mirror of
https://github.com/openwrt/openwrt.git
synced 2025-01-20 19:48:54 +00:00
00722a720c
This fixes the following security problems: * In earlier versions of wolfSSL there exists a potential man in the middle attack on TLS 1.3 clients. * Denial of service attack on TLS 1.3 servers from repetitively sending ChangeCipherSpecs messages. (CVE-2020-12457) * Potential cache timing attacks on public key operations in builds that are not using SP (single precision). (CVE-2020-15309) * When using SGX with EC scalar multiplication the possibility of side- channel attacks are present. * Leak of private key in the case that PEM format private keys are bundled in with PEM certificates into a single file. * During the handshake, clear application_data messages in epoch 0 are processed and returned to the application. Full changelog: https://www.wolfssl.com/docs/wolfssl-changelog/ Fix a build error on big endian systems by backporting a pull request: https://github.com/wolfSSL/wolfssl/pull/3255 The size of the ipk increases on mips BE by 1.4% old: libwolfssl24_4.4.0-stable-2_mips_24kc.ipk: 386246 new: libwolfssl24_4.5.0-stable-1_mips_24kc.ipk: 391528 Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
28 lines
900 B
Diff
28 lines
900 B
Diff
From b90acc91d0cd276befe7f08f87ba2dc5ee7122ff Mon Sep 17 00:00:00 2001
|
|
From: Tesfa Mael <tesfa@wolfssl.com>
|
|
Date: Wed, 26 Aug 2020 10:13:06 -0700
|
|
Subject: [PATCH] Make ByteReverseWords available for big and little endian
|
|
|
|
---
|
|
wolfcrypt/src/misc.c | 2 --
|
|
1 file changed, 2 deletions(-)
|
|
|
|
--- a/wolfcrypt/src/misc.c
|
|
+++ b/wolfcrypt/src/misc.c
|
|
@@ -120,7 +120,6 @@ WC_STATIC WC_INLINE word32 ByteReverseWo
|
|
return rotlFixed(value, 16U);
|
|
#endif
|
|
}
|
|
-#if defined(LITTLE_ENDIAN_ORDER)
|
|
/* This routine performs a byte swap of words array of a given count. */
|
|
WC_STATIC WC_INLINE void ByteReverseWords(word32* out, const word32* in,
|
|
word32 byteCount)
|
|
@@ -131,7 +130,6 @@ WC_STATIC WC_INLINE void ByteReverseWord
|
|
out[i] = ByteReverseWord32(in[i]);
|
|
|
|
}
|
|
-#endif /* LITTLE_ENDIAN_ORDER */
|
|
|
|
#if defined(WORD64_AVAILABLE) && !defined(WOLFSSL_NO_WORD64_OPS)
|
|
|