Date: Sunday, November 3, 2013 @ 19:13:16 Author: seblu Revision: 100413
upgpkg: opensc 0.13.0-4 Added: opensc/trunk/0002-epass2003-properly-disable-padding.patch Modified: opensc/trunk/PKGBUILD -----------------------------------------------+ 0002-epass2003-properly-disable-padding.patch | 39 ++++++++++++++++++++++++ PKGBUILD | 9 +++-- 2 files changed, 45 insertions(+), 3 deletions(-) Added: 0002-epass2003-properly-disable-padding.patch =================================================================== --- 0002-epass2003-properly-disable-padding.patch (rev 0) +++ 0002-epass2003-properly-disable-padding.patch 2013-11-03 18:13:16 UTC (rev 100413) @@ -0,0 +1,39 @@ +From b1a4775310a4e30d8fd5c1cc91e60971f922e64a Mon Sep 17 00:00:00 2001 +From: Zbigniew Halas <[email protected]> +Date: Wed, 27 Feb 2013 23:44:02 +0000 +Subject: [PATCH] epass2003: properly disable padding + +EVP_CIPHER_CTX_set_padding needs to be called after EVP_EncryptInit_ex +and EVP_DecryptInit_ex, otherwise padding is re-enabled, which in turn +causes buffer overruns +--- + src/libopensc/card-epass2003.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/libopensc/card-epass2003.c b/src/libopensc/card-epass2003.c +index 80088b9..6f04573 100644 +--- a/src/libopensc/card-epass2003.c ++++ b/src/libopensc/card-epass2003.c +@@ -117,8 +117,8 @@ + + memcpy(iv_tmp, iv, EVP_MAX_IV_LENGTH); + EVP_CIPHER_CTX_init(&ctx); +- EVP_CIPHER_CTX_set_padding(&ctx, 0); + EVP_EncryptInit_ex(&ctx, cipher, NULL, key, iv_tmp); ++ EVP_CIPHER_CTX_set_padding(&ctx, 0); + + if (!EVP_EncryptUpdate(&ctx, output, &outl, input, length)) + goto out; +@@ -146,8 +146,8 @@ + + memcpy(iv_tmp, iv, EVP_MAX_IV_LENGTH); + EVP_CIPHER_CTX_init(&ctx); +- EVP_CIPHER_CTX_set_padding(&ctx, 0); + EVP_DecryptInit_ex(&ctx, cipher, NULL, key, iv_tmp); ++ EVP_CIPHER_CTX_set_padding(&ctx, 0); + + if (!EVP_DecryptUpdate(&ctx, output, &outl, input, length)) + goto out; +-- +1.8.4 + Modified: PKGBUILD =================================================================== --- PKGBUILD 2013-11-03 17:59:19 UTC (rev 100412) +++ PKGBUILD 2013-11-03 18:13:16 UTC (rev 100413) @@ -4,7 +4,7 @@ pkgname=opensc pkgver=0.13.0 -pkgrel=3 +pkgrel=4 pkgdesc='Tools and libraries for smart cards' arch=('x86_64' 'i686') url='https://github.com/OpenSC/OpenSC/wiki' @@ -14,12 +14,15 @@ depends=('openssl' 'pcsclite' 'libltdl') options=('!emptydirs') source=("http://downloads.sourceforge.net/$pkgname/$pkgname-$pkgver.tar.gz"; - '0001-pkcs15-regression-in-e35febe-compute-cert-length.patch') + '0001-pkcs15-regression-in-e35febe-compute-cert-length.patch' + '0002-epass2003-properly-disable-padding.patch') md5sums=('74a10de6c646bdaae307d6dc9e9accc0' - '49a0989c169decf6876a3a9631289dbc') + '49a0989c169decf6876a3a9631289dbc' + '68fe80c8fb6c28c0bcf9d36e3245e4ae') prepare() { patch -p1 -d $pkgname-$pkgver < 0001-pkcs15-regression-in-e35febe-compute-cert-length.patch + patch -p1 -d $pkgname-$pkgver < 0002-epass2003-properly-disable-padding.patch } build() {
