diff options
| author | miod <> | 2014-07-11 12:24:51 +0000 |
|---|---|---|
| committer | miod <> | 2014-07-11 12:24:51 +0000 |
| commit | 8791a7a6ff760c6b67b4a34e1ac614302f089e94 (patch) | |
| tree | 1dc73f495dbbbb44b6793a05a2fbba46c8407407 /src/lib | |
| parent | e88d2ca994975a40c322d00690d7f3dcffdf1711 (diff) | |
| download | openbsd-8791a7a6ff760c6b67b4a34e1ac614302f089e94.tar.gz openbsd-8791a7a6ff760c6b67b4a34e1ac614302f089e94.tar.bz2 openbsd-8791a7a6ff760c6b67b4a34e1ac614302f089e94.zip | |
In ssl3_get_client_key_exchange() parsing a GOST session key, invoke the
regular ASN.1 parser rather than trying to handroll one and potentially
misbehave; OpenSSL PR #3335 via OpenSSL trunk.
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/libssl/s3_srvr.c | 21 | ||||
| -rw-r--r-- | src/lib/libssl/src/ssl/s3_srvr.c | 21 |
2 files changed, 16 insertions, 26 deletions
diff --git a/src/lib/libssl/s3_srvr.c b/src/lib/libssl/s3_srvr.c index c31ac39fe1..b0bfe493e8 100644 --- a/src/lib/libssl/s3_srvr.c +++ b/src/lib/libssl/s3_srvr.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: s3_srvr.c,v 1.72 2014/07/11 09:24:44 beck Exp $ */ | 1 | /* $OpenBSD: s3_srvr.c,v 1.73 2014/07/11 12:24:51 miod Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -2181,6 +2181,8 @@ ssl3_get_client_key_exchange(SSL *s) | |||
| 2181 | unsigned char premaster_secret[32], *start; | 2181 | unsigned char premaster_secret[32], *start; |
| 2182 | size_t outlen = 32, inlen; | 2182 | size_t outlen = 32, inlen; |
| 2183 | unsigned long alg_a; | 2183 | unsigned long alg_a; |
| 2184 | int Ttag, Tclass; | ||
| 2185 | long Tlen; | ||
| 2184 | 2186 | ||
| 2185 | /* Get our certificate private key*/ | 2187 | /* Get our certificate private key*/ |
| 2186 | alg_a = s->s3->tmp.new_cipher->algorithm_auth; | 2188 | alg_a = s->s3->tmp.new_cipher->algorithm_auth; |
| @@ -2205,22 +2207,15 @@ ssl3_get_client_key_exchange(SSL *s) | |||
| 2205 | ERR_clear_error(); | 2207 | ERR_clear_error(); |
| 2206 | } | 2208 | } |
| 2207 | /* Decrypt session key */ | 2209 | /* Decrypt session key */ |
| 2208 | if ((*p != ( V_ASN1_SEQUENCE| V_ASN1_CONSTRUCTED))) { | 2210 | if (ASN1_get_object((const unsigned char **)&p, &Tlen, &Ttag, |
| 2209 | SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, | 2211 | &Tclass, n) != V_ASN1_CONSTRUCTED || |
| 2210 | SSL_R_DECRYPTION_FAILED); | 2212 | Ttag != V_ASN1_SEQUENCE || Tclass != V_ASN1_UNIVERSAL) { |
| 2211 | goto gerr; | ||
| 2212 | } | ||
| 2213 | if (p[1] == 0x81) { | ||
| 2214 | start = p + 3; | ||
| 2215 | inlen = p[2]; | ||
| 2216 | } else if (p[1] < 0x80) { | ||
| 2217 | start = p + 2; | ||
| 2218 | inlen = p[1]; | ||
| 2219 | } else { | ||
| 2220 | SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, | 2213 | SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, |
| 2221 | SSL_R_DECRYPTION_FAILED); | 2214 | SSL_R_DECRYPTION_FAILED); |
| 2222 | goto gerr; | 2215 | goto gerr; |
