diff options
Diffstat (limited to 'meta/recipes-support/nettle/nettle-3.5.1/CVE-2021-20305-2.patch')
-rw-r--r-- | meta/recipes-support/nettle/nettle-3.5.1/CVE-2021-20305-2.patch | 53 |
1 files changed, 53 insertions, 0 deletions
diff --git a/meta/recipes-support/nettle/nettle-3.5.1/CVE-2021-20305-2.patch b/meta/recipes-support/nettle/nettle-3.5.1/CVE-2021-20305-2.patch new file mode 100644 index 0000000000..bb56b14c8c --- /dev/null +++ b/meta/recipes-support/nettle/nettle-3.5.1/CVE-2021-20305-2.patch | |||
@@ -0,0 +1,53 @@ | |||
1 | Backport of: | ||
2 | |||
3 | From 971bed6ab4b27014eb23085e8176917e1a096fd5 Mon Sep 17 00:00:00 2001 | ||
4 | From: =?UTF-8?q?Niels=20M=C3=B6ller?= <nisse@lysator.liu.se> | ||
5 | Date: Sat, 13 Mar 2021 17:26:37 +0100 | ||
6 | Subject: [PATCH] Use ecc_mod_mul_canonical for point comparison. | ||
7 | |||
8 | * eddsa-verify.c (equal_h): Use ecc_mod_mul_canonical. | ||
9 | |||
10 | (cherry picked from commit 5b7608fde3a6d2ab82bffb35db1e4e330927c906) | ||
11 | |||
12 | Upstream-Status: Backport | ||
13 | https://sources.debian.org/data/main/n/nettle/3.4.1-1%2Bdeb10u1/debian/patches/CVE-2021-20305-2.patch | ||
14 | CVE: CVE-2021-20305 dep2 | ||
15 | Signed-off-by: Armin Kuster <akuster@mvista.com> | ||
16 | |||
17 | --- | ||
18 | ChangeLog | 4 ++++ | ||
19 | eddsa-verify.c | 9 ++------- | ||
20 | 2 files changed, 6 insertions(+), 7 deletions(-) | ||
21 | |||
22 | #diff --git a/ChangeLog b/ChangeLog | ||
23 | #index 5cc5c188..2a9217a6 100644 | ||
24 | #--- a/ChangeLog | ||
25 | #+++ b/ChangeLog | ||
26 | #@@ -1,3 +1,7 @@ | ||
27 | #+2021-03-13 Niels Möller <nisse@lysator.liu.se> | ||
28 | #+ | ||
29 | #+ * eddsa-verify.c (equal_h): Use ecc_mod_mul_canonical. | ||
30 | #+ | ||
31 | # 2021-03-11 Niels Möller <nisse@lysator.liu.se> | ||
32 | # | ||
33 | # * ecc-mod-arith.c (ecc_mod_mul_canonical, ecc_mod_sqr_canonical): | ||
34 | Index: nettle-3.5.1/eddsa-verify.c | ||
35 | =================================================================== | ||
36 | --- nettle-3.5.1.orig/eddsa-verify.c | ||
37 | +++ nettle-3.5.1/eddsa-verify.c | ||
38 | @@ -53,13 +53,8 @@ equal_h (const struct ecc_modulo *p, | ||
39 | #define t0 scratch | ||
40 | #define t1 (scratch + p->size) | ||
41 | |||
42 | - ecc_mod_mul (p, t0, x1, z2); | ||
43 | - if (mpn_cmp (t0, p->m, p->size) >= 0) | ||
44 | - mpn_sub_n (t0, t0, p->m, p->size); | ||
45 | - | ||
46 | - ecc_mod_mul (p, t1, x2, z1); | ||
47 | - if (mpn_cmp (t1, p->m, p->size) >= 0) | ||
48 | - mpn_sub_n (t1, t1, p->m, p->size); | ||
49 | + ecc_mod_mul_canonical (p, t0, x1, z2, t0); | ||
50 | + ecc_mod_mul_canonical (p, t1, x2, z1, t1); | ||
51 | |||
52 | return mpn_cmp (t0, t1, p->size) == 0; | ||
53 | |||