summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--meta/classes/rootfs-postcommands.bbclass4
-rw-r--r--meta/recipes-core/glibc/glibc-version.inc2
-rw-r--r--meta/recipes-core/glibc/glibc_2.35.bb2
-rw-r--r--meta/recipes-core/images/build-appliance-image_15.0.0.bb2
-rw-r--r--meta/recipes-devtools/go/go-1.17.13.inc1
-rw-r--r--meta/recipes-devtools/go/go-1.18/CVE-2023-45288.patch95
-rw-r--r--meta/recipes-support/gnutls/gnutls/CVE-2024-28834.patch457
-rw-r--r--meta/recipes-support/gnutls/gnutls/CVE-2024-28835.patch406
-rw-r--r--meta/recipes-support/gnutls/gnutls_3.7.4.bb2
9 files changed, 967 insertions, 4 deletions
diff --git a/meta/classes/rootfs-postcommands.bbclass b/meta/classes/rootfs-postcommands.bbclass
index 5c0b3ec37c..f7517c66dc 100644
--- a/meta/classes/rootfs-postcommands.bbclass
+++ b/meta/classes/rootfs-postcommands.bbclass
@@ -119,7 +119,9 @@ read_only_rootfs_hook () {
119 # Also tweak the key location for dropbear in the same way. 119 # Also tweak the key location for dropbear in the same way.
120 if [ -d ${IMAGE_ROOTFS}/etc/dropbear ]; then 120 if [ -d ${IMAGE_ROOTFS}/etc/dropbear ]; then
121 if [ ! -e ${IMAGE_ROOTFS}/etc/dropbear/dropbear_rsa_host_key ]; then 121 if [ ! -e ${IMAGE_ROOTFS}/etc/dropbear/dropbear_rsa_host_key ]; then
122 echo "DROPBEAR_RSAKEY_DIR=/var/lib/dropbear" >> ${IMAGE_ROOTFS}/etc/default/dropbear 122 if ! grep -q "^DROPBEAR_RSAKEY_DIR=" ${IMAGE_ROOTFS}/etc/default/dropbear ; then
123 echo "DROPBEAR_RSAKEY_DIR=/var/lib/dropbear" >> ${IMAGE_ROOTFS}/etc/default/dropbear
124 fi
123 fi 125 fi
124 fi 126 fi
125 fi 127 fi
diff --git a/meta/recipes-core/glibc/glibc-version.inc b/meta/recipes-core/glibc/glibc-version.inc
index e0d47f283b..cd8c7ecf94 100644
--- a/meta/recipes-core/glibc/glibc-version.inc
+++ b/meta/recipes-core/glibc/glibc-version.inc
@@ -1,6 +1,6 @@
1SRCBRANCH ?= "release/2.35/master" 1SRCBRANCH ?= "release/2.35/master"
2PV = "2.35" 2PV = "2.35"
3SRCREV_glibc ?= "c84018a05aec80f5ee6f682db0da1130b0196aef" 3SRCREV_glibc ?= "36280d1ce5e245aabefb877fe4d3c6cff95dabfa"
4SRCREV_localedef ?= "794da69788cbf9bf57b59a852f9f11307663fa87" 4SRCREV_localedef ?= "794da69788cbf9bf57b59a852f9f11307663fa87"
5 5
6GLIBC_GIT_URI ?= "git://sourceware.org/git/glibc.git" 6GLIBC_GIT_URI ?= "git://sourceware.org/git/glibc.git"
diff --git a/meta/recipes-core/glibc/glibc_2.35.bb b/meta/recipes-core/glibc/glibc_2.35.bb
index 751427517f..74d7f753d8 100644
--- a/meta/recipes-core/glibc/glibc_2.35.bb
+++ b/meta/recipes-core/glibc/glibc_2.35.bb
@@ -24,7 +24,7 @@ CVE_CHECK_IGNORE += "CVE-2019-1010025"
24CVE_CHECK_IGNORE += "CVE-2023-4527" 24CVE_CHECK_IGNORE += "CVE-2023-4527"
25 25
26# To avoid these in cve-check reports since the recipe version did not change 26# To avoid these in cve-check reports since the recipe version did not change
27CVE_CHECK_IGNORE += "CVE-2023-0687 CVE-2023-4813 CVE-2023-4806 CVE-2023-4911 CVE-2023-5156" 27CVE_CHECK_IGNORE += "CVE-2023-0687 CVE-2023-4813 CVE-2023-4806 CVE-2023-4911 CVE-2023-5156 CVE-2024-2961"
28 28
29DEPENDS += "gperf-native bison-native" 29DEPENDS += "gperf-native bison-native"
30 30
diff --git a/meta/recipes-core/images/build-appliance-image_15.0.0.bb b/meta/recipes-core/images/build-appliance-image_15.0.0.bb
index aef8b3055b..57274262ba 100644
--- a/meta/recipes-core/images/build-appliance-image_15.0.0.bb
+++ b/meta/recipes-core/images/build-appliance-image_15.0.0.bb
@@ -24,7 +24,7 @@ IMAGE_FSTYPES = "wic.vmdk wic.vhd wic.vhdx"
24 24
25inherit core-image setuptools3 25inherit core-image setuptools3
26 26
27SRCREV ?= "ff7353b24f11f9ba8760f04b678e805fd2590073" 27SRCREV ?= "700eac59a68baaba3361ed40ab14fe55e66f8211"
28SRC_URI = "git://git.yoctoproject.org/poky;branch=kirkstone \ 28SRC_URI = "git://git.yoctoproject.org/poky;branch=kirkstone \
29 file://Yocto_Build_Appliance.vmx \ 29 file://Yocto_Build_Appliance.vmx \
30 file://Yocto_Build_Appliance.vmxf \ 30 file://Yocto_Build_Appliance.vmxf \
diff --git a/meta/recipes-devtools/go/go-1.17.13.inc b/meta/recipes-devtools/go/go-1.17.13.inc
index 768961de2c..95fb572362 100644
--- a/meta/recipes-devtools/go/go-1.17.13.inc
+++ b/meta/recipes-devtools/go/go-1.17.13.inc
@@ -55,6 +55,7 @@ SRC_URI += "\
55 file://CVE-2023-45290.patch \ 55 file://CVE-2023-45290.patch \
56 file://CVE-2024-24784.patch \ 56 file://CVE-2024-24784.patch \
57 file://CVE-2024-24785.patch \ 57 file://CVE-2024-24785.patch \
58 file://CVE-2023-45288.patch \
58" 59"
59SRC_URI[main.sha256sum] = "a1a48b23afb206f95e7bbaa9b898d965f90826f6f1d1fc0c1d784ada0cd300fd" 60SRC_URI[main.sha256sum] = "a1a48b23afb206f95e7bbaa9b898d965f90826f6f1d1fc0c1d784ada0cd300fd"
60 61
diff --git a/meta/recipes-devtools/go/go-1.18/CVE-2023-45288.patch b/meta/recipes-devtools/go/go-1.18/CVE-2023-45288.patch
new file mode 100644
index 0000000000..741e7be89a
--- /dev/null
+++ b/meta/recipes-devtools/go/go-1.18/CVE-2023-45288.patch
@@ -0,0 +1,95 @@
1From e55d7cf8435ba4e58d4a5694e63b391821d4ee9b Mon Sep 17 00:00:00 2001
2From: Damien Neil <dneil@google.com>
3Date: Thu, 28 Mar 2024 16:57:51 -0700
4Subject: [PATCH] [release-branch.go1.22] net/http: update bundled
5 golang.org/x/net/http2
6
7Disable cmd/internal/moddeps test, since this update includes PRIVATE
8track fixes.
9
10Fixes CVE-2023-45288
11For #65051
12Fixes #66298
13
14Change-Id: I5bbf774ebe7651e4bb7e55139d3794bd2b8e8fa8
15Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/2197227
16Reviewed-by: Tatiana Bradley <tatianabradley@google.com>
17Run-TryBot: Damien Neil <dneil@google.com>
18Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
19Reviewed-on: https://go-review.googlesource.com/c/go/+/576076
20Auto-Submit: Dmitri Shuralyov <dmitshur@google.com>
21TryBot-Bypass: Dmitri Shuralyov <dmitshur@google.com>
22Reviewed-by: Than McIntosh <thanm@google.com>
23
24Upstream-Status: Backport [https://github.com/golang/go/commit/e55d7cf8435ba4e58d4a5694e63b391821d4ee9b]
25CVE: CVE-2023-45288
26Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
27---
28 src/cmd/internal/moddeps/moddeps_test.go | 1 +
29 src/net/http/h2_bundle.go | 31 ++++++++++++++++++++++++
30 2 files changed, 32 insertions(+)
31
32diff --git a/src/cmd/internal/moddeps/moddeps_test.go b/src/cmd/internal/moddeps/moddeps_test.go
33index d48d43f..250bde4 100644
34--- a/src/cmd/internal/moddeps/moddeps_test.go
35+++ b/src/cmd/internal/moddeps/moddeps_test.go
36@@ -34,6 +34,7 @@ import (
37 // See issues 36852, 41409, and 43687.
