3 files changed, 5 insertions, 75 deletions
diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2019-1543.patch b/meta/recipes-connectivity/openssl/openssl/CVE-2019-1543.patch
deleted file mode 100644
index 900ef97fce..0000000000
--- a/meta/recipes-connectivity/openssl/openssl/CVE-2019-1543.patch
+++ /dev/null
@@ -1,69 +0,0 @@
-Upstream-Status: Backport [https://github.com/openssl/openssl/commit/f426625b6ae9a7831010750490a5f0ad689c5ba3]
-Signed-off-by: Ross Burton <ross.burton@intel.com>
-From f426625b6ae9a7831010750490a5f0ad689c5ba3 Mon Sep 17 00:00:00 2001
-From: Matt Caswell <matt@openssl.org>
-Date: Tue, 5 Mar 2019 14:39:15 +0000
-Subject: [PATCH] Prevent over long nonces in ChaCha20-Poly1305
-ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for
-every encryption operation. RFC 7539 specifies that the nonce value (IV)
-should be 96 bits (12 bytes). OpenSSL allows a variable nonce length and
-front pads the nonce with 0 bytes if it is less than 12 bytes. However it
-also incorrectly allows a nonce to be set of up to 16 bytes. In this case
-only the last 12 bytes are significant and any additional leading bytes are
-ignored.
-It is a requirement of using this cipher that nonce values are unique.
-Messages encrypted using a reused nonce value are susceptible to serious
-confidentiality and integrity attacks. If an application changes the
-default nonce length to be longer than 12 bytes and then makes a change to
-the leading bytes of the nonce expecting the new value to be a new unique
-nonce then such an application could inadvertently encrypt messages with a
-reused nonce.
-Additionally the ignored bytes in a long nonce are not covered by the
-integrity guarantee of this cipher. Any application that relies on the
-integrity of these ignored leading bytes of a long nonce may be further
-affected.
-Any OpenSSL internal use of this cipher, including in SSL/TLS, is safe
-because no such use sets such a long nonce value. However user
-applications that use this cipher directly and set a non-default nonce
-length to be longer than 12 bytes may be vulnerable.
-CVE: CVE-2019-1543
-Fixes #8345
-Reviewed-by: Paul Dale <paul.dale@oracle.com>
-Reviewed-by: Richard Levitte <levitte@openssl.org>
-(Merged from https://github.com/openssl/openssl/pull/8406)
-(cherry picked from commit 2a3d0ee9d59156c48973592331404471aca886d6)
---
- crypto/evp/e_chacha20_poly1305.c | 4 +++-
- 1 file changed, 3 insertions(+), 1 deletion(-)
-diff --git a/crypto/evp/e_chacha20_poly1305.c b/crypto/evp/e_chacha20_poly1305.c
-index c1917bb86a6..d3e2c622a1b 100644
--- a/crypto/evp/e_chacha20_poly1305.c
-+++ b/crypto/evp/e_chacha20_poly1305.c
-@@ -30,6 +30,8 @@ typedef struct {
- 
- #define data(ctx)   ((EVP_CHACHA_KEY *)(ctx)->cipher_data)
- 
-+#define CHACHA20_POLY1305_MAX_IVLEN     12
-+
- static int chacha_init_key(EVP_CIPHER_CTX *ctx,
-                            const unsigned char user_key[CHACHA_KEY_SIZE],
-                            const unsigned char iv[CHACHA_CTR_SIZE], int enc)
-@@ -533,7 +535,7 @@ static int chacha20_poly1305_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg,
-         return 1;
- 
-     case EVP_CTRL_AEAD_SET_IVLEN:
-        if (arg <= 0 || arg > CHACHA_CTR_SIZE)
-+        if (arg <= 0 || arg > CHACHA20_POLY1305_MAX_IVLEN)
-             return 0;
-         actx->nonce_len = arg;
-         return 1;
diff --git a/meta/recipes-connectivity/openssl/openssl/afalg.patch b/meta/recipes-connectivity/openssl/openssl/afalg.patch
index 7c4b084f3d..b7c0e9697f 100644
--- a/meta/recipes-connectivity/openssl/openssl/afalg.patch
+++ b/meta/recipes-connectivity/openssl/openssl/afalg.patch
@@ -18,14 +18,14 @@ index 3baa8ce..9ef52ed 100755
 -            ($mi2) = $mi2 =~ /(\d+)/;
