Pedro Monreal Gonzalez
8c598ed63d
* Add openssl-3-disable-hmac-hw-acceleration-with-engine-digest.patch
* Add openssl-3-fix-hmac-digest-detection-s390x.patch
* Add openssl-3-fix-memleak-s390x_HMAC_CTX_copy.patch
- Add hardware acceleration for full AES-XTS jsc#PED-10273
* Add openssl-3-hw-acceleration-aes-xts-s390x.patch
- Support MSA 12 SHA3 on s390x jsc#PED-10280
* Add openssl-3-add_EVP_DigestSqueeze_api.patch
* Add openssl-3-support-multiple-sha3_squeeze_s390x.patch
* Add openssl-3-add-xof-state-handling-s3_absorb.patch
* Add openssl-3-fix-state-handling-sha3_absorb_s390x.patch
* Add openssl-3-fix-state-handling-sha3_final_s390x.patch
* Add openssl-3-fix-state-handling-shake_final_s390x.patch
* Add openssl-3-fix-state-handling-keccak_final_s390x.patch
* Add openssl-3-support-EVP_DigestSqueeze-in-digest-prov-s390x.patch
* Add openssl-3-add-defines-CPACF-funcs.patch
* Add openssl-3-add-hw-acceleration-hmac.patch
* Add openssl-3-support-CPACF-sha3-shake-perf-improvement.patch
* Add openssl-3-fix-s390x_sha3_absorb.patch
* Add openssl-3-fix-s390x_shake_squeeze.patch
- Update to 3.2.3:
* Changes between 3.2.2 and 3.2.3:
- Fixed possible denial of service in X.509 name checks. [CVE-2024-6119]
- Fixed possible buffer overread in SSL_select_next_proto(). [CVE-2024-5535]
* Changes between 3.2.1 and 3.2.2:
- Fixed potential use after free after SSL_free_buffers() is called. [CVE-2024-4741]
- Fixed an issue where checking excessively long DSA keys or parameters may
OBS-URL: https://build.opensuse.org/package/show/security:tls/openssl-3?expand=0&rev=121
66 lines
2.3 KiB
Diff
66 lines
2.3 KiB
Diff
From 3e47a286dc3274bda72a196c3a4030a1fc8302f1 Mon Sep 17 00:00:00 2001
|
|
From: Rohan McLure <rohanmclure@linux.ibm.com>
|
|
Date: Fri, 23 Jun 2023 16:41:48 +1000
|
|
Subject: [PATCH] ec: Use static linkage on nistp521 felem_{square,mul}
|
|
wrappers
|
|
|
|
Runtime selection of implementations for felem_{square,mul} depends on
|
|
felem_{square,mul}_wrapper functions, which overwrite function points in
|
|
a similar design to that of .plt.got sections used by program loaders
|
|
during dynamic linking.
|
|
|
|
There's no reason why these functions need to have external linkage.
|
|
Mark static.
|
|
|
|
Signed-off-by: Rohan McLure <rohanmclure@linux.ibm.com>
|
|
|
|
Reviewed-by: Paul Dale <pauli@openssl.org>
|
|
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
|
|
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
|
|
Reviewed-by: Todd Short <todd.short@me.com>
|
|
(Merged from https://github.com/openssl/openssl/pull/21471)
|
|
---
|
|
crypto/ec/ecp_nistp521.c | 10 +++++-----
|
|
1 file changed, 5 insertions(+), 5 deletions(-)
|
|
|
|
diff --git a/crypto/ec/ecp_nistp521.c b/crypto/ec/ecp_nistp521.c
|
|
index 97815cac1f13..32a9268ecf17 100644
|
|
--- a/crypto/ec/ecp_nistp521.c
|
|
+++ b/crypto/ec/ecp_nistp521.c
|
|
@@ -676,8 +676,8 @@ static void felem_reduce(felem out, const largefelem in)
|
|
}
|
|
|
|
#if defined(ECP_NISTP521_ASM)
|
|
-void felem_square_wrapper(largefelem out, const felem in);
|
|
-void felem_mul_wrapper(largefelem out, const felem in1, const felem in2);
|
|
+static void felem_square_wrapper(largefelem out, const felem in);
|
|
+static void felem_mul_wrapper(largefelem out, const felem in1, const felem in2);
|
|
|
|
static void (*felem_square_p)(largefelem out, const felem in) =
|
|
felem_square_wrapper;
|
|
@@ -691,7 +691,7 @@ void p521_felem_mul(largefelem out, const felem in1, const felem in2);
|
|
# include "crypto/ppc_arch.h"
|
|
# endif
|
|
|
|
-void felem_select(void)
|
|
+static void felem_select(void)
|
|
{
|
|
# if defined(_ARCH_PPC64)
|
|
if ((OPENSSL_ppccap_P & PPC_MADD300) && (OPENSSL_ppccap_P & PPC_ALTIVEC)) {
|
|
@@ -707,13 +707,13 @@ void felem_select(void)
|
|
felem_mul_p = felem_mul_ref;
|
|
}
|
|
|
|
-void felem_square_wrapper(largefelem out, const felem in)
|
|
+static void felem_square_wrapper(largefelem out, const felem in)
|
|
{
|
|
felem_select();
|
|
felem_square_p(out, in);
|
|
}
|
|
|
|
-void felem_mul_wrapper(largefelem out, const felem in1, const felem in2)
|
|
+static void felem_mul_wrapper(largefelem out, const felem in1, const felem in2)
|
|
{
|
|
felem_select();
|
|
felem_mul_p(out, in1, in2);
|