From 8791a7a6ff760c6b67b4a34e1ac614302f089e94 Mon Sep 17 00:00:00 2001
From: miod <>
Date: Fri, 11 Jul 2014 12:24:51 +0000
Subject: In ssl3_get_client_key_exchange() parsing a GOST session key, invoke
 the regular ASN.1 parser rather than trying to handroll one and potentially
 misbehave; OpenSSL PR #3335 via OpenSSL trunk.

---
 src/lib/libssl/s3_srvr.c         | 21 ++++++++-------------
 src/lib/libssl/src/ssl/s3_srvr.c | 21 ++++++++-------------
 2 files changed, 16 insertions(+), 26 deletions(-)

(limited to 'src/lib')

diff --git a/src/lib/libssl/s3_srvr.c b/src/lib/libssl/s3_srvr.c
index c31ac39fe1..b0bfe493e8 100644
--- a/src/lib/libssl/s3_srvr.c
+++ b/src/lib/libssl/s3_srvr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_srvr.c,v 1.72 2014/07/11 09:24:44 beck Exp $ */
+/* $OpenBSD: s3_srvr.c,v 1.73 2014/07/11 12:24:51 miod Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -2181,6 +2181,8 @@ ssl3_get_client_key_exchange(SSL *s)
 		unsigned char premaster_secret[32], *start;
 		size_t outlen = 32, inlen;
 		unsigned long alg_a;
+		