38 // (Also see golang.org/issue/27348.)
39 func TestAllDependencies(t *testing.T) {
40+ t.Skip("TODO(#65051): 1.22.2 contains unreleased changes from vendored modules")
41 t.Skip("TODO(#57009): 1.19.4 contains unreleased changes from vendored modules")
42 t.Skip("TODO(#53977): 1.18.5 contains unreleased changes from vendored modules")
43
44diff --git a/src/net/http/h2_bundle.go b/src/net/http/h2_bundle.go
45index 9d6abd8..10ff193 100644
46--- a/src/net/http/h2_bundle.go
47+++ b/src/net/http/h2_bundle.go
48@@ -2842,6 +2842,7 @@ func (fr *http2Framer) readMetaFrame(hf *http2HeadersFrame) (*http2MetaHeadersFr
49 if size > remainSize {
50 hdec.SetEmitEnabled(false)
51 mh.Truncated = true
52+ remainSize = 0
53 return
54 }
55 remainSize -= size
56@@ -2854,6 +2855,36 @@ func (fr *http2Framer) readMetaFrame(hf *http2HeadersFrame) (*http2MetaHeadersFr
57 var hc http2headersOrContinuation = hf
58 for {
59 frag := hc.HeaderBlockFragment()
60+
61+ // Avoid parsing large amounts of headers that we will then discard.
62+ // If the sender exceeds the max header list size by too much,
63+ // skip parsing the fragment and close the connection.
64+ //
65+ // "Too much" is either any CONTINUATION frame after we've already
66+ // exceeded the max header list size (in which case remainSize is 0),
67+ // or a frame whose encoded size is more than twice the remaining
68+ // header list bytes we're willing to accept.
69+ if int64(len(frag)) > int64(2*remainSize) {
70+ if http2VerboseLogs {
71+ log.Printf("http2: header list too large")
72+ }
73+ // It would be nice to send a RST_STREAM before sending the GOAWAY,
74+ // but the struture of the server's frame writer makes this difficult.
75+ return nil, http2ConnectionError(http2ErrCodeProtocol)
76+ }
77+
78+ // Also close the connection after any CONTINUATION frame following an
79+ // invalid header, since we stop tracking the size of the headers after
80+ // an invalid one.
81+ if invalid != nil {
82+ if http2VerboseLogs {
83+ log.Printf("http2: invalid header: %v", invalid)
84+ }
85+ // It would be nice to send a RST_STREAM before sending the GOAWAY,
86+ // but the struture of the server's frame writer makes this difficult.
87+ return nil, http2ConnectionError(http2ErrCodeProtocol)
88+ }
89+
90 if _, err := hdec.Write(frag); err != nil {
91 return nil, http2ConnectionError(http2ErrCodeCompression)
92 }
93--
942.25.1
95
diff --git a/meta/recipes-support/gnutls/gnutls/CVE-2024-28834.patch b/meta/recipes-support/gnutls/gnutls/CVE-2024-28834.patch
new file mode 100644
index 0000000000..6c06fc2782
--- /dev/null
+++ b/meta/recipes-support/gnutls/gnutls/CVE-2024-28834.patch
@@ -0,0 +1,457 @@
1From 1c4701ffc342259fc5965d5a0de90d87f780e3e5 Mon Sep 17 00:00:00 2001
2From: Daiki Ueno <ueno@gnu.org>
3Date: Fri, 12 Jan 2024 17:56:58 +0900
4Subject: [PATCH] nettle: avoid normalization of mpz_t in deterministic ECDSA
5
6This removes function calls that potentially leak bit-length of a
7private key used to calculate a nonce in deterministic ECDSA. Namely:
8
9- _gnutls_dsa_compute_k has been rewritten to work on always
10 zero-padded mp_limb_t arrays instead of mpz_t
11- rnd_mpz_func has been replaced with rnd_datum_func, which is backed
12 by a byte array instead of an mpz_t value
13
14Signed-off-by: Daiki Ueno <ueno@gnu.org>
15
16CVE: CVE-2024-28834
17
18Upstream-Status: Backport [https://gitlab.com/gnutls/gnutls/-/commit/1c4701ffc342259fc5965d5a0de90d87f780e3e5]
19
20Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
21---
22 lib/nettle/int/dsa-compute-k.c | 86 ++++++++++++++++++++-----------
23 lib/nettle/int/dsa-compute-k.h | 32 +++++++++---
24 lib/nettle/int/ecdsa-compute-k.c | 32 +++---------
25 lib/nettle/int/ecdsa-compute-k.h | 8 +--
26 lib/nettle/pk.c | 78 +++++++++++++++++++---------
27 tests/sign-verify-deterministic.c | 2 +-
28 6 files changed, 141 insertions(+), 97 deletions(-)
29
30diff --git a/lib/nettle/int/dsa-compute-k.c b/lib/nettle/int/dsa-compute-k.c
31index 3f5105a..f937693 100644
32--- a/lib/nettle/int/dsa-compute-k.c
33+++ b/lib/nettle/int/dsa-compute-k.c
34@@ -31,33 +31,39 @@
35 #include "mpn-base256.h"
36 #include <string.h>
37
38-#define BITS_TO_LIMBS(bits) (((bits) + GMP_NUMB_BITS - 1) / GMP_NUMB_BITS)
39-
40-/* The maximum size of q, chosen from the fact that we support
41- * 521-bit elliptic curve generator and 512-bit DSA subgroup at
42- * maximum. */
43-#define MAX_Q_BITS 521
44-#define MAX_Q_SIZE ((MAX_Q_BITS + 7) / 8)
45-#define MAX_Q_LIMBS BITS_TO_LIMBS(MAX_Q_BITS)
46-
47-#define MAX_HASH_BITS (MAX_HASH_SIZE * 8)
48-#define MAX_HASH_LIMBS BITS_TO_LIMBS(MAX_HASH_BITS)
49-
50-int
51-_gnutls_dsa_compute_k(mpz_t k,
52- const mpz_t q,
53- const mpz_t x,
54- gnutls_mac_algorithm_t mac,
55- const uint8_t *digest,
56- size_t length)
57+/* For mini-gmp */
58+#ifndef GMP_LIMB_BITS
59+#define GMP_LIMB_BITS GMP_NUMB_BITS
60+#endif
61+
62+static inline int is_zero_limb(mp_limb_t x)
63+{
64+ x |= (x << 1);
65+ return ((x >> 1) - 1) >> (GMP_LIMB_BITS - 1);
66+}
67+
68+static int sec_zero_p(const mp_limb_t *ap, mp_size_t n)
69+{
70+ volatile mp_limb_t w;
71+ mp_size_t i;
72+
73+ for (i = 0, w = 0; i < n; i++)
74+ w |= ap[i];
75+
76+
77+ return is_zero_limb(w);
78+}
79+
80+int _gnutls_dsa_compute_k(mp_limb_t *h, const mp_limb_t *q, const mp_limb_t *x,
81+ mp_size_t qn, mp_bitcnt_t q_bits,
82+ gnutls_mac_algorithm_t mac,
83+ const uint8_t *digest,
84+ size_t length)
85 {
86 uint8_t V[MAX_HASH_SIZE];
87 uint8_t K[MAX_HASH_SIZE];
88 uint8_t xp[MAX_Q_SIZE];
89 uint8_t tp[MAX_Q_SIZE];
90- mp_limb_t h[MAX(MAX_Q_LIMBS, MAX_HASH_LIMBS)];
91- mp_bitcnt_t q_bits = mpz_sizeinbase (q, 2);
92- mp_size_t qn = mpz_size(q);
93 mp_bitcnt_t h_bits = length * 8;
94 mp_size_t hn = BITS_TO_LIMBS(h_bits);
95 size_t nbytes = (q_bits + 7) / 8;
96@@ -66,6 +72,7 @@ _gnutls_dsa_compute_k(mpz_t k,
97 mp_limb_t cy;
98 gnutls_hmac_hd_t hd;
99 int ret = 0;
100+ mp_limb_t scratch[MAX_Q_LIMBS];
101
102 if (unlikely(q_bits > MAX_Q_BITS))
103 return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
104@@ -73,7 +80,7 @@ _gnutls_dsa_compute_k(mpz_t k,
105 return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
