Bug#867659: stretch-pu: package gnutls28/3.5.8-5+deb9u2

[Andreas Metzler <ametzler@bebt.de>]

Package: release.debian.org
Severity: normal
Tags: stretch
User: release.debian.org@packages.debian.org
Usertags: pu

Hello,

I would like to fix #867581 in stable by pulling the patch from 3.5.13.
The issue is about broken AES-GCM in-place encryption and decryption on
aarch64.

cu Andreas

-- 
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'

diff -Nru gnutls28-3.5.8/debian/changelog gnutls28-3.5.8/debian/changelog
--- gnutls28-3.5.8/debian/changelog	2017-06-16 07:47:11.000000000 +0200
+++ gnutls28-3.5.8/debian/changelog	2017-07-08 10:29:05.000000000 +0200
@@ -1,3 +1,11 @@
+gnutls28 (3.5.8-5+deb9u2) stretch; urgency=medium
+
+  * 37_aarch64-fix-AES-GCM-in-place-encryption-and-decrypti.patch from
+    upstream 3.5.x branch: Fix breakage if AES-GCM in-place encryption and
+    decryption on aarch64. Closes: #867581
+
+ -- Andreas Metzler <ametzler@debian.org>  Sat, 08 Jul 2017 10:29:05 +0200
+
 gnutls28 (3.5.8-5+deb9u1) stretch-security; urgency=high
 
   * 36_CVE-2017-7507_*.patch: Pulled from 3.5.13, fix crash upon receiving
diff -Nru gnutls28-3.5.8/debian/patches/37_aarch64-fix-AES-GCM-in-place-encryption-and-decrypti.patch gnutls28-3.5.8/debian/patches/37_aarch64-fix-AES-GCM-in-place-encryption-and-decrypti.patch
--- gnutls28-3.5.8/debian/patches/37_aarch64-fix-AES-GCM-in-place-encryption-and-decrypti.patch	1970-01-01 01:00:00.000000000 +0100
+++ gnutls28-3.5.8/debian/patches/37_aarch64-fix-AES-GCM-in-place-encryption-and-decrypti.patch	2017-07-07 19:43:55.000000000 +0200
@@ -0,0 +1,57 @@
+From 864e8d4e3ba87f53df7bdef695661415ed60a018 Mon Sep 17 00:00:00 2001
+From: Nikos Mavrogiannopoulos <nmav@redhat.com>
+Date: Mon, 22 May 2017 14:41:56 +0200
+Subject: [PATCH] aarch64: fix AES-GCM in-place encryption and decryption
+
+Resolves #204
+
+Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
+---
+ lib/accelerated/aarch64/aes-gcm-aarch64.c | 24 ++++++++++++++++++++++++
+ 1 file changed, 24 insertions(+)
+
+diff --git a/lib/accelerated/aarch64/aes-gcm-aarch64.c b/lib/accelerated/aarch64/aes-gcm-aarch64.c
+index c571d0294..8d2bc1dce 100644
+--- a/lib/accelerated/aarch64/aes-gcm-aarch64.c
++++ b/lib/accelerated/aarch64/aes-gcm-aarch64.c
+@@ -153,6 +153,27 @@ gcm_ghash(struct aes_gcm_ctx *ctx, const uint8_t * src, size_t src_size)
+ }
+ 
+ static void
++ctr32_encrypt_blocks_inplace(const unsigned char *in, unsigned char *out,
++			     size_t blocks, const AES_KEY *key,
++			     const unsigned char ivec[16])
++{
++	unsigned i;
++	uint8_t ctr[16];
++	uint8_t tmp[16];
++
++	memcpy(ctr, ivec, 16);
++
++	for (i=0;i<blocks;i++) {
++		aes_v8_encrypt(ctr, tmp, key);
++		memxor3(out, tmp, in, 16);
++
++		out += 16;
++		in += 16;
++		INCREMENT(16, ctr);
++	}
++}
++
++static void
+ ctr32_encrypt_blocks(const unsigned char *in, unsigned char *out,
+ 		     size_t blocks, const AES_KEY *key,
+ 		     const unsigned char ivec[16])
+@@ -160,6 +181,9 @@ ctr32_encrypt_blocks(const unsigned char *in, unsigned char *out,
+ 	unsigned i;
+ 	uint8_t ctr[16];
+ 
++	if (in == out)
++		return ctr32_encrypt_blocks_inplace(in, out, blocks, key, ivec);
++
+ 	memcpy(ctr, ivec, 16);
+ 
+ 	for (i=0;i<blocks;i++) {
+-- 
+2.13.2
+
diff -Nru gnutls28-3.5.8/debian/patches/series gnutls28-3.5.8/debian/patches/series
--- gnutls28-3.5.8/debian/patches/series	2017-06-16 07:47:04.000000000 +0200
+++ gnutls28-3.5.8/debian/patches/series	2017-07-07 19:43:58.000000000 +0200
@@ -12,3 +12,4 @@
 36_CVE-2017-7507_1-ext-status_request-ensure-response-IDs-are-properly-.patch
 36_CVE-2017-7507_2-ext-status_request-Removed-the-parsing-of-responder-.patch
 36_CVE-2017-7507_3-gnutls_ocsp_status_request_enable_client-documented-.patch
+37_aarch64-fix-AES-GCM-in-place-encryption-and-decrypti.patch

Attachment: signature.asc
Description: PGP signature