From 0a73c43a454c4a36586cfefac7185e5fc5c88ae3 Mon Sep 17 00:00:00 2001 From: Guido Vranken Date: Thu, 14 Jan 2021 05:54:26 +0100 Subject: [PATCH] [cryptofuzz,wolfssl] Disable randomizing ECDSA signatures (#4953) --- projects/cryptofuzz/build.sh | 2 +- projects/wolfssl/build.sh | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/projects/cryptofuzz/build.sh b/projects/cryptofuzz/build.sh index a5709d3ac..fafb29325 100755 --- a/projects/cryptofuzz/build.sh +++ b/projects/cryptofuzz/build.sh @@ -451,7 +451,7 @@ fi # Compile wolfCrypt cd $SRC/wolfssl # Enable additional wolfCrypt features which cannot be activated through arguments to ./configure -export CFLAGS="$CFLAGS -DHAVE_AES_ECB -DWOLFSSL_DES_ECB -DHAVE_ECC_SECPR2 -DHAVE_ECC_SECPR3 -DHAVE_ECC_BRAINPOOL -DHAVE_ECC_KOBLITZ -DWOLFSSL_ECDSA_SET_K" +export CFLAGS="$CFLAGS -DHAVE_AES_ECB -DWOLFSSL_DES_ECB -DHAVE_ECC_SECPR2 -DHAVE_ECC_SECPR3 -DHAVE_ECC_BRAINPOOL -DHAVE_ECC_KOBLITZ -DWOLFSSL_ECDSA_SET_K -DWOLFSSL_ECDSA_SET_K_ONE_LOOP" autoreconf -ivf export WOLFCRYPT_CONFIGURE_PARAMS="--enable-static --enable-md2 --enable-md4 --enable-ripemd --enable-blake2 --enable-blake2s --enable-pwdbased --enable-scrypt --enable-hkdf --enable-cmac --enable-arc4 --enable-camellia --enable-rabbit --enable-aesccm --enable-aesctr --enable-hc128 --enable-xts --enable-des3 --enable-idea --enable-x963kdf --enable-harden --enable-aescfb --enable-aesofb --enable-aeskeywrap --enable-shake256 --enable-curve25519 --enable-curve448 --disable-crypttests --disable-examples --enable-keygen --enable-compkey --enable-ed448 --enable-ed25519 --enable-ecccustcurves --enable-xchacha --enable-cryptocb --enable-eccencrypt" diff --git a/projects/wolfssl/build.sh b/projects/wolfssl/build.sh index a4ab4975f..aefa68372 100755 --- a/projects/wolfssl/build.sh +++ b/projects/wolfssl/build.sh @@ -47,7 +47,7 @@ then cp -R $SRC/wolfssl/ $SRC/wolfssl-openssl-api/ cd $SRC/wolfssl-openssl-api/ autoreconf -ivf - CFLAGS="$CFLAGS -DHAVE_AES_ECB -DWOLFSSL_DES_ECB -DHAVE_ECC_SECPR2 -DHAVE_ECC_SECPR3 -DHAVE_ECC_BRAINPOOL -DHAVE_ECC_KOBLITZ -DWOLFSSL_ECDSA_SET_K" + CFLAGS="$CFLAGS -DHAVE_AES_ECB -DWOLFSSL_DES_ECB -DHAVE_ECC_SECPR2 -DHAVE_ECC_SECPR3 -DHAVE_ECC_BRAINPOOL -DHAVE_ECC_KOBLITZ -DWOLFSSL_ECDSA_SET_K -DWOLFSSL_ECDSA_SET_K_ONE_LOOP" if [[ $CFLAGS = *-m32* ]] then ./configure $WOLFCRYPT_CONFIGURE_PARAMS --enable-opensslall --enable-opensslextra --disable-fastmath @@ -83,7 +83,7 @@ then cp -R $SRC/wolfssl/ $SRC/wolfssl-sp-math-all/ cd $SRC/wolfssl-sp-math-all/ autoreconf -ivf - CFLAGS="$CFLAGS -DHAVE_AES_ECB -DWOLFSSL_DES_ECB -DHAVE_ECC_SECPR2 -DHAVE_ECC_SECPR3 -DHAVE_ECC_BRAINPOOL -DHAVE_ECC_KOBLITZ -DWOLFSSL_ECDSA_SET_K" + CFLAGS="$CFLAGS -DHAVE_AES_ECB -DWOLFSSL_DES_ECB -DHAVE_ECC_SECPR2 -DHAVE_ECC_SECPR3 -DHAVE_ECC_BRAINPOOL -DHAVE_ECC_KOBLITZ -DWOLFSSL_ECDSA_SET_K -DWOLFSSL_ECDSA_SET_K_ONE_LOOP" ./configure $WOLFCRYPT_CONFIGURE_PARAMS --enable-sp-math-all make -j$(nproc) export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_NO_OPENSSL -DCRYPTOFUZZ_WOLFCRYPT" @@ -104,7 +104,7 @@ then cp -R $SRC/wolfssl/ $SRC/wolfssl-disable-fastmath/ cd $SRC/wolfssl-disable-fastmath/ autoreconf -ivf - CFLAGS="$CFLAGS -DHAVE_AES_ECB -DWOLFSSL_DES_ECB -DHAVE_ECC_SECPR2 -DHAVE_ECC_SECPR3 -DHAVE_ECC_BRAINPOOL -DHAVE_ECC_KOBLITZ -DWOLFSSL_ECDSA_SET_K" + CFLAGS="$CFLAGS -DHAVE_AES_ECB -DWOLFSSL_DES_ECB -DHAVE_ECC_SECPR2 -DHAVE_ECC_SECPR3 -DHAVE_ECC_BRAINPOOL -DHAVE_ECC_KOBLITZ -DWOLFSSL_ECDSA_SET_K -DWOLFSSL_ECDSA_SET_K_ONE_LOOP" ./configure $WOLFCRYPT_CONFIGURE_PARAMS --disable-fastmath make -j$(nproc) export CXXFLAGS="$CXXFLAGS -DCRYPTOFUZZ_NO_OPENSSL -DCRYPTOFUZZ_WOLFCRYPT"