106
107 /* int2octets(x) */
108- mpn_get_base256(xp, nbytes, mpz_limbs_read(x), qn);
109+ mpn_get_base256(xp, nbytes, x, qn);
110
111 /* bits2octets(h) */
112 mpn_set_base256(h, hn, digest, length);
113@@ -97,12 +104,12 @@ _gnutls_dsa_compute_k(mpz_t k,
114 mpn_rshift(h, h, hn, shift % GMP_NUMB_BITS);
115 }
116
117- cy = mpn_sub_n(h, h, mpz_limbs_read(q), qn);
118+ cy = mpn_sub_n(h, h, q, qn);
119 /* Fall back to addmul_1, if nettle is linked with mini-gmp. */
120 #ifdef mpn_cnd_add_n
121- mpn_cnd_add_n(cy, h, h, mpz_limbs_read(q), qn);
122+ mpn_cnd_add_n(cy, h, h, q, qn);
123 #else
124- mpn_addmul_1(h, mpz_limbs_read(q), qn, cy != 0);
125+ mpn_addmul_1(h, q, qn, cy != 0);
126 #endif
127 mpn_get_base256(tp, nbytes, h, qn);
128
129@@ -178,12 +185,8 @@ _gnutls_dsa_compute_k(mpz_t k,
130 if (tlen * 8 > q_bits)
131 mpn_rshift (h, h, qn, tlen * 8 - q_bits);
132 /* Check if k is in [1,q-1] */
133- if (!mpn_zero_p (h, qn) &&
134- mpn_cmp (h, mpz_limbs_read(q), qn) < 0) {
135- mpn_copyi(mpz_limbs_write(k, qn), h, qn);
136- mpz_limbs_finish(k, qn);
137+ if (!sec_zero_p(h, qn) && mpn_sub_n(scratch, h, q, qn))
138 break;
139- }
140
141 ret = gnutls_hmac_init(&hd, mac, K, length);
142 if (ret < 0)
143@@ -207,3 +210,24 @@ _gnutls_dsa_compute_k(mpz_t k,
144
145 return ret;
146 }
147+
148+/* cancel-out dsa_sign's addition of 1 to random data */
149+void _gnutls_dsa_compute_k_finish(uint8_t *k, size_t nbytes, mp_limb_t *h,
150+ mp_size_t n)
151+{
152+ /* Fall back to sub_1, if nettle is linked with mini-gmp. */
153+#ifdef mpn_sec_sub_1
154+ mp_limb_t t[MAX_Q_LIMBS];
155+
156+ mpn_sec_sub_1(h, h, n, 1, t);
157+#else
158+ mpn_sub_1(h, h, n, 1);
159+#endif
160+ mpn_get_base256(k, nbytes, h, n);
161+}
162+
163+void _gnutls_ecdsa_compute_k_finish(uint8_t *k, size_t nbytes, mp_limb_t *h,
164+ mp_size_t n)
165+{
166+ mpn_get_base256(k, nbytes, h, n);
167+}
168diff --git a/lib/nettle/int/dsa-compute-k.h b/lib/nettle/int/dsa-compute-k.h
169index 64e90e0..778c484 100644
170--- a/lib/nettle/int/dsa-compute-k.h
171+++ b/lib/nettle/int/dsa-compute-k.h
172@@ -26,12 +26,30 @@
173 #include <gnutls/gnutls.h>
174 #include <nettle/bignum.h> /* includes gmp.h */
175
176-int
177-_gnutls_dsa_compute_k(mpz_t k,
178- const mpz_t q,
179- const mpz_t x,
180- gnutls_mac_algorithm_t mac,
181- const uint8_t *digest,
182- size_t length);
183+#define BITS_TO_LIMBS(bits) (((bits) + GMP_NUMB_BITS - 1) / GMP_NUMB_BITS)
184+
185+/* The maximum size of q, chosen from the fact that we support
186+ * 521-bit elliptic curve generator and 512-bit DSA subgroup at
187+ * maximum. */
188+#define MAX_Q_BITS 521
189+#define MAX_Q_SIZE ((MAX_Q_BITS + 7) / 8)
190+#define MAX_Q_LIMBS BITS_TO_LIMBS(MAX_Q_BITS)
191+
192+#define MAX_HASH_BITS (MAX_HASH_SIZE * 8)
193+#define MAX_HASH_LIMBS BITS_TO_LIMBS(MAX_HASH_BITS)
194+
195+#define DSA_COMPUTE_K_ITCH MAX(MAX_Q_LIMBS, MAX_HASH_LIMBS)
196+
197+int _gnutls_dsa_compute_k(mp_limb_t *h, const mp_limb_t *q, const mp_limb_t *x,
198+ mp_size_t qn, mp_bitcnt_t q_bits,
199+ gnutls_mac_algorithm_t mac,
200+ const uint8_t *digest,
201+ size_t length);
202+
203+void _gnutls_dsa_compute_k_finish(uint8_t *k, size_t nbytes, mp_limb_t *h,
204+ mp_size_t n);
205+
206+void _gnutls_ecdsa_compute_k_finish(uint8_t *k, size_t nbytes, mp_limb_t *h,
207+ mp_size_t n);
208
209 #endif /* GNUTLS_LIB_NETTLE_INT_DSA_COMPUTE_K_H */
210diff --git a/lib/nettle/int/ecdsa-compute-k.c b/lib/nettle/int/ecdsa-compute-k.c
211index 94914eb..fc3b2ba 100644
212--- a/lib/nettle/int/ecdsa-compute-k.c
213+++ b/lib/nettle/int/ecdsa-compute-k.c
214@@ -29,39 +29,38 @@
215 #include "dsa-compute-k.h"
216 #include "gnutls_int.h"
217
218-static inline int
219-_gnutls_ecc_curve_to_dsa_q(mpz_t *q, gnutls_ecc_curve_t curve)
220+int _gnutls_ecc_curve_to_dsa_q(mpz_t q, gnutls_ecc_curve_t curve)
221 {
222 switch (curve) {
223 #ifdef ENABLE_NON_SUITEB_CURVES
224 case GNUTLS_ECC_CURVE_SECP192R1:
225- mpz_init_set_str(*q,
226+ mpz_init_set_str(q,
227 "FFFFFFFFFFFFFFFFFFFFFFFF99DEF836"
228 "146BC9B1B4D22831",
229 16);
230 return 0;
231 case GNUTLS_ECC_CURVE_SECP224R1:
232- mpz_init_set_str(*q,
233+ mpz_init_set_str(q,
234 "FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2"
235 "E0B8F03E13DD29455C5C2A3D",
236 16);
237 return 0;
238 #endif
239 case GNUTLS_ECC_CURVE_SECP256R1:
240- mpz_init_set_str(*q,
241+ mpz_init_set_str(q,
242 "FFFFFFFF00000000FFFFFFFFFFFFFFFF"
243 "BCE6FAADA7179E84F3B9CAC2FC632551",
244 16);
245 return 0;
246 case GNUTLS_ECC_CURVE_SECP384R1:
247- mpz_init_set_str(*q,
248+ mpz_init_set_str(q,
249 "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
250 "FFFFFFFFFFFFFFFFC7634D81F4372DDF"
251 "581A0DB248B0A77AECEC196ACCC52973",
252 16);
253 return 0;
254 case GNUTLS_ECC_CURVE_SECP521R1:
255- mpz_init_set_str(*q,
256+ mpz_init_set_str(q,
257 "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
258 "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"
259 "FFA51868783BF2F966B7FCC0148F709A"
260@@ -74,22 +73,3 @@ _gnutls_ecc_curve_to_dsa_q(mpz_t *q, gnutls_ecc_curve_t curve)
261 }
262 }
263
264-int
265-_gnutls_ecdsa_compute_k (mpz_t k,
266- gnutls_ecc_curve_t curve,
267- const mpz_t x,
268- gnutls_mac_algorithm_t mac,
269- const uint8_t *digest,
270- size_t length)
271-{
272- mpz_t q;
273- int ret;
274-
275- ret = _gnutls_ecc_curve_to_dsa_q(&q, curve);
276- if (ret < 0)
277- return gnutls_assert_val(ret);
278-
279- ret = _gnutls_dsa_compute_k (k, q, x, mac, digest, length);
280- mpz_clear(q);
281- return ret;
282-}
283diff --git a/lib/nettle/int/ecdsa-compute-k.h b/lib/nettle/int/ecdsa-compute-k.h
284index 7ca401d..a7e612b 100644
285--- a/lib/nettle/int/ecdsa-compute-k.h
286+++ b/lib/nettle/int/ecdsa-compute-k.h
287@@ -26,12 +26,6 @@
288 #include <gnutls/gnutls.h>
289 #include <nettle/bignum.h> /* includes gmp.h */
290
291-int
292-_gnutls_ecdsa_compute_k (mpz_t k,
293- gnutls_ecc_curve_t curve,
294- const mpz_t x,
295- gnutls_mac_algorithm_t mac,
296- const uint8_t *digest,
297- size_t length);
298+int _gnutls_ecc_curve_to_dsa_q(mpz_t q, gnutls_ecc_curve_t curve);
299
300 #endif /* GNUTLS_LIB_NETTLE_INT_ECDSA_COMPUTE_K_H */