 -            my $ver = $ma*10000 + $mi1*100 + $mi2;
 -            if ($ver < $minver) {
-                $disabled{afalgeng} = "too-old-kernel";
+-                disable('too-old-kernel', 'afalgeng');
 -            } else {
 -                push @{$config{engdirs}}, "afalg";
 -            }
 -        } else {
-            $disabled{afalgeng} = "cross-compiling";
+-            disable('cross-compiling', 'afalgeng');
 -        }
 +        push @{$config{engdirs}}, "afalg";
     } else {
-         $disabled{afalgeng}  = "not-linux";
+         disable('not-linux', 'afalgeng');
     }
diff --git a/meta/recipes-connectivity/openssl/openssl_1.1.1b.bb b/meta/recipes-connectivity/openssl/openssl_1.1.1c.bb
index 13e6ad4db7..94f4d49724 100644
--- a/meta/recipes-connectivity/openssl/openssl_1.1.1b.bb
+++ b/meta/recipes-connectivity/openssl/openssl_1.1.1c.bb
@@ -16,15 +16,14 @@ SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \
           file://0001-skip-test_symbol_presence.patch \
           file://0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch \
           file://afalg.patch \
-           file://CVE-2019-1543.patch \
           "
 SRC_URI_append_class-nativesdk = " \
           file://environment.d-openssl.sh \
           "
-SRC_URI[md5sum] = "4532712e7bcc9414f5bce995e4e13930"
+SRC_URI[md5sum] = "15e21da6efe8aa0e0768ffd8cd37a5f6"
-SRC_URI[sha256sum] = "5c557b023230413dfb0756f3137a13e6d726838ccd1430888ad15bfb2b43ea4b"
+SRC_URI[sha256sum] = "f6fb3079ad15076154eda9413fed42877d668e7069d9b87396d0804fdb3f4c90"
 inherit lib_package multilib_header ptest

diff --git a/meta/recipes-connectivity/openssl/openssl/CVE-2019-1543.patch b/meta/recipes-connectivity/openssl/openssl/CVE-2019-1543.patch deleted file mode 100644 index 900ef97fce..0000000000 --- a/meta/recipes-connectivity/openssl/openssl/CVE-2019-1543.patch +++ /dev/null
@@ -1,69 +0,0 @@
1	Upstream-Status: Backport [https://github.com/openssl/openssl/commit/f426625b6ae9a7831010750490a5f0ad689c5ba3]
2	Signed-off-by: Ross Burton <ross.burton@intel.com>
3
4	From f426625b6ae9a7831010750490a5f0ad689c5ba3 Mon Sep 17 00:00:00 2001
5	From: Matt Caswell <matt@openssl.org>
6	Date: Tue, 5 Mar 2019 14:39:15 +0000
7	Subject: [PATCH] Prevent over long nonces in ChaCha20-Poly1305
8
9	ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for
10	every encryption operation. RFC 7539 specifies that the nonce value (IV)
11	should be 96 bits (12 bytes). OpenSSL allows a variable nonce length and
12	front pads the nonce with 0 bytes if it is less than 12 bytes. However it
13	also incorrectly allows a nonce to be set of up to 16 bytes. In this case
14	only the last 12 bytes are significant and any additional leading bytes are
15	ignored.
16
17	It is a requirement of using this cipher that nonce values are unique.
18	Messages encrypted using a reused nonce value are susceptible to serious
19	confidentiality and integrity attacks. If an application changes the
20	default nonce length to be longer than 12 bytes and then makes a change to
21	the leading bytes of the nonce expecting the new value to be a new unique
22	nonce then such an application could inadvertently encrypt messages with a
23	reused nonce.
24
25	Additionally the ignored bytes in a long nonce are not covered by the
26	integrity guarantee of this cipher. Any application that relies on the
27	integrity of these ignored leading bytes of a long nonce may be further
28	affected.
29
30	Any OpenSSL internal use of this cipher, including in SSL/TLS, is safe
31	because no such use sets such a long nonce value. However user
32	applications that use this cipher directly and set a non-default nonce
33	length to be longer than 12 bytes may be vulnerable.
