Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 11 Jan 2017 11:53:40 +0000 (UTC)
From:      Bernard Spil <brnrd@FreeBSD.org>
To:        ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org
Subject:   svn commit: r431176 - in head/security/libressl-devel: . files
Message-ID:  <201701111153.v0BBremT046671@repo.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: brnrd
Date: Wed Jan 11 11:53:40 2017
New Revision: 431176
URL: https://svnweb.freebsd.org/changeset/ports/431176

Log:
  security/libressl-devel: Fix ECDSA P-256 timing attack vuln
  
    - Add patch from LibreSSL github
  
  MFH:		2017Q1
  Security:	7caebe30-d7f1-11e6-a9a5-b499baebfeaf
  Security:	CVE-2016-7056

Added:
  head/security/libressl-devel/files/
  head/security/libressl-devel/files/patch-CVE-2016-7056   (contents, props changed)
Modified:
  head/security/libressl-devel/Makefile

Modified: head/security/libressl-devel/Makefile
==============================================================================
--- head/security/libressl-devel/Makefile	Wed Jan 11 11:50:02 2017	(r431175)
+++ head/security/libressl-devel/Makefile	Wed Jan 11 11:53:40 2017	(r431176)
@@ -3,6 +3,7 @@
 
 PORTNAME=	libressl
 PORTVERSION=	2.5.0
+PORTREVISION=	1
 CATEGORIES=	security devel
 MASTER_SITES=	OPENBSD/LibreSSL
 PKGNAMESUFFIX=	-devel

Added: head/security/libressl-devel/files/patch-CVE-2016-7056
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/security/libressl-devel/files/patch-CVE-2016-7056	Wed Jan 11 11:53:40 2017	(r431176)
@@ -0,0 +1,33 @@
+From 3585681bd8ac343b7c357a932c9577988bca86b0 Mon Sep 17 00:00:00 2001
+From: jsing <>
+Date: Thu, 5 Jan 2017 13:25:52 +0000
+Subject: [PATCH] Avoid a side-channel cache-timing attack that can leak the
+ ECDSA private keys when signing. This is due to BN_mod_inverse() being used
+ without the constant time flag being set.
+
+This issue was reported by Cesar Pereida Garcia and Billy Brumley
+(Tampere University of Technology). The fix was developed by Cesar Pereida
+Garcia.
+---
+ src/lib/libcrypto/ecdsa/ecs_ossl.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/src/lib/libcrypto/ecdsa/ecs_ossl.c b/src/lib/libcrypto/ecdsa/ecs_ossl.c
+index b03b1fb..9e23b88 100644
+--- crypto/ecdsa/ecs_ossl.c
++++ crypto/ecdsa/ecs_ossl.c
+@@ -1,4 +1,4 @@
+-/* $OpenBSD: ecs_ossl.c,v 1.5 2014/07/12 16:03:37 miod Exp $ */
++/* $OpenBSD: ecs_ossl.c,v 1.6 2015/02/08 13:35:07 jsing Exp $ */
+ /*
+  * Written by Nils Larsch for the OpenSSL project
+  */
+@@ -142,6 +142,8 @@ ecdsa_sign_setup(EC_KEY *eckey, BN_CTX *ctx_in, BIGNUM **kinvp, BIGNUM **rp)
+ 			if (!BN_add(k, k, order))
+ 				goto err;
+ 
++		BN_set_flags(k, BN_FLG_CONSTTIME);
++
+ 		/* compute r the x-coordinate of generator * k */
+ 		if (!EC_POINT_mul(group, tmp_point, k, NULL, NULL, ctx)) {
+ 			ECDSAerr(ECDSA_F_ECDSA_SIGN_SETUP, ERR_R_EC_LIB);



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201701111153.v0BBremT046671>