diff --git a/openssl-1.1.1u.tar.gz b/openssl-1.1.1u.tar.gz deleted file mode 100644 index c32616b..0000000 --- a/openssl-1.1.1u.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:e2f8d84b523eecd06c7be7626830370300fbcc15386bf5142d72758f6963ebc6 -size 9892176 diff --git a/openssl-1.1.1u.tar.gz.asc b/openssl-1.1.1u.tar.gz.asc deleted file mode 100644 index 8bca6a1..0000000 --- a/openssl-1.1.1u.tar.gz.asc +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQIzBAABCAAdFiEE3HAyZir4heL0fyQ/UnRmohynnm0FAmR171cACgkQUnRmohyn -nm0f7RAAj+ZssEY1hiRWhuLTmmFJIR1vhEpP9addj8oaXvlJSrA6QzHZrUcuzTL0 -jtOkS4gTIla8iNNe1alwQdYXnhW46IrQAy2+bYuHCLXJm55/0PKCs2Cdy3naPU3N -9zxo+jAEx3X7hBJAzyLbGwrzpIUe9mbkyheSGxtEpW53ZvX1jo73uxyVYzq6BwJx -ngCeyBDrRrP6GgwMrpR6zExUyOwltBl/Jvx813AvXXbczJgMe3wCeQOa9Y1QWaVA -eTKz2lT7reZ80VzfXNMdPT+33+vABfwGEPsdXy7JIWGJubiC5vkHq2Im/U6wzU9v -9WsKk9MGQ4OV52gcRiYVyb9+nvGWUgfgV8c268nwWHIdYA85FjBb8xGzK1vHgA3o -E4rRT6e94l+NQChjmm7NwALLcQ+oFtqXsK+CiG9Ek6BMXJ/RitmQUHuhnRDyNL2u -OtbF549NrxwPe3CskJzP+tUizcQbM6HJtaKi+U49f1+EYZObxJ57qom34eFgET8N -GvnY6ikBccGEMjphL7dOzEnKYMRBSTCYAQfjBLFvwth2yLjM5f8AC+z6KhGiKnDY -JI+hHdca4rfrsKXxon+62x8gFmP8waHacR6Sh0OqDiYqNYn+G9q3nuLZMGpRJD2M -WgXyeu43LEXwhbCGzxnQH0mxFWSMB/2trWTTFzr5BrS7TmujVCw= -=EBqr ------END PGP SIGNATURE----- diff --git a/openssl-1.1.1v.tar.gz b/openssl-1.1.1v.tar.gz new file mode 100644 index 0000000..f4d327a --- /dev/null +++ b/openssl-1.1.1v.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:d6697e2871e77238460402e9362d47d18382b15ef9f246aba6c7bd780d38a6b0 +size 9893443 diff --git a/openssl-1.1.1v.tar.gz.asc b/openssl-1.1.1v.tar.gz.asc new file mode 100644 index 0000000..b5d3f7a --- /dev/null +++ b/openssl-1.1.1v.tar.gz.asc @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCAAdFiEE78CkZ9YTy4PH7W0w2JTizos9efUFAmTJDewACgkQ2JTizos9 +efVPDBAAjgNq842XSAhmH3CBHHFtMuVlg5RV+tAV7PF7tDm/Bu0VPxZecvDhEHyk +y1bIzYki9kPQrnDc5Cz3UYHjnBp2n2GH+JDShedSJMH3qbsAlSB4j5b15UFjE8b4 +yDl4rlcug3SydqEdYJAGnOD3QBghsX7GiS6S9BgnU1D1XDZ1LYF6NumrjeypGm2r +vodcjel0tD+Xu2Du398sGmXLZLfK7eBT8dYtzWHAZubf+dNQmfRRDALo2Q5Xux6p +xIDlEQvTUkt5mF+Rx0CI1boIKeaFoZFOReUW0zkKYfwNkfq1WvGj3sGA+StQsgn1 +Dvfx6ONoS9UT+6KTegsLOIX2xOAHa8k4UgtW19eCovYzJNkBwNnq83lrvIEMoLY7 +brALTqBmlFq4prPgzpDHlTeC78uDcf/Ao95CeBw5yKVsKAN7W7vA2u6Gr2ZgUWsF +zVnrxJ9difkrvkFxm6uO2qu1qA/84Bow77M6/7FSHFZ+oDB3tjGXtq4Tf6iBkhpf +XIRu79S1LxCY7HxKVHHfpKuGSfefV/tgPeOac8CvucIq6r1Be20h0crRnDEGJt8G +Otznvt04iX+FkSVC7PjiAVZqubQQWjXUZxDngQgUOye/suExGwEoaTMmhj95eiVu +ufee+jDrVGOjhLLoEClP/+zpl2Wplq3KzLVsvvJa8v5KTVot9r4= +=mu7b +-----END PGP SIGNATURE----- diff --git a/openssl-1_1-openssl-config.patch b/openssl-1_1-openssl-config.patch index b5caa53..1ba132a 100644 --- a/openssl-1_1-openssl-config.patch +++ b/openssl-1_1-openssl-config.patch @@ -24,8 +24,10 @@ tools/c_rehash.in | 6 ++-- 23 files changed, 71 insertions(+), 68 deletions(-) ---- a/Configurations/descrip.mms.tmpl -+++ b/Configurations/descrip.mms.tmpl +Index: openssl-1.1.1v/Configurations/descrip.mms.tmpl +=================================================================== +--- openssl-1.1.1v.orig/Configurations/descrip.mms.tmpl ++++ openssl-1.1.1v/Configurations/descrip.mms.tmpl @@ -142,8 +142,8 @@ INSTALL_SHLIBS={- join(", ", map { "-\n\ INSTALL_ENGINES={- join(", ", map { "-\n\t".