Backport of patches
Co-authored-by: Maxwell G <gotmax@e.email> Skip tests for arm Adds 0004-fix-CVE-2022-24675.patch Resolves: rhbz#2080125 Adds 0005-fix-CVE-2022-28327.patch Resolves: rhbz#2079826
This commit is contained in:
parent
66940a6895
commit
ce2a039e09
|
@ -0,0 +1,291 @@
|
|||
From 2116d60993e90d3f9b963c979f4bf1d116af03ff Mon Sep 17 00:00:00 2001
|
||||
From: Julie Qiu <julie@golang.org>
|
||||
Date: Tue, 01 Mar 2022 10:19:38 -0600
|
||||
Subject: [PATCH] [release-branch.go1.17] encoding/pem: fix stack overflow in Decode
|
||||
|
||||
Previously, Decode called decodeError, a recursive function that was
|
||||
prone to stack overflows when given a large PEM file containing errors.
|
||||
|
||||
Credit to Juho Nurminen of Mattermost who reported the error.
|
||||
|
||||
Fixes CVE-2022-24675
|
||||
Updates #51853
|
||||
Fixes #52036
|
||||
|
||||
Change-Id: Iffe768be53c8ddc0036fea0671d290f8f797692c
|
||||
Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1391157
|
||||
Reviewed-by: Damien Neil <dneil@google.com>
|
||||
Reviewed-by: Filippo Valsorda <valsorda@google.com>
|
||||
(cherry picked from commit 794ea5e828010e8b68493b2fc6d2963263195a02)
|
||||
Reviewed-on: https://go-review.googlesource.com/c/go/+/399816
|
||||
Run-TryBot: Dmitri Shuralyov <dmitshur@golang.org>
|
||||
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
|
||||
Reviewed-by: Cherry Mui <cherryyz@google.com>
|
||||
TryBot-Result: Gopher Robot <gobot@golang.org>
|
||||
---
|
||||
|
||||
diff --git a/src/encoding/pem/pem.go b/src/encoding/pem/pem.go
|
||||
index a7272da..1bee1c1 100644
|
||||
--- a/src/encoding/pem/pem.go
|
||||
+++ b/src/encoding/pem/pem.go
|
||||
@@ -87,123 +87,97 @@
|
||||
// pemStart begins with a newline. However, at the very beginning of
|
||||
// the byte array, we'll accept the start string without it.
|
||||
rest = data
|
||||
- if bytes.HasPrefix(data, pemStart[1:]) {
|
||||
- rest = rest[len(pemStart)-1 : len(data)]
|
||||
- } else if i := bytes.Index(data, pemStart); i >= 0 {
|
||||
- rest = rest[i+len(pemStart) : len(data)]
|
||||
- } else {
|
||||
- return nil, data
|
||||
- }
|
||||
-
|
||||
- typeLine, rest := getLine(rest)
|
||||
- if !bytes.HasSuffix(typeLine, pemEndOfLine) {
|
||||
- return decodeError(data, rest)
|
||||
- }
|
||||
- typeLine = typeLine[0 : len(typeLine)-len(pemEndOfLine)]
|
||||
-
|
||||
- p = &Block{
|
||||
- Headers: make(map[string]string),
|
||||
- Type: string(typeLine),
|
||||
- }
|
||||
-
|
||||
for {
|
||||
- // This loop terminates because getLine's second result is
|
||||
- // always smaller than its argument.
|
||||
- if len(rest) == 0 {
|
||||
+ if bytes.HasPrefix(rest, pemStart[1:]) {
|
||||
+ rest = rest[len(pemStart)-1:]
|
||||
+ } else if i := bytes.Index(rest, pemStart); i >= 0 {
|
||||
+ rest = rest[i+len(pemStart) : len(rest)]
|
||||
+ } else {
|
||||
return nil, data
|
||||
}
|
||||
- line, next := getLine(rest)
|
||||
|
||||
- i := bytes.IndexByte(line, ':')
|
||||
- if i == -1 {
|
||||
- break
|
||||
+ var typeLine []byte
|
||||
+ typeLine, rest = getLine(rest)
|
||||
+ if !bytes.HasSuffix(typeLine, pemEndOfLine) {
|
||||
+ continue
|
||||
+ }
|
||||
+ typeLine = typeLine[0 : len(typeLine)-len(pemEndOfLine)]
|
||||
+
|
||||
+ p = &Block{
|
||||
+ Headers: make(map[string]string),
|
||||
+ Type: string(typeLine),
|
||||
}
|
||||
|
||||
- // TODO(agl): need to cope with values that spread across lines.
