!8 [sync] PR-3: Fix CVE-2020-36843

From: @openeuler-sync-bot Reviewed-by: @cherry530 Signed-off-by: @cherry530
2025-03-21 03:42:04 +00:00 · 2025-03-21 03:42:04 +00:00 · c8aab0b967
commit c8aab0b967
parent 944a10b72d b8b9364db0
2 changed files with 61 additions and 2 deletions
--- a/CVE-2020-36843.patch
+++ b/CVE-2020-36843.patch
@ -0,0 +1,55 @@
 From d7d1dcb5399c61cf2916ccc45aa25b0209c88712 Mon Sep 17 00:00:00 2001
 From: zzz <zzz@mail.i2p>
 Date: Tue, 12 Mar 2019 12:55:58 +0000
 Subject: [PATCH] Crypto: Ed25519 check for S < L as in RFC 8032
 Origin: https://github.com/i2p/i2p.i2p/commit/d7d1dcb5399c61cf2916ccc45aa25b0209c88712
 ---
 src/net/i2p/crypto/eddsa/EdDSAEngine.java | 9 +++++++++
 1 file changed, 9 insertions(+)
 diff --git a/src/net/i2p/crypto/eddsa/EdDSAEngine.java b/src/net/i2p/crypto/eddsa/EdDSAEngine.java
 index 1f0ba6d..9c55104 100644
 --- a/src/net/i2p/crypto/eddsa/EdDSAEngine.java
 +++ b/src/net/i2p/crypto/eddsa/EdDSAEngine.java
@@ -12,6 +12,7 @@
 package net.i2p.crypto.eddsa;
 import java.io.ByteArrayOutputStream;
 +import java.math.BigInteger;
 import java.nio.ByteBuffer;
 import java.security.InvalidAlgorithmParameterException;
 import java.security.InvalidKeyException;
@@ -30,6 +31,7 @@ import net.i2p.crypto.eddsa.math.Curve;
 import net.i2p.crypto.eddsa.math.GroupElement;
 import net.i2p.crypto.eddsa.math.ScalarOps;
 import sun.security.x509.X509Key;
 +import net.i2p.crypto.eddsa.math.bigint.BigIntegerLittleEndianEncoding;
 /**
  * Signing and verification for EdDSA.
@@ -69,6 +71,8 @@ import sun.security.x509.X509Key;
 public final class EdDSAEngine extends Signature {
     public static final String SIGNATURE_ALGORITHM = "NONEwithEdDSA";
 +    private static final BigInteger ORDER = new BigInteger("2").pow(252).add(new BigInteger("27742317777372353535851937790883648493"));
 +
     private MessageDigest digest;
     private ByteArrayOutputStream baos;
     private EdDSAKey key;
@@ -306,6 +310,11 @@ public final class EdDSAEngine extends Signature {
         h = key.getParams().getScalarOps().reduce(h);
         byte[] Sbyte = Arrays.copyOfRange(sigBytes, b/8, b/4);
 +        // RFC 8032
 +        BigInteger Sbigint = (new BigIntegerLittleEndianEncoding()).toBigInteger(Sbyte);
 +        if (Sbigint.compareTo(ORDER) >= 0)
 +            return false;
 +
         // R = SB - H(Rbar,Abar,M)A
         GroupElement R = key.getParams().getB().doubleScalarMultiplyVariableTime(
                 ((EdDSAPublicKey) key).getNegativeA(), h, Sbyte);
 -- 
 2.33.0
--- a/ed25519-java.spec
+++ b/ed25519-java.spec
@ -1,10 +1,11 @@
 Name:                ed25519-java
 Version:             0.3.0
-Release:             4
+Release:             5
 Summary:             Implementation of EdDSA (Ed25519) in Java
 License:             CC0
 URL:                 https://github.com/str4d/ed25519-java
 Source0:             https://github.com/str4d/ed25519-java/archive/v%{version}/ed25519-java-%{version}.tar.gz
 Patch0:              CVE-2020-36843.patch
 BuildRequires:       maven-local mvn(junit:junit) mvn(org.apache.felix:maven-bundle-plugin)
 BuildRequires:       mvn(org.hamcrest:hamcrest-all)
 BuildArch:           noarch
@ -25,7 +26,7 @@ Summary:             Javadoc for %{name}
 This package contains javadoc for %{name}.
 %prep
-%setup -q -n %{name}-%{version}
+%autosetup -n %{name}-%{version} -p1
 %pom_remove_plugin :maven-gpg-plugin
 %pom_remove_plugin :maven-javadoc-plugin
 %pom_remove_plugin :maven-source-plugin
@ -48,5 +49,8 @@ This package contains javadoc for %{name}.
 %license LICENSE.txt
 %changelog
 * Fri Mar 21 2025 wangkai <13474090681@163.com> - 0.3.0-5
 - Fix CVE-2020-36843
 * Mon Jul 27 2020 Anan Fu <fuanan3@huawei.com> - 0.3.0-4
 - package init