File openssl-CVE-2022-4304-2of2.patch of Package openssl-1_1.29122
commit 4ada8c0485d78f437e2392047de9e096d64c123b
Author: Matt Caswell <matt@openssl.org>
Date: Mon Jan 30 17:59:21 2023 +0000
fixup! Fix Timing Oracle in RSA decryption
diff --git a/crypto/rsa/rsa_sup_mul.c b/crypto/rsa/rsa_sup_mul.c
index 15a1cf591f..dfcdedc5fd 100644
--- a/crypto/rsa/rsa_sup_mul.c
+++ b/crypto/rsa/rsa_sup_mul.c
@@ -468,36 +468,48 @@ static void BN_to_limb(const BIGNUM *bn, limb_t *buf, size_t limbs)
#if LIMB_BYTE_SIZE == 8
static ossl_inline uint64_t be64(uint64_t host)
{
-#ifndef L_ENDIAN
- return host;
-#else
- uint64_t big = 0;
- big |= (host & 0xff00000000000000) >> 56;
- big |= (host & 0x00ff000000000000) >> 40;
- big |= (host & 0x0000ff0000000000) >> 24;
- big |= (host & 0x000000ff00000000) >> 8;
- big |= (host & 0x00000000ff000000) << 8;
- big |= (host & 0x0000000000ff0000) << 24;
- big |= (host & 0x000000000000ff00) << 40;
- big |= (host & 0x00000000000000ff) << 56;
- return big;
-#endif
+ const union {
+ long one;
+ char little;
+ } is_endian = { 1 };
+
+ if (is_endian.little) {
+ uint64_t big = 0;
+
+ big |= (host & 0xff00000000000000) >> 56;
+ big |= (host & 0x00ff000000000000) >> 40;
+ big |= (host & 0x0000ff0000000000) >> 24;
+ big |= (host & 0x000000ff00000000) >> 8;
+ big |= (host & 0x00000000ff000000) << 8;
+ big |= (host & 0x0000000000ff0000) << 24;
+ big |= (host & 0x000000000000ff00) << 40;
+ big |= (host & 0x00000000000000ff) << 56;
+ return big;
+ } else {
+ return host;
+ }
}
#else
/* Not all platforms have htobe32(). */
static ossl_inline uint32_t be32(uint32_t host)
{
-#ifndef L_ENDIAN
- return host;
-#else
- uint32_t big = 0;
- big |= (host & 0xff000000) >> 24;
- big |= (host & 0x00ff0000) >> 8;
- big |= (host & 0x0000ff00) << 8;
- big |= (host & 0x000000ff) << 24;
- return big;
-#endif
+ const union {
+ long one;
+ char little;
+ } is_endian = { 1 };
+
+ if (is_endian.little) {
+ uint32_t big = 0;
+
+ big |= (host & 0xff000000) >> 24;
+ big |= (host & 0x00ff0000) >> 8;
+ big |= (host & 0x0000ff00) << 8;
+ big |= (host & 0x000000ff) << 24;
+ return big;
+ } else {
+ return host;
+ }
}
#endif