|
||||
- key, val := line[:i], line[i+1:]
|
||||
- key = bytes.TrimSpace(key)
|
||||
- val = bytes.TrimSpace(val)
|
||||
- p.Headers[string(key)] = string(val)
|
||||
- rest = next
|
||||
+ for {
|
||||
+ // This loop terminates because getLine's second result is
|
||||
+ // always smaller than its argument.
|
||||
+ if len(rest) == 0 {
|
||||
+ return nil, data
|
||||
+ }
|
||||
+ line, next := getLine(rest)
|
||||
+
|
||||
+ i := bytes.IndexByte(line, ':')
|
||||
+ if i == -1 {
|
||||
+ break
|
||||
+ }
|
||||
+
|
||||
+ // TODO(agl): need to cope with values that spread across lines.
|
||||
+ key, val := line[:i], line[i+1:]
|
||||
+ key = bytes.TrimSpace(key)
|
||||
+ val = bytes.TrimSpace(val)
|
||||
+ p.Headers[string(key)] = string(val)
|
||||
+ rest = next
|
||||
+ }
|
||||
+
|
||||
+ var endIndex, endTrailerIndex int
|
||||
+
|
||||
+ // If there were no headers, the END line might occur
|
||||
+ // immediately, without a leading newline.
|
||||
+ if len(p.Headers) == 0 && bytes.HasPrefix(rest, pemEnd[1:]) {
|
||||
+ endIndex = 0
|
||||
+ endTrailerIndex = len(pemEnd) - 1
|
||||
+ } else {
|
||||
+ endIndex = bytes.Index(rest, pemEnd)
|
||||
+ endTrailerIndex = endIndex + len(pemEnd)
|
||||
+ }
|
||||
+
|
||||
+ if endIndex < 0 {
|
||||
+ continue
|
||||
+ }
|
||||
+
|
||||
+ // After the "-----" of the ending line, there should be the same type
|
||||
+ // and then a final five dashes.
|
||||
+ endTrailer := rest[endTrailerIndex:]
|
||||
+ endTrailerLen := len(typeLine) + len(pemEndOfLine)
|
||||
+ if len(endTrailer) < endTrailerLen {
|
||||
+ continue
|
||||
+ }
|
||||
+
|
||||
+ restOfEndLine := endTrailer[endTrailerLen:]
|
||||
+ endTrailer = endTrailer[:endTrailerLen]
|
||||
+ if !bytes.HasPrefix(endTrailer, typeLine) ||
|
||||
+ !bytes.HasSuffix(endTrailer, pemEndOfLine) {
|
||||
+ continue
|
||||
+ }
|
||||
+
|
||||
+ // The line must end with only whitespace.
|
||||
+ if s, _ := getLine(restOfEndLine); len(s) != 0 {
|
||||
+ continue
|
||||
+ }
|
||||
+
|
||||
+ base64Data := removeSpacesAndTabs(rest[:endIndex])
|
||||
+ p.Bytes = make([]byte, base64.StdEncoding.DecodedLen(len(base64Data)))
|
||||
+ n, err := base64.StdEncoding.Decode(p.Bytes, base64Data)
|
||||
+ if err != nil {
|
||||
+ continue
|
||||
+ }
|
||||
+ p.Bytes = p.Bytes[:n]
|
||||
+
|
||||
+ // the -1 is because we might have only matched pemEnd without the
|
||||
+ // leading newline if the PEM block was empty.
|
||||
+ _, rest = getLine(rest[endIndex+len(pemEnd)-1:])
|
||||
+ return p, rest
|
||||
}
|
||||
-
|
||||
- var endIndex, endTrailerIndex int
|
||||
-
|
||||
- // If there were no headers, the END line might occur
|
||||
- // immediately, without a leading newline.
|
||||
- if len(p.Headers) == 0 && bytes.HasPrefix(rest, pemEnd[1:]) {
|
||||
- endIndex = 0
|
||||
- endTrailerIndex = len(pemEnd) - 1
|
||||
- } else {
|
||||
- endIndex = bytes.Index(rest, pemEnd)
|
||||
- endTrailerIndex = endIndex + len(pemEnd)
|
||||
- }
|
||||
-
|
||||
- if endIndex < 0 {
|
||||
- return decodeError(data, rest)
|
||||
- }
|
||||
-
|
||||
- // After the "-----" of the ending line, there should be the same type
|
||||
- // and then a final five dashes.