301diff --git a/lib/nettle/pk.c b/lib/nettle/pk.c
302index eba246f..799cc9d 100644
303--- a/lib/nettle/pk.c
304+++ b/lib/nettle/pk.c
305@@ -97,10 +97,16 @@ static void rnd_nonce_func(void *_ctx, size_t length, uint8_t * data)
306 }
307 }
308
309-static void rnd_mpz_func(void *_ctx, size_t length, uint8_t * data)
310+static void rnd_datum_func(void *ctx, size_t length, uint8_t *data)
311 {
312- mpz_t *k = _ctx;
313- nettle_mpz_get_str_256 (length, data, *k);
314+ gnutls_datum_t *d = ctx;
315+
316+ if (length > d->size) {
317+ memset(data, 0, length - d->size);
318+ memcpy(data + (length - d->size), d->data, d->size);
319+ } else {
320+ memcpy(data, d->data, length);
321+ }
322 }
323
324 static void rnd_nonce_func_fallback(void *_ctx, size_t length, uint8_t * data)
325@@ -1076,7 +1082,11 @@ _wrap_nettle_pk_sign(gnutls_pk_algorithm_t algo,
326 struct dsa_signature sig;
327 int curve_id = pk_params->curve;
328 const struct ecc_curve *curve;
329- mpz_t k;
330+ mpz_t q;
331+ /* 521-bit elliptic curve generator at maximum */
332+ uint8_t buf[(521 + 7) / 8];
333+ gnutls_datum_t k = { NULL, 0 };
334+
335 void *random_ctx;
336 nettle_random_func *random_func;
337
338@@ -1123,19 +1133,31 @@ _wrap_nettle_pk_sign(gnutls_pk_algorithm_t algo,
339 hash_len = vdata->size;
340 }
341
342- mpz_init(k);
343+ mpz_init(q);
344+
345 if (_gnutls_get_lib_state() == LIB_STATE_SELFTEST ||
346 (sign_params->flags & GNUTLS_PK_FLAG_REPRODUCIBLE)) {
347- ret = _gnutls_ecdsa_compute_k(k,
348- curve_id,
349- pk_params->params[ECC_K],
350- DIG_TO_MAC(sign_params->dsa_dig),
351- vdata->data,
352- vdata->size);
353+ mp_limb_t h[DSA_COMPUTE_K_ITCH];
354+
355+ ret = _gnutls_ecc_curve_to_dsa_q(q, curve_id);
356 if (ret < 0)
357 goto ecdsa_cleanup;
358+
359+ ret = _gnutls_dsa_compute_k(
360+ h, mpz_limbs_read(q), priv.p,
361+ ecc_size(priv.ecc), ecc_bit_size(priv.ecc),
362+ DIG_TO_MAC(sign_params->dsa_dig), vdata->data,
363+ vdata->size);
364+ if (ret < 0)
365+ goto ecdsa_cleanup;
366+ k.data = buf;
367+ k.size = (ecc_bit_size(priv.ecc) + 7) / 8;
368+
369+ _gnutls_ecdsa_compute_k_finish(k.data, k.size, h,
370+ ecc_size(priv.ecc));
371+
372 random_ctx = &k;
373- random_func = rnd_mpz_func;
374+ random_func = rnd_datum_func;
375 } else {
376 random_ctx = NULL;
377 random_func = rnd_nonce_func;
378@@ -1156,7 +1178,7 @@ _wrap_nettle_pk_sign(gnutls_pk_algorithm_t algo,
379 ecdsa_cleanup:
380 dsa_signature_clear(&sig);
381 ecc_scalar_zclear(&priv);
382- mpz_clear(k);
383+ mpz_clear(q);
384
385 if (ret < 0) {
386 gnutls_assert();
387@@ -1169,7 +1191,10 @@ _wrap_nettle_pk_sign(gnutls_pk_algorithm_t algo,
388 struct dsa_params pub;
389 bigint_t priv;
390 struct dsa_signature sig;
391- mpz_t k;
392+ /* 512-bit DSA subgroup at maximum */
393+ uint8_t buf[(512 + 7) / 8];
394+ gnutls_datum_t k = { NULL, 0 };
395+
396 void *random_ctx;
397 nettle_random_func *random_func;
398
399@@ -1196,21 +1221,25 @@ _wrap_nettle_pk_sign(gnutls_pk_algorithm_t algo,
400 hash_len = vdata->size;
401 }
402
403- mpz_init(k);
404 if (_gnutls_get_lib_state() == LIB_STATE_SELFTEST ||
405 (sign_params->flags & GNUTLS_PK_FLAG_REPRODUCIBLE)) {
406- ret = _gnutls_dsa_compute_k(k,
407- pub.q,
408- TOMPZ(priv),
409- DIG_TO_MAC(sign_params->dsa_dig),
410- vdata->data,
411- vdata->size);
412+ mp_limb_t h[DSA_COMPUTE_K_ITCH];
413+ ret = _gnutls_dsa_compute_k(
414+ h, mpz_limbs_read(pub.q),
415+ mpz_limbs_read(TOMPZ(priv)), mpz_size(pub.q),
416+ mpz_sizeinbase(pub.q, 2),
417+ DIG_TO_MAC(sign_params->dsa_dig), vdata->data,
418+ vdata->size);
419 if (ret < 0)
420 goto dsa_fail;
421- /* cancel-out dsa_sign's addition of 1 to random data */
422- mpz_sub_ui (k, k, 1);
423+ k.data = buf;
424+ k.size = (mpz_sizeinbase(pub.q, 2) + 7) / 8;
425+
426+ _gnutls_dsa_compute_k_finish(k.data, k.size, h,
427+ mpz_size(pub.q));
428+
429 random_ctx = &k;
430- random_func = rnd_mpz_func;
431+ random_func = rnd_datum_func;
432 } else {
433 random_ctx = NULL;
434 random_func = rnd_nonce_func;
435@@ -1230,7 +1259,6 @@ _wrap_nettle_pk_sign(gnutls_pk_algorithm_t algo,
436
437 dsa_fail:
438 dsa_signature_clear(&sig);
439- mpz_clear(k);
440
441 if (ret < 0) {
442 gnutls_assert();
443diff --git a/tests/sign-verify-deterministic.c b/tests/sign-verify-deterministic.c
444index 6e90728..25aa553 100644
445--- a/tests/sign-verify-deterministic.c
446+++ b/tests/sign-verify-deterministic.c
447@@ -197,7 +197,7 @@ void doit(void)
448 &signature);
449 if (ret < 0)
450 testfail("gnutls_pubkey_verify_data2\n");
451- success(" - pass");
452+ success(" - pass\n");
453
454 next:
455 gnutls_free(signature.data);
456--
4572.40.0
diff --git a/meta/recipes-support/gnutls/gnutls/CVE-2024-28835.patch b/meta/recipes-support/gnutls/gnutls/CVE-2024-28835.patch
new file mode 100644
index 0000000000..0341df8bd9
--- /dev/null
+++ b/meta/recipes-support/gnutls/gnutls/CVE-2024-28835.patch
@@ -0,0 +1,406 @@
1From e369e67a62f44561d417cb233acc566cc696d82d Mon Sep 17 00:00:00 2001
2From: Daiki Ueno <ueno@gnu.org>
3Date: Mon, 29 Jan 2024 13:52:46 +0900
4Subject: [PATCH] gnutls_x509_trust_list_verify_crt2: remove length limit of
5 input
6
7Previously, if cert_list_size exceeded DEFAULT_MAX_VERIFY_DEPTH, the
8chain verification logic crashed with assertion failure. This patch
9removes the restriction while keeping the maximum number of
10retrieved certificates being DEFAULT_MAX_VERIFY_DEPTH.
11
12Signed-off-by: Daiki Ueno <ueno@gnu.org>
13
14CVE: CVE-2024-28835
15
16Upstream-Status: Backport [https://gitlab.com/gnutls/gnutls/-/commit/e369e67a62f44561d417cb233acc566cc696d82d]
17
18Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
19---
20 lib/gnutls_int.h | 5 +-
21 lib/x509/common.c | 10 +-
22 lib/x509/verify-high.c | 43 ++++++---
23 tests/test-chains.h | 211 ++++++++++++++++++++++++++++++++++++++++-
24 4 files changed, 252 insertions(+), 17 deletions(-)
25
26diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h
27index b2a3ae6..5127996 100644
28--- a/lib/gnutls_int.h
29+++ b/lib/gnutls_int.h
30@@ -221,7 +221,10 @@ typedef enum record_send_state_t {
31
32 #define MAX_PK_PARAM_SIZE 2048
33
34-/* defaults for verification functions
35+/* Defaults for verification functions.