$_.".EXE" } @{$unified_info{install}->{engines}}) -} INSTALL_PROGRAMS={- join(", ", map { "-\n\t".$_.".EXE" } @{$unified_info{install}->{programs}}) -} @@ -37,8 +39,10 @@ {- output_on() if $disabled{apps}; "" -} APPS_OPENSSL={- use File::Spec::Functions; ---- a/Configurations/unix-Makefile.tmpl -+++ b/Configurations/unix-Makefile.tmpl +Index: openssl-1.1.1v/Configurations/unix-Makefile.tmpl +=================================================================== +--- openssl-1.1.1v.orig/Configurations/unix-Makefile.tmpl ++++ openssl-1.1.1v/Configurations/unix-Makefile.tmpl @@ -140,8 +140,8 @@ INSTALL_SHLIB_INFO={- join(" ", map { "\ INSTALL_ENGINES={- join(" ", map { dso($_) } @{$unified_info{install}->{engines}}) -} INSTALL_PROGRAMS={- join(" ", map { $_.$exeext } @{$unified_info{install}->{programs}}) -} @@ -82,8 +86,10 @@ generate_crypto_bn: ( cd $(SRCDIR); $(PERL) crypto/bn/bn_prime.pl > crypto/bn/bn_prime.h ) ---- a/Configure -+++ b/Configure +Index: openssl-1.1.1v/Configure +=================================================================== +--- openssl-1.1.1v.orig/Configure ++++ openssl-1.1.1v/Configure @@ -35,7 +35,7 @@ my $usage="Usage: Configure [no- # directories bin, lib, include, share/man, share/doc/openssl # This becomes the value of INSTALLTOP in Makefile @@ -93,8 +99,10 @@ # If it's a relative directory, it will be added on the directory # given with --prefix. # This becomes the value of OPENSSLDIR in Makefile and in C. ---- a/INSTALL -+++ b/INSTALL +Index: openssl-1.1.1v/INSTALL +=================================================================== +--- openssl-1.1.1v.orig/INSTALL ++++ openssl-1.1.1v/INSTALL @@ -296,7 +296,7 @@ be undesirable if small executable size is an objective. @@ -104,11 +112,13 @@ Typically OpenSSL will automatically load a system config file which configures default ssl options. ---- a/NEWS -+++ b/NEWS -@@ -5,6 +5,9 @@ - This file gives a brief overview of the major changes between each OpenSSL - release. For more details please read the CHANGES file. +Index: openssl-1.1.1v/NEWS +=================================================================== +--- openssl-1.1.1v.orig/NEWS ++++ openssl-1.1.1v/NEWS +@@ -10,6 +10,9 @@ + o Fix excessive time spent checking DH q parameter value (CVE-2023-3817) + o Fix DH_check() excessive time with over sized modulus (CVE-2023-3446) + IMPORTANT: For compatibility with OpenSSL 3.0, the OpenSSL master + configuration file openssl.cnf has been renamed to openssl-1_1.cnf. @@ -116,8 +126,10 @@ Major changes between OpenSSL 1.1.1t and OpenSSL 1.1.1u [30 May 2023] o Mitigate for very slow `OBJ_obj2txt()` performance with gigantic ---- a/VMS/openssl_utils.com.in -+++ b/VMS/openssl_utils.com.in +Index: openssl-1.1.1v/VMS/openssl_utils.com.in +=================================================================== +--- openssl-1.1.1v.orig/VMS/openssl_utils.com.in ++++ openssl-1.1.1v/VMS/openssl_utils.com.in @@ -8,7 +8,7 @@ $ OPENSSL :== $OSSL$EXE:OPENSSL'v' $ $ IF F$TYPE(PERL) .EQS. "STRING" @@ -127,8 +139,10 @@ $ ELSE $ WRITE SYS$ERROR "NOTE: no perl => no C_REHASH" $ ENDIF ---- a/apps/CA.pl.in -+++ b/apps/CA.pl.in +Index: openssl-1.1.1v/apps/CA.pl.in +=================================================================== +--- openssl-1.1.1v.orig/apps/CA.pl.in ++++ openssl-1.1.1v/apps/CA.pl.in @@ -113,10 +113,10 @@ sub run @@ -144,8 +158,10 @@ exit 0; } if ($WHAT eq '-newcert' ) { ---- a/apps/build.info -+++ b/apps/build.info +Index: openssl-1.1.1v/apps/build.info +=================================================================== +--- openssl-1.1.1v.orig/apps/build.info ++++ openssl-1.1.1v/apps/build.info @@ -73,7 +73,7 @@ IF[{- !$disabled{apps} -}] GENERATE[progs.h]=progs.pl $(APPS_OPENSSL) DEPEND[progs.h]=../configdata.pm @@ -157,8 +173,10 @@ + SOURCE[CA-1_1.pl]=CA.pl.in + SOURCE[tsget-1_1.pl]=tsget.in ENDIF ---- a/apps/tsget.in -+++ b/apps/tsget.in +Index: openssl-1.1.1v/apps/tsget.in +=================================================================== +--- openssl-1.1.1v.orig/apps/tsget.in ++++ openssl-1.1.1v/apps/tsget.in @@ -47,7 +47,7 @@ sub create_curl { $curl->setopt(CURLOPT_VERBOSE, 1) if $options{d}; $curl->setopt(CURLOPT_FAILONERROR, 1); @@ -168,8 +186,10 @@ # Options for POST method. $curl->setopt(CURLOPT_UPLOAD, 1); ---- a/doc/HOWTO/certificates.txt -+++ b/doc/HOWTO/certificates.txt +Index: openssl-1.1.1v/doc/HOWTO/certificates.txt +=================================================================== +--- openssl-1.1.1v.orig/doc/HOWTO/certificates.txt ++++ openssl-1.1.1v/doc/HOWTO/certificates.txt @@ -16,7 +16,7 @@ Certificate authorities should read http In all the cases shown below, the standard configuration file, as compiled into openssl, will be used. You may find it in /etc/, @@ -179,8 +199,10 @@ You can specify a different configuration file using the '-config {file}' argument with the commands shown below. ---- a/doc/man1/CA.pl.pod -+++ b/doc/man1/CA.pl.pod +Index: openssl-1.1.1v/doc/man1/CA.pl.pod +=================================================================== +--- openssl-1.1.1v.orig/doc/man1/CA.pl.pod ++++ openssl-1.1.1v/doc/man1/CA.pl.pod @@ -2,16 +2,16 @@ =head1 NAME @@ -283,8 +305,10 @@ can be used and the B environment variable changed to point to the correct path of the configuration file. ---- a/doc/man1/ca.pod -+++ b/doc/man1/ca.pod +Index: openssl-1.1.1v/doc/man1/ca.pod +=================================================================== +--- openssl-1.1.1v.orig/doc/man1/ca.pod ++++ openssl-1.1.1v/doc/man1/ca.pod @@ -698,7 +698,7 @@ the database has to be kept in memory. The B command really needs rewriting or the required functionality exposed at either a command or interface level so a more