From e4741e8e57e73213a1628bada93eabede628164d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Adrian=20Schr=C3=B6ter?= <adrian@suse.de>
Date: Wed, 25 Sep 2024 16:04:19 +0200
Subject: [PATCH] Sync from SUSE:ALP:Source:Standard:1.0 libcryptopp revision
 c4c065332259660ef78ac34d6ebb763f

---
 libcryptopp-CVE-2023-50980.patch | 104 +++++++++++++++++++++++++++++++
 libcryptopp-CVE-2023-50981.patch |  14 +++++
 libcryptopp.changes              |  10 +++
 libcryptopp.spec                 |   4 ++
 4 files changed, 132 insertions(+)
 create mode 100644 libcryptopp-CVE-2023-50980.patch
 create mode 100644 libcryptopp-CVE-2023-50981.patch

diff --git a/libcryptopp-CVE-2023-50980.patch b/libcryptopp-CVE-2023-50980.patch
new file mode 100644
index 0000000..5e655b6
--- /dev/null
+++ b/libcryptopp-CVE-2023-50980.patch
@@ -0,0 +1,104 @@
+diff --git a/gf2n.cpp b/gf2n.cpp
+index 452e6982..8993baae 100644
+--- a/gf2n.cpp
++++ b/gf2n.cpp
+@@ -135,6 +135,9 @@ PolynomialMod2 PolynomialMod2::Monomial(size_t i)
+ 
+ PolynomialMod2 PolynomialMod2::Trinomial(size_t t0, size_t t1, size_t t2)
+ {
++	CRYPTOPP_ASSERT(t0 > t1);
++	CRYPTOPP_ASSERT(t1 > t2);
++
+ 	PolynomialMod2 r((word)0, t0+1);
+ 	r.SetBit(t0);
+ 	r.SetBit(t1);
+@@ -144,6 +147,11 @@ PolynomialMod2 PolynomialMod2::Trinomial(size_t t0, size_t t1, size_t t2)
+ 
+ PolynomialMod2 PolynomialMod2::Pentanomial(size_t t0, size_t t1, size_t t2, size_t t3, size_t t4)
+ {
++	CRYPTOPP_ASSERT(t0 > t1);
++	CRYPTOPP_ASSERT(t1 > t2);
++	CRYPTOPP_ASSERT(t2 > t3);
++	CRYPTOPP_ASSERT(t3 > t4);
++
+ 	PolynomialMod2 r((word)0, t0+1);
+ 	r.SetBit(t0);
+ 	r.SetBit(t1);
+diff --git a/gf2n.h b/gf2n.h
+index 4aef31ee..38e2a910 100644
+--- a/gf2n.h
++++ b/gf2n.h
+@@ -69,9 +69,11 @@ public:
+ 		static PolynomialMod2 CRYPTOPP_API Monomial(size_t i);
+ 		/// \brief Provides x^t0 + x^t1 + x^t2
+ 		/// \return x^t0 + x^t1 + x^t2
++		/// \pre The coefficients should be provided in descending order. That is, <pre>t0 > t1 > t2<pre>.
+ 		static PolynomialMod2 CRYPTOPP_API Trinomial(size_t t0, size_t t1, size_t t2);
+ 		/// \brief Provides x^t0 + x^t1 + x^t2 + x^t3 + x^t4
+ 		/// \return x^t0 + x^t1 + x^t2 + x^t3 + x^t4
++		/// \pre The coefficients should be provided in descending order. That is, <pre>t0 > t1 > t2 > t3 > t4<pre>.
+ 		static PolynomialMod2 CRYPTOPP_API Pentanomial(size_t t0, size_t t1, size_t t2, size_t t3, size_t t4);
+ 		/// \brief Provides x^(n-1) + ... + x + 1
+ 		/// \return x^(n-1) + ... + x + 1
+diff --git a/gf2n.cpp b/gf2n.cpp
+index 8993baae..87d9961b 100644
+--- a/gf2n.cpp
++++ b/gf2n.cpp
+@@ -135,9 +135,14 @@ PolynomialMod2 PolynomialMod2::Monomial(size_t i)
+ 
+ PolynomialMod2 PolynomialMod2::Trinomial(size_t t0, size_t t1, size_t t2)
+ {
++	// Asserts and checks due to Bing Shi
+ 	CRYPTOPP_ASSERT(t0 > t1);
+ 	CRYPTOPP_ASSERT(t1 > t2);
+ 
++	// The test is odd because of ECIES<EC2N>. The basis is t0, but the other coefficients are not in descending order.
++	if (t1 > t0 || t2 > t0)
++		throw InvalidArgument("PolynomialMod2: coefficients must be in descending order");
++
+ 	PolynomialMod2 r((word)0, t0+1);
+ 	r.SetBit(t0);
+ 	r.SetBit(t1);
+@@ -147,11 +152,16 @@ PolynomialMod2 PolynomialMod2::Trinomial(size_t t0, size_t t1, size_t t2)
+ 
+ PolynomialMod2 PolynomialMod2::Pentanomial(size_t t0, size_t t1, size_t t2, size_t t3, size_t t4)
+ {
++	// Asserts and checks due to Bing Shi
+ 	CRYPTOPP_ASSERT(t0 > t1);
+ 	CRYPTOPP_ASSERT(t1 > t2);
+ 	CRYPTOPP_ASSERT(t2 > t3);
+ 	CRYPTOPP_ASSERT(t3 > t4);
+ 
