summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorThomas Deutschmann <whissi@gentoo.org>2019-08-23 19:46:20 +0200
committerThomas Deutschmann <whissi@gentoo.org>2019-08-23 20:10:21 +0200
commit4a898bb77d04e01e132bd1cd37bfc8b0e437467c (patch)
tree196933ab1e2f6b43b27afd392eefc279bc12272d /dev-libs/openssl/files
parentdev-libs/openssl: don't destroy user flags (diff)
downloadgentoo-4a898bb77d04e01e132bd1cd37bfc8b0e437467c.tar.gz
gentoo-4a898bb77d04e01e132bd1cd37bfc8b0e437467c.tar.bz2
gentoo-4a898bb77d04e01e132bd1cd37bfc8b0e437467c.zip
dev-libs/openssl: drop old
Package-Manager: Portage-2.3.72, Repoman-2.3.17 Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>
Diffstat (limited to 'dev-libs/openssl/files')
-rw-r--r--dev-libs/openssl/files/openssl-1.1.1b-CVE-2019-1543.patch66
-rw-r--r--dev-libs/openssl/files/openssl-1.1.1b-ec-curves-patch.patch207
2 files changed, 0 insertions, 273 deletions
diff --git a/dev-libs/openssl/files/openssl-1.1.1b-CVE-2019-1543.patch b/dev-libs/openssl/files/openssl-1.1.1b-CVE-2019-1543.patch
deleted file mode 100644
index 4d478c484c90..000000000000
--- a/dev-libs/openssl/files/openssl-1.1.1b-CVE-2019-1543.patch
+++ /dev/null
@@ -1,66 +0,0 @@
-From f426625b6ae9a7831010750490a5f0ad689c5ba3 Mon Sep 17 00:00:00 2001
-From: Matt Caswell <matt@openssl.org>
-Date: Tue, 5 Mar 2019 14:39:15 +0000
-Subject: [PATCH] Prevent over long nonces in ChaCha20-Poly1305
-
-ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for
-every encryption operation. RFC 7539 specifies that the nonce value (IV)
-should be 96 bits (12 bytes). OpenSSL allows a variable nonce length and
-front pads the nonce with 0 bytes if it is less than 12 bytes. However it
-also incorrectly allows a nonce to be set of up to 16 bytes. In this case
-only the last 12 bytes are significant and any additional leading bytes are
-ignored.
-
-It is a requirement of using this cipher that nonce values are unique.
-Messages encrypted using a reused nonce value are susceptible to serious
-confidentiality and integrity attacks. If an application changes the
-default nonce length to be longer than 12 bytes and then makes a change to
-the leading bytes of the nonce expecting the new value to be a new unique
-nonce then such an application could inadvertently encrypt messages with a
-reused nonce.
-
-Additionally the ignored bytes in a long nonce are not covered by the
-integrity guarantee of this cipher. Any application that relies on the
-integrity of these ignored leading bytes of a long nonce may be further
-affected.
-
-Any OpenSSL internal use of this cipher, including in SSL/TLS, is safe
-because no such use sets such a long nonce value. However user
-applications that use this cipher directly and set a non-default nonce
-length to be longer than 12 bytes may be vulnerable.
-
-CVE-2019-1543
-
-Fixes #8345
-
-Reviewed-by: Paul Dale <paul.dale@oracle.com>
-Reviewed-by: Richard Levitte <levitte@openssl.org>
-(Merged from https://github.com/openssl/openssl/pull/8406)
-
-(cherry picked from commit 2a3d0ee9d59156c48973592331404471aca886d6)
----
- crypto/evp/e_chacha20_poly1305.c | 4 +++-
- 1 file changed, 3 insertions(+), 1 deletion(-)
-
-diff --git a/crypto/evp/e_chacha20_poly1305.c b/crypto/evp/e_chacha20_poly1305.c
-index c1917bb86a6..d3e2c622a1b 100644
---- a/crypto/evp/e_chacha20_poly1305.c
-+++ b/crypto/evp/e_chacha20_poly1305.c
-@@ -30,6 +30,8 @@ typedef struct {
-
- #define data(ctx) ((EVP_CHACHA_KEY *)(ctx)->cipher_data)
-
-+#define CHACHA20_POLY1305_MAX_IVLEN 12
-+
- static int chacha_init_key(EVP_CIPHER_CTX *ctx,
- const unsigned char user_key[CHACHA_KEY_SIZE],
- const unsigned char iv[CHACHA_CTR_SIZE], int enc)
-@@ -533,7 +535,7 @@ static int chacha20_poly1305_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg,
- return 1;
-
- case EVP_CTRL_AEAD_SET_IVLEN:
-- if (arg <= 0 || arg > CHACHA_CTR_SIZE)
-+ if (arg <= 0 || arg > CHACHA20_POLY1305_MAX_IVLEN)
- return 0;
- actx->nonce_len = arg;
- return 1;
diff --git a/dev-libs/openssl/files/openssl-1.1.1b-ec-curves-patch.patch b/dev-libs/openssl/files/openssl-1.1.1b-ec-curves-patch.patch
deleted file mode 100644
index c1f53c838230..000000000000
--- a/dev-libs/openssl/files/openssl-1.1.1b-ec-curves-patch.patch
+++ /dev/null
@@ -1,207 +0,0 @@
-Based on openssl-1.1.1-ec-curves.patch.
