From fae543cb9d898979b92ce4024d2ed183de560c9f Mon Sep 17 00:00:00 2001
From: Pavel Zhukov <pavel.zhukov@huawei.com>
Date: Wed, 15 Dec 2021 10:53:41 +0100
Subject: [PATCH] default.xml: Bump oe-core

Bump openembedded-core revision to bring in CVE fixes (libgcrypt and
busybox).

Signed-off-by: Pavel Zhukov <pavel.zhukov@huawei.com>
---
 manifests/default.xml                         |  2 +-
 .../libgcrypt/files/CVE-2021-33560_2.patch    | 77 -------------------
 .../libgcrypt/libgcrypt_1.8.5.bbappend        | 14 ----
 3 files changed, 1 insertion(+), 92 deletions(-)
 delete mode 100644 meta-oniro-staging/recipes-support/libgcrypt/files/CVE-2021-33560_2.patch
 delete mode 100644 meta-oniro-staging/recipes-support/libgcrypt/libgcrypt_1.8.5.bbappend

diff --git a/manifests/default.xml b/manifests/default.xml
index ccb029db..add9504f 100644
--- a/manifests/default.xml
+++ b/manifests/default.xml
@@ -39,7 +39,7 @@ SPDX-FileCopyrightText: Huawei Inc.
 		More info can be found at https://wiki.yoctoproject.org/wiki/Releases.
 	-->
 	<project name="bitbake" remote="oe" revision="f1a3e9d22b5f4fb01c4a0e4ba03afb1afbba47f1" path="bitbake" />
-	<project name="openembedded-core" remote="oe" revision="f788765e1b9832d0da8ec4ce49aa811115864b0e" path="oe-core" />
+	<project name="openembedded-core" remote="oe" revision="90a07178ea26be453d101c2e8b33d3a0f437635d" path="oe-core" />
 	<project name="meta-openembedded" remote="openembedded" revision="7889158dcd187546fc5e99fd81d0779cad3e8d17" path="meta-openembedded" />
 	<project name="meta-freertos" remote="aehs29" revision="f3c2edb0f22c34b35a775c5d17ea1424d44bee21" path="meta-freertos" />
 	<project name="meta-st-stm32mp" remote="stm" revision="b25a2b0daa6e9e1e3ce76b9fdf5bd7cbf30e90fc" path="meta-st-stm32mp" />
diff --git a/meta-oniro-staging/recipes-support/libgcrypt/files/CVE-2021-33560_2.patch b/meta-oniro-staging/recipes-support/libgcrypt/files/CVE-2021-33560_2.patch
deleted file mode 100644
index b3cb1dd1..00000000
--- a/meta-oniro-staging/recipes-support/libgcrypt/files/CVE-2021-33560_2.patch
+++ /dev/null
@@ -1,77 +0,0 @@
-From e8b7f10be275bcedb5fc05ed4837a89bfd605c61 Mon Sep 17 00:00:00 2001
-From: NIIBE Yutaka <gniibe@fsij.org>
-Date: Tue, 13 Apr 2021 10:00:00 +0900
-Subject: [PATCH] cipher: Hardening ElGamal by introducing exponent blinding
- too.
-
-* cipher/elgamal.c (do_encrypt): Also do exponent blinding.
-
---
-
-Base blinding had been introduced with USE_BLINDING.  This patch add
-exponent blinding as well to mitigate side-channel attack on mpi_powm.
-
-GnuPG-bug-id: 5328
-Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
-
-Upstream-Status: Backport [https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=e8b7f10be275bcedb5fc05ed4837a89bfd605c61]
-CVE: CVE-2021-33560
-Signed-off-by: Marta Rybczynska <marta.rybczynska@huawei.com>
----
- cipher/elgamal.c | 20 +++++++++++++++++---
- 1 file changed, 17 insertions(+), 3 deletions(-)
-
-diff --git a/cipher/elgamal.c b/cipher/elgamal.c
-index 4eb52d62..9835122f 100644
---- a/cipher/elgamal.c
-+++ b/cipher/elgamal.c
-@@ -522,8 +522,9 @@ do_encrypt(gcry_mpi_t a, gcry_mpi_t b, gcry_mpi_t input, ELG_public_key *pkey )
- static void
- decrypt (gcry_mpi_t output, gcry_mpi_t a, gcry_mpi_t b, ELG_secret_key *skey )
- {
--  gcry_mpi_t t1, t2, r;
-+  gcry_mpi_t t1, t2, r, r1, h;
-   unsigned int nbits = mpi_get_nbits (skey->p);
-+  gcry_mpi_t x_blind;
- 
-   mpi_normalize (a);
-   mpi_normalize (b);
-@@ -534,20 +535,33 @@ decrypt (gcry_mpi_t output, gcry_mpi_t a, gcry_mpi_t b, ELG_secret_key *skey )
- 
-   t2 = mpi_snew (nbits);
-   r  = mpi_new (nbits);
-+  r1 = mpi_new (nbits);
-+  h  = mpi_new (nbits);
-+  x_blind = mpi_snew (nbits);
- 
-   /* We need a random number of about the prime size.  The random
-      number merely needs to be unpredictable; thus we use level 0.  */
-   _gcry_mpi_randomize (r, nbits, GCRY_WEAK_RANDOM);
- 
-+  /* Also, exponent blinding: x_blind = x + (p-1)*r1 */
-+  _gcry_mpi_randomize (r1, nbits, GCRY_WEAK_RANDOM);
-+  mpi_set_highbit (r1, nbits - 1);
-+  mpi_sub_ui (h, skey->p, 1);
-+  mpi_mul (x_blind, h, r1);
-+  mpi_add (x_blind, skey->x, x_blind);
-+
-   /* t1 = r^x mod p */
--  mpi_powm (t1, r, skey->x, skey->p);
-+  mpi_powm (t1, r, x_blind, skey->p);
-   /* t2 = (a * r)^-x mod p */
-   mpi_mulm (t2, a, r, skey->p);
--  mpi_powm (t2, t2, skey->x, skey->p);
-+  mpi_powm (t2, t2, x_blind, skey->p);
-   mpi_invm (t2, t2, skey->p);
-   /* t1 = (t1 * t2) mod p*/
-   mpi_mulm (t1, t1, t2, skey->p);
- 
-+  mpi_free (x_blind);
-+  mpi_free (h);
-+  mpi_free (r1);
-   mpi_free (r);
-   mpi_free (t2);
- 
--- 
-2.11.0
-
diff --git a/meta-oniro-staging/recipes-support/libgcrypt/libgcrypt_1.8.5.bbappend b/meta-oniro-staging/recipes-support/libgcrypt/libgcrypt_1.8.5.bbappend
deleted file mode 100644
index f53f99f2..00000000
--- a/meta-oniro-staging/recipes-support/libgcrypt/libgcrypt_1.8.5.bbappend
+++ /dev/null
@@ -1,14 +0,0 @@
-# SPDX-FileCopyrightText: Huawei Inc.
-#
-# SPDX-License-Identifier: Apache-2.0
-
-FILESEXTRAPATHS_prepend := "${THISDIR}/files:"
-
-SRC_URI += "file://CVE-2021-33560_2.patch"
-
-# A fix marked as a fix for CVE-2021-33560 in dunfell is in fact
-# fixing CVE-2021-40528. Mark it as whitelisted until solved properly
-# (renaming the fix in the upstream)
-# For the mismatch between CVE-2021-33560 and CVE-2021-40528 see
-# https://dev.gnupg.org/T5328
-CVE_CHECK_WHITELIST += "CVE-2021-40528"
-- 
GitLab