HomeFreeBSD

libcrypto: Work around strict aliasing violations in bn_nist.c

Description

libcrypto: Work around strict aliasing violations in bn_nist.c

This file is full of strict aliasing violations. Previously it was only
optimised in ways that broke the code by CHERI LLVM, but now it appears
that the in-tree LLVM also breaks it for RISC-V, resulting in broken
ECDSA signature validation with error messages like the following:

root@unmatched:/usr/src # ssh-keygen -l -f /etc/ssh/ssh_host_ecdsa_key
/etc/ssh/ssh_host_ecdsa_key is not a key file.
root@unmatched:/usr/src # git fetch
fatal: unable to access 'https://git.FreeBSD.org/src.git/': error:1012606B:elliptic curve routines:EC_POINT_set_affine_coordinates:point is not on curve

Reviewed by: dim, jkim
Obtained from: CheriBSD
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D35885

Details

Provenance
jrtc27Authored on Jul 25 2022, 5:17 PM
Reviewer
dim
Differential Revision
D35885: libcrypto: Work around strict aliasing violations in bn_nist.c
Parents
rG8bc367384745: iommu_gas: Eliminate a possible case of use-after-free
Branches
Unknown
Tags
Unknown