friendly utility @@ -303,8 +327,10 @@ L, L =head1 COPYRIGHT ---- a/doc/man1/rehash.pod -+++ b/doc/man1/rehash.pod +Index: openssl-1.1.1v/doc/man1/rehash.pod +=================================================================== +--- openssl-1.1.1v.orig/doc/man1/rehash.pod ++++ openssl-1.1.1v/doc/man1/rehash.pod @@ -6,7 +6,7 @@ Original text by James Westby, contribut =head1 NAME @@ -340,8 +366,10 @@ uses the B program to compute the hashes and fingerprints. If not found in the user's B, then set the B environment variable to the full pathname. ---- a/doc/man1/tsget.pod -+++ b/doc/man1/tsget.pod +Index: openssl-1.1.1v/doc/man1/tsget.pod +=================================================================== +--- openssl-1.1.1v.orig/doc/man1/tsget.pod ++++ openssl-1.1.1v/doc/man1/tsget.pod @@ -35,7 +35,7 @@ line. The tool sends the following HTTP request for each timestamp request: @@ -360,8 +388,10 @@ OpenSSL utility. Either option B<-C> or option B<-P> must be given in case of HTTPS. (Optional) ---- a/doc/man1/verify.pod -+++ b/doc/man1/verify.pod +Index: openssl-1.1.1v/doc/man1/verify.pod +=================================================================== +--- openssl-1.1.1v.orig/doc/man1/verify.pod ++++ openssl-1.1.1v/doc/man1/verify.pod @@ -75,7 +75,7 @@ The file should contain one or more cert A directory of trusted certificates. The certificates should have names of the form: hash.0 or have symbolic links to them of this @@ -371,8 +401,10 @@ create symbolic links to a directory of certificates. =item B<-no-CAfile> ---- a/doc/man1/x509.pod -+++ b/doc/man1/x509.pod +Index: openssl-1.1.1v/doc/man1/x509.pod +=================================================================== +--- openssl-1.1.1v.orig/doc/man1/x509.pod ++++ openssl-1.1.1v/doc/man1/x509.pod @@ -932,7 +932,7 @@ The hash algorithm used in the B<-subjec before OpenSSL 1.0.0 was based on the deprecated MD5 algorithm and the encoding of the distinguished name. In OpenSSL 1.0.0 and later it is based on a @@ -382,8 +414,10 @@ =head1 COPYRIGHT ---- a/doc/man3/OPENSSL_config.pod -+++ b/doc/man3/OPENSSL_config.pod +Index: openssl-1.1.1v/doc/man3/OPENSSL_config.pod +=================================================================== +--- openssl-1.1.1v.orig/doc/man3/OPENSSL_config.pod ++++ openssl-1.1.1v/doc/man3/OPENSSL_config.pod @@ -15,7 +15,7 @@ OPENSSL_config, OPENSSL_no_config - simp =head1 DESCRIPTION @@ -393,8 +427,10 @@ reads from the application section B. If B is NULL then the default section, B, will be used. Errors are silently ignored. ---- a/doc/man3/SSL_CTX_load_verify_locations.pod -+++ b/doc/man3/SSL_CTX_load_verify_locations.pod +Index: openssl-1.1.1v/doc/man3/SSL_CTX_load_verify_locations.pod +=================================================================== +--- openssl-1.1.1v.orig/doc/man3/SSL_CTX_load_verify_locations.pod ++++ openssl-1.1.1v/doc/man3/SSL_CTX_load_verify_locations.pod @@ -63,7 +63,7 @@ If more than one CA certificate with the extension must be