36+ *
37+ * update many_icas in tests/test-chains.h when increasing
38+ * DEFAULT_MAX_VERIFY_DEPTH.
39 */
40 #define DEFAULT_MAX_VERIFY_DEPTH 16
41 #define DEFAULT_MAX_VERIFY_BITS (MAX_PK_PARAM_SIZE*8)
42diff --git a/lib/x509/common.c b/lib/x509/common.c
43index 6367b03..8f8c1f8 100644
44--- a/lib/x509/common.c
45+++ b/lib/x509/common.c
46@@ -1749,7 +1749,15 @@ unsigned int _gnutls_sort_clist(gnutls_x509_crt_t *clist,
47 bool insorted[DEFAULT_MAX_VERIFY_DEPTH]; /* non zero if clist[i] used in sorted list */
48 gnutls_x509_crt_t sorted[DEFAULT_MAX_VERIFY_DEPTH];
49
50- assert(clist_size <= DEFAULT_MAX_VERIFY_DEPTH);
51+ /* Limit the number of certificates in the chain, to avoid DoS
52+ * because of the O(n^2) sorting below. FIXME: Switch to a
53+ * topological sort algorithm which should be linear to the
54+ * number of certificates and subject-issuer relationships.
55+ */
56+ if (clist_size > DEFAULT_MAX_VERIFY_DEPTH) {
57+ _gnutls_debug_log("too many certificates; skipping sorting\n");
58+ return 1;
59+ }
60
61 for (i = 0; i < DEFAULT_MAX_VERIFY_DEPTH; i++) {
62 issuer[i] = -1;
63diff --git a/lib/x509/verify-high.c b/lib/x509/verify-high.c
64index 5698d4f..a957511 100644
65--- a/lib/x509/verify-high.c
66+++ b/lib/x509/verify-high.c
67@@ -25,7 +25,7 @@
68 #include "errors.h"
69 #include <libtasn1.h>
70 #include <global.h>
71-#include <num.h> /* MAX */
72+#include <num.h> /* MIN */
73 #include <tls-sig.h>
74 #include <str.h>
75 #include <datum.h>
76@@ -1418,7 +1418,8 @@ gnutls_x509_trust_list_verify_crt2(gnutls_x509_trust_list_t list,
77 int ret = 0;
78 unsigned int i;
79 size_t hash;
80- gnutls_x509_crt_t sorted[DEFAULT_MAX_VERIFY_DEPTH];
81+ gnutls_x509_crt_t *cert_list_copy = NULL;
82+ unsigned int cert_list_max_size = 0;
83 gnutls_x509_crt_t retrieved[DEFAULT_MAX_VERIFY_DEPTH];
84 unsigned int retrieved_size = 0;
85 const char *hostname = NULL, *purpose = NULL, *email = NULL;
86@@ -1472,16 +1473,26 @@ gnutls_x509_trust_list_verify_crt2(gnutls_x509_trust_list_t list,
87 }
88 }
89
90- memcpy(sorted, cert_list, cert_list_size * sizeof(gnutls_x509_crt_t));
91- cert_list = sorted;
92+ /* Allocate extra for retrieved certificates. */
93+ if (!INT_ADD_OK(cert_list_size, DEFAULT_MAX_VERIFY_DEPTH,
94+ &cert_list_max_size))
95+ return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
96+
97+ cert_list_copy = _gnutls_reallocarray(NULL, cert_list_max_size,
98+ sizeof(gnutls_x509_crt_t));
99+ if (!cert_list_copy)
100+ return gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
101+
102+ memcpy(cert_list_copy, cert_list,
103+ cert_list_size * sizeof(gnutls_x509_crt_t));
104+ cert_list = cert_list_copy;
105
106 ret = cert_set_init(&cert_set, DEFAULT_MAX_VERIFY_DEPTH);
107 if (ret < 0) {
108 return ret;
109 }
110
111- for (i = 0; i < cert_list_size &&
112- cert_list_size <= DEFAULT_MAX_VERIFY_DEPTH; ) {
113+ for (i = 0; i < cert_list_size;) {
114 unsigned int sorted_size = 1;
115 unsigned int j;
116 gnutls_x509_crt_t issuer;
117@@ -1491,8 +1502,7 @@ gnutls_x509_trust_list_verify_crt2(gnutls_x509_trust_list_t list,
118 cert_list_size - i);
119 }
120
121- /* Remove duplicates. Start with index 1, as the first element
122- * may be re-checked after issuer retrieval. */
123+ /* Remove duplicates. */
124 for (j = 1; j < sorted_size; j++) {
125 if (cert_set_contains(&cert_set, cert_list[i + j])) {
126 if (i + j < cert_list_size - 1) {
127@@ -1539,14 +1549,16 @@ gnutls_x509_trust_list_verify_crt2(gnutls_x509_trust_list_t list,
128 ret = retrieve_issuers(list,
129 cert_list[i - 1],
130 &retrieved[retrieved_size],
131- DEFAULT_MAX_VERIFY_DEPTH -
132- MAX(retrieved_size,
133- cert_list_size));
134+ MIN(DEFAULT_MAX_VERIFY_DEPTH - retrieved_size,
135+ cert_list_max_size - cert_list_size));
136 if (ret < 0) {
137 break;
138 } else if (ret > 0) {
139 assert((unsigned int)ret <=
140- DEFAULT_MAX_VERIFY_DEPTH - cert_list_size);
141+ DEFAULT_MAX_VERIFY_DEPTH - retrieved_size);
142+ assert((unsigned int)ret <=
143+ cert_list_max_size - cert_list_size);
144+
145 memmove(&cert_list[i + ret],
146 &cert_list[i],
147 (cert_list_size - i) *
148@@ -1563,8 +1575,10 @@ gnutls_x509_trust_list_verify_crt2(gnutls_x509_trust_list_t list,
149 }
150
151 cert_list_size = shorten_clist(list, cert_list, cert_list_size);
152- if (cert_list_size <= 0)
153- return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
154+ if (cert_list_size <= 0) {
155+ ret = gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
156+ goto cleanup;
157+ }
158
159 hash =
160 hash_pjw_bare(cert_list[cert_list_size - 1]->raw_issuer_dn.