|
||||
- endTrailer := rest[endTrailerIndex:]
|
||||
- endTrailerLen := len(typeLine) + len(pemEndOfLine)
|
||||
- if len(endTrailer) < endTrailerLen {
|
||||
- return decodeError(data, rest)
|
||||
- }
|
||||
-
|
||||
- restOfEndLine := endTrailer[endTrailerLen:]
|
||||
- endTrailer = endTrailer[:endTrailerLen]
|
||||
- if !bytes.HasPrefix(endTrailer, typeLine) ||
|
||||
- !bytes.HasSuffix(endTrailer, pemEndOfLine) {
|
||||
- return decodeError(data, rest)
|
||||
- }
|
||||
-
|
||||
- // The line must end with only whitespace.
|
||||
- if s, _ := getLine(restOfEndLine); len(s) != 0 {
|
||||
- return decodeError(data, rest)
|
||||
- }
|
||||
-
|
||||
- base64Data := removeSpacesAndTabs(rest[:endIndex])
|
||||
- p.Bytes = make([]byte, base64.StdEncoding.DecodedLen(len(base64Data)))
|
||||
- n, err := base64.StdEncoding.Decode(p.Bytes, base64Data)
|
||||
- if err != nil {
|
||||
- return decodeError(data, rest)
|
||||
- }
|
||||
- p.Bytes = p.Bytes[:n]
|
||||
-
|
||||
- // the -1 is because we might have only matched pemEnd without the
|
||||
- // leading newline if the PEM block was empty.
|
||||
- _, rest = getLine(rest[endIndex+len(pemEnd)-1:])
|
||||
-
|
||||
- return
|
||||
-}
|
||||
-
|
||||
-func decodeError(data, rest []byte) (*Block, []byte) {
|
||||
- // If we get here then we have rejected a likely looking, but
|
||||
- // ultimately invalid PEM block. We need to start over from a new
|
||||
- // position. We have consumed the preamble line and will have consumed
|
||||
- // any lines which could be header lines. However, a valid preamble
|
||||
- // line is not a valid header line, therefore we cannot have consumed
|
||||
- // the preamble line for the any subsequent block. Thus, we will always
|
||||
- // find any valid block, no matter what bytes precede it.
|
||||
- //
|
||||
- // For example, if the input is
|
||||
- //
|
||||
- // -----BEGIN MALFORMED BLOCK-----
|
||||
- // junk that may look like header lines
|
||||
- // or data lines, but no END line
|
||||
- //
|
||||
- // -----BEGIN ACTUAL BLOCK-----
|
||||
- // realdata
|
||||
- // -----END ACTUAL BLOCK-----
|
||||
- //
|
||||
- // we've failed to parse using the first BEGIN line
|
||||
- // and now will try again, using the second BEGIN line.
|
||||
- p, rest := Decode(rest)
|
||||
- if p == nil {
|
||||
- rest = data
|
||||
- }
|
||||
- return p, rest
|
||||
}
|
||||
|
||||
const pemLineLength = 64
|
||||
diff --git a/src/encoding/pem/pem_test.go b/src/encoding/pem/pem_test.go
|
||||
index b2b6b15..c94b5ca 100644
|
||||
--- a/src/encoding/pem/pem_test.go
|
||||
+++ b/src/encoding/pem/pem_test.go
|
||||
@@ -107,6 +107,12 @@
|
||||
dGVzdA==
|
||||
-----ENDBAR-----`
|
||||
|
||||
+const pemMissingEndLine = `
|
||||
+-----BEGIN FOO-----
|
||||
+Header: 1`
|
||||
+
|
||||
+var pemRepeatingBegin = strings.Repeat("-----BEGIN \n", 10)
|
||||
+
|
||||
var badPEMTests = []struct {
|
||||
name string
|
||||
input string
|
||||
@@ -131,14 +137,34 @@
|
||||
"missing ending space",
|
||||
pemMissingEndingSpace,
|
||||
},
|
||||
+ {
|
||||
+ "repeating begin",
|
||||
+ pemRepeatingBegin,
|
||||
+ },
|
||||
+ {
|
||||
+ "missing end line",
|
||||
+ pemMissingEndLine,
|
||||
+ },
|
||||
}
|
||||
|
||||
func TestBadDecode(t *testing.T) {
|
||||
for _, test := range badPEMTests {
|
||||
- result, _ := Decode([]byte(test.input))
|
||||
+ result, rest := Decode([]byte(test.input))
|
||||
if result != nil {
|
||||
t.Errorf("unexpected success while parsing %q", test.name)
|
||||
}
|
||||
+ if string(rest) != test.input {
|
||||
+ t.Errorf("unexpected rest: %q; want = %q", rest, test.input)
|
||||
+ }
|
||||
+ }
|
||||
+}
|
||||
+
|
||||
+func TestCVE202224675(t *testing.T) {
|
||||
+ // Prior to CVE-2022-24675, this input would cause a stack overflow.