-
-Updated for OpenSSL change b6d41ff73392df5af9c931c902ae4cd75c5b61ea.
-
---- a/apps/speed.c
-+++ b/apps/speed.c
-@@ -489,82 +489,28 @@ static const OPT_PAIR rsa_choices[] = {
- static double rsa_results[RSA_NUM][2]; /* 2 ops: sign then verify */
- #endif /* OPENSSL_NO_RSA */
-
--#define R_EC_P160 0
--#define R_EC_P192 1
--#define R_EC_P224 2
--#define R_EC_P256 3
--#define R_EC_P384 4
--#define R_EC_P521 5
--#define R_EC_K163 6
--#define R_EC_K233 7
--#define R_EC_K283 8
--#define R_EC_K409 9
--#define R_EC_K571 10
--#define R_EC_B163 11
--#define R_EC_B233 12
--#define R_EC_B283 13
--#define R_EC_B409 14
--#define R_EC_B571 15
--#define R_EC_BRP256R1 16
--#define R_EC_BRP256T1 17
--#define R_EC_BRP384R1 18
--#define R_EC_BRP384T1 19
--#define R_EC_BRP512R1 20
--#define R_EC_BRP512T1 21
--#define R_EC_X25519 22
--#define R_EC_X448 23
-+#define R_EC_P224 0
-+#define R_EC_P256 1
-+#define R_EC_P384 2
-+#define R_EC_P521 3
-+#define R_EC_X25519 4
-+#define R_EC_X448 5
- #ifndef OPENSSL_NO_EC
- static OPT_PAIR ecdsa_choices[] = {
-- {"ecdsap160", R_EC_P160},
-- {"ecdsap192", R_EC_P192},
- {"ecdsap224", R_EC_P224},
- {"ecdsap256", R_EC_P256},
- {"ecdsap384", R_EC_P384},
- {"ecdsap521", R_EC_P521},
-- {"ecdsak163", R_EC_K163},
-- {"ecdsak233", R_EC_K233},
-- {"ecdsak283", R_EC_K283},
-- {"ecdsak409", R_EC_K409},
-- {"ecdsak571", R_EC_K571},
-- {"ecdsab163", R_EC_B163},
-- {"ecdsab233", R_EC_B233},
-- {"ecdsab283", R_EC_B283},
-- {"ecdsab409", R_EC_B409},
-- {"ecdsab571", R_EC_B571},
-- {"ecdsabrp256r1", R_EC_BRP256R1},
-- {"ecdsabrp256t1", R_EC_BRP256T1},
-- {"ecdsabrp384r1", R_EC_BRP384R1},
-- {"ecdsabrp384t1", R_EC_BRP384T1},
-- {"ecdsabrp512r1", R_EC_BRP512R1},
-- {"ecdsabrp512t1", R_EC_BRP512T1}
- };
- # define ECDSA_NUM OSSL_NELEM(ecdsa_choices)
-
- static double ecdsa_results[ECDSA_NUM][2]; /* 2 ops: sign then verify */
-
- static const OPT_PAIR ecdh_choices[] = {
-- {"ecdhp160", R_EC_P160},
-- {"ecdhp192", R_EC_P192},
- {"ecdhp224", R_EC_P224},
- {"ecdhp256", R_EC_P256},
- {"ecdhp384", R_EC_P384},
- {"ecdhp521", R_EC_P521},
-- {"ecdhk163", R_EC_K163},
-- {"ecdhk233", R_EC_K233},
-- {"ecdhk283", R_EC_K283},
-- {"ecdhk409", R_EC_K409},
-- {"ecdhk571", R_EC_K571},
-- {"ecdhb163", R_EC_B163},
-- {"ecdhb233", R_EC_B233},
-- {"ecdhb283", R_EC_B283},
-- {"ecdhb409", R_EC_B409},
-- {"ecdhb571", R_EC_B571},
-- {"ecdhbrp256r1", R_EC_BRP256R1},
-- {"ecdhbrp256t1", R_EC_BRP256T1},
-- {"ecdhbrp384r1", R_EC_BRP384R1},
-- {"ecdhbrp384t1", R_EC_BRP384T1},
-- {"ecdhbrp512r1", R_EC_BRP512R1},
-- {"ecdhbrp512t1", R_EC_BRP512T1},
- {"ecdhx25519", R_EC_X25519},
- {"ecdhx448", R_EC_X448}
- };
-@@ -1495,29 +1441,10 @@ int speed_main(int argc, char **argv)
- unsigned int bits;
- } test_curves[] = {
- /* Prime Curves */
-- {"secp160r1", NID_secp160r1, 160},
-- {"nistp192", NID_X9_62_prime192v1, 192},
- {"nistp224", NID_secp224r1, 224},
- {"nistp256", NID_X9_62_prime256v1, 256},
- {"nistp384", NID_secp384r1, 384},
- {"nistp521", NID_secp521r1, 521},
-- /* Binary Curves */
-- {"nistk163", NID_sect163k1, 163},
-- {"nistk233", NID_sect233k1, 233},
-- {"nistk283", NID_sect283k1, 283},