++	// The test is odd because of ECIES<EC2N>. The basis is t0, but the other coefficients are not in descending order.
++	if (t1 > t0 || t2 > t0 || t3 > t0 || t4 > t0)
++		throw InvalidArgument("PolynomialMod2: coefficients must be in descending order");
++
+ 	PolynomialMod2 r((word)0, t0+1);
+ 	r.SetBit(t0);
+ 	r.SetBit(t1);
+@@ -663,7 +673,12 @@ GF2NT::GF2NT(unsigned int c0, unsigned int c1, unsigned int c2)
+ 	, t0(c0), t1(c1)
+ 	, result((word)0, m)
+ {
++	// Asserts and checks due to Bing Shi
+ 	CRYPTOPP_ASSERT(c0 > c1 && c1 > c2 && c2==0);
++
++	// The test is odd because of ECIES<EC2N>. The basis is c0, but the other coefficients are not in descending order.
++	if (c1 > c0 || c2 > c0)
++		throw InvalidArgument("GF2NT: coefficients must be in descending order");
+ }
+ 
+ const GF2NT::Element& GF2NT::MultiplicativeInverse(const Element &a) const
+@@ -972,7 +987,12 @@ GF2NP * BERDecodeGF2NP(BufferedTransformation &bt)
+ GF2NT233::GF2NT233(unsigned int c0, unsigned int c1, unsigned int c2)
+ 	: GF2NT(c0, c1, c2)
+ {
++	// Asserts and checks due to Bing Shi
+ 	CRYPTOPP_ASSERT(c0 > c1 && c1 > c2 && c2==0);
++
++	// The test is odd because of ECIES<EC2N>. The basis is c0, but the other coefficients are not in descending order.
++	if (c1 > c0 || c2 > c0)
++		throw InvalidArgument("GF2NT: coefficients must be in descending order");
+ }
+ 
+ const GF2NT::Element& GF2NT233::Multiply(const Element &a, const Element &b) const
diff --git a/libcryptopp-CVE-2023-50981.patch b/libcryptopp-CVE-2023-50981.patch
new file mode 100644
index 0000000..8173263
--- /dev/null
+++ b/libcryptopp-CVE-2023-50981.patch
@@ -0,0 +1,14 @@
+Index: cryptopp-CRYPTOPP_8_6_0/nbtheory.cpp
+===================================================================
+--- cryptopp-CRYPTOPP_8_6_0.orig/nbtheory.cpp
++++ cryptopp-CRYPTOPP_8_6_0/nbtheory.cpp
+@@ -571,6 +571,9 @@ Integer CRT(const Integer &xp, const Int
+ 
+ Integer ModularSquareRoot(const Integer &a, const Integer &p)
+ {
++	if (!IsPrime(p))
++		throw InvalidArgument("ModularSquareRoot: p must be a prime");
++
+ 	if (p%4 == 3)
+ 		return a_exp_b_mod_c(a, (p+1)/4, p);
+ 
diff --git a/libcryptopp.changes b/libcryptopp.changes
index bb206f0..745d05d 100644
--- a/libcryptopp.changes
+++ b/libcryptopp.changes
@@ -1,3 +1,13 @@
+-------------------------------------------------------------------
+Thu May 16 05:53:13 UTC 2024 - pgajdos@suse.com
+
+- security update
+- added patches
+  fix CVE-2023-50980 [bsc#1218219], DoS via malformed DER public key file
+  + libcryptopp-CVE-2023-50980.patch
+  fix CVE-2023-50981 [bsc#1218222], issue on ModularSquareRoot function leads to potential DoS
+  + libcryptopp-CVE-2023-50981.patch
+
 -------------------------------------------------------------------
 Sun Jul 16 18:55:10 UTC 2023 - Dirk Müller <dmueller@suse.com>
 
diff --git a/libcryptopp.spec b/libcryptopp.spec
index 84749e0..ebc84b9 100644
--- a/libcryptopp.spec
+++ b/libcryptopp.spec
@@ -36,6 +36,10 @@ Source1:        precheckin_baselibs.sh
 Source2:        baselibs.conf
 # PATCH-FEATURE-OPENSUSE libcryptopp-shared.patch -- improve shared library creation
 Patch1:         libcryptopp-shared.patch
+# CVE-2023-50980 [bsc#1218219], DoS via malformed DER public key file
+Patch2:         libcryptopp-CVE-2023-50980.patch
+# CVE-2023-50981 [bsc#1218222], issue on ModularSquareRoot function leads to potential DoS
+Patch3:         libcryptopp-CVE-2023-50981.patch
 BuildRequires:  dos2unix
 BuildRequires:  gcc-c++
 BuildRequires:  pkgconfig