diff options
author | Richard Purdie <richard.purdie@linuxfoundation.org> | 2017-03-02 12:04:08 +0000 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2017-03-07 20:04:58 +0000 |
commit | 19b7e950346fb1dde6505c45236eba6cd9b33b4b (patch) | |
tree | 4e582be23e08321bd04c591be3f37926199d6005 /meta/recipes-support/gnupg/gnupg-1.4.7/CVE-2013-4576.patch | |
parent | 39f5a05152aa0c3503735e18dd3b4c066b284107 (diff) | |
download | openembedded-core-contrib-19b7e950346fb1dde6505c45236eba6cd9b33b4b.tar.gz |
recipes: Move out stale GPLv2 versions to a seperate layer
These are recipes where the upstream has moved to GPLv3 and these old
versions are the last ones under the GPLv2 license.
There are several reasons for making this move. There is a different
quality of service with these recipes in that they don't get security
fixes and upstream no longer care about them, in fact they're actively
hostile against people using old versions. The recipes tend to need a
different kind of maintenance to work with changes in the wider ecosystem
and there needs to be isolation between changes made in the v3 versions
and those in the v2 versions.
There are probably better ways to handle a "non-GPLv3" system but right
now having these in OE-Core makes them look like a first class citizen
when I believe they have potential for a variety of undesireable issues.
Moving them into a separate layer makes their different needs clearer, it
also makes it clear how many of these there are. Some are probably not
needed (e.g. mc), I also wonder whether some are useful (e.g. gmp)
since most things that use them are GPLv3 only already. Someone could
now more clearly see how to streamline the list of recipes here.
I'm proposing we mmove to this separate layer for 2.3 with its future
maintinership and testing to be determined in 2.4 and beyond.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-support/gnupg/gnupg-1.4.7/CVE-2013-4576.patch')
-rw-r--r-- | meta/recipes-support/gnupg/gnupg-1.4.7/CVE-2013-4576.patch | 154 |
1 files changed, 0 insertions, 154 deletions
diff --git a/meta/recipes-support/gnupg/gnupg-1.4.7/CVE-2013-4576.patch b/meta/recipes-support/gnupg/gnupg-1.4.7/CVE-2013-4576.patch deleted file mode 100644 index 5dcde1f9cb..0000000000 --- a/meta/recipes-support/gnupg/gnupg-1.4.7/CVE-2013-4576.patch +++ /dev/null @@ -1,154 +0,0 @@ -Upstream-Status: Backport -CVE: CVE-2013-4576 - -Index: gnupg-1.4.7/cipher/dsa.c -=================================================================== ---- gnupg-1.4.7.orig/cipher/dsa.c 2006-12-12 02:27:21.000000000 +0800 -+++ gnupg-1.4.7/cipher/dsa.c 2014-01-23 11:30:17.300915919 +0800 -@@ -287,6 +287,8 @@ - MPI kinv; - MPI tmp; - -+ mpi_normalize (hash); -+ - /* select a random k with 0 < k < q */ - k = gen_k( skey->q ); - -Index: gnupg-1.4.7/cipher/elgamal.c -=================================================================== ---- gnupg-1.4.7.orig/cipher/elgamal.c 2006-12-12 03:08:05.000000000 +0800 -+++ gnupg-1.4.7/cipher/elgamal.c 2014-01-23 11:30:17.300915919 +0800 -@@ -376,6 +376,9 @@ - { - MPI t1 = mpi_alloc_secure( mpi_get_nlimbs( skey->p ) ); - -+ mpi_normalize (a); -+ mpi_normalize (b); -+ - /* output = b/(a^x) mod p */ - mpi_powm( t1, a, skey->x, skey->p ); - mpi_invm( t1, t1, skey->p ); -Index: gnupg-1.4.7/cipher/random.c -=================================================================== ---- gnupg-1.4.7.orig/cipher/random.c 2006-11-03 18:09:39.000000000 +0800 -+++ gnupg-1.4.7/cipher/random.c 2014-01-23 11:31:53.993495462 +0800 -@@ -273,6 +273,18 @@ - } - - -+/* Randomize the MPI */ -+void -+randomize_mpi (MPI mpi, size_t nbits, int level) -+{ -+ unsigned char *buffer; -+ -+ buffer = get_random_bits (nbits, level, mpi_is_secure (mpi)); -+ mpi_set_buffer (mpi, buffer, (nbits+7)/8, 0); -+ xfree (buffer); -+} -+ -+ - int - random_is_faked() - { -Index: gnupg-1.4.7/cipher/random.h -=================================================================== ---- gnupg-1.4.7.orig/cipher/random.h 2006-02-09 19:29:29.000000000 +0800 -+++ gnupg-1.4.7/cipher/random.h 2014-01-23 11:30:17.300915919 +0800 -@@ -32,6 +32,7 @@ - int random_is_faked(void); - void random_disable_locking (void); - void randomize_buffer( byte *buffer, size_t length, int level ); -+void randomize_mpi (MPI mpi, size_t nbits, int level); - byte *get_random_bits( size_t nbits, int level, int secure ); - void fast_random_poll( void ); - -Index: gnupg-1.4.7/cipher/rsa.c -=================================================================== ---- gnupg-1.4.7.orig/cipher/rsa.c 2006-12-12 03:09:00.000000000 +0800 -+++ gnupg-1.4.7/cipher/rsa.c 2014-01-23 11:35:04.330639125 +0800 -@@ -301,9 +301,26 @@ - #if 0 - mpi_powm( output, input, skey->d, skey->n ); - #else -- MPI m1 = mpi_alloc_secure( mpi_get_nlimbs(skey->n)+1 ); -- MPI m2 = mpi_alloc_secure( mpi_get_nlimbs(skey->n)+1 ); -- MPI h = mpi_alloc_secure( mpi_get_nlimbs(skey->n)+1 ); -+ int nlimbs = mpi_get_nlimbs (skey->n)+1; -+ MPI m1 = mpi_alloc_secure (nlimbs); -+ MPI m2 = mpi_alloc_secure (nlimbs); -+ MPI h = mpi_alloc_secure (nlimbs); -+# if 1 -+ MPI bdata= mpi_alloc_secure (nlimbs); -+ MPI r = mpi_alloc_secure (nlimbs); -+# endif -+ -+ /* Remove superfluous leading zeroes from INPUT. */ -+ mpi_normalize (input); -+ -+# if 1 -+ /* Blind: bdata = (data * r^e) mod n */ -+ randomize_mpi (r, mpi_get_nbits (skey->n), 0); -+ mpi_fdiv_r (r, r, skey->n); -+ mpi_powm (bdata, r, skey->e, skey->n); -+ mpi_mulm (bdata, bdata, input, skey->n); -+ input = bdata; -+# endif - - /* m1 = c ^ (d mod (p-1)) mod p */ - mpi_sub_ui( h, skey->p, 1 ); -@@ -321,8 +338,15 @@ - /* m = m2 + h * p */ - mpi_mul ( h, h, skey->p ); - mpi_add ( output, m1, h ); -- /* ready */ -- -+ -+# if 1 -+ mpi_free (bdata); -+ /* Unblind: output = (output * r^(-1)) mod n */ -+ mpi_invm (r, r, skey->n); -+ mpi_mulm (output, output, r, skey->n); -+ mpi_free (r); -+# endif -+ - mpi_free ( h ); - mpi_free ( m1 ); - mpi_free ( m2 ); -@@ -397,6 +421,7 @@ - rsa_decrypt( int algo, MPI *result, MPI *data, MPI *skey ) - { - RSA_secret_key sk; -+ MPI input; - - if( algo != 1 && algo != 2 ) - return G10ERR_PUBKEY_ALGO; -@@ -407,8 +432,14 @@ - sk.p = skey[3]; - sk.q = skey[4]; - sk.u = skey[5]; -- *result = mpi_alloc_secure( mpi_get_nlimbs( sk.n ) ); -- secret( *result, data[0], &sk ); -+ -+ /* Mitigates side-channel attacks (CVE-2013-4576). */ -+ input = mpi_alloc (0); -+ mpi_normalize (data[0]); -+ mpi_fdiv_r (input, data[0], sk.n); -+ *result = mpi_alloc_secure (mpi_get_nlimbs (sk.n)); -+ secret (*result, input, &sk); -+ mpi_free (input); - return 0; - } - -Index: gnupg-1.4.7/g10/gpgv.c -=================================================================== ---- gnupg-1.4.7.orig/g10/gpgv.c 2006-12-13 19:25:04.000000000 +0800 -+++ gnupg-1.4.7/g10/gpgv.c 2014-01-23 11:30:17.300915919 +0800 -@@ -390,6 +390,7 @@ - void random_dump_stats(void) {} - int quick_random_gen( int onoff ) { return -1;} - void randomize_buffer( byte *buffer, size_t length, int level ) {} -+void randomize_mpi (MPI mpi, size_t nbits, int level) {} - int random_is_faked() { return -1;} - byte *get_random_bits( size_t nbits, int level, int secure ) { return NULL;} - void set_random_seed_file( const char *name ) {} |