rpms/openssl096b/FC-3 openssl-0.9.6b-can-2005-2969.patch, NONE, 1.1 openssl-engine-0.9.6b-dsa-consttime.patch, NONE, 1.1 openssl-0.9.6c-add-luna.patch, 1.1, 1.2 openssl.spec, 1.7, 1.8
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Tue Oct 11 19:26:45 UTC 2005
Author: tmraz
Update of /cvs/dist/rpms/openssl096b/FC-3
In directory cvs.devel.redhat.com:/tmp/cvs-serv17282
Modified Files:
openssl-0.9.6c-add-luna.patch openssl.spec
Added Files:
openssl-0.9.6b-can-2005-2969.patch
openssl-engine-0.9.6b-dsa-consttime.patch
Log Message:
* Thu Oct 6 2005 Tomas Mraz <tmraz at redhat.com> 0.9.6b-21.2
- fix CAN-2005-2969 - remove SSL_OP_MSIE_SSLV2_RSA_PADDING which
disables the countermeasure against man in the middle attack in SSLv2
(#169863)
- more fixes for constant time/memory access for DSA signature algorithm
- replaced add-luna patch with new one with right license (#158061)
openssl-0.9.6b-can-2005-2969.patch:
doc/ssl/SSL_CTX_set_options.pod | 2 +-
ssl/s23_srvr.c | 7 +------
ssl/ssl.h | 2 +-
3 files changed, 3 insertions(+), 8 deletions(-)
--- NEW FILE openssl-0.9.6b-can-2005-2969.patch ---
Remove the functionality of SSL_OP_MSIE_SSLV2_RSA_PADDING
(part of SSL_OP_ALL). This option used to disable the
countermeasure against man-in-the-middle protocol-version
rollback in the SSL 2.0 server implementation, which is a bad
idea.
Index: doc/ssl/SSL_CTX_set_options.pod
===================================================================
RCS file: /e/openssl/cvs/openssl/doc/ssl/SSL_CTX_set_options.pod,v
retrieving revision 1.9.2.4
diff -u -r1.9.2.4 SSL_CTX_set_options.pod
--- doc/ssl/SSL_CTX_set_options.pod 22 Mar 2005 17:54:13 -0000 1.9.2.4
+++ doc/ssl/SSL_CTX_set_options.pod 23 Sep 2005 03:38:43 -0000
@@ -86,7 +86,7 @@
=item SSL_OP_MSIE_SSLV2_RSA_PADDING
-...
+This option has no effect now.
=item SSL_OP_SSLEAY_080_CLIENT_DH_BUG
Index: ssl/s23_srvr.c
===================================================================
RCS file: /e/openssl/cvs/openssl/ssl/s23_srvr.c,v
retrieving revision 1.41.2.6
diff -u -r1.41.2.6 s23_srvr.c
--- ssl/s23_srvr.c 31 Jan 2005 01:33:35 -0000 1.41.2.6
+++ ssl/s23_srvr.c 23 Sep 2005 03:38:44 -0000
@@ -268,9 +268,6 @@
int n=0,j;
int type=0;
int v[2];
-#ifndef NO_RSA
- int use_sslv2_strong=0;
-#endif
if (s->state == SSL23_ST_SR_CLNT_HELLO_A)
{
@@ -528,9 +525,7 @@
}
s->state=SSL2_ST_GET_CLIENT_HELLO_A;
- if ((s->options & SSL_OP_MSIE_SSLV2_RSA_PADDING) ||
- use_sslv2_strong ||
- (s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3))
+ if (s->options & SSL_OP_NO_TLSv1 && s->options & SSL_OP_NO_SSLv3)
s->s2->ssl2_rollback=0;
else
/* reject SSL 2.0 session if client supports SSL 3.0 or TLS 1.0
Index: ssl/ssl.h
===================================================================
RCS file: /e/openssl/cvs/openssl/ssl/ssl.h,v
retrieving revision 1.126.2.23
diff -u -r1.126.2.23 ssl.h
--- ssl/ssl.h 10 Jun 2005 20:00:39 -0000 1.126.2.23
+++ ssl/ssl.h 23 Sep 2005 03:38:47 -0000
@@ -467,7 +467,7 @@
#define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0x00000008L
#define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG 0x00000010L
#define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER 0x00000020L
-#define SSL_OP_MSIE_SSLV2_RSA_PADDING 0x00000040L