|
||||
+ input := []byte(strings.Repeat("-----BEGIN \n", 10000000))
|
||||
+ result, rest := Decode(input)
|
||||
+ if result != nil || !reflect.DeepEqual(rest, input) {
|
||||
+ t.Errorf("Encode of %#v decoded as %#v", input, rest)
|
||||
}
|
||||
}
|
||||
|
|
@ -0,0 +1,320 @@
|
|||
From 28ffc15c56ac0edccb5b0147ff942127720ca083 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Alejandro=20S=C3=A1ez?= <asm@redhat.com>
|
||||
Date: Wed, 8 Jun 2022 19:27:19 +0200
|
||||
Subject: [PATCH] Backport CVE-2022-28327 fix from go1.17
|
||||
|
||||
---
|
||||
src/crypto/elliptic/elliptic_test.go | 92 ---------------
|
||||
src/crypto/elliptic/p256.go | 2 +-
|
||||
src/crypto/elliptic/p256_test.go | 169 +++++++++++++++++++++++++++
|
||||
3 files changed, 170 insertions(+), 93 deletions(-)
|
||||
create mode 100644 src/crypto/elliptic/p256_test.go
|
||||
|
||||
diff --git a/src/crypto/elliptic/elliptic_test.go b/src/crypto/elliptic/elliptic_test.go
|
||||
index bb16b0d163..516a321273 100644
|
||||
--- a/src/crypto/elliptic/elliptic_test.go
|
||||
+++ b/src/crypto/elliptic/elliptic_test.go
|
||||
@@ -301,29 +301,6 @@ var p224BaseMultTests = []baseMultTest{
|
||||
},
|
||||
}
|
||||
|
||||
-type scalarMultTest struct {
|
||||
- k string
|
||||
- xIn, yIn string
|
||||
- xOut, yOut string
|
||||
-}
|
||||
-
|
||||
-var p256MultTests = []scalarMultTest{
|
||||
- {
|
||||
- "2a265f8bcbdcaf94d58519141e578124cb40d64a501fba9c11847b28965bc737",
|
||||
- "023819813ac969847059028ea88a1f30dfbcde03fc791d3a252c6b41211882ea",
|
||||
- "f93e4ae433cc12cf2a43fc0ef26400c0e125508224cdb649380f25479148a4ad",
|
||||
- "4d4de80f1534850d261075997e3049321a0864082d24a917863366c0724f5ae3",
|
||||
- "a22d2b7f7818a3563e0f7a76c9bf0921ac55e06e2e4d11795b233824b1db8cc0",
|
||||
- },
|
||||
- {
|
||||
- "313f72ff9fe811bf573176231b286a3bdb6f1b14e05c40146590727a71c3bccd",
|
||||
- "cc11887b2d66cbae8f4d306627192522932146b42f01d3c6f92bd5c8ba739b06",
|
||||
- "a2f08a029cd06b46183085bae9248b0ed15b70280c7ef13a457f5af382426031",
|
||||
- "831c3f6b5f762d2f461901577af41354ac5f228c2591f84f8a6e51e2e3f17991",
|
||||
- "93f90934cd0ef2c698cc471c60a93524e87ab31ca2412252337f364513e43684",
|
||||
- },
|
||||
-}
|
||||
-
|
||||
func TestBaseMult(t *testing.T) {
|
||||
p224 := P224()
|
||||
for i, e := range p224BaseMultTests {
|
||||
@@ -359,65 +336,6 @@ func TestGenericBaseMult(t *testing.T) {
|
||||
}
|
||||
}
|
||||
|
||||
-func TestP256BaseMult(t *testing.T) {
|
||||
- p256 := P256()
|
||||
- p256Generic := p256.Params()
|
||||
-
|
||||
- scalars := make([]*big.Int, 0, len(p224BaseMultTests)+1)
|
||||
- for _, e := range p224BaseMultTests {
|
||||
- k, _ := new(big.Int).SetString(e.k, 10)
|
||||
- scalars = append(scalars, k)
|
||||
- }
|
||||
- k := new(big.Int).SetInt64(1)
|
||||
- k.Lsh(k, 500)
|
||||
- scalars = append(scalars, k)
|
||||
-
|
||||
- for i, k := range scalars {
|
||||
- x, y := p256.ScalarBaseMult(k.Bytes())
|
||||
- x2, y2 := p256Generic.ScalarBaseMult(k.Bytes())
|