different (e.g. 9d66eef0.0, 9d66eef0.1 etc). The search is performed in the ordering of the extension number, regardless of other @@ -413,8 +449,10 @@ =head1 SEE ALSO ---- a/doc/man5/config.pod -+++ b/doc/man5/config.pod +Index: openssl-1.1.1v/doc/man5/config.pod +=================================================================== +--- openssl-1.1.1v.orig/doc/man5/config.pod ++++ openssl-1.1.1v/doc/man5/config.pod @@ -7,7 +7,7 @@ config - OpenSSL CONF library configurat =head1 DESCRIPTION @@ -424,8 +462,10 @@ and in a few other places like B files and certificate extension files for the B utility. OpenSSL applications can also use the CONF library for their own purposes. ---- a/include/internal/cryptlib.h -+++ b/include/internal/cryptlib.h +Index: openssl-1.1.1v/include/internal/cryptlib.h +=================================================================== +--- openssl-1.1.1v.orig/include/internal/cryptlib.h ++++ openssl-1.1.1v/include/internal/cryptlib.h @@ -51,7 +51,7 @@ typedef struct app_mem_info_st APP_INFO; typedef struct mem_st MEM; DEFINE_LHASH_OF(MEM); @@ -435,8 +475,10 @@ # ifndef OPENSSL_SYS_VMS # define X509_CERT_AREA OPENSSLDIR ---- a/test/recipes/80-test_ca.t -+++ b/test/recipes/80-test_ca.t +Index: openssl-1.1.1v/test/recipes/80-test_ca.t +=================================================================== +--- openssl-1.1.1v.orig/test/recipes/80-test_ca.t ++++ openssl-1.1.1v/test/recipes/80-test_ca.t @@ -27,27 +27,27 @@ plan tests => 5; SKIP: { $ENV{OPENSSL_CONFIG} = '-config "'.srctop_file("test", "CAss.cnf").'"'; @@ -470,8 +512,10 @@ 'creating new pre-certificate'); } ---- a/tools/build.info -+++ b/tools/build.info +Index: openssl-1.1.1v/tools/build.info +=================================================================== +--- openssl-1.1.1v.orig/tools/build.info ++++ openssl-1.1.1v/tools/build.info @@ -1,5 +1,5 @@ {- our $c_rehash_name = - $config{target} =~ /^(VC|vms)-/ ? "c_rehash.pl" : "c_rehash"; @@ -479,8 +523,10 @@ "" -} IF[{- !$disabled{apps} -}] SCRIPTS={- $c_rehash_name -} ---- a/tools/c_rehash.in -+++ b/tools/c_rehash.in +Index: openssl-1.1.1v/tools/c_rehash.in +=================================================================== +--- openssl-1.1.1v.orig/tools/c_rehash.in ++++ openssl-1.1.1v/tools/c_rehash.in @@ -8,7 +8,7 @@ # in the file LICENSE in the source distribution or at # https://www.openssl.org/source/license.html diff --git a/openssl-1_1.changes b/openssl-1_1.changes index 87258a0..8772a90 100644 --- a/openssl-1_1.changes +++ b/openssl-1_1.changes @@ -1,3 +1,34 @@ +------------------------------------------------------------------- +Tue Aug 1 16:12:36 UTC 2023 - Pedro Monreal + +- Update to 1.1.1v: + * Fix excessive time spent checking DH q parameter value + (bsc#1213853, CVE-2023-3817). The function DH_check() performs + various checks on DH parameters. After fixing CVE-2023-3446 it + was discovered that a large q parameter value can also trigger + an overly long computation during some of