+#define SSL_OP_MSIE_SSLV2_RSA_PADDING 0x00000040L /* no effect due to CAN-2005-2969 */
#define SSL_OP_SSLEAY_080_CLIENT_DH_BUG 0x00000080L
#define SSL_OP_TLS_D5_BUG 0x00000100L
#define SSL_OP_TLS_BLOCK_PADDING_BUG 0x00000200L
openssl-engine-0.9.6b-dsa-consttime.patch:
dsa_ossl.c | 22 +++++++++++++++++++---
1 files changed, 19 insertions(+), 3 deletions(-)
--- NEW FILE openssl-engine-0.9.6b-dsa-consttime.patch ---
--- openssl-engine-0.9.6b/crypto/dsa/dsa_ossl.c.dsa-consttime 2001-07-09 16:19:01.000000000 +0200
+++ openssl-engine-0.9.6b/crypto/dsa/dsa_ossl.c 2005-10-05 16:51:22.000000000 +0200
@@ -170,7 +170,7 @@
static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
{
BN_CTX *ctx;
- BIGNUM k,*kinv=NULL,*r=NULL;
+ BIGNUM k,kq,*kinv=NULL,*r=NULL;
int ret=0;
if (!dsa->p || !dsa->q || !dsa->g)
@@ -186,8 +186,8 @@
ctx=ctx_in;
BN_init(&k);
+ BN_init(&kq);
if ((r=BN_new()) == NULL) goto err;
- kinv=NULL;
/* Get random k */
do
@@ -202,7 +202,22 @@
}
/* Compute r = (g^k mod p) mod q */
- if (!ENGINE_get_DSA(dsa->engine)->bn_mod_exp(dsa, r,dsa->g,&k,dsa->p,ctx,
+
+ if (!BN_copy(&kq, &k)) goto err;
+
+ /* We do not want timing information to leak the length of k,
+ * so we compute g^k using an equivalent exponent of fixed length.
+ *
+ * (This is a kludge that we need because the BN_mod_exp_mont()
+ * does not let us specify the desired timing behaviour.) */
+
+ if (!BN_add(&kq, &kq, dsa->q)) goto err;
+ if (BN_num_bits(&kq) <= BN_num_bits(dsa->q))
+ {
+ if (!BN_add(&kq, &kq, dsa->q)) goto err;
+ }
+
+ if (!ENGINE_get_DSA(dsa->engine)->bn_mod_exp(dsa, r,dsa->g,&kq,dsa->p,ctx,
(BN_MONT_CTX *)dsa->method_mont_p)) goto err;
if (!BN_mod(r,r,dsa->q,ctx)) goto err;
@@ -225,6 +240,7 @@
if (ctx_in == NULL) BN_CTX_free(ctx);
if (kinv != NULL) BN_clear_free(kinv);
BN_clear_free(&k);
+ BN_clear_free(&kq);
return(ret);
}
openssl-0.9.6c-add-luna.patch:
Makefile.ssl | 24 +
engine/hw_LunaXL.c | 4
hw_LunaXL.c | 353 ++++++++++++++++++++++++++++
openssl/crypto/engine/engine_int.h | 5
openssl/crypto/engine/engine_list.c | 0
openssl/crypto/engine/vendor_defns/LunaXL.h | 101 ++++++++
6 files changed, 485 insertions(+), 2 deletions(-)
Index: openssl-0.9.6c-add-luna.patch
===================================================================
RCS file: /cvs/dist/rpms/openssl096b/FC-3/openssl-0.9.6c-add-luna.patch,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- openssl-0.9.6c-add-luna.patch 9 Sep 2004 09:40:54 -0000 1.1
+++ openssl-0.9.6c-add-luna.patch 11 Oct 2005 19:26:41 -0000 1.2
@@ -1,4 +1,5 @@
Adds support for Chrysalis Luna hardware
+http://marc.theaimsgroup.com/?l=openssl-dev&m=99555172230105
--- openssl/crypto/engine.orig/Makefile.ssl Wed Mar 27 10:37:10 2002
+++ openssl/crypto/engine/Makefile.ssl Wed Mar 27 10:40:16 2002
@@ -73,22 +74,65 @@
return 1;
--- openssl/crypto/engine.orig/hw_LunaXL.c Thu Jan 1 01:00:00 1970
+++ openssl/crypto/engine/hw_LunaXL.c Wed Mar 27 10:40:09 2002
-@@ -0,0 +1,310 @@
-+/****************************************************************************\
+@@ -0,0 +1,353 @@
++/* Written by Stevan Milinkovic <SMilinkovic at chrysalis-its.com>,
++ * Rouslan Beletski <RBeletski at chrysalis-its.com>, and * Behan Webster
++ * <bwebster at chrysalis-its.com> for the OpenSSL project 2000.