||||
- if x.Cmp(x2) != 0 || y.Cmp(y2) != 0 {
|
||||
- t.Errorf("#%d: got (%x, %x), want (%x, %x)", i, x, y, x2, y2)
|
||||
- }
|
||||
-
|
||||
- if testing.Short() && i > 5 {
|
||||
- break
|
||||
- }
|
||||
- }
|
||||
-}
|
||||
-
|
||||
-func TestP256Mult(t *testing.T) {
|
||||
- p256 := P256()
|
||||
- p256Generic := p256.Params()
|
||||
-
|
||||
- for i, e := range p224BaseMultTests {
|
||||
- x, _ := new(big.Int).SetString(e.x, 16)
|
||||
- y, _ := new(big.Int).SetString(e.y, 16)
|
||||
- k, _ := new(big.Int).SetString(e.k, 10)
|
||||
-
|
||||
- xx, yy := p256.ScalarMult(x, y, k.Bytes())
|
||||
- xx2, yy2 := p256Generic.ScalarMult(x, y, k.Bytes())
|
||||
- if xx.Cmp(xx2) != 0 || yy.Cmp(yy2) != 0 {
|
||||
- t.Errorf("#%d: got (%x, %x), want (%x, %x)", i, xx, yy, xx2, yy2)
|
||||
- }
|
||||
- if testing.Short() && i > 5 {
|
||||
- break
|
||||
- }
|
||||
- }
|
||||
-
|
||||
- for i, e := range p256MultTests {
|
||||
- x, _ := new(big.Int).SetString(e.xIn, 16)
|
||||
- y, _ := new(big.Int).SetString(e.yIn, 16)
|
||||
- k, _ := new(big.Int).SetString(e.k, 16)
|
||||
- expectedX, _ := new(big.Int).SetString(e.xOut, 16)
|
||||
- expectedY, _ := new(big.Int).SetString(e.yOut, 16)
|
||||
-
|
||||
- xx, yy := p256.ScalarMult(x, y, k.Bytes())
|
||||
- if xx.Cmp(expectedX) != 0 || yy.Cmp(expectedY) != 0 {
|
||||
- t.Errorf("#%d: got (%x, %x), want (%x, %x)", i, xx, yy, expectedX, expectedY)
|
||||
- }
|
||||
- }
|
||||
-}
|
||||
-
|
||||
func testInfinity(t *testing.T, curve Curve) {
|
||||
_, x, y, _ := GenerateKey(curve, rand.Reader)
|
||||
x, y = curve.ScalarMult(x, y, curve.Params().N.Bytes())
|
||||
@@ -477,16 +395,6 @@ func TestInfinity(t *testing.T) {
|
||||
}
|
||||
}
|
||||
|
||||
-type synthCombinedMult struct {
|
||||
- Curve
|
||||
-}
|
||||
-
|
||||
-func (s synthCombinedMult) CombinedMult(bigX, bigY *big.Int, baseScalar, scalar []byte) (x, y *big.Int) {
|
||||
- x1, y1 := s.ScalarBaseMult(baseScalar)
|
||||
- x2, y2 := s.ScalarMult(bigX, bigY, scalar)
|
||||
- return s.Add(x1, y1, x2, y2)
|
||||
-}
|
||||
-
|
||||
func TestCombinedMult(t *testing.T) {
|
||||
type combinedMult interface {
|
||||
Curve
|
||||
diff --git a/src/crypto/elliptic/p256.go b/src/crypto/elliptic/p256.go
|
||||
index c23e414156..787e3e7444 100644
|
||||
--- a/src/crypto/elliptic/p256.go
|
||||
+++ b/src/crypto/elliptic/p256.go
|
||||
@@ -51,7 +51,7 @@ func p256GetScalar(out *[32]byte, in []byte) {
|
||||
n := new(big.Int).SetBytes(in)
|
||||
var scalarBytes []byte
|
||||
|
||||
- if n.Cmp(p256Params.N) >= 0 {
|
||||
+ if n.Cmp(p256Params.N) >= 0 || len(in) > len(out) {
|
||||
n.Mod(n, p256Params.N)
|
||||
scalarBytes = n.Bytes()
|
||||
} else {
|
||||
diff --git a/src/crypto/elliptic/p256_test.go b/src/crypto/elliptic/p256_test.go
|
||||
new file mode 100644
|
||||
index 0000000000..694186df81
|
||||
--- /dev/null
|
||||
+++ b/src/crypto/elliptic/p256_test.go
|
||||
@@ -0,0 +1,169 @@
|
||||
+// Copyright 2021 The Go Authors. All rights reserved.