these checks. A + correct q value, if present, cannot be larger than the modulus + p parameter, thus it is unnecessary to perform these checks if + q is larger than p. If DH_check() is called with such q parameter + value, DH_CHECK_INVALID_Q_VALUE return flag is set and the + computationally intensive checks are skipped. + * Fix DH_check() excessive time with over sized modulus + (bsc#1213487, CVE-2023-3446). The function DH_check() performs + various checks on DH parameters. One of those checks confirms + that the modulus ("p" parameter) is not too large. Trying to use + a very large modulus is slow and OpenSSL will not normally use + a modulus which is over 10,000 bits in length. However the + DH_check() function checks numerous aspects of the key or + parameters that have been supplied. Some of those checks use the + supplied modulus value even if it has already been found to be + too large. A new limit has been added to DH_check of 32,768 bits. + Supplying a key/parameters with a modulus over this size will + simply cause DH_check() to fail. + * Rebase openssl-1_1-openssl-config.patch + * Remove security patches fixed upstream: + - openssl-CVE-2023-3446.patch + - openssl-CVE-2023-3446-test.patch + ------------------------------------------------------------------- Mon Jul 24 12:40:38 UTC 2023 - Otto Hollmann diff --git a/openssl-1_1.spec b/openssl-1_1.spec index 8efc277..5a44979 100644 --- a/openssl-1_1.spec +++ b/openssl-1_1.spec @@ -41,7 +41,7 @@ %define _rname openssl Name: openssl-1_1 # Don't forget to update the version in the "openssl" meta-package! -Version: 1.1.1u +Version: 1.1.1v Release: 0 Summary: Secure Sockets and Transport Layer Security License: OpenSSL @@ -132,11 +132,8 @@ Patch78: openssl-1_1-Fixed-conditional-statement-testing-64-and-256-bytes Patch79: openssl-1_1-Fix-AES-GCM-on-Power-8-CPUs.patch #PATCH-FIX-OPENSUSE bsc#1205042 Set OpenSSL 3.0 as the default openssl Patch80: openssl-1_1-openssl-config.patch -# PATCH-FIX-UPSTREAM: bsc#1213487 CVE-2023-3446 DH_check() excessive time with over sized modulus -Patch81: openssl-CVE-2023-3446.patch -Patch82: openssl-CVE-2023-3446-test.patch # PATCH-FIX-SUSE bsc#1213517 Dont pass zero length input to EVP_Cipher -Patch83: openssl-dont-pass-zero-length-input-to-EVP_Cipher.patch +Patch81: openssl-dont-pass-zero-length-input-to-EVP_Cipher.patch BuildRequires: pkgconfig BuildRequires: pkgconfig(zlib) Provides: ssl diff --git a/openssl-CVE-2023-3446-test.patch b/openssl-CVE-2023-3446-test.patch deleted file mode 100644 index 45a6f53..0000000 --- a/openssl-CVE-2023-3446-test.patch +++ /dev/null @@ -1,58 +0,0 @@ -From e9ddae17e302a7e6a0daf00f25efed7c70f114d4 Mon Sep 17 00:00:00 2001 -From: Matt Caswell -Date: Fri, 7 Jul 2023 14:39:48 +0100 -Subject: [PATCH] Add a test for CVE-2023-3446 - -Confirm that the only errors DH_check() finds with DH parameters with an -excessively long modulus is that the modulus is too large. We should not -be performing time consuming checks using that