From afb2b76da7b5100d2c1971f52793d76a59faf953f5efa25abbde604186fa6b4e Mon Sep 17 00:00:00 2001 From: Sascha Peilicke Date: Tue, 28 Jun 2011 08:06:25 +0000 Subject: [PATCH] Accepting request 74715 from Base:System update to latest stable version 1.0.0d. OBS-URL: https://build.opensuse.org/request/show/74715 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/openssl?expand=0&rev=59 --- CVE-2011-0014.patch | 28 ------------------ ECDSA_signatures_timing_attack.patch | 43 ++++++++++++++++++++++++++++ openssl-1.0.0c.tar.bz2 | 3 -- openssl-1.0.0d.tar.bz2 | 3 ++ openssl.changes | 18 ++++++++++++ openssl.spec | 8 ++++-- 6 files changed, 69 insertions(+), 34 deletions(-) delete mode 100644 CVE-2011-0014.patch create mode 100644 ECDSA_signatures_timing_attack.patch delete mode 100644 openssl-1.0.0c.tar.bz2 create mode 100644 openssl-1.0.0d.tar.bz2 diff --git a/CVE-2011-0014.patch b/CVE-2011-0014.patch deleted file mode 100644 index ac65f0e..0000000 --- a/CVE-2011-0014.patch +++ /dev/null @@ -1,28 +0,0 @@ -Index: openssl-1.0.0c/ssl/t1_lib.c -=================================================================== ---- openssl-1.0.0c.orig/ssl/t1_lib.c -+++ openssl-1.0.0c/ssl/t1_lib.c -@@ -917,6 +917,7 @@ int ssl_parse_clienthello_tlsext(SSL *s, - } - n2s(data, idsize); - dsize -= 2 + idsize; -+ size -= 2 + idsize; - if (dsize < 0) - { - *al = SSL_AD_DECODE_ERROR; -@@ -955,9 +956,14 @@ int ssl_parse_clienthello_tlsext(SSL *s, - } - - /* Read in request_extensions */ -+ if (size < 2) -+ { -+ *al = SSL_AD_DECODE_ERROR; -+ return 0; -+ } - n2s(data,dsize); - size -= 2; -- if (dsize > size) -+ if (dsize != size) - { - *al = SSL_AD_DECODE_ERROR; - return 0; diff --git a/ECDSA_signatures_timing_attack.patch b/ECDSA_signatures_timing_attack.patch new file mode 100644 index 0000000..4dc55b4 --- /dev/null +++ b/ECDSA_signatures_timing_attack.patch @@ -0,0 +1,43 @@ +Index: openssl-1.0.0c/crypto/ecdsa/ecs_ossl.c +=================================================================== +--- openssl-1.0.0c.orig/crypto/ecdsa/ecs_ossl.c ++++ openssl-1.0.0c/crypto/ecdsa/ecs_ossl.c +@@ -144,6 +144,16 @@ static int ecdsa_sign_setup(EC_KEY *ecke + } + while (BN_is_zero(k)); + ++#ifdef ECDSA_POINT_MUL_NO_CONSTTIME ++ /* We do not want timing information to leak the length of k, ++ * so we compute G*k using an equivalent scalar of fixed ++ * bit-length. */ ++ ++ if (!BN_add(k, k, order)) goto err; ++ if (BN_num_bits(k) <= BN_num_bits(order)) ++ if (!BN_add(k, k, order)) goto err; ++#endif /* def(ECDSA_POINT_MUL_NO_CONSTTIME) */ ++ + /* compute r the x-coordinate of generator * k */ + if (!EC_POINT_mul(group, tmp_point, k, NULL, NULL, ctx)) + { +Index: openssl-1.0.0c/crypto/ocsp/ocsp_lib.c +=================================================================== +--- openssl-1.0.0c.orig/crypto/ocsp/ocsp_lib.c ++++ openssl-1.0.0c/crypto/ocsp/ocsp_lib.c +@@ -170,13 +170,14 @@ int OCSP_parse_url(char *url, char **pho + + char *host, *port; + ++ *phost = NULL; ++ *pport = NULL; ++ *ppath = NULL; ++ + /* dup the buffer since we are going to mess with it */ + buf = BUF_strdup(url); + if (!buf) goto mem_err; + +- *phost = NULL; +- *pport = NULL; +- *ppath = NULL; + + /* Check for initial colon */ + p = strchr(buf, ':'); diff --git a/openssl-1.0.0c.tar.bz2 b/openssl-1.0.0c.tar.bz2 deleted file mode 100644 index dca4042..0000000 --- a/openssl-1.0.0c.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:fabc7750eb05c2b15916b1abdff7287064dd4bc120b0b77e233bc390352bae5d -size 3207024 diff --git a/openssl-1.0.0d.tar.bz2 b/openssl-1.0.0d.tar.bz2 new file mode 100644 index 0000000..a0885fb --- /dev/null +++ b/openssl-1.0.0d.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:1544c7464c7b6cd40bed63cf9e7e27a913d1af881f14d9afd15e61f401056eda +size 3223694 diff --git a/openssl.changes b/openssl.changes index 1f5674a..44e519d 100644 --- a/openssl.changes +++ b/openssl.changes @@ -1,3 +1,21 @@ +------------------------------------------------------------------- +Fri Jun 24 04:51:50 UTC 2011 - gjhe@novell.com + +- update to latest stable version 1.0.0d. + patch removed(already in the new package): + CVE-2011-0014 + patch added: + ECDSA_signatures_timing_attack.patch + +------------------------------------------------------------------- +Tue May 31 07:07:49 UTC 2011 - gjhe@novell.com + +- fix bug[bnc#693027]. + Add protection against ECDSA timing attacks as mentioned in the paper + by Billy Bob Brumley and Nicola Tuveri, see: + http://eprint.iacr.org/2011/232.pdf + [Billy Bob Brumley and Nicola Tuveri] + ------------------------------------------------------------------- Mon May 16 14:38:26 UTC 2011 - andrea@opensuse.org diff --git a/openssl.spec b/openssl.spec index 85f03ab..9e0bfd5 100644 --- a/openssl.spec +++ b/openssl.spec @@ -32,7 +32,7 @@ Obsoletes: openssl-64bit %endif # #Version: 1.0.0 -Version: 1.0.0c +Version: 1.0.0d Release: 25 Summary: Secure Sockets and Transport Layer Security Url: http://www.openssl.org/ @@ -49,7 +49,8 @@ Patch2: bug610223.patch #Patch5: CVE-2010-2939.patch #Patch6: CVE-2010-3864.patch Patch7: openssl-1.0.0b-aesni.patch -Patch8: CVE-2011-0014.patch +#Patch8: CVE-2011-0014.patch +Patch9: ECDSA_signatures_timing_attack.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build %description @@ -185,7 +186,8 @@ Authors: #%patch5 -p1 #%patch6 -p1 %patch7 -p1 -%patch8 -p1 +#%patch8 -p1 +%patch9 -p1 cp -p %{S:10} . echo "adding/overwriting some entries in the 'table' hash in Configure" # $dso_scheme:$shared_target:$shared_cflag:$shared_ldflag:$shared_extension:$ranlib:$arflags