diff options
Diffstat (limited to 'meta/recipes-connectivity/openssl/openssl/CVE-2015-3193-bn-asm-x86_64-mont5.pl-fix-carry-propagating-bug-CVE.patch')
-rw-r--r-- | meta/recipes-connectivity/openssl/openssl/CVE-2015-3193-bn-asm-x86_64-mont5.pl-fix-carry-propagating-bug-CVE.patch | 101 |
1 files changed, 0 insertions, 101 deletions
diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2015-3193-bn-asm-x86_64-mont5.pl-fix-carry-propagating-bug-CVE.patch b/meta/recipes-connectivity/openssl/openssl/CVE-2015-3193-bn-asm-x86_64-mont5.pl-fix-carry-propagating-bug-CVE.patch deleted file mode 100644 index 125016a23a..0000000000 --- a/meta/recipes-connectivity/openssl/openssl/CVE-2015-3193-bn-asm-x86_64-mont5.pl-fix-carry-propagating-bug-CVE.patch +++ /dev/null | |||
@@ -1,101 +0,0 @@ | |||
1 | From d73cc256c8e256c32ed959456101b73ba9842f72 Mon Sep 17 00:00:00 2001 | ||
2 | From: Andy Polyakov <appro@openssl.org> | ||
3 | Date: Tue, 1 Dec 2015 09:00:32 +0100 | ||
4 | Subject: [PATCH] bn/asm/x86_64-mont5.pl: fix carry propagating bug | ||
5 | (CVE-2015-3193). | ||
6 | |||
7 | Reviewed-by: Richard Levitte <levitte@openssl.org> | ||
8 | (cherry picked from commit e7c078db57908cbf16074c68034977565ffaf107) | ||
9 | |||
10 | Upstream-Status: Backport | ||
11 | |||
12 | This patch was imported from | ||
13 | https://git.openssl.org/?p=openssl.git;a=commit;h=d73cc256c8e256c32ed959456101b73ba9842f72 | ||
14 | |||
15 | Signed-off-by: Armin Kuster <akuster@mvista.com> | ||
16 | |||
17 | --- | ||
18 | crypto/bn/asm/x86_64-mont5.pl | 22 +++++++++++++++++++--- | ||
19 | crypto/bn/bntest.c | 18 ++++++++++++++++++ | ||
20 | 2 files changed, 37 insertions(+), 3 deletions(-) | ||
21 | |||
22 | Index: openssl-1.0.2d/crypto/bn/asm/x86_64-mont5.pl | ||
23 | =================================================================== | ||
24 | --- openssl-1.0.2d.orig/crypto/bn/asm/x86_64-mont5.pl | ||
25 | +++ openssl-1.0.2d/crypto/bn/asm/x86_64-mont5.pl | ||
26 | @@ -1779,6 +1779,15 @@ sqr8x_reduction: | ||
27 | .align 32 | ||
28 | .L8x_tail_done: | ||
29 | add (%rdx),%r8 # can this overflow? | ||
30 | + adc \$0,%r9 | ||
31 | + adc \$0,%r10 | ||
32 | + adc \$0,%r11 | ||
33 | + adc \$0,%r12 | ||
34 | + adc \$0,%r13 | ||
35 | + adc \$0,%r14 | ||
36 | + adc \$0,%r15 # can't overflow, because we | ||
37 | + # started with "overhung" part | ||
38 | + # of multiplication | ||
39 | xor %rax,%rax | ||
40 | |||
41 | neg $carry | ||
42 | @@ -3125,6 +3134,15 @@ sqrx8x_reduction: | ||
43 | .align 32 | ||
44 | .Lsqrx8x_tail_done: | ||
45 | add 24+8(%rsp),%r8 # can this overflow? | ||
46 | + adc \$0,%r9 | ||
47 | + adc \$0,%r10 | ||
48 | + adc \$0,%r11 | ||
49 | + adc \$0,%r12 | ||
50 | + adc \$0,%r13 | ||
51 | + adc \$0,%r14 | ||
52 | + adc \$0,%r15 # can't overflow, because we | ||
53 | + # started with "overhung" part | ||
54 | + # of multiplication | ||
55 | mov $carry,%rax # xor %rax,%rax | ||
56 | |||
57 | sub 16+8(%rsp),$carry # mov 16(%rsp),%cf | ||
58 | @@ -3168,13 +3186,11 @@ my ($rptr,$nptr)=("%rdx","%rbp"); | ||
59 | my @ri=map("%r$_",(10..13)); | ||
60 | my @ni=map("%r$_",(14..15)); | ||
61 | $code.=<<___; | ||
62 | - xor %rbx,%rbx | ||
63 | + xor %ebx,%ebx | ||
64 | sub %r15,%rsi # compare top-most words | ||
65 | adc %rbx,%rbx | ||
66 | mov %rcx,%r10 # -$num | ||
67 | - .byte 0x67 | ||
68 | or %rbx,%rax | ||
69 | - .byte 0x67 | ||
70 | mov %rcx,%r9 # -$num | ||
71 | xor \$1,%rax | ||
72 | sar \$3+2,%rcx # cf=0 | ||
73 | Index: openssl-1.0.2d/crypto/bn/bntest.c | ||
74 | =================================================================== | ||
75 | --- openssl-1.0.2d.orig/crypto/bn/bntest.c | ||
76 | +++ openssl-1.0.2d/crypto/bn/bntest.c | ||
77 | @@ -1027,6 +1027,24 @@ int test_mod_exp_mont_consttime(BIO *bp, | ||
78 | return 0; | ||
79 | } | ||
80 | } | ||
81 | + | ||
82 | + /* Regression test for carry propagation bug in sqr8x_reduction */ | ||
83 | + BN_hex2bn(&a, "050505050505"); | ||
84 | + BN_hex2bn(&b, "02"); | ||
85 | + BN_hex2bn(&c, | ||
86 | + "4141414141414141414141274141414141414141414141414141414141414141" | ||
87 | + "4141414141414141414141414141414141414141414141414141414141414141" | ||
88 | + "4141414141414141414141800000000000000000000000000000000000000000" | ||
89 | + "0000000000000000000000000000000000000000000000000000000000000000" | ||
90 | + "0000000000000000000000000000000000000000000000000000000000000000" | ||
91 | + "0000000000000000000000000000000000000000000000000000000001"); | ||
92 | + BN_mod_exp(d, a, b, c, ctx); | ||
93 | + BN_mul(e, a, a, ctx); | ||
94 | + if (BN_cmp(d, e)) { | ||
95 | + fprintf(stderr, "BN_mod_exp and BN_mul produce different results!\n"); | ||
96 | + return 0; | ||
97 | + } | ||
98 | + | ||
99 | BN_free(a); | ||
100 | BN_free(b); | ||
101 | BN_free(c); | ||