|
||||
+// Use of this source code is governed by a BSD-style
|
||||
+// license that can be found in the LICENSE file.
|
||||
+
|
||||
+package elliptic
|
||||
+
|
||||
+import (
|
||||
+ "math/big"
|
||||
+ "testing"
|
||||
+)
|
||||
+
|
||||
+type scalarMultTest struct {
|
||||
+ k string
|
||||
+ xIn, yIn string
|
||||
+ xOut, yOut string
|
||||
+}
|
||||
+
|
||||
+var p256MultTests = []scalarMultTest{
|
||||
+ {
|
||||
+ "2a265f8bcbdcaf94d58519141e578124cb40d64a501fba9c11847b28965bc737",
|
||||
+ "023819813ac969847059028ea88a1f30dfbcde03fc791d3a252c6b41211882ea",
|
||||
+ "f93e4ae433cc12cf2a43fc0ef26400c0e125508224cdb649380f25479148a4ad",
|
||||
+ "4d4de80f1534850d261075997e3049321a0864082d24a917863366c0724f5ae3",
|
||||
+ "a22d2b7f7818a3563e0f7a76c9bf0921ac55e06e2e4d11795b233824b1db8cc0",
|
||||
+ },
|
||||
+ {
|
||||
+ "313f72ff9fe811bf573176231b286a3bdb6f1b14e05c40146590727a71c3bccd",
|
||||
+ "cc11887b2d66cbae8f4d306627192522932146b42f01d3c6f92bd5c8ba739b06",
|
||||
+ "a2f08a029cd06b46183085bae9248b0ed15b70280c7ef13a457f5af382426031",
|
||||
+ "831c3f6b5f762d2f461901577af41354ac5f228c2591f84f8a6e51e2e3f17991",
|
||||
+ "93f90934cd0ef2c698cc471c60a93524e87ab31ca2412252337f364513e43684",
|
||||
+ },
|
||||
+}
|
||||
+
|
||||
+func TestP256BaseMult(t *testing.T) {
|
||||
+ p256 := P256()
|
||||
+ p256Generic := p256.Params()
|
||||
+
|
||||
+ scalars := make([]*big.Int, 0, len(p224BaseMultTests)+1)
|
||||
+ for _, e := range p224BaseMultTests {
|
||||
+ k, _ := new(big.Int).SetString(e.k, 10)
|
||||
+ scalars = append(scalars, k)
|
||||
+ }
|
||||
+ k := new(big.Int).SetInt64(1)
|
||||
+ k.Lsh(k, 500)
|
||||
+ scalars = append(scalars, k)
|
||||
+
|
||||
+ for i, k := range scalars {
|
||||
+ x, y := p256.ScalarBaseMult(k.Bytes())
|
||||
+ x2, y2 := p256Generic.ScalarBaseMult(k.Bytes())
|
||||
+ if x.Cmp(x2) != 0 || y.Cmp(y2) != 0 {
|
||||
+ t.Errorf("#%d: got (%x, %x), want (%x, %x)", i, x, y, x2, y2)
|
||||
+ }
|
||||
+
|
||||
+ if testing.Short() && i > 5 {
|
||||
+ break
|
||||
+ }
|
||||
+ }
|
||||
+}
|
||||
+
|
||||
+func TestP256Mult(t *testing.T) {
|
||||
+ p256 := P256()
|
||||
+ p256Generic := p256.Params()
|
||||
+
|
||||
+ for i, e := range p224BaseMultTests {
|
||||
+ x, _ := new(big.Int).SetString(e.x, 16)
|
||||
+ y, _ := new(big.Int).SetString(e.y, 16)
|
||||
+ k, _ := new(big.Int).SetString(e.k, 10)
|
||||
+
|
||||
+ xx, yy := p256.ScalarMult(x, y, k.Bytes())
|
||||
+ xx2, yy2 := p256Generic.ScalarMult(x, y, k.Bytes())
|
||||
+ if xx.Cmp(xx2) != 0 || yy.Cmp(yy2) != 0 {
|
||||
+ t.Errorf("#%d: got (%x, %x), want (%x, %x)", i, xx, yy, xx2, yy2)
|
||||
+ }
|
||||
+ if testing.Short() && i > 5 {
|
||||
+ break
|
||||
+ }
|
||||
+ }
|
||||
+
|
||||
+ for i, e := range p256MultTests {
|
||||
+ x, _ := new(big.Int).SetString(e.xIn, 16)
|
||||
+ y, _ := new(big.Int).SetString(e.yIn, 16)
|
||||
