Accepting request 1253095 from Java:packages

bsc#1239551, CVE-2020-36843 OBS-URL: https://build.opensuse.org/request/show/1253095 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/ed25519-java?expand=0&rev=6
2025-03-15 15:14:57 +00:00
parent 37ad6e298f f4d5b6bc8a
commit 825d79fce2
3 changed files with 52 additions and 1 deletions
--- a/ed25519-java-CVE-2020-36843.patch
+++ b/ed25519-java-CVE-2020-36843.patch
@@ -0,0 +1,39 @@
+--- ed25519-java-0.3.0/src/net/i2p/crypto/eddsa/EdDSAEngine.java	2025-03-14 14:47:43.404137953 +0100
+++ ed25519-java-0.3.0/src/net/i2p/crypto/eddsa/EdDSAEngine.java	2025-03-14 14:50:31.859888550 +0100
+@@ -12,6 +12,7 @@
+ package net.i2p.crypto.eddsa;
+ 
+ import java.io.ByteArrayOutputStream;
+import java.math.BigInteger;
+ import java.nio.ByteBuffer;
+ import java.security.InvalidAlgorithmParameterException;
+ import java.security.InvalidKeyException;
+@@ -29,6 +30,7 @@
+ import net.i2p.crypto.eddsa.math.Curve;
+ import net.i2p.crypto.eddsa.math.GroupElement;
+ import net.i2p.crypto.eddsa.math.ScalarOps;
+import net.i2p.crypto.eddsa.math.bigint.BigIntegerLittleEndianEncoding;
+ 
+ /**
+  * Signing and verification for EdDSA.
+@@ -69,6 +71,8 @@
+ public final class EdDSAEngine extends Signature {
+     public static final String SIGNATURE_ALGORITHM = "NONEwithEdDSA";
+ 
+    private static final BigInteger ORDER = new BigInteger("2").pow(252).add(new BigInteger("27742317777372353535851937790883648493"));
+
+     private MessageDigest digest;
+     private ByteArrayOutputStream baos;
+     private EdDSAKey key;
+@@ -306,6 +310,11 @@
+         h = key.getParams().getScalarOps().reduce(h);
+ 
+         byte[] Sbyte = Arrays.copyOfRange(sigBytes, b/8, b/4);
+        // RFC 8032
+        BigInteger Sbigint = (new BigIntegerLittleEndianEncoding()).toBigInteger(Sbyte);
+        if (Sbigint.compareTo(ORDER) >= 0)
+            return false;
+ 
+         // R = SB - H(Rbar,Abar,M)A
+         GroupElement R = key.getParams().getB().doubleScalarMultiplyVariableTime(
+                 ((EdDSAPublicKey) key).getNegativeA(), h, Sbyte);
--- a/ed25519-java.changes
+++ b/ed25519-java.changes
@@ -1,3 +1,13 @@
+-------------------------------------------------------------------
+Fri Mar 14 13:57:24 UTC 2025 - Fridrich Strba <fstrba@suse.com>
+
+- Added patch:
+  * ed25519-java-CVE-2020-36843.patch
+    + backport commit https://github.com/i2p/i2p.i2p/commit/
+      /d7d1dcb5399c61cf2916ccc45aa25b0209c88712
+    + Fixes bsc#1239551, CVE-2020-36843: no check performed on
+      scalar to avoid signature malleability
+
 -------------------------------------------------------------------
 Wed Oct 30 09:18:41 UTC 2024 - Fridrich Strba <fstrba@suse.com>

--- a/ed25519-java.spec
+++ b/ed25519-java.spec
@@ -1,7 +1,7 @@
 #
 # spec file for package ed25519-java
 #
-# Copyright (c) 2024 SUSE LLC
+# Copyright (c) 2025 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -27,6 +27,7 @@ Source0:        https://github.com/str4d/ed25519-java/archive/v%{version}/%{name
 Source1:        %{name}-build.xml
 Patch0:         0001-EdDSAEngine.initVerify-Handle-any-non-EdDSAPublicKey.patch
 Patch1:         0002-Disable-test-that-relies-on-internal-sun-JDK-classes.patch
+Patch2:         %{name}-CVE-2020-36843.patch
 BuildRequires:  ant
 BuildRequires:  fdupes
 BuildRequires:  java-devel >= 1.8
@@ -57,6 +58,7 @@ This package contains javadoc for %{name}.
 cp %{SOURCE1} build.xml
 %patch -P 0 -p1
 %patch -P 1 -p1
+%patch -P 2 -p1

 %build
 ant jar javadoc