extra/crypto++ to 5.6.2-3

2024-09-19 22:08:32 +00:00 · 2015-07-24 12:36:24 +00:00 · 2015-07-24 12:36:24 +00:00 · d04e5d04f7
parent ea9b723926
commit d04e5d04f7
2 changed files with 39 additions and 3 deletions
--- a/extra/crypto++/CVE-2015-2141.patch
+++ b/extra/crypto++/CVE-2015-2141.patch
@ -0,0 +1,32 @@
+From 9425e16437439e68c7d96abef922167d68fafaff Mon Sep 17 00:00:00 2001
+From: Jeffrey Walton <noloader@gmail.com>
+Date: Sat, 27 Jun 2015 17:56:01 -0400
+Subject: [PATCH] Fix for CVE-2015-2141. Thanks to Evgeny Sidorov for
+ reporting. Squaring to satisfy Jacobi requirements suggested by JPM.
+
+---
+ rw.cpp | 8 +++++++-
+ 1 file changed, 7 insertions(+), 1 deletion(-)
+
+diff --git a/rw.cpp b/rw.cpp
+index cdd9f2d..0b9318b 100644
+--- a/rw.cpp
+++ b/rw.cpp
+@@ -126,10 +126,16 @@ Integer InvertibleRWFunction::CalculateInverse(RandomNumberGenerator &rng, const
+ 	DoQuickSanityCheck();
+ 	ModularArithmetic modn(m_n);
+ 	Integer r, rInv;
+-	do {	// do this in a loop for people using small numbers for testing
+
+	// do this in a loop for people using small numbers for testing
+	do {
+ 		r.Randomize(rng, Integer::One(), m_n - Integer::One());
+		// Fix for CVE-2015-2141. Thanks to Evgeny Sidorov for reporting.
+		// Squaring to satisfy Jacobi requirements suggested by JPM.
+		r = modn.Square(r);
+ 		rInv = modn.MultiplicativeInverse(r);
+ 	} while (rInv.IsZero());
+
+ 	Integer re = modn.Square(r);
+ 	re = modn.Multiply(re, x);			// blind
+ 
--- a/extra/crypto++/PKGBUILD
+++ b/extra/crypto++/PKGBUILD
@ -12,7 +12,7 @@
 pkgname=crypto++
 pkgver=5.6.2
 _srcver=562
-pkgrel=2
+pkgrel=3
 pkgdesc="A free C++ class library of cryptographic schemes"
 arch=('i686' 'x86_64')
 url="http://www.cryptopp.com/"
@ -20,16 +20,20 @@ license=('custom')
 depends=('gcc-libs')
 makedepends=('unzip')
 source=("http://www.cryptopp.com/cryptopp${_srcver}.zip"
+        'CVE-2015-2141.patch'
        'libcrypto++.pc'
        'fix_build_system.patch')
 md5sums=('7ed022585698df48e65ce9218f6c6a67'
+         '7ff9a215b9244b4f8a17c7185e27beda'
         '46de3847c59ad16456fa863eb33e73b2'
         '7ba22254fea73c1a9bd308ff6e034856')

-build() {
-  # ALARM
+prepare() {
+  patch -p1 -i ${srcdir}/CVE-2015-2141.patch
  patch -p1 -i fix_build_system.patch
+}

+build() {
  sed -i -e 's/^CXXFLAGS/#CXXFLAGS/' GNUmakefile
  export CXXFLAGS="${CXXFLAGS} -DNDEBUG -fPIC"
  make -f GNUmakefile