Sync from SUSE:SLFO:1.1 openssl-3 revision c4723dd44e094b6e86c37d8b1c30185e

openssl-3-p384-minerva-ppc-p9.patch

@@ -0,0 +1,125 @@
+From 6b1646e472c9e8c08bb14066ba2a7c3eed45f84a Mon Sep 17 00:00:00 2001
+From: "A. Wilcox" <AWilcox@Wilcox-Tech.com>
+Date: Thu, 17 Apr 2025 08:51:53 -0500
+Subject: [PATCH] Fix P-384 curve on lower-than-P9 PPC64 targets
+
+The change adding an asm implementation of p384_felem_reduce incorrectly
+uses the accelerated version on both targets that support the intrinsics
+*and* targets that don't, instead of falling back to the generics on older
+targets.  This results in crashes when trying to use P-384 on < Power9.
+
+Signed-off-by: Anna Wilcox <AWilcox@Wilcox-Tech.com>
+Closes: #27350
+Fixes: 85cabd94 ("Fix Minerva timing side-channel signal for P-384 curve on PPC")
+
+Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
+Reviewed-by: Tomas Mraz <tomas@openssl.org>
+(Merged from https://github.com/openssl/openssl/pull/27429)
+
+(cherry picked from commit 29864f2b0f1046177e8048a5b17440893d3f9425)
+---
+ crypto/ec/ecp_nistp384.c | 54 ++++++++++++++++++++++++----------------
+ 1 file changed, 33 insertions(+), 21 deletions(-)
+
+diff --git a/crypto/ec/ecp_nistp384.c b/crypto/ec/ecp_nistp384.c
+index e0b5786bc1bd4..439b4d03a369a 100644
+--- a/crypto/ec/ecp_nistp384.c
++++ b/crypto/ec/ecp_nistp384.c
+@@ -684,6 +684,22 @@ static void felem_reduce_ref(felem out, const widefelem in)
+         out[i] = acc[i];
+ }
+ 
++static ossl_inline void felem_square_reduce_ref(felem out, const felem in)
++{
++    widefelem tmp;
++
++    felem_square_ref(tmp, in);
++    felem_reduce_ref(out, tmp);
++}
++
++static ossl_inline void felem_mul_reduce_ref(felem out, const felem in1, const felem in2)
++{
++    widefelem tmp;
++
++    felem_mul_ref(tmp, in1, in2);
++    felem_reduce_ref(out, tmp);
++}
++
+ #if defined(ECP_NISTP384_ASM)
+ static void felem_square_wrapper(widefelem out, const felem in);
+ static void felem_mul_wrapper(widefelem out, const felem in1, const felem in2);
+@@ -695,10 +711,18 @@ static void (*felem_mul_p)(widefelem out, const felem in1, const felem in2) =
+ 
+ static void (*felem_reduce_p)(felem out, const widefelem in) = felem_reduce_ref;
+ 
++static void (*felem_square_reduce_p)(felem out, const felem in) =
++    felem_square_reduce_ref;
++static void (*felem_mul_reduce_p)(felem out, const felem in1, const felem in2) =
++    felem_mul_reduce_ref;
++
+ void p384_felem_square(widefelem out, const felem in);
+ void p384_felem_mul(widefelem out, const felem in1, const felem in2);
+ void p384_felem_reduce(felem out, const widefelem in);
+ 
++void p384_felem_square_reduce(felem out, const felem in);
++void p384_felem_mul_reduce(felem out, const felem in1, const felem in2);
++
+ # if defined(_ARCH_PPC64)
+ #  include "crypto/ppc_arch.h"
+ # endif
+@@ -710,6 +734,8 @@ static void felem_select(void)
+         felem_square_p = p384_felem_square;
+         felem_mul_p = p384_felem_mul;
+         felem_reduce_p = p384_felem_reduce;
++        felem_square_reduce_p = p384_felem_square_reduce;
++        felem_mul_reduce_p = p384_felem_mul_reduce;
+ 
+         return;
+     }
+@@ -718,7 +744,9 @@ static void felem_select(void)
+     /* Default */
+     felem_square_p = felem_square_ref;
+     felem_mul_p = felem_mul_ref;
+-    felem_reduce_p = p384_felem_reduce;
++    felem_reduce_p = felem_reduce_ref;
++    felem_square_reduce_p = felem_square_reduce_ref;
++    felem_mul_reduce_p = felem_mul_reduce_ref;
+ }
+ 
+ static void felem_square_wrapper(widefelem out, const felem in)
+@@ -737,31 +765,15 @@ static void felem_mul_wrapper(widefelem out, const felem in1, const felem in2)
+ # define felem_mul felem_mul_p
+ # define felem_reduce felem_reduce_p
+ 
+-void p384_felem_square_reduce(felem out, const felem in);
+-void p384_felem_mul_reduce(felem out, const felem in1, const felem in2);
+-
+-# define felem_square_reduce p384_felem_square_reduce
+-# define felem_mul_reduce p384_felem_mul_reduce
++# define felem_square_reduce felem_square_reduce_p
++# define felem_mul_reduce felem_mul_reduce_p
+ #else
+ # define felem_square felem_square_ref
+ # define felem_mul felem_mul_ref
+ # define felem_reduce felem_reduce_ref
+ 
+-static ossl_inline void felem_square_reduce(felem out, const felem in)
+-{
+-    widefelem tmp;
+-
+-    felem_square(tmp, in);
+-    felem_reduce(out, tmp);
+-}
+-
+-static ossl_inline void felem_mul_reduce(felem out, const felem in1, const felem in2)
+-{
+-    widefelem tmp;
+-
+-    felem_mul(tmp, in1, in2);
+-    felem_reduce(out, tmp);
+-}
++# define felem_square_reduce felem_square_reduce_ref
++# define felem_mul_reduce felem_mul_reduce_ref
+ #endif
+ 
+ /*-