161@@ -1715,6 +1729,7 @@ gnutls_x509_trust_list_verify_crt2(gnutls_x509_trust_list_t list,
162 }
163
164 cleanup:
165+ gnutls_free(cert_list_copy);
166 for (i = 0; i < retrieved_size; i++) {
167 gnutls_x509_crt_deinit(retrieved[i]);
168 }
169diff --git a/tests/test-chains.h b/tests/test-chains.h
170index 09a5461..dd872a9 100644
171--- a/tests/test-chains.h
172+++ b/tests/test-chains.h
173@@ -25,7 +25,7 @@
174
175 /* *INDENT-OFF* */
176
177-#define MAX_CHAIN 10
178+#define MAX_CHAIN 17
179
180 static const char *chain_with_no_subject_id_in_ca_ok[] = {
181 "-----BEGIN CERTIFICATE-----\n"
182@@ -4386,6 +4386,213 @@ static const char *cross_signed_ca[] = {
183 NULL
184 };
185
186+/* This assumes DEFAULT_MAX_VERIFY_DEPTH to be 16 */
187+static const char *many_icas[] = {
188+ /* Server */
189+ "-----BEGIN CERTIFICATE-----\n"
190+ "MIIBqzCCAV2gAwIBAgIUIK3+SD3GmqJlRLZ/ESyhTzkSDL8wBQYDK2VwMB0xGzAZ\n"
191+ "BgNVBAMMEkdudVRMUyB0ZXN0IElDQSAkaTAgFw0yNDAzMTIyMjUzMzlaGA85OTk5\n"
192+ "MTIzMTIzNTk1OVowNzEbMBkGA1UEChMSR251VExTIHRlc3Qgc2VydmVyMRgwFgYD\n"
193+ "VQQDEw90ZXN0LmdudXRscy5vcmcwKjAFBgMrZXADIQAWGjx45NIJiKFsNBxxRRjm\n"
194+ "NxUT5KYK7xXr5HPVywwgLaOBkjCBjzAMBgNVHRMBAf8EAjAAMBoGA1UdEQQTMBGC\n"
195+ "D3Rlc3QuZ251dGxzLm9yZzATBgNVHSUEDDAKBggrBgEFBQcDATAOBgNVHQ8BAf8E\n"
196+ "BAMCB4AwHQYDVR0OBBYEFKgNAQWZPx76/vXqQOdIi5mTftsaMB8GA1UdIwQYMBaA\n"
197+ "FDaPsY6WAGuRtrhYJE6Gk/bg5qbdMAUGAytlcANBAMIDh8aGcIIFDTUrzfV7tnkX\n"
198+ "hHrxyFKBH/cApf6xcJQTfDXm23po627Ibp+WgLaWMY08Fn9Y2V6Ev8ADfqXNbQ8=\n"
199+ "-----END CERTIFICATE-----\n",
200+ /* ICA16 */
201+ "-----BEGIN CERTIFICATE-----\n"
202+ "MIIBYTCCAROgAwIBAgIUSnE0PKdm/dsnZSWBh5Ct4pS6DcwwBQYDK2VwMB0xGzAZ\n"
203+ "BgNVBAMMEkdudVRMUyB0ZXN0IElDQSAkaTAgFw0yNDAzMTIyMjUzMzlaGA85OTk5\n"
204+ "MTIzMTIzNTk1OVowHTEbMBkGA1UEAwwSR251VExTIHRlc3QgSUNBICRpMCowBQYD\n"
205+ "K2VwAyEAxq9SI8vp0QH1dDBBuZW+t+bLLROppQbjSQ4O1BEonDOjYzBhMA8GA1Ud\n"
206+ "EwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgIEMB0GA1UdDgQWBBQ2j7GOlgBrkba4\n"
207+ "WCROhpP24Oam3TAfBgNVHSMEGDAWgBRvdUKX0aw3nfUIdvivXGSfRO7zyjAFBgMr\n"
208+ "ZXADQQBsI2Hc7X5hXoHTvk01qMc5a1I27QHAFRARJnvIQ15wxNS2LVLzGk+AUmwr\n"
209+ "sOhBKAcVfS55uWtYdjoWQ80h238H\n"
210+ "-----END CERTIFICATE-----\n",
211+ /* ICA15 */
212+ "-----BEGIN CERTIFICATE-----\n"
213+ "MIIBYTCCAROgAwIBAgIUQk4XkgQVImnp6OPZas7ctwgBza4wBQYDK2VwMB0xGzAZ\n"
214+ "BgNVBAMMEkdudVRMUyB0ZXN0IElDQSAkaTAgFw0yNDAzMTIyMjUzMzlaGA85OTk5\n"
215+ "MTIzMTIzNTk1OVowHTEbMBkGA1UEAwwSR251VExTIHRlc3QgSUNBICRpMCowBQYD\n"
216+ "K2VwAyEAs3yVKLJd3sKbNVmj6Bxy2j1x025rksyQpZZWnCx5a+CjYzBhMA8GA1Ud\n"
217+ "EwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgIEMB0GA1UdDgQWBBRvdUKX0aw3nfUI\n"
218+ "dvivXGSfRO7zyjAfBgNVHSMEGDAWgBRhGfUXYPh4YQsdtTWYUozLphGgfzAFBgMr\n"
219+ "ZXADQQBXTtm56x6/pHXdW8dTvZLc/8RufNQrMlc23TCgX0apUnrZdTsNAb7OE4Uu\n"
220+ "9PBuxK+CC9NL/BL2hXsKvAT+NWME\n"
221+ "-----END CERTIFICATE-----\n",
222+ /* ICA14 */
223+ "-----BEGIN CERTIFICATE-----\n"
224+ "MIIBYTCCAROgAwIBAgIUKfwz7UUYRvYlvqwmnLJlTOS9o1AwBQYDK2VwMB0xGzAZ\n"
225+ "BgNVBAMMEkdudVRMUyB0ZXN0IElDQSAkaTAgFw0yNDAzMTIyMjUzMzlaGA85OTk5\n"
226+ "MTIzMTIzNTk1OVowHTEbMBkGA1UEAwwSR251VExTIHRlc3QgSUNBICRpMCowBQYD\n"
227+ "K2VwAyEAXbUetQ08t+F4+IcKL++HpeclqTxXZ7cG4mwqvHmTUEWjYzBhMA8GA1Ud\n"
228+ "EwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgIEMB0GA1UdDgQWBBRhGfUXYPh4YQsd\n"
229+ "tTWYUozLphGgfzAfBgNVHSMEGDAWgBQYRQqO+V1kefF7QvNnFU1fX5H9+jAFBgMr\n"
230+ "ZXADQQAiSHNMTLPFP3oa6q13Dj8jSxF9trQDJGM1ArWffFcPZUt2U4/ODHdcMTHx\n"
231+ "kGwhIj+ghBlu6ykgu6J2wewCUooC\n"
232+ "-----END CERTIFICATE-----\n",
233+ /* ICA13 */
234+ "-----BEGIN CERTIFICATE-----\n"
235+ "MIIBYTCCAROgAwIBAgIUUKOs59gyCPAZzoC7zMZQSh6AnQgwBQYDK2VwMB0xGzAZ\n"
236+ "BgNVBAMMEkdudVRMUyB0ZXN0IElDQSAkaTAgFw0yNDAzMTIyMjUzMzlaGA85OTk5\n"
237+ "MTIzMTIzNTk1OVowHTEbMBkGA1UEAwwSR251VExTIHRlc3QgSUNBICRpMCowBQYD\n"
238+ "K2VwAyEAmvqhj5GYqsXIpsr1BXBfD+2mTP/m/TEpKIYSZHM62dijYzBhMA8GA1Ud\n"
239+ "EwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgIEMB0GA1UdDgQWBBQYRQqO+V1kefF7\n"
240+ "QvNnFU1fX5H9+jAfBgNVHSMEGDAWgBQ27HzvP5hl2xR+LOzRcPfmY5ndXjAFBgMr\n"
241+ "ZXADQQBrB3NkrYC7EQ74qgeesVOE71rW012dPOOKPAV0laR+JLEgsv9sfus+AdBF\n"
242+ "WBNwR3KeYBTi/MFDuecxBHU2m5gD\n"
243+ "-----END CERTIFICATE-----\n",
244+ /* ICA12 */
245+ "-----BEGIN CERTIFICATE-----\n"
246+ "MIIBYTCCAROgAwIBAgIUUQooGfH21+sR7/pSgCWm13gg2H4wBQYDK2VwMB0xGzAZ\n"
247+ "BgNVBAMMEkdudVRMUyB0ZXN0IElDQSAkaTAgFw0yNDAzMTIyMjUzMzlaGA85OTk5\n"
248+ "MTIzMTIzNTk1OVowHTEbMBkGA1UEAwwSR251VExTIHRlc3QgSUNBICRpMCowBQYD\n"
249+ "K2VwAyEAK2of/B4wMpk6k/KdugC5dMS+jo2fseUM7/PvXkE6HASjYzBhMA8GA1Ud\n"
250+ "EwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgIEMB0GA1UdDgQWBBQ27HzvP5hl2xR+\n"
251+ "LOzRcPfmY5ndXjAfBgNVHSMEGDAWgBSJDHU0Mj1Xr0e8ErCnRK24w7XwTTAFBgMr\n"