34
35	CVE: CVE-2019-1543
36
37	Fixes #8345
38
39	Reviewed-by: Paul Dale <paul.dale@oracle.com>
40	Reviewed-by: Richard Levitte <levitte@openssl.org>
41	(Merged from https://github.com/openssl/openssl/pull/8406)
42
43	(cherry picked from commit 2a3d0ee9d59156c48973592331404471aca886d6)
44	---
45	crypto/evp/e_chacha20_poly1305.c \| 4 +++-
46	1 file changed, 3 insertions(+), 1 deletion(-)
47
48	diff --git a/crypto/evp/e_chacha20_poly1305.c b/crypto/evp/e_chacha20_poly1305.c
49	index c1917bb86a6..d3e2c622a1b 100644
50	--- a/crypto/evp/e_chacha20_poly1305.c
51	+++ b/crypto/evp/e_chacha20_poly1305.c
52	@@ -30,6 +30,8 @@ typedef struct {
53
54	#define data(ctx) ((EVP_CHACHA_KEY *)(ctx)->cipher_data)
55
56	+#define CHACHA20_POLY1305_MAX_IVLEN 12
57	+
58	static int chacha_init_key(EVP_CIPHER_CTX *ctx,
59	const unsigned char user_key[CHACHA_KEY_SIZE],
60	const unsigned char iv[CHACHA_CTR_SIZE], int enc)
61	@@ -533,7 +535,7 @@ static int chacha20_poly1305_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg,
62	return 1;
63
64	case EVP_CTRL_AEAD_SET_IVLEN:
65	- if (arg <= 0 \|\| arg > CHACHA_CTR_SIZE)
66	+ if (arg <= 0 \|\| arg > CHACHA20_POLY1305_MAX_IVLEN)
67	return 0;
68	actx->nonce_len = arg;
69	return 1;


diff --git a/meta/recipes-connectivity/openssl/openssl/afalg.patch b/meta/recipes-connectivity/openssl/openssl/afalg.patch index 7c4b084f3d..b7c0e9697f 100644 --- a/meta/recipes-connectivity/openssl/openssl/afalg.patch +++ b/meta/recipes-connectivity/openssl/openssl/afalg.patch
@@ -18,14 +18,14 @@ index 3baa8ce..9ef52ed 100755
18	- ($mi2) = $mi2 =~ /(\d+)/;	18	- ($mi2) = $mi2 =~ /(\d+)/;
19	- my $ver = $ma10000 + $mi1100 + $mi2;	19	- my $ver = $ma10000 + $mi1100 + $mi2;
20	- if ($ver < $minver) {	20	- if ($ver < $minver) {
21	- $disabled{afalgeng} = "too-old-kernel";	21	- disable('too-old-kernel', 'afalgeng');
22	- } else {	22	- } else {
23	- push @{$config{engdirs}}, "afalg";	23	- push @{$config{engdirs}}, "afalg";
24	- }	24	- }
25	- } else {	25	- } else {
26	- $disabled{afalgeng} = "cross-compiling";	26	- disable('cross-compiling', 'afalgeng');
27	- }	27	- }
28	+ push @{$config{engdirs}}, "afalg";	28	+ push @{$config{engdirs}}, "afalg";
29	} else {	29	} else {
30	$disabled{afalgeng} = "not-linux";	30	disable('not-linux', 'afalgeng');
31	}	31	}


diff --git a/meta/recipes-connectivity/openssl/openssl_1.1.1b.bb b/meta/recipes-connectivity/openssl/openssl_1.1.1c.bb index 13e6ad4db7..94f4d49724 100644 --- a/meta/recipes-connectivity/openssl/openssl_1.1.1b.bb +++ b/meta/recipes-connectivity/openssl/openssl_1.1.1c.bb
@@ -16,15 +16,14 @@ SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \
16	file://0001-skip-test_symbol_presence.patch \	16	file://0001-skip-test_symbol_presence.patch \
17	file://0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch \	17	file://0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch \
18	file://afalg.patch \	18	file://afalg.patch \
19	file://CVE-2019-1543.patch \
20	"	19	"
21		20
22	SRC_URI_append_class-nativesdk = " \	21	SRC_URI_append_class-nativesdk = " \
23	file://environment.d-openssl.sh \	22	file://environment.d-openssl.sh \
24	"	23	"
25		24
26	SRC_URI[md5sum] = "4532712e7bcc9414f5bce995e4e13930"	25	SRC_URI[md5sum] = "15e21da6efe8aa0e0768ffd8cd37a5f6"
27	SRC_URI[sha256sum] = "5c557b023230413dfb0756f3137a13e6d726838ccd1430888ad15bfb2b43ea4b"	26	SRC_URI[sha256sum] = "f6fb3079ad15076154eda9413fed42877d668e7069d9b87396d0804fdb3f4c90"
28		27
29	inherit lib_package multilib_header ptest	28	inherit lib_package multilib_header ptest
30		29