| 2223 | } | 2216 | } |
| 2217 | start = p; | ||
| 2218 | inlen = Tlen; | ||
| 2224 | if (EVP_PKEY_decrypt(pkey_ctx, premaster_secret, &outlen, | 2219 | if (EVP_PKEY_decrypt(pkey_ctx, premaster_secret, &outlen, |
| 2225 | start, inlen) <=0) { | 2220 | start, inlen) <=0) { |
| 2226 | SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, | 2221 | SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, |
diff --git a/src/lib/libssl/src/ssl/s3_srvr.c b/src/lib/libssl/src/ssl/s3_srvr.c index c31ac39fe1..b0bfe493e8 100644 --- a/src/lib/libssl/src/ssl/s3_srvr.c +++ b/src/lib/libssl/src/ssl/s3_srvr.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: s3_srvr.c,v 1.72 2014/07/11 09:24:44 beck Exp $ */ | 1 | /* $OpenBSD: s3_srvr.c,v 1.73 2014/07/11 12:24:51 miod Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -2181,6 +2181,8 @@ ssl3_get_client_key_exchange(SSL *s) | |||
| 2181 | unsigned char premaster_secret[32], *start; | 2181 | unsigned char premaster_secret[32], *start; |
| 2182 | size_t outlen = 32, inlen; | 2182 | size_t outlen = 32, inlen; |
| 2183 | unsigned long alg_a; | 2183 | unsigned long alg_a; |
| 2184 | int Ttag, Tclass; | ||
| 2185 | long Tlen; | ||
| 2184 | 2186 | ||
| 2185 | /* Get our certificate private key*/ | 2187 | /* Get our certificate private key*/ |
| 2186 | alg_a = s->s3->tmp.new_cipher->algorithm_auth; | 2188 | alg_a = s->s3->tmp.new_cipher->algorithm_auth; |
| @@ -2205,22 +2207,15 @@ ssl3_get_client_key_exchange(SSL *s) | |||
| 2205 | ERR_clear_error(); | 2207 | ERR_clear_error(); |
| 2206 | } | 2208 | } |
| 2207 | /* Decrypt session key */ | 2209 | /* Decrypt session key */ |
| 2208 | if ((*p != ( V_ASN1_SEQUENCE| V_ASN1_CONSTRUCTED))) { | 2210 | if (ASN1_get_object((const unsigned char **)&p, &Tlen, &Ttag, |
| 2209 | SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, | 2211 | &Tclass, n) != V_ASN1_CONSTRUCTED || |
| 2210 | SSL_R_DECRYPTION_FAILED); | 2212 | Ttag != V_ASN1_SEQUENCE || Tclass != V_ASN1_UNIVERSAL) { |
| 2211 | goto gerr; | ||
| 2212 | } | ||
| 2213 | if (p[1] == 0x81) { | ||
| 2214 | start = p + 3; | ||
| 2215 | inlen = p[2]; | ||
| 2216 | } else if (p[1] < 0x80) { | ||
| 2217 | start = p + 2; | ||
| 2218 | inlen = p[1]; | ||
| 2219 | } else { | ||
| 2220 | SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, | 2213 | SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, |
| 2221 | SSL_R_DECRYPTION_FAILED); | 2214 | SSL_R_DECRYPTION_FAILED); |
| 2222 | goto gerr; | 2215 | goto gerr; |
| 2223 | } | 2216 | } |
| 2217 | start = p; | ||
| 2218 | inlen = Tlen; | ||
| 2224 | if (EVP_PKEY_decrypt(pkey_ctx, premaster_secret, &outlen, | 2219 | if (EVP_PKEY_decrypt(pkey_ctx, premaster_secret, &outlen, |
| 2225 | start, inlen) <=0) { | 2220 | start, inlen) <=0) { |
| 2226 | SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, | 2221 | SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE, |