      * k := scalar + 2*cardinality
+      */
+     kbit = BN_is_bit_set(lambda, cardinality_bits);
+-    BN_consttime_swap(kbit, k, lambda, group_top + 1);
+    BN_consttime_swap(kbit, k, lambda, group_top + 2);
+ 
+     group_top = bn_get_top(group->field);
+     if ((bn_wexpand(s->X, group_top) == NULL)
+-- 
+2.17.0
diff --git a/meta/recipes-connectivity/openssl/openssl_1.1.1.bb b/meta/recipes-connectivity/openssl/openssl_1.1.1.bb
index 052f246aad..b44089e82e 100644
--- a/meta/recipes-connectivity/openssl/openssl_1.1.1.bb
+++ b/meta/recipes-connectivity/openssl/openssl_1.1.1.bb
@@ -16,6 +16,7 @@ SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \
           file://openssl-c_rehash.sh \
           file://0001-skip-test_symbol_presence.patch \
           file://0002-fix-CVE-2018-0734.patch \
+           file://0003-fix-CVE-2018-0735.patch \
           "
 SRC_URI_append_class-nativesdk = " \
author	Kai Kang <kai.kang@windriver.com>	2018-11-02 16:02:14 +0800
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2018-11-07 23:08:54 +0000
commit	faacc5048746c5bd0366881cdf46470bfeef4300 (patch)
tree	b54d8ada3c6f6d06483ab8fbc0600c136284e9eb /meta/recipes-connectivity/openssl
parent	d5fe5c654b7d36dcbea03231320cb6edbb6788c0 (diff)
download	poky-faacc5048746c5bd0366881cdf46470bfeef4300.tar.gz

diff --git a/meta/recipes-connectivity/openssl/openssl/0003-fix-CVE-2018-0735.patch b/meta/recipes-connectivity/openssl/openssl/0003-fix-CVE-2018-0735.patch new file mode 100644 index 0000000000..736323f0ce --- /dev/null +++ b/meta/recipes-connectivity/openssl/openssl/0003-fix-CVE-2018-0735.patch
@@ -0,0 +1,50 @@
		1	CVE: CVE-2018-0735
		2
		3	Upstream-Status: Backport
		4
		5	Signed-off-by: Kai Kang <kai.kang@windriver.com>
		6
		7	From b1d6d55ece1c26fa2829e2b819b038d7b6d692b4 Mon Sep 17 00:00:00 2001
		8	From: Pauli <paul.dale@oracle.com>
		9	Date: Fri, 26 Oct 2018 10:54:58 +1000
		10	Subject: [PATCH] Timing vulnerability in ECDSA signature generation
		11	(CVE-2018-0735)
		12
		13	Preallocate an extra limb for some of the big numbers to avoid a reallocation
		14	that can potentially provide a side channel.
		15
		16	Reviewed-by: Bernd Edlinger <bernd.edlinger@hotmail.de>
		17	(Merged from https://github.com/openssl/openssl/pull/7486)
		18
		19	(cherry picked from commit 99540ec79491f59ed8b46b4edf130e17dc907f52)
		20	---
		21	crypto/ec/ec_mult.c \| 6 +++---
		22	1 file changed, 3 insertions(+), 3 deletions(-)
		23
		24	diff --git a/crypto/ec/ec_mult.c b/crypto/ec/ec_mult.c
		25	index 7e1b3650e7..0e0a5e1394 100644
		26	--- a/crypto/ec/ec_mult.c
		27	+++ b/crypto/ec/ec_mult.c
		28	@@ -206,8 +206,8 @@ int ec_scalar_mul_ladder(const EC_GROUP group, EC_POINT r,
		29	*/
		30	cardinality_bits = BN_num_bits(cardinality);
		31	group_top = bn_get_top(cardinality);
		32	- if ((bn_wexpand(k, group_top + 1) == NULL)
		33	- \|\| (bn_wexpand(lambda, group_top + 1) == NULL)) {
		34	+ if ((bn_wexpand(k, group_top + 2) == NULL)
		35	+ \|\| (bn_wexpand(lambda, group_top + 2) == NULL)) {
		36	ECerr(EC_F_EC_SCALAR_MUL_LADDER, ERR_R_BN_LIB);
		37	goto err;
		38	}
		39	@@ -244,7 +244,7 @@ int ec_scalar_mul_ladder(const EC_GROUP group, EC_POINT r,
		40	* k := scalar + 2*cardinality
		41	*/
		42	kbit = BN_is_bit_set(lambda, cardinality_bits);
		43	- BN_consttime_swap(kbit, k, lambda, group_top + 1);
		44	+ BN_consttime_swap(kbit, k, lambda, group_top + 2);
		45
		46	group_top = bn_get_top(group->field);
		47	if ((bn_wexpand(s->X, group_top) == NULL)
		48	--
		49	2.17.0
		50


diff --git a/meta/recipes-connectivity/openssl/openssl_1.1.1.bb b/meta/recipes-connectivity/openssl/openssl_1.1.1.bb index 052f246aad..b44089e82e 100644 --- a/meta/recipes-connectivity/openssl/openssl_1.1.1.bb +++ b/meta/recipes-connectivity/openssl/openssl_1.1.1.bb
@@ -16,6 +16,7 @@ SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \
16	file://openssl-c_rehash.sh \	16	file://openssl-c_rehash.sh \
17	file://0001-skip-test_symbol_presence.patch \	17	file://0001-skip-test_symbol_presence.patch \
18	file://0002-fix-CVE-2018-0734.patch \	18	file://0002-fix-CVE-2018-0734.patch \
		19	file://0003-fix-CVE-2018-0735.patch \
19	"	20	"
20		21
21	SRC_URI_append_class-nativesdk = " \	22	SRC_URI_append_class-nativesdk = " \