1 files changed, 53 insertions, 0 deletions
diff --git a/meta/recipes-support/nettle/nettle-3.5.1/CVE-2021-20305-2.patch b/meta/recipes-support/nettle/nettle-3.5.1/CVE-2021-20305-2.patch
new file mode 100644
index 0000000000..bb56b14c8c
--- /dev/null
+++ b/meta/recipes-support/nettle/nettle-3.5.1/CVE-2021-20305-2.patch
@@ -0,0 +1,53 @@
+Backport of:
+From 971bed6ab4b27014eb23085e8176917e1a096fd5 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Niels=20M=C3=B6ller?= <nisse@lysator.liu.se>
+Date: Sat, 13 Mar 2021 17:26:37 +0100
+Subject: [PATCH] Use ecc_mod_mul_canonical for point comparison.
+* eddsa-verify.c (equal_h): Use ecc_mod_mul_canonical.
+(cherry picked from commit 5b7608fde3a6d2ab82bffb35db1e4e330927c906)
+Upstream-Status: Backport
+https://sources.debian.org/data/main/n/nettle/3.4.1-1%2Bdeb10u1/debian/patches/CVE-2021-20305-2.patch
+CVE: CVE-2021-20305 dep2
+Signed-off-by: Armin Kuster <akuster@mvista.com>
+---
+ ChangeLog      | 4 ++++
+ eddsa-verify.c | 9 ++-------
+ 2 files changed, 6 insertions(+), 7 deletions(-)
+#diff --git a/ChangeLog b/ChangeLog
+#index 5cc5c188..2a9217a6 100644
+#--- a/ChangeLog
+#+++ b/ChangeLog
+#@@ -1,3 +1,7 @@
+#+2021-03-13  Niels MÃ¶ller  <nisse@lysator.liu.se>
+#+
+#+      * eddsa-verify.c (equal_h): Use ecc_mod_mul_canonical.
+#+
+# 2021-03-11  Niels MÃ¶ller  <nisse@lysator.liu.se>
+# 
+#       * ecc-mod-arith.c (ecc_mod_mul_canonical, ecc_mod_sqr_canonical):
+Index: nettle-3.5.1/eddsa-verify.c
+===================================================================
+--- nettle-3.5.1.orig/eddsa-verify.c
+++ nettle-3.5.1/eddsa-verify.c
+@@ -53,13 +53,8 @@ equal_h (const struct ecc_modulo *p,
+ #define t0 scratch
+ #define t1 (scratch + p->size)
+ 
+-  ecc_mod_mul (p, t0, x1, z2);
+-  if (mpn_cmp (t0, p->m, p->size) >= 0)
+-    mpn_sub_n (t0, t0, p->m, p->size);
+-
+-  ecc_mod_mul (p, t1, x2, z1);
+-  if (mpn_cmp (t1, p->m, p->size) >= 0)
+-    mpn_sub_n (t1, t1, p->m, p->size);
+  ecc_mod_mul_canonical (p, t0, x1, z2, t0);
+  ecc_mod_mul_canonical (p, t1, x2, z1, t1);
+ 
+   return mpn_cmp (t0, t1, p->size) == 0;
+

diff --git a/meta/recipes-support/nettle/nettle-3.5.1/CVE-2021-20305-2.patch b/meta/recipes-support/nettle/nettle-3.5.1/CVE-2021-20305-2.patch new file mode 100644 index 0000000000..bb56b14c8c --- /dev/null +++ b/meta/recipes-support/nettle/nettle-3.5.1/CVE-2021-20305-2.patch
@@ -0,0 +1,53 @@
	1	Backport of:
	2
	3	From 971bed6ab4b27014eb23085e8176917e1a096fd5 Mon Sep 17 00:00:00 2001
	4	From: =?UTF-8?q?Niels=20M=C3=B6ller?= <nisse@lysator.liu.se>
	5	Date: Sat, 13 Mar 2021 17:26:37 +0100
	6	Subject: [PATCH] Use ecc_mod_mul_canonical for point comparison.
	7
	8	* eddsa-verify.c (equal_h): Use ecc_mod_mul_canonical.
	9
	10	(cherry picked from commit 5b7608fde3a6d2ab82bffb35db1e4e330927c906)
	11
	12	Upstream-Status: Backport
	13	https://sources.debian.org/data/main/n/nettle/3.4.1-1%2Bdeb10u1/debian/patches/CVE-2021-20305-2.patch
	14	CVE: CVE-2021-20305 dep2
	15	Signed-off-by: Armin Kuster <akuster@mvista.com>
	16
	17	---
	18	ChangeLog \| 4 ++++
	19	eddsa-verify.c \| 9 ++-------
	20	2 files changed, 6 insertions(+), 7 deletions(-)
	21
	22	#diff --git a/ChangeLog b/ChangeLog
	23	#index 5cc5c188..2a9217a6 100644
	24	#--- a/ChangeLog
	25	#+++ b/ChangeLog
	26	#@@ -1,3 +1,7 @@
	27	#+2021-03-13 Niels MÃ¶ller <nisse@lysator.liu.se>
	28	#+
	29	#+ * eddsa-verify.c (equal_h): Use ecc_mod_mul_canonical.
	30	#+
	31	# 2021-03-11 Niels MÃ¶ller <nisse@lysator.liu.se>
	32	#
	33	# * ecc-mod-arith.c (ecc_mod_mul_canonical, ecc_mod_sqr_canonical):
	34	Index: nettle-3.5.1/eddsa-verify.c
	35	===================================================================
	36	--- nettle-3.5.1.orig/eddsa-verify.c
	37	+++ nettle-3.5.1/eddsa-verify.c
	38	@@ -53,13 +53,8 @@ equal_h (const struct ecc_modulo *p,
	39	#define t0 scratch
	40	#define t1 (scratch + p->size)
	41
	42	- ecc_mod_mul (p, t0, x1, z2);
	43	- if (mpn_cmp (t0, p->m, p->size) >= 0)
	44	- mpn_sub_n (t0, t0, p->m, p->size);
	45	-
	46	- ecc_mod_mul (p, t1, x2, z1);
	47	- if (mpn_cmp (t1, p->m, p->size) >= 0)
	48	- mpn_sub_n (t1, t1, p->m, p->size);
	49	+ ecc_mod_mul_canonical (p, t0, x1, z2, t0);
	50	+ ecc_mod_mul_canonical (p, t1, x2, z1, t1);
	51
	52	return mpn_cmp (t0, t1, p->size) == 0;
	53