Accepting request 501007 from home:AndreasStieger:branches:devel:libraries:c_c++

libgcrypt 1.7.7

OBS-URL: https://build.opensuse.org/request/show/501007
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/libgcrypt?expand=0&rev=93

libgcrypt-1.7.6.tar.bz2

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:626aafee84af9d2ce253d2c143dc1c0902dda045780cc241f39970fc60be05bc
-size 2897695

libgcrypt-1.7.7.tar.bz2

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:b9b85eba0793ea3e6e66b896eb031fa05e1a4517277cc9ab10816b359254cd9a
+size 2861190

libgcrypt-secure-EdDSA-session-key.patch

@@ -1,34 +0,0 @@
-From 5a22de904a0a366ae79f03ff1e13a1232a89e26b Mon Sep 17 00:00:00 2001
-From: Jo Van Bulck <jo.vanbulck@cs.kuleuven.be>
-Date: Thu, 19 Jan 2017 17:00:15 +0100
-Subject: [PATCH] ecc: Store EdDSA session key in secure memory.
-
-* cipher/ecc-eddsa.c (_gcry_ecc_eddsa_sign): use mpi_snew to allocate
-session key.
---
-
-An attacker who learns the EdDSA session key from side-channel
-observation during the signing process, can easily revover the long-
-term secret key. Storing the session key in secure memory ensures that
-constant time point operations are used in the MPI library.
-
-Signed-off-by: Jo Van Bulck <jo.vanbulck@cs.kuleuven.be>
----
- cipher/ecc-eddsa.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/cipher/ecc-eddsa.c b/cipher/ecc-eddsa.c
-index f91f848..813e030 100644
---- a/cipher/ecc-eddsa.c
-+++ b/cipher/ecc-eddsa.c
-@@ -603,7 +603,7 @@ _gcry_ecc_eddsa_sign (gcry_mpi_t input, ECC_secret_key *skey,
-   a = mpi_snew (0);
-   x = mpi_new (0);
-   y = mpi_new (0);
--  r = mpi_new (0);
-+  r = mpi_snew (0);
-   ctx = _gcry_mpi_ec_p_internal_new (skey->E.model, skey->E.dialect, 0,
-                                      skey->E.p, skey->E.a, skey->E.b);
-   b = (ctx->nbits+7)/8;
--- 
-2.8.0.rc3

libgcrypt.changes

@@ -1,3 +1,12 @@
+-------------------------------------------------------------------
+Sun Jun  4 19:26:12 UTC 2017 - astieger@suse.com
+
+- libgcrypt 1.7.7:
+  * Fix possible timing attack on EdDSA session key (previously
+    patched, drop libgcrypt-secure-EdDSA-session-key.patch)
+  * Fix long standing bug in secure memory implementation which
+    could lead to a segv on free
+
 -------------------------------------------------------------------
 Fri Jun  2 10:05:18 UTC 2017 - pmonrealgonzalez@suse.com
 

libgcrypt.spec

@@ -21,7 +21,7 @@
 %define libsoname %{name}20
 %define cavs_dir %{_libexecdir}/%{name}/cavs
 Name:           libgcrypt
-Version:        1.7.6
+Version:        1.7.7
 Release:        0
 Summary:        The GNU Crypto Library
 License:        GPL-2.0+ and LGPL-2.1+ and GPL-3.0+
@@ -56,8 +56,6 @@ Patch30:        drbg_test.patch
 #PATCH-FIX-SUSE run FIPS self-test from constructor
 Patch32:        libgcrypt-fips_run_selftest_at_constructor.patch
 Patch34:        libgcrypt-1.6.3-aliasing.patch
-#PATCH-FIX-UPSTREAM -- pmonrealgonzalez@suse.com bsc#1042326 timing attack on EdDSA session key
-Patch35:        libgcrypt-secure-EdDSA-session-key.patch
 BuildRequires:  automake >= 1.14
 BuildRequires:  fipscheck
 BuildRequires:  libgpg-error-devel >= 1.13
@@ -155,7 +153,6 @@ understanding of applied cryptography is required to use Libgcrypt.
 %endif
 %patch13 -p1
 %patch14 -p1
-%patch35 -p1
 
 %build
 echo building with build_hmac256 set to %{build_hmac256}