Fix CVE-2020-36843

(cherry picked from commit fc0eeffa9167728333cee9764a77e77862e2f66e)
2025-03-21 09:43:19 +08:00 · 2025-03-21 09:43:19 +08:00 · b8b9364db0
commit b8b9364db0
parent 944a10b72d
2 changed files with 61 additions and 2 deletions
--- a/CVE-2020-36843.patch
+++ b/CVE-2020-36843.patch
@ -0,0 +1,55 @@
+From d7d1dcb5399c61cf2916ccc45aa25b0209c88712 Mon Sep 17 00:00:00 2001
+From: zzz <zzz@mail.i2p>
+Date: Tue, 12 Mar 2019 12:55:58 +0000
+Subject: [PATCH] Crypto: Ed25519 check for S < L as in RFC 8032
+
+Origin: https://github.com/i2p/i2p.i2p/commit/d7d1dcb5399c61cf2916ccc45aa25b0209c88712
+
+---
+ src/net/i2p/crypto/eddsa/EdDSAEngine.java | 9 +++++++++
+ 1 file changed, 9 insertions(+)
+
+diff --git a/src/net/i2p/crypto/eddsa/EdDSAEngine.java b/src/net/i2p/crypto/eddsa/EdDSAEngine.java
+index 1f0ba6d..9c55104 100644
+--- a/src/net/i2p/crypto/eddsa/EdDSAEngine.java
+++ b/src/net/i2p/crypto/eddsa/EdDSAEngine.java
+@@ -12,6 +12,7 @@
+ package net.i2p.crypto.eddsa;
+ 
+ import java.io.ByteArrayOutputStream;
+import java.math.BigInteger;
+ import java.nio.ByteBuffer;
+ import java.security.InvalidAlgorithmParameterException;
+ import java.security.InvalidKeyException;
+@@ -30,6 +31,7 @@ import net.i2p.crypto.eddsa.math.Curve;
+ import net.i2p.crypto.eddsa.math.GroupElement;
+ import net.i2p.crypto.eddsa.math.ScalarOps;
+ import sun.security.x509.X509Key;
+import net.i2p.crypto.eddsa.math.bigint.BigIntegerLittleEndianEncoding;
+ 
+ /**
+  * Signing and verification for EdDSA.
+@@ -69,6 +71,8 @@ import sun.security.x509.X509Key;
+ public final class EdDSAEngine extends Signature {
+     public static final String SIGNATURE_ALGORITHM = "NONEwithEdDSA";
+ 
+    private static final BigInteger ORDER = new BigInteger("2").pow(252).add(new BigInteger("27742317777372353535851937790883648493"));
+
+     private MessageDigest digest;
+     private ByteArrayOutputStream baos;
+     private EdDSAKey key;
+@@ -306,6 +310,11 @@ public final class EdDSAEngine extends Signature {
+         h = key.getParams().getScalarOps().reduce(h);
+ 
+         byte[] Sbyte = Arrays.copyOfRange(sigBytes, b/8, b/4);
+        // RFC 8032
+        BigInteger Sbigint = (new BigIntegerLittleEndianEncoding()).toBigInteger(Sbyte);
+        if (Sbigint.compareTo(ORDER) >= 0)
+            return false;
+
+         // R = SB - H(Rbar,Abar,M)A
+         GroupElement R = key.getParams().getB().doubleScalarMultiplyVariableTime(
+                 ((EdDSAPublicKey) key).getNegativeA(), h, Sbyte);
+-- 
+2.33.0
+
--- a/ed25519-java.spec
+++ b/ed25519-java.spec
@ -1,10 +1,11 @@
 Name:                ed25519-java
 Version:             0.3.0
-Release:             4
+Release:             5
 Summary:             Implementation of EdDSA (Ed25519) in Java
 License:             CC0
 URL:                 https://github.com/str4d/ed25519-java
 Source0:             https://github.com/str4d/ed25519-java/archive/v%{version}/ed25519-java-%{version}.tar.gz
+Patch0:              CVE-2020-36843.patch
 BuildRequires:       maven-local mvn(junit:junit) mvn(org.apache.felix:maven-bundle-plugin)
 BuildRequires:       mvn(org.hamcrest:hamcrest-all)
 BuildArch:           noarch
@ -25,7 +26,7 @@ Summary:             Javadoc for %{name}
 This package contains javadoc for %{name}.

 %prep
-%setup -q -n %{name}-%{version}
+%autosetup -n %{name}-%{version} -p1
 %pom_remove_plugin :maven-gpg-plugin
 %pom_remove_plugin :maven-javadoc-plugin
 %pom_remove_plugin :maven-source-plugin
@ -48,5 +49,8 @@ This package contains javadoc for %{name}.
 %license LICENSE.txt

 %changelog
+* Fri Mar 21 2025 wangkai <13474090681@163.com> - 0.3.0-5
+- Fix CVE-2020-36843
+
 * Mon Jul 27 2020 Anan Fu <fuanan3@huawei.com> - 0.3.0-4
 - package init