Overview

File openssl-CVE-2022-4304-2of2.patch of Package openssl-1_1.29122

commit 4ada8c0485d78f437e2392047de9e096d64c123b
Author: Matt Caswell <matt@openssl.org>
Date:   Mon Jan 30 17:59:21 2023 +0000

    fixup! Fix Timing Oracle in RSA decryption

diff --git a/crypto/rsa/rsa_sup_mul.c b/crypto/rsa/rsa_sup_mul.c
index 15a1cf591f..dfcdedc5fd 100644
--- a/crypto/rsa/rsa_sup_mul.c
+++ b/crypto/rsa/rsa_sup_mul.c
@@ -468,36 +468,48 @@ static void BN_to_limb(const BIGNUM *bn, limb_t *buf, size_t limbs)
 #if LIMB_BYTE_SIZE == 8
 static ossl_inline uint64_t be64(uint64_t host)
 {
-#ifndef L_ENDIAN
-    return host;
-#else
-    uint64_t big = 0;
-    big |= (host & 0xff00000000000000) >> 56;
-    big |= (host & 0x00ff000000000000) >> 40;
-    big |= (host & 0x0000ff0000000000) >> 24;
-    big |= (host & 0x000000ff00000000) >>  8;
-    big |= (host & 0x00000000ff000000) <<  8;
-    big |= (host & 0x0000000000ff0000) << 24;
-    big |= (host & 0x000000000000ff00) << 40;
-    big |= (host & 0x00000000000000ff) << 56;
-    return big;
-#endif
+    const union {
+        long one;
+        char little;
+    } is_endian = { 1 };
+
+    if (is_endian.little) {
+        uint64_t big = 0;
+
+        big |= (host & 0xff00000000000000) >> 56;
+        big |= (host & 0x00ff000000000000) >> 40;
+        big |= (host & 0x0000ff0000000000) >> 24;
+        big |= (host & 0x000000ff00000000) >>  8;
+        big |= (host & 0x00000000ff000000) <<  8;
+        big |= (host & 0x0000000000ff0000) << 24;
+        big |= (host & 0x000000000000ff00) << 40;
+        big |= (host & 0x00000000000000ff) << 56;
+        return big;
+    } else {
+        return host;
+    }
 }
 
 #else
 /* Not all platforms have htobe32(). */
 static ossl_inline uint32_t be32(uint32_t host)
 {
-#ifndef L_ENDIAN
-    return host;
-#else
-    uint32_t big = 0;
-    big |= (host & 0xff000000) >> 24;
-    big |= (host & 0x00ff0000) >> 8;
-    big |= (host & 0x0000ff00) << 8;
-    big |= (host & 0x000000ff) << 24;
-    return big;
-#endif
+    const union {
+        long one;
+        char little;
+    } is_endian = { 1 };
+
+    if (is_endian.little) {
+        uint32_t big = 0;
+
+        big |= (host & 0xff000000) >> 24;
+        big |= (host & 0x00ff0000) >> 8;
+        big |= (host & 0x0000ff00) << 8;
+        big |= (host & 0x000000ff) << 24;
+        return big;
+    } else {
+        return host;
+    }
 }
 #endif
openSUSE Build Service is sponsored by
Places