modulus. - -Reviewed-by: Paul Dale -Reviewed-by: Tom Cosgrove -Reviewed-by: Bernd Edlinger -Reviewed-by: Tomas Mraz -(Merged from https://github.com/openssl/openssl/pull/21452) ---- - test/dhtest.c | 15 +++++++++++++-- - 1 file changed, 13 insertions(+), 2 deletions(-) - -diff --git a/test/dhtest.c b/test/dhtest.c -index 9d5609b943ab..00b3c471015d 100644 ---- a/test/dhtest.c -+++ b/test/dhtest.c -@@ -63,7 +63,7 @@ static int dh_test(void) - || !TEST_true(DH_set0_pqg(dh, p, q, g))) - goto err1; - -- if (!DH_check(dh, &i)) -+ if (!TEST_true(DH_check(dh, &i))) - goto err2; - if (!TEST_false(i & DH_CHECK_P_NOT_PRIME) - || !TEST_false(i & DH_CHECK_P_NOT_SAFE_PRIME) -@@ -123,6 +123,17 @@ static int dh_test(void) - /* check whether the public key was calculated correctly */ - TEST_uint_eq(BN_get_word(pub_key2), 3331L); - -+ /* Modulus of size: dh check max modulus bits + 1 */ -+ if (!TEST_true(BN_set_word(p, 1)) -+ || !TEST_true(BN_lshift(p, p, OPENSSL_DH_CHECK_MAX_MODULUS_BITS))) -+ goto err3; -+ -+ /* -+ * We expect no checks at all for an excessively large modulus -+ */ -+ if (!TEST_false(DH_check(dh, &i))) -+ goto err3; -+ - /* - * II) key generation - */ -@@ -137,7 +148,7 @@ static int dh_test(void) - goto err3; - - /* ... and check whether it is valid */ -- if (!DH_check(a, &i)) -+ if (!TEST_true(DH_check(a, &i))) - goto err3; - if (!TEST_false(i & DH_CHECK_P_NOT_PRIME) - || !TEST_false(i & DH_CHECK_P_NOT_SAFE_PRIME) diff --git a/openssl-CVE-2023-3446.patch b/openssl-CVE-2023-3446.patch deleted file mode 100644 index a39ee09..0000000 --- a/openssl-CVE-2023-3446.patch +++ /dev/null @@ -1,105 +0,0 @@ -From 8780a896543a654e757db1b9396383f9d8095528 Mon Sep 17 00:00:00 2001 -From: Matt Caswell -Date: Thu, 6 Jul 2023 16:36:35 +0100 -Subject: [PATCH] Fix DH_check() excessive time with over sized modulus - -The DH_check() function checks numerous aspects of the key or parameters -that have been supplied. Some of those checks use the supplied modulus -value even if it is excessively large. - -There is already a maximum DH modulus size (10,000 bits) over which -OpenSSL will not generate or derive keys. DH_check() will however still -perform various tests for validity on such a large modulus. We introduce a -new maximum (32,768) over which DH_check() will just fail. - -An application that calls DH_check() and supplies a key or parameters -obtained from an untrusted source could be vulnerable to a Denial of -Service attack. - -The function DH_check() is itself called by a number of other OpenSSL -functions. An application calling any of those other functions may -similarly be affected. The other functions affected by this are -DH_check_ex() and EVP_PKEY_param_check(). - -CVE-2023-3446 - -Reviewed-by: Paul Dale -Reviewed-by: Tom Cosgrove -Reviewed-by: Bernd Edlinger -Reviewed-by: Tomas Mraz -(Merged from https://github.com/openssl/openssl/pull/21452) ---- - crypto/dh/dh_check.c | 6 ++++++ - crypto/dh/dh_err.c | 3 ++- - crypto/err/openssl.txt | 