openssl-3.changes

@@ -1,3 +1,18 @@
+-------------------------------------------------------------------
+Wed Jun 11 13:33:11 UTC 2025 - Angel Yankov <angel.yankov@suse.com>
+
+- Security fix: [bsc#1240366, CVE-2025-27587]
+  * Minerva side channel vulnerability in P-384 on PPC arch
+  * Add openssl-3-p384-minerva-ppc.patch
+  * Add openssl-3-p384-minerva-ppc-p9.patch
+
+-------------------------------------------------------------------
+Thu Jun  5 13:00:32 UTC 2025 - Angel Yankov <angel.yankov@suse.com>
+
+- Security fix: [bsc#1220262, CVE-2023-50782]
+  * Implicit rejection in PKCS#1 v1.5
+  * Add openssl-CVE-2023-50782.patch
+
 -------------------------------------------------------------------
 Thu Jan 23 14:40:31 UTC 2025 - Lucas Mulling <lucas.mulling@suse.com>
 

openssl-3.spec

@@ -171,6 +171,11 @@ Patch71:        openssl-CVE-2024-6119.patch
 Patch72:        openssl-CVE-2024-41996.patch
 # PATCH-FIX-UPSTREAM bsc#1236136 CVE-2024-13176: Fix timing side-channel in ECDSA signature computation
 Patch73:        openssl-CVE-2024-13176.patch
+# PATCH-FIX-SUSE bsc#1220262 CVE-2023-50782: Implicit rejection in PKCS#1 v1.5
+Patch74:        openssl-CVE-2023-50782.patch
+# PATCH-FIX-UPSTREAM: bsc#1240366 CVE-2025-27587: Minerva side channel vulnerability in P-384 
+Patch75:        openssl-3-p384-minerva-ppc.patch
+Patch76:        openssl-3-p384-minerva-ppc-p9.patch
 
 BuildRequires:  pkgconfig
 %if 0%{?sle_version} >= 150400 || 0%{?suse_version} >= 1550