252+ "ZXADQQDY8d2bAZpj7oGhdl2dBsCE48jEWj49da0PbgN12koAj3gf4hjMPd8G7p5z\n"
253+ "8RsURAwQmCkE8ShvdNw/Qr2tDL0E\n"
254+ "-----END CERTIFICATE-----\n",
255+ /* ICA11 */
256+ "-----BEGIN CERTIFICATE-----\n"
257+ "MIIBYTCCAROgAwIBAgIUW9Dw0hU2pfjXhb5Stip+mk9SndIwBQYDK2VwMB0xGzAZ\n"
258+ "BgNVBAMMEkdudVRMUyB0ZXN0IElDQSAkaTAgFw0yNDAzMTIyMjUzMzlaGA85OTk5\n"
259+ "MTIzMTIzNTk1OVowHTEbMBkGA1UEAwwSR251VExTIHRlc3QgSUNBICRpMCowBQYD\n"
260+ "K2VwAyEAn5ISjLVV6RBWsnxDWHDicpye7SjFwGOTwzF01/psiJ2jYzBhMA8GA1Ud\n"
261+ "EwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgIEMB0GA1UdDgQWBBSJDHU0Mj1Xr0e8\n"
262+ "ErCnRK24w7XwTTAfBgNVHSMEGDAWgBSR9UU27RI0XohiEgHDxNo/9HP4djAFBgMr\n"
263+ "ZXADQQCfQg6MDHk71vhyrEo4/5PcLb2Li5F/FKURyux7snv2TbkSdInloAqca9UR\n"
264+ "DtqHSLCNLXCNdSPr5QwIt5p29rsE\n"
265+ "-----END CERTIFICATE-----\n",
266+ /* ICA10 */
267+ "-----BEGIN CERTIFICATE-----\n"
268+ "MIIBYTCCAROgAwIBAgIUR4uTedG8e6MibKViQ3eX7QzXG1swBQYDK2VwMB0xGzAZ\n"
269+ "BgNVBAMMEkdudVRMUyB0ZXN0IElDQSAkaTAgFw0yNDAzMTIyMjUzMzlaGA85OTk5\n"
270+ "MTIzMTIzNTk1OVowHTEbMBkGA1UEAwwSR251VExTIHRlc3QgSUNBICRpMCowBQYD\n"
271+ "K2VwAyEAnslX04kSVOL5LAf1e+Ze3ggNnDJcEAxLDk8I/IhyjTyjYzBhMA8GA1Ud\n"
272+ "EwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgIEMB0GA1UdDgQWBBSR9UU27RI0Xohi\n"
273+ "EgHDxNo/9HP4djAfBgNVHSMEGDAWgBRC7US5gJYnvd5F7EN+C4anMgd2NzAFBgMr\n"
274+ "ZXADQQDo+jHt07Tvz3T5Lbz6apBrSln8xKYfJk2W1wP85XAnf7sZT9apM1bS4EyD\n"
275+ "Kckw+KG+9x7myOZz6AXJgZB5OGAO\n"
276+ "-----END CERTIFICATE-----\n",
277+ /* ICA9 */
278+ "-----BEGIN CERTIFICATE-----\n"
279+ "MIIBYTCCAROgAwIBAgIUSIIIRjrNpE+kEPkiJMOqaNAazvQwBQYDK2VwMB0xGzAZ\n"
280+ "BgNVBAMMEkdudVRMUyB0ZXN0IElDQSAkaTAgFw0yNDAzMTIyMjUzMzlaGA85OTk5\n"
281+ "MTIzMTIzNTk1OVowHTEbMBkGA1UEAwwSR251VExTIHRlc3QgSUNBICRpMCowBQYD\n"
282+ "K2VwAyEAZKy7p1Gn4W/reRxKJN99+QkHt2q9aELktCKe5PqrX5ejYzBhMA8GA1Ud\n"
283+ "EwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgIEMB0GA1UdDgQWBBRC7US5gJYnvd5F\n"
284+ "7EN+C4anMgd2NzAfBgNVHSMEGDAWgBSOhR7Ornis2x8g0J+bvTTwMnW60zAFBgMr\n"
285+ "ZXADQQA0MEcC4FgKZEAfalVpApU2to0G158MVz/WTNcSc7fnl8ifJ/g56dVHL1jr\n"
286+ "REvC/S28dn/CGAlbVXUAgxnHAbgE\n"
287+ "-----END CERTIFICATE-----\n",
288+ /* ICA8 */
289+ "-----BEGIN CERTIFICATE-----\n"
290+ "MIIBYTCCAROgAwIBAgIUGGFSgD95vOTSj7iFxfXA5vq6vsYwBQYDK2VwMB0xGzAZ\n"
291+ "BgNVBAMMEkdudVRMUyB0ZXN0IElDQSAkaTAgFw0yNDAzMTIyMjUzMzlaGA85OTk5\n"
292+ "MTIzMTIzNTk1OVowHTEbMBkGA1UEAwwSR251VExTIHRlc3QgSUNBICRpMCowBQYD\n"
293+ "K2VwAyEAg3W/bTdW0fR32NeZEVMXICpa30d7rSdddLOYDvqqUO+jYzBhMA8GA1Ud\n"
294+ "EwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgIEMB0GA1UdDgQWBBSOhR7Ornis2x8g\n"
295+ "0J+bvTTwMnW60zAfBgNVHSMEGDAWgBT3zK8Hbn9aVTAOOFY6RSxJ2o5x2jAFBgMr\n"
296+ "ZXADQQBl4gnzE463iMFg57gPvjHdVzA39sJBpiu0kUGfRcLnoRI/VOaLcx7WnJ9+\n"
297+ "c3KxPZBec76EdIoQDkTmI6m2FIAM\n"
298+ "-----END CERTIFICATE-----\n",
299+ /* ICA7 */
300+ "-----BEGIN CERTIFICATE-----\n"
301+ "MIIBYTCCAROgAwIBAgIUGktMGXhNuaMhKyAlecymmLD+/GIwBQYDK2VwMB0xGzAZ\n"
302+ "BgNVBAMMEkdudVRMUyB0ZXN0IElDQSAkaTAgFw0yNDAzMTIyMjUzMzlaGA85OTk5\n"
303+ "MTIzMTIzNTk1OVowHTEbMBkGA1UEAwwSR251VExTIHRlc3QgSUNBICRpMCowBQYD\n"
304+ "K2VwAyEA/Z1oc76hOQ0Hi+2hePaGIntnMIDqBlb7RDMjRpYONP2jYzBhMA8GA1Ud\n"
305+ "EwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgIEMB0GA1UdDgQWBBT3zK8Hbn9aVTAO\n"
306+ "OFY6RSxJ2o5x2jAfBgNVHSMEGDAWgBSPae3JUN3jP0NgUJqDV3eYxcaM3DAFBgMr\n"
307+ "ZXADQQBMkwKaUZlvG/hax8rv3nnDv8kJOr6KVHBnxSx3hZ+8HIBT7GFm1+YDeYOB\n"
308+ "jhNg66kyeFPGXXBCe+mvNQFFjCEE\n"
309+ "-----END CERTIFICATE-----\n",
310+ /* ICA6 */
311+ "-----BEGIN CERTIFICATE-----\n"
312+ "MIIBYTCCAROgAwIBAgIUKn3gz5lAUpKqWlHKLKYDbOJ4rygwBQYDK2VwMB0xGzAZ\n"
313+ "BgNVBAMMEkdudVRMUyB0ZXN0IElDQSAkaTAgFw0yNDAzMTIyMjUzMzlaGA85OTk5\n"
314+ "MTIzMTIzNTk1OVowHTEbMBkGA1UEAwwSR251VExTIHRlc3QgSUNBICRpMCowBQYD\n"
315+ "K2VwAyEAZ/eD4eTe91ddvHusm7YlLPxU4ByGFc6suAmlP1CxXkWjYzBhMA8GA1Ud\n"
316+ "EwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgIEMB0GA1UdDgQWBBSPae3JUN3jP0Ng\n"
317+ "UJqDV3eYxcaM3DAfBgNVHSMEGDAWgBT9f/qSI/jhxvGI7aMtkpraDcjBnjAFBgMr\n"
318+ "ZXADQQAMRnkmRhnLGdmJaY8B42gfyaAsqCMyds/Tw4OHYy+N48XuAxRjKkhf3szC\n"
319+ "0lY71oU043mNP1yx/dzAuCTrVSgI\n"
320+ "-----END CERTIFICATE-----\n",
321+ /* ICA5 */
322+ "-----BEGIN CERTIFICATE-----\n"
323+ "MIIBYTCCAROgAwIBAgIUEgEYbBXXEyGv3vOq10JQv1SBiUUwBQYDK2VwMB0xGzAZ\n"
324+ "BgNVBAMMEkdudVRMUyB0ZXN0IElDQSAkaTAgFw0yNDAzMTIyMjUzMzlaGA85OTk5\n"
325+ "MTIzMTIzNTk1OVowHTEbMBkGA1UEAwwSR251VExTIHRlc3QgSUNBICRpMCowBQYD\n"
326+ "K2VwAyEAs2xEDPw8RVal53nX9GVwUd1blq1wjtVFC8S1V7up7MWjYzBhMA8GA1Ud\n"
327+ "EwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgIEMB0GA1UdDgQWBBT9f/qSI/jhxvGI\n"
328+ "7aMtkpraDcjBnjAfBgNVHSMEGDAWgBRBVkLu9BmCKz7HNI8md4vPpoE/7jAFBgMr\n"
329+ "ZXADQQCCufAyLijtzzmeCuO3K50rBSbGvB3FQfep7g6kVsQKM3bw/olWK5/Ji0dD\n"
330+ "ubJ0cFl1FmfAda7aVxLBtJOvO6MI\n"