-- {"nistk409", NID_sect409k1, 409},
-- {"nistk571", NID_sect571k1, 571},
-- {"nistb163", NID_sect163r2, 163},
-- {"nistb233", NID_sect233r1, 233},
-- {"nistb283", NID_sect283r1, 283},
-- {"nistb409", NID_sect409r1, 409},
-- {"nistb571", NID_sect571r1, 571},
-- {"brainpoolP256r1", NID_brainpoolP256r1, 256},
-- {"brainpoolP256t1", NID_brainpoolP256t1, 256},
-- {"brainpoolP384r1", NID_brainpoolP384r1, 384},
-- {"brainpoolP384t1", NID_brainpoolP384t1, 384},
-- {"brainpoolP512r1", NID_brainpoolP512r1, 512},
-- {"brainpoolP512t1", NID_brainpoolP512t1, 512},
- /* Other and ECDH only ones */
- {"X25519", NID_X25519, 253},
- {"X448", NID_X448, 448}
-@@ -2017,9 +1944,9 @@ int speed_main(int argc, char **argv)
- # endif
-
- # ifndef OPENSSL_NO_EC
-- ecdsa_c[R_EC_P160][0] = count / 1000;
-- ecdsa_c[R_EC_P160][1] = count / 1000 / 2;
-- for (i = R_EC_P192; i <= R_EC_P521; i++) {
-+ ecdsa_c[R_EC_P224][0] = count / 1000;
-+ ecdsa_c[R_EC_P224][1] = count / 1000 / 2;
-+ for (i = R_EC_P256; i <= R_EC_P521; i++) {
- ecdsa_c[i][0] = ecdsa_c[i - 1][0] / 2;
- ecdsa_c[i][1] = ecdsa_c[i - 1][1] / 2;
- if (ecdsa_doit[i] <= 1 && ecdsa_c[i][0] == 0)
-@@ -2031,6 +1958,7 @@ int speed_main(int argc, char **argv)
- }
- }
- }
-+#if 0
- ecdsa_c[R_EC_K163][0] = count / 1000;
- ecdsa_c[R_EC_K163][1] = count / 1000 / 2;
- for (i = R_EC_K233; i <= R_EC_K571; i++) {
-@@ -2059,9 +1987,9 @@ int speed_main(int argc, char **argv)
- }
- }
- }
--
-- ecdh_c[R_EC_P160][0] = count / 1000;
-- for (i = R_EC_P192; i <= R_EC_P521; i++) {
-+#endif
-+ ecdh_c[R_EC_P224][0] = count / 1000;
-+ for (i = R_EC_P256; i <= R_EC_P521; i++) {
- ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
- if (ecdh_doit[i] <= 1 && ecdh_c[i][0] == 0)
- ecdh_doit[i] = 0;
-@@ -2071,6 +1999,7 @@ int speed_main(int argc, char **argv)
- }
- }
- }
-+#if 0
- ecdh_c[R_EC_K163][0] = count / 1000;
- for (i = R_EC_K233; i <= R_EC_K571; i++) {
- ecdh_c[i][0] = ecdh_c[i - 1][0] / 2;
-@@ -2116,6 +2045,7 @@ int speed_main(int argc, char **argv)
- }
- }
- }
-+#endif
- /* default iteration count for the last two EC Curves */
- ecdh_c[R_EC_X25519][0] = count / 1800;
- ecdh_c[R_EC_X448][0] = count / 7200;
---- a/crypto/ec/ecp_smpl.c
-+++ b/crypto/ec/ecp_smpl.c
-@@ -145,6 +145,11 @@ int ec_GFp_simple_group_set_curve(EC_GROUP *group,
- return 0;
- }
-
-+ if (BN_num_bits(p) < 224) {
-+ ECerr(EC_F_EC_GFP_SIMPLE_GROUP_SET_CURVE, EC_R_UNSUPPORTED_FIELD);
-+ return 0;
-+ }
-+
- if (ctx == NULL) {
- ctx = new_ctx = BN_CTX_new();
- if (ctx == NULL)
---- a/test/ecdsatest.c
-+++ b/test/ecdsatest.c
-@@ -176,6 +176,7 @@ static int x9_62_tests(void)
- if (!change_rand())
- goto x962_err;
-
-+#if 0
- if (!TEST_true(x9_62_test_internal(NID_X9_62_prime192v1,
- "3342403536405981729393488334694600415596881826869351677613",
- "5735822328888155254683894997897571951568553642892029982342")))
-@@ -186,6 +187,7 @@ static int x9_62_tests(void)
- "3238135532097973577080787768312505059318910517550078427819"
- "78505179448783")))
- goto x962_err;
-+#endif
-
- # ifndef OPENSSL_NO_EC2M
- if (!TEST_true(x9_62_test_internal(NID_X9_62_c2tnb191v1,