+ k, _ := new(big.Int).SetString(e.k, 16)
|
||||
+ expectedX, _ := new(big.Int).SetString(e.xOut, 16)
|
||||
+ expectedY, _ := new(big.Int).SetString(e.yOut, 16)
|
||||
+
|
||||
+ xx, yy := p256.ScalarMult(x, y, k.Bytes())
|
||||
+ if xx.Cmp(expectedX) != 0 || yy.Cmp(expectedY) != 0 {
|
||||
+ t.Errorf("#%d: got (%x, %x), want (%x, %x)", i, xx, yy, expectedX, expectedY)
|
||||
+ }
|
||||
+ }
|
||||
+}
|
||||
+
|
||||
+type synthCombinedMult struct {
|
||||
+ Curve
|
||||
+}
|
||||
+
|
||||
+func (s synthCombinedMult) CombinedMult(bigX, bigY *big.Int, baseScalar, scalar []byte) (x, y *big.Int) {
|
||||
+ x1, y1 := s.ScalarBaseMult(baseScalar)
|
||||
+ x2, y2 := s.ScalarMult(bigX, bigY, scalar)
|
||||
+ return s.Add(x1, y1, x2, y2)
|
||||
+}
|
||||
+
|
||||
+func TestP256CombinedMult(t *testing.T) {
|
||||
+ type combinedMult interface {
|
||||
+ Curve
|
||||
+ CombinedMult(bigX, bigY *big.Int, baseScalar, scalar []byte) (x, y *big.Int)
|
||||
+ }
|
||||
+
|
||||
+ p256, ok := P256().(combinedMult)
|
||||
+ if !ok {
|
||||
+ p256 = &synthCombinedMult{P256()}
|
||||
+ }
|
||||
+
|
||||
+ gx := p256.Params().Gx
|
||||
+ gy := p256.Params().Gy
|
||||
+
|
||||
+ zero := make([]byte, 32)
|
||||
+ one := make([]byte, 32)
|
||||
+ one[31] = 1
|
||||
+ two := make([]byte, 32)
|
||||
+ two[31] = 2
|
||||
+
|
||||
+ // 0×G + 0×G = ∞
|
||||
+ x, y := p256.CombinedMult(gx, gy, zero, zero)
|
||||
+ if x.Sign() != 0 || y.Sign() != 0 {
|
||||
+ t.Errorf("0×G + 0×G = (%d, %d), should be ∞", x, y)
|
||||
+ }
|
||||
+
|
||||
+ // 1×G + 0×G = G
|
||||
+ x, y = p256.CombinedMult(gx, gy, one, zero)
|
||||
+ if x.Cmp(gx) != 0 || y.Cmp(gy) != 0 {
|
||||
+ t.Errorf("1×G + 0×G = (%d, %d), should be (%d, %d)", x, y, gx, gy)
|
||||
+ }
|
||||
+
|
||||
+ // 0×G + 1×G = G
|
||||
+ x, y = p256.CombinedMult(gx, gy, zero, one)
|
||||
+ if x.Cmp(gx) != 0 || y.Cmp(gy) != 0 {
|
||||
+ t.Errorf("0×G + 1×G = (%d, %d), should be (%d, %d)", x, y, gx, gy)
|
||||
+ }
|
||||
+
|
||||
+ // 1×G + 1×G = 2×G
|
||||
+ x, y = p256.CombinedMult(gx, gy, one, one)
|
||||
+ ggx, ggy := p256.ScalarBaseMult(two)
|
||||
+ if x.Cmp(ggx) != 0 || y.Cmp(ggy) != 0 {
|
||||
+ t.Errorf("1×G + 1×G = (%d, %d), should be (%d, %d)", x, y, ggx, ggy)
|
||||
+ }
|
||||
+
|
||||
+ minusOne := new(big.Int).Sub(p256.Params().N, big.NewInt(1))
|
||||
+ // 1×G + (-1)×G = ∞
|
||||
+ x, y = p256.CombinedMult(gx, gy, one, minusOne.Bytes())
|
||||
+ if x.Sign() != 0 || y.Sign() != 0 {
|
||||
+ t.Errorf("1×G + (-1)×G = (%d, %d), should be ∞", x, y)
|
||||
+ }
|
||||
+}
|
||||
+
|
||||
+func TestIssue52075(t *testing.T) {
|
||||
+ Gx, Gy := P256().Params().Gx, P256().Params().Gy
|
||||
+ scalar := make([]byte, 33)
|
||||
+ scalar[32] = 1
|
||||
+ x, y := P256().ScalarBaseMult(scalar)
|
||||
+ if x.Cmp(Gx) != 0 || y.Cmp(Gy) != 0 {
|
||||
+ t.Errorf("unexpected output (%v,%v)", x, y)
|
||||
+ }
|
||||
+ x, y = P256().ScalarMult(Gx, Gy, scalar)
|
||||
+ if x.Cmp(Gx) != 0 || y.Cmp(Gy) != 0 {
|
||||
+ t.Errorf("unexpected output (%v,%v)", x, y)
|
||||
+ }
|
||||
+}
|
||||
--
|
||||
2.35.3
|
||||
|
37
golang.spec
37
golang.spec
|
@ -1,7 +1,7 @@
|
|||
%bcond_with bootstrap
|
||||
# temporalily ignore test failures
|
||||
# due to https://github.com/golang/go/issues/39466
|
||||
%ifarch aarch64
|
||||
%ifarch aarch64 %{arm}
|
||||
%bcond_without ignore_tests
|
||||
%else
|
||||
%bcond_with ignore_tests
|
||||
|
@ -59,13 +59,6 @@
|
|||
%global golang_bootstrap 1
|
||||
%endif
|
||||
|
||||
# Controls what ever we fail on failed tests
|
||||
%if %{with ignore_tests}
|
||||
%global fail_on_tests 0
|
||||
%else
|
||||
%global fail_on_tests 1
|
||||
%endif
|
||||
|
||||
# Build golang shared objects for stdlib
|
||||
%ifarch %{ix86} x86_64 ppc64le %{arm} aarch64
|
||||
%global shared 1
|
||||
|
@ -109,7 +102,7 @@
|
|||
%global go_version %{go_api}.15
|
||||
|
||||
# For rpmdev-bumpspec and releng automation
|
||||
%global baserelease 1
|
||||
%global baserelease 2
|
||||
|
||||
Name: golang
|
||||
Version: %{go_version}
|
||||
|
@ -159,6 +152,18 @@ Patch1: 0001-Don-t-use-the-bundled-tzdata-at-runtime-except-for-t.patch
|
|||
Patch2: 0002-syscall-expose-IfInfomsg.X__ifi_pad-on-s390x.patch
|
||||
Patch3: 0003-cmd-go-disable-Google-s-proxy-and-sumdb.patch
|
||||
|
||||
# The issue: https://github.com/golang/go/issues/51853
|
||||
# Fixed in: go1.19
|
||||
# Backported by upstream to go1.18.1 and Go1.17.9
|
||||
# Patch: https://go-review.googlesource.com/c/go/+/399816/
|
||||
Patch4: 0004-fix-CVE-2022-24675.patch
|
||||
|
||||
# The issue: https://github.com/golang/go/issues/52075
|
||||
# Fixed in: go1.19
|
||||
# Backported by upstream to go1.18
|
||||
# Patch: https://go-review.googlesource.com/c/go/+/397135/
|
||||
Patch5: 0005-fix-CVE-2022-28327.patch
|
||||
|
||||
# Having documentation separate was broken
|
||||
Obsoletes: %{name}-docs < 1.1-4
|
||||
|
||||
|
@ -459,11 +464,7 @@ export CGO_ENABLED=0
|
|||
# make sure to not timeout
|
||||
export GO_TEST_TIMEOUT_SCALE=2
|
||||
|
||||
%if %{fail_on_tests}
|
||||
./run.bash --no-rebuild -v -v -v -k
|
||||
%else
|
||||
./run.bash --no-rebuild -v -v -v -k || :
|
||||
%endif
|
||||
./run.bash --no-rebuild -v -v -v -k %{?with_ignore_tests: || :}
|
||||
cd ..
|
||||
|
||||
|
||||
|
@ -529,6 +530,14 @@ fi
|
|||
%endif
|
||||
|
||||
%changelog
|
||||
* Wed Jun 08 2022 Alejandro Sáez <asm@redhat.com> - 1.16.15-2
|
||||
- Backport of patches.
|
||||
- Skip tests for arm
|
||||
- Adds 0004-fix-CVE-2022-24675.patch
|
||||
- Resolves: rhbz#2080125
|
||||
- Adds 0005-fix-CVE-2022-28327.patch
|
||||
- Resolves: rhbz#2079826
|
||||
|
||||
* Thu Mar 10 2022 Alejandro Sáez <asm@redhat.com> - 1.16.15-1
|
||||
- Update to go1.16.15
|
||||
|
||||
|
|
Loading…
Reference in New Issue