ExternalVendorCode/openwrt
1
0
Fork 0
mirror of https://github.com/openwrt/openwrt.git synced 2024-12-26 17:01:14 +00:00
Code Issues Actions 4 Packages Projects Releases Wiki Activity
403039c562
openwrt/package/libs/wolfssl/patches/110-fix-build-on-big-endian.patch
Hauke Mehrtens 403039c562 wolfssl: Update to version 4.5.0 
This fixes the following security problems:
* In earlier versions of wolfSSL there exists a potential man in the
  middle attack on TLS 1.3 clients.
* Denial of service attack on TLS 1.3 servers from repetitively sending
  ChangeCipherSpecs messages. (CVE-2020-12457)
* Potential cache timing attacks on public key operations in builds that
  are not using SP (single precision). (CVE-2020-15309)
* When using SGX with EC scalar multiplication the possibility of side-
  channel attacks are present.
* Leak of private key in the case that PEM format private keys are
  bundled in with PEM certificates into a single file.
* During the handshake, clear application_data messages in epoch 0 are
  processed and returned to the application.

Full changelog:
https://www.wolfssl.com/docs/wolfssl-changelog/

Fix a build error on big endian systems by backporting a pull request:
https://github.com/wolfSSL/wolfssl/pull/3255

The size of the ipk increases on mips BE by 1.4%
old:
libwolfssl24_4.4.0-stable-2_mips_24kc.ipk:	386246
new:
libwolfssl24_4.5.0-stable-1_mips_24kc.ipk:	391528

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 00722a720c)
2020-09-02 15:46:42 +02:00

28 lines
900 B
Diff
Raw Blame History

From b90acc91d0cd276befe7f08f87ba2dc5ee7122ff Mon Sep 17 00:00:00 2001
From: Tesfa Mael <tesfa@wolfssl.com>
Date: Wed, 26 Aug 2020 10:13:06 -0700
Subject: [PATCH] Make ByteReverseWords available for big and little endian
---
wolfcrypt/src/misc.c | 2 --
1 file changed, 2 deletions(-)
--- a/wolfcrypt/src/misc.c
+++ b/wolfcrypt/src/misc.c
@@ -120,7 +120,6 @@ WC_STATIC WC_INLINE word32 ByteReverseWo
return rotlFixed(value, 16U);
#endif
}
-#if defined(LITTLE_ENDIAN_ORDER)
/* This routine performs a byte swap of words array of a given count. */
WC_STATIC WC_INLINE void ByteReverseWords(word32* out, const word32* in,
word32 byteCount)
@@ -131,7 +130,6 @@ WC_STATIC WC_INLINE void ByteReverseWord
out[i] = ByteReverseWord32(in[i]);
}
-#endif /* LITTLE_ENDIAN_ORDER */
#if defined(WORD64_AVAILABLE) && !defined(WOLFSSL_NO_WORD64_OPS)
Reference in New Issue View Git Blame Copy Permalink