3 ++- - include/openssl/dh.h | 3 +++ - include/openssl/dherr.h | 3 ++- - 5 files changed, 15 insertions(+), 3 deletions(-) - -Index: openssl-1.1.1u/crypto/dh/dh_check.c -=================================================================== ---- openssl-1.1.1u.orig/crypto/dh/dh_check.c -+++ openssl-1.1.1u/crypto/dh/dh_check.c -@@ -101,6 +101,12 @@ int DH_check(const DH *dh, int *ret) - BN_CTX *ctx = NULL; - BIGNUM *t1 = NULL, *t2 = NULL; - -+ /* Don't do any checks at all with an excessively large modulus */ -+ if (BN_num_bits(dh->p) > OPENSSL_DH_CHECK_MAX_MODULUS_BITS) { -+ DHerr(DH_F_DH_CHECK, DH_R_MODULUS_TOO_LARGE); -+ return 0; -+ } -+ - if (!DH_check_params(dh, ret)) - return 0; - -Index: openssl-1.1.1u/crypto/dh/dh_err.c -=================================================================== ---- openssl-1.1.1u.orig/crypto/dh/dh_err.c -+++ openssl-1.1.1u/crypto/dh/dh_err.c -@@ -18,6 +18,7 @@ static const ERR_STRING_DATA DH_str_func - {ERR_PACK(ERR_LIB_DH, DH_F_DHPARAMS_PRINT_FP, 0), "DHparams_print_fp"}, - {ERR_PACK(ERR_LIB_DH, DH_F_DH_BUILTIN_GENPARAMS, 0), - "dh_builtin_genparams"}, -+ {ERR_PACK(ERR_LIB_DH, DH_F_DH_CHECK, 0), "DH_check"}, - {ERR_PACK(ERR_LIB_DH, DH_F_DH_CHECK_EX, 0), "DH_check_ex"}, - {ERR_PACK(ERR_LIB_DH, DH_F_DH_CHECK_PARAMS_EX, 0), "DH_check_params_ex"}, - {ERR_PACK(ERR_LIB_DH, DH_F_DH_CHECK_PUB_KEY_EX, 0), "DH_check_pub_key_ex"}, -Index: openssl-1.1.1u/crypto/err/openssl.txt -=================================================================== ---- openssl-1.1.1u.orig/crypto/err/openssl.txt -+++ openssl-1.1.1u/crypto/err/openssl.txt -@@ -401,6 +401,7 @@ CT_F_SCT_SET_VERSION:104:SCT_set_version - DH_F_COMPUTE_KEY:102:compute_key - DH_F_DHPARAMS_PRINT_FP:101:DHparams_print_fp - DH_F_DH_BUILTIN_GENPARAMS:106:dh_builtin_genparams -+DH_F_DH_CHECK:126:DH_check - DH_F_DH_CHECK_EX:121:DH_check_ex - DH_F_DH_CHECK_PARAMS_EX:122:DH_check_params_ex - DH_F_DH_CHECK_PUB_KEY_EX:123:DH_check_pub_key_ex -Index: openssl-1.1.1u/include/openssl/dh.h -=================================================================== ---- openssl-1.1.1u.orig/include/openssl/dh.h -+++ openssl-1.1.1u/include/openssl/dh.h -@@ -29,6 +29,9 @@ extern "C" { - # ifndef OPENSSL_DH_MAX_MODULUS_BITS - # define OPENSSL_DH_MAX_MODULUS_BITS 10000 - # endif -+# ifndef OPENSSL_DH_CHECK_MAX_MODULUS_BITS -+# define OPENSSL_DH_CHECK_MAX_MODULUS_BITS 32768 -+# endif - - # define OPENSSL_DH_FIPS_MIN_MODULUS_BITS 1024 - # define OPENSSL_DH_FIPS_MIN_MODULUS_BITS_GEN 2048 -Index: openssl-1.1.1u/include/openssl/dherr.h -=================================================================== ---- openssl-1.1.1u.orig/include/openssl/dherr.h -+++ openssl-1.1.1u/include/openssl/dherr.h -@@ -30,6 +30,7 @@ int ERR_load_DH_strings(void); - # define DH_F_COMPUTE_KEY 102 - # define DH_F_DHPARAMS_PRINT_FP 101 - # define DH_F_DH_BUILTIN_GENPARAMS 106 -+# define DH_F_DH_CHECK 126 - # define DH_F_DH_CHECK_EX 121 - # define DH_F_DH_CHECK_PARAMS_EX 122 - # define DH_F_DH_CHECK_PUB_KEY_EX 123