dev-lang/go/files/20190118-crypto-elliptic-reduction.patch - mirrors/cros/chromiumos/overlays/chromiumos-overlay - Git at Google

 This fixes a DoS vulnerability in the crypto/elliptic implementations of the P-521 and P-384 elliptic curves may let an attacker craft inputs that consume excessive amounts of CPU.

 It was written by the Google Go language team.

 diff --git a/src/crypto/elliptic/elliptic.go b/src/crypto/elliptic/elliptic.go
 index 4fc2b5e521..c84657c5e3 100644
 --- a/src/crypto/elliptic/elliptic.go
 +++ b/src/crypto/elliptic/elliptic.go
 @@ -210,8 +210,9 @@ func (curve *CurveParams) doubleJacobian(x, y, z *big.Int) (*big.Int, *big.Int,

  	x3 := new(big.Int).Mul(alpha, alpha)
  	beta8 := new(big.Int).Lsh(beta, 3)
 +	beta8.Mod(beta8, curve.P)
  	x3.Sub(x3, beta8)
 -	for x3.Sign() == -1 {
 +	if x3.Sign() == -1 {
  		x3.Add(x3, curve.P)
  	}
  	x3.Mod(x3, curve.P)
	This fixes a DoS vulnerability in the crypto/elliptic implementations of the P-521 and P-384 elliptic curves may let an attacker craft inputs that consume excessive amounts of CPU.

	It was written by the Google Go language team.

	diff --git a/src/crypto/elliptic/elliptic.go b/src/crypto/elliptic/elliptic.go
	index 4fc2b5e521..c84657c5e3 100644
	--- a/src/crypto/elliptic/elliptic.go
	+++ b/src/crypto/elliptic/elliptic.go
	@@ -210,8 +210,9 @@ func (curve CurveParams) doubleJacobian(x, y, z big.Int) (big.Int, big.Int,

	x3 := new(big.Int).Mul(alpha, alpha)
	beta8 := new(big.Int).Lsh(beta, 3)
	+ beta8.Mod(beta8, curve.P)
	x3.Sub(x3, beta8)
	- for x3.Sign() == -1 {
	+ if x3.Sign() == -1 {
	x3.Add(x3, curve.P)
	}
	x3.Mod(x3, curve.P)