summaryrefslogtreecommitdiffstats
path: root/debian/patches/62-rsa-psk-minimize-branching-after-decryption.patch
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--debian/patches/62-rsa-psk-minimize-branching-after-decryption.patch18
1 files changed, 9 insertions, 9 deletions
diff --git a/debian/patches/62-rsa-psk-minimize-branching-after-decryption.patch b/debian/patches/62-rsa-psk-minimize-branching-after-decryption.patch
index 47de317..b0ba2ce 100644
--- a/debian/patches/62-rsa-psk-minimize-branching-after-decryption.patch
+++ b/debian/patches/62-rsa-psk-minimize-branching-after-decryption.patch
@@ -1,7 +1,7 @@
-From 40dbbd8de499668590e8af51a15799fbc430595e Mon Sep 17 00:00:00 2001
+From f0aa7285c3ef702d4e5c13e54d6fe741e44244c3 Mon Sep 17 00:00:00 2001
From: Daiki Ueno <ueno@gnu.org>
Date: Wed, 10 Jan 2024 19:13:17 +0900
-Subject: [PATCH 2/2] rsa-psk: minimize branching after decryption
+Subject: [PATCH 13/29] rsa-psk: minimize branching after decryption
This moves any non-trivial code between gnutls_privkey_decrypt_data2
and the function return in _gnutls_proc_rsa_psk_client_kx up until the
@@ -9,8 +9,8 @@ decryption. This also avoids an extra memcpy to session->key.key.
Signed-off-by: Daiki Ueno <ueno@gnu.org>
---
- lib/auth/rsa_psk.c | 69 ++++++++++++++++++++++++----------------------
- 1 file changed, 36 insertions(+), 33 deletions(-)
+ lib/auth/rsa_psk.c | 68 ++++++++++++++++++++++++----------------------
+ 1 file changed, 35 insertions(+), 33 deletions(-)
--- a/lib/auth/rsa_psk.c
+++ b/lib/auth/rsa_psk.c
@@ -26,7 +26,7 @@ Signed-off-by: Daiki Ueno <ueno@gnu.org>
cred = (gnutls_psk_server_credentials_t)
_gnutls_get_cred(session, GNUTLS_CRD_PSK);
-@@ -329,29 +328,52 @@ _gnutls_proc_rsa_psk_client_kx(gnutls_se
+@@ -329,28 +328,52 @@ _gnutls_proc_rsa_psk_client_kx(gnutls_se
ciphertext.size = dsize;
ver_maj = _gnutls_get_adv_version_major(session);
@@ -34,6 +34,7 @@ Signed-off-by: Daiki Ueno <ueno@gnu.org>
- premaster_secret.data = gnutls_malloc(GNUTLS_MASTER_SIZE);
- if (premaster_secret.data == NULL) {
+- gnutls_assert();
+ /* Find the key of this username. A random value will be
+ * filled in if the key is not found.
+ */
@@ -41,8 +42,7 @@ Signed-off-by: Daiki Ueno <ueno@gnu.org>
+ strlen(info->username), &pwd_psk);
+ if (ret < 0)
+ return gnutls_assert_val(ret);
-
-- gnutls_assert();
++
+ /* Allocate memory for premaster secret, and fill in the
+ * fields except the decryption result.
+ */
@@ -88,12 +88,12 @@ Signed-off-by: Daiki Ueno <ueno@gnu.org>
* channel that can be used as an oracle, so tread carefully */
/* Error handling logic:
-@@ -367,35 +389,14 @@ _gnutls_proc_rsa_psk_client_kx(gnutls_se
+@@ -365,35 +388,14 @@ _gnutls_proc_rsa_psk_client_kx(gnutls_se
+ */
/* This is here to avoid the version check attack
* discussed above.
*/
-
- premaster_secret.data[0] = ver_maj;
- premaster_secret.data[1] = ver_min;
-