aboutsummaryrefslogtreecommitdiffstats
path: root/package/libs/wolfssl/patches/200-ecc-rng.patch
diff options
context:
space:
mode:
authorNick Hainke <vincent@systemli.org>2022-11-16 08:48:02 +0100
committerHauke Mehrtens <hauke@hauke-m.de>2022-11-27 12:58:33 +0100
commit745f1ca9767716c43864a2b7a43ed60b16c25560 (patch)
treef4bf9ae959c302159a744107839958654aa679d1 /package/libs/wolfssl/patches/200-ecc-rng.patch
parent68714f213576bef54702ec7ae9533b2b4eaed6d6 (diff)
downloadupstream-745f1ca9767716c43864a2b7a43ed60b16c25560.tar.gz
upstream-745f1ca9767716c43864a2b7a43ed60b16c25560.tar.bz2
upstream-745f1ca9767716c43864a2b7a43ed60b16c25560.zip
wolfssl: update to v5.5.3
Remove "200-ecc-rng.patch" because it was upstramed by: https://github.com/wolfSSL/wolfssl/commit/e2566bab2122949a6a0bb2276d0a52598794d7d0 Refreshed "100-disable-hardening-check.patch". Fixes CVE 2022-42905. Release Notes: - https://github.com/wolfSSL/wolfssl/releases/tag/v5.5.2-stable - https://github.com/wolfSSL/wolfssl/releases/tag/v5.5.3-stable Signed-off-by: Nick Hainke <vincent@systemli.org>
Diffstat (limited to 'package/libs/wolfssl/patches/200-ecc-rng.patch')
-rw-r--r--package/libs/wolfssl/patches/200-ecc-rng.patch50
1 files changed, 0 insertions, 50 deletions
diff --git a/package/libs/wolfssl/patches/200-ecc-rng.patch b/package/libs/wolfssl/patches/200-ecc-rng.patch
deleted file mode 100644
index bef2e60872..0000000000
--- a/package/libs/wolfssl/patches/200-ecc-rng.patch
+++ /dev/null
@@ -1,50 +0,0 @@
-Since commit 6467de5a8840 ("Randomize z ordinates in scalar
-mult when timing resistant") wolfssl requires a RNG for an EC
-key when the hardened built option is selected.
-
-wc_ecc_set_rng is only available when built hardened, so there
-is no safe way to install the RNG to the key regardless whether
-or not wolfssl is compiled hardened.
-
-Always export wc_ecc_set_rng so tools such as hostapd can install
-RNG regardless of the built settings for wolfssl.
-
---- a/wolfcrypt/src/ecc.c
-+++ b/wolfcrypt/src/ecc.c
-@@ -12505,21 +12505,21 @@ void wc_ecc_fp_free(void)
-
- #endif /* FP_ECC */
-
--#ifdef ECC_TIMING_RESISTANT
- int wc_ecc_set_rng(ecc_key* key, WC_RNG* rng)
- {
- int err = 0;
-
-+#ifdef ECC_TIMING_RESISTANT
- if (key == NULL) {
- err = BAD_FUNC_ARG;
- }
- else {
- key->rng = rng;
- }
-+#endif
-
- return err;
- }
--#endif
-
- #ifdef HAVE_ECC_ENCRYPT
-
---- a/wolfssl/wolfcrypt/ecc.h
-+++ b/wolfssl/wolfcrypt/ecc.h
-@@ -656,10 +656,8 @@ WOLFSSL_ABI WOLFSSL_API
- void wc_ecc_fp_free(void);
- WOLFSSL_LOCAL
- void wc_ecc_fp_init(void);
--#ifdef ECC_TIMING_RESISTANT
- WOLFSSL_API
- int wc_ecc_set_rng(ecc_key* key, WC_RNG* rng);
--#endif
-
- WOLFSSL_API
- int wc_ecc_set_curve(ecc_key* key, int keysize, int curve_id);