++ */
++/* ====================================================================
++ * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
++ *
++ * Redistribution and use in source and binary forms, with or without
++ * modification, are permitted provided that the following conditions
++ * are met:
++ *
++ * 1. Redistributions of source code must retain the above copyright
++ * notice, this list of conditions and the following disclaimer.
++ *
++ * 2. Redistributions in binary form must reproduce the above copyright
++ * notice, this list of conditions and the following disclaimer in
++ * the documentation and/or other materials provided with the
++ * distribution.
++ *
++ * 3. All advertising materials mentioning features or use of this
++ * software must display the following acknowledgment:
++ * "This product includes software developed by the OpenSSL Project
++ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
++ *
++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
++ * endorse or promote products derived from this software without
++ * prior written permission. For written permission, please contact
++ * licens... at OpenSSL.org.
++ *
++ * 5. Products derived from this software may not be called "OpenSSL"
++ * nor may "OpenSSL" appear in their names without prior written
++ * permission of the OpenSSL Project.
++ *
++ * 6. Redistributions of any form whatsoever must retain the following
++ * acknowledgment:
++ * "This product includes software developed by the OpenSSL Project
++ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
++ *
++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
++ * OF THE POSSIBILITY OF SUCH DAMAGE.
++ * ====================================================================
++ *
++ * This product includes cryptographic software written by Eric Young
++ * (eay at cryptsoft.com). This product includes software written by Tim
++ * Hudson (tjh at cryptsoft.com).
++ *
++ */
+
-+ Chrysalis-ITS Luna XL engine
-+
-+ SMilinkovic
-+ 1.0.2 version created July 18, 2001
-+
-+ Copyright (C) 2001
-+ Chrysalis Information Technology Security, Inc.
-+
-+ All rights reserved. This file contains information that is
-+ proprietary to Chrysalis ITS Inc. and may not be distributed
-+ or copied without written consent from Chrysalis ITS Inc.
-+
-+\****************************************************************************/
+
+#include <stdio.h>
+#include <openssl/crypto.h>
@@ -321,7 +365,7 @@
+ }
+
+ if(LunaXL_dso == NULL) {
-+ fprintf(stderr, " Luna XL -> Chrystoki library not longer loaded.\n");
++ fprintf(stderr, " Luna XL -> Chrystoki library no longer loaded.\n");
+ return 0;
+ }
+
@@ -387,22 +431,64 @@
diff -ruN engine.orig/vendor_defns/LunaXL.h engine/vendor_defns/LunaXL.h
--- openssl/crypto/engine.orig/vendor_defns/LunaXL.h Thu Jan 1 01:00:00 1970
+++ openssl/crypto/engine/vendor_defns/LunaXL.h Wed Mar 27 10:38:00 2002
-@@ -0,0 +1,61 @@
-+/****************************************************************************\
-+
-+ Chrysalis-ITS Luna XL engineheader
-+
-+ SMilinkovic
-+ 1.0.2 version created July 18, 2001
-+
-+ Copyright (C) 2001
-+ Chrysalis Information Technology Security, Inc.
-+
-+ All rights reserved. This file contains information that is
-+ proprietary to Chrysalis ITS Inc. and may not be distributed
-+ or copied without written consent from Chrysalis ITS Inc.
-+
-+\****************************************************************************/
+@@ -0,0 +1,101 @@
++/* Written by Stevan Milinkovic <SMilinkovic at chrysalis-its.com>,
++ * Rouslan Beletski <RBeletski at chrysalis-its.com>, and * Behan Webster
++ * <bwebster at chrysalis-its.com> for the OpenSSL project 2000.
++ */
++/* ====================================================================
++ * Copyright (c) 1999 The OpenSSL Project. All rights reserved.
++ *
++ * Redistribution and use in source and binary forms, with or without
++ * modification, are permitted provided that the following conditions
++ * are met:
++ *
++ * 1. Redistributions of source code must retain the above copyright
++ * notice, this list of conditions and the following disclaimer.
++ *
++ * 2. Redistributions in binary form must reproduce the above copyright
++ * notice, this list of conditions and the following disclaimer in
++ * the documentation and/or other materials provided with the
++ * distribution.
++ *
++ * 3. All advertising materials mentioning features or use of this
++ * software must display the following acknowledgment:
++ * "This product includes software developed by the OpenSSL Project
++ * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
++ *
++ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
++ * endorse or promote products derived from this software without
++ * prior written permission. For written permission, please contact
++ * licens... at OpenSSL.org.
++ *
++ * 5. Products derived from this software may not be called "OpenSSL"
++ * nor may "OpenSSL" appear in their names without prior written
++ * permission of the OpenSSL Project.
++ *
++ * 6. Redistributions of any form whatsoever must retain the following
++ * acknowledgment:
++ * "This product includes software developed by the OpenSSL Project
++ * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
++ *
++ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
++ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
++ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
++ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
++ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
++ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
++ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
++ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
++ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
++ * OF THE POSSIBILITY OF SUCH DAMAGE.
++ * ====================================================================
++ *
++ * This product includes cryptographic software written by Eric Young
++ * (eay at cryptsoft.com). This product includes software written by Tim
++ * Hudson (tjh at cryptsoft.com).
++ *
++ */
+
+#define CK_PTR *
+#define NULL_PTR 0
@@ -447,5 +533,4 @@
+CP_GetNumberOfSSLSlots CA_GetNumberOfSSLSlots;
+CP_SinglePartDecrypt CA_SinglePartDecrypt,CA_SinglePartSign;
+
-+
-+
+
Index: openssl.spec
===================================================================
RCS file: /cvs/dist/rpms/openssl096b/FC-3/openssl.spec,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- openssl.spec 20 May 2005 15:26:09 -0000 1.7
+++ openssl.spec 11 Oct 2005 19:26:41 -0000 1.8
@@ -4,7 +4,7 @@
Summary: The OpenSSL toolkit.
Name: openssl096b
Version: 0.9.6b
-Release: 21.1
+Release: 21.2
Source: openssl-engine-%{version}-usa.tar.bz2
Source1: hobble-openssl
Source2: Makefile.certificate
@@ -50,6 +50,8 @@
Patch31: openssl-0.9.6c-ccert.patch
Patch32: openssl-0.9.6c-spinfix.patch
Patch33: openssl-0.9.6b-can-2005-0109.patch
+Patch34: openssl-engine-0.9.6b-dsa-consttime.patch
+Patch35: openssl-0.9.6b-can-2005-2969.patch
License: BSDish
Group: System Environment/Libraries
URL: http://www.openssl.org/
@@ -131,6 +133,8 @@
%patch31 -p1 -b .ccert
%patch32 -p1 -b .spinfix
%patch33 -p1 -b .modexp-consttime
+%patch34 -p1 -b .dsa-consttime
+%patch35 -p0 -b .ssl2-rollback
chmod 644 FAQ LICENSE CHANGES NEWS INSTALL README
chmod 644 doc/README doc/c-indentation.el doc/openssl.txt
@@ -302,6 +306,13 @@
%postun -p /sbin/ldconfig
%changelog
+* Thu Oct 6 2005 Tomas Mraz <tmraz at redhat.com> 0.9.6b-21.2
+- fix CAN-2005-2969 - remove SSL_OP_MSIE_SSLV2_RSA_PADDING which
+ disables the countermeasure against man in the middle attack in SSLv2
+ (#169863)
+- more fixes for constant time/memory access for DSA signature algorithm
+- replaced add-luna patch with new one with right license (#158061)
+
* Fri May 20 2005 Tomas Mraz <tmraz at redhat.com> 0.9.6b-21.1
- fix CAN-2005-0109 - use constant time/memory access mod_exp
so bits of private key aren't leaked by cache eviction (#157631)
More information about the fedora-cvs-commits
mailing list