331+ "-----END CERTIFICATE-----\n",
332+ /* ICA4 */
333+ "-----BEGIN CERTIFICATE-----\n"
334+ "MIIBYTCCAROgAwIBAgIULj8GkaHw+92HuOTnXnXlxCy3VrEwBQYDK2VwMB0xGzAZ\n"
335+ "BgNVBAMMEkdudVRMUyB0ZXN0IElDQSAkaTAgFw0yNDAzMTIyMjUzMzlaGA85OTk5\n"
336+ "MTIzMTIzNTk1OVowHTEbMBkGA1UEAwwSR251VExTIHRlc3QgSUNBICRpMCowBQYD\n"
337+ "K2VwAyEAiedxh4dvtwDellMAHc/pZH0MAOXobRenTUgF1yj5l12jYzBhMA8GA1Ud\n"
338+ "EwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgIEMB0GA1UdDgQWBBRBVkLu9BmCKz7H\n"
339+ "NI8md4vPpoE/7jAfBgNVHSMEGDAWgBSDtNRgQ36KwW/ASaMyr6WeDt0STDAFBgMr\n"
340+ "ZXADQQDL8U2ckzur7CktdrVUNvfLhVCOz33d/62F28vQFHUa8h/4h+Mi1MMbXOKT\n"
341+ "1bL2TvpFpU7Fx/vcIPXDielVqr4C\n"
342+ "-----END CERTIFICATE-----\n",
343+ /* ICA3 */
344+ "-----BEGIN CERTIFICATE-----\n"
345+ "MIIBYTCCAROgAwIBAgIUQXl74TDDw6MQRMbQUSPa6Qrvba8wBQYDK2VwMB0xGzAZ\n"
346+ "BgNVBAMMEkdudVRMUyB0ZXN0IElDQSAkaTAgFw0yNDAzMTIyMjUzMzlaGA85OTk5\n"
347+ "MTIzMTIzNTk1OVowHTEbMBkGA1UEAwwSR251VExTIHRlc3QgSUNBICRpMCowBQYD\n"
348+ "K2VwAyEA7l0jQ0f4fJRw7Qja/Hz2qn8y91SI7CokxhSf+FT+9M6jYzBhMA8GA1Ud\n"
349+ "EwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgIEMB0GA1UdDgQWBBSDtNRgQ36KwW/A\n"
350+ "SaMyr6WeDt0STDAfBgNVHSMEGDAWgBQ2inEK4KH6ATftmybxKE1dZUzOozAFBgMr\n"
351+ "ZXADQQCnP7Oqx1epGnFnO7TrTJwcUukXDEYsINve2GeUsi8HEIeKKlMcLZ2Cnaj7\n"
352+ "5v9NGuWh3QJpmmSGpEemiv8dJc4A\n"
353+ "-----END CERTIFICATE-----\n",
354+ /* ICA2 */
355+ "-----BEGIN CERTIFICATE-----\n"
356+ "MIIBYTCCAROgAwIBAgIUP7Nmof8H2F1LyDkjqlYIUpGdXE8wBQYDK2VwMB0xGzAZ\n"
357+ "BgNVBAMMEkdudVRMUyB0ZXN0IElDQSAkaTAgFw0yNDAzMTIyMjUzMzlaGA85OTk5\n"
358+ "MTIzMTIzNTk1OVowHTEbMBkGA1UEAwwSR251VExTIHRlc3QgSUNBICRpMCowBQYD\n"
359+ "K2VwAyEAkW9Rod3CXAnha6nlaHkDbCOegq94lgmjqclA9sOIt3yjYzBhMA8GA1Ud\n"
360+ "EwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgIEMB0GA1UdDgQWBBQ2inEK4KH6ATft\n"
361+ "mybxKE1dZUzOozAfBgNVHSMEGDAWgBRPq/CQlK/zuXkjZvTCibu+vejD+jAFBgMr\n"
362+ "ZXADQQBU+A+uF0yrtO/yv9cRUdCoL3Y1NKM35INg8BQDnkv724cW9zk1x0q9Fuou\n"
363+ "zvfSVb8S3vT8fF5ZDOxarQs6ZH0C\n"
364+ "-----END CERTIFICATE-----\n",
365+ /* ICA1 */
366+ "-----BEGIN CERTIFICATE-----\n"
367+ "MIIBXTCCAQ+gAwIBAgIUfUWP+AQHpdFTRKTf21mMzjaJsp0wBQYDK2VwMBkxFzAV\n"
368+ "BgNVBAMTDkdudVRMUyB0ZXN0IENBMCAXDTI0MDMxMjIyNTMzOVoYDzk5OTkxMjMx\n"
369+ "MjM1OTU5WjAdMRswGQYDVQQDDBJHbnVUTFMgdGVzdCBJQ0EgJGkwKjAFBgMrZXAD\n"
370+ "IQAVmfBAvLbT+pTD24pQrr6S0jEIFIV/qOv93yYvAUzpzKNjMGEwDwYDVR0TAQH/\n"
371+ "BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAgQwHQYDVR0OBBYEFE+r8JCUr/O5eSNm9MKJ\n"
372+ "u7696MP6MB8GA1UdIwQYMBaAFAFpt5wrFsqCtHc4PpluPDvwcxQLMAUGAytlcANB\n"
373+ "AC6+XZnthjlUD0TbBKRF3qT5if3Pp29Bgvutw8859unzUZW8FkHg5KeDBj9ncgJc\n"
374+ "O2tFnNH2hV6LDPJzU0rtLQc=\n"
375+ "-----END CERTIFICATE-----\n",
376+ NULL
377+};
378+
379+static const char *many_icas_ca[] = {
380+ /* CA (self-signed) */
381+ "-----BEGIN CERTIFICATE-----\n"
382+ "MIIBNzCB6qADAgECAhRjaokcQwcrtW8tjuVFz3A33F8POjAFBgMrZXAwGTEXMBUG\n"
383+ "A1UEAxMOR251VExTIHRlc3QgQ0EwIBcNMjQwMzEyMjI1MzM5WhgPOTk5OTEyMzEy\n"
384+ "MzU5NTlaMBkxFzAVBgNVBAMTDkdudVRMUyB0ZXN0IENBMCowBQYDK2VwAyEAvoxP\n"
385+ "TNdbWktxA8qQNNH+25Cx9rzP+DxLGeI/7ODwrQGjQjBAMA8GA1UdEwEB/wQFMAMB\n"
386+ "Af8wDgYDVR0PAQH/BAQDAgIEMB0GA1UdDgQWBBQBabecKxbKgrR3OD6Zbjw78HMU\n"
387+ "CzAFBgMrZXADQQCP5IUD74M7WrUx20uqzrzuj+s2jnBVmLQfWf/Ucetx+oTRFeq4\n"
388+ "xZB/adWhycSeJUAB1zKqYUV9hgT8FWHbnHII\n"
389+ "-----END CERTIFICATE-----\n",
390+ NULL
391+};
392+
393 #if defined __clang__ || __GNUC__ > 4 || (__GNUC__ == 4 && __GNUC_MINOR__ >= 5)
394 # pragma GCC diagnostic push
395 # pragma GCC diagnostic ignored "-Wunused-variable"
396@@ -4567,6 +4774,8 @@ static struct
397 GNUTLS_CERT_INSECURE_ALGORITHM | GNUTLS_CERT_INVALID, NULL, 1620118136, 1},
398 { "cross signed - ok", cross_signed, cross_signed_ca, 0, 0, 0,
399 1704955300 },
400+ { "many intermediates - ok", many_icas, many_icas_ca, 0, 0, 0,
401+ 1710284400 },
402 { NULL, NULL, NULL, 0, 0}
403 };
404
405--
4062.40.0
diff --git a/meta/recipes-support/gnutls/gnutls_3.7.4.bb b/meta/recipes-support/gnutls/gnutls_3.7.4.bb
index b290022781..9f502e3f7c 100644
--- a/meta/recipes-support/gnutls/gnutls_3.7.4.bb
+++ b/meta/recipes-support/gnutls/gnutls_3.7.4.bb
@@ -26,6 +26,8 @@ SRC_URI = "https://www.gnupg.org/ftp/gcrypt/gnutls/v${SHRT_VER}/gnutls-${PV}.tar
26 file://CVE-2023-5981.patch \ 26 file://CVE-2023-5981.patch \
27 file://CVE-2024-0553.patch \ 27 file://CVE-2024-0553.patch \
28 file://CVE-2024-0567.patch \ 28 file://CVE-2024-0567.patch \
29 file://CVE-2024-28834.patch \
30 file://CVE-2024-28835.patch \
29 " 31 "
30 32
31SRC_URI[sha256sum] = "e6adbebcfbc95867de01060d93c789938cf89cc1d1f6ef9ef661890f6217451f" 33SRC_URI[sha256sum] = "e6adbebcfbc95867de01060d93c789938cf89cc1d1f6ef9ef661890f6217451f"
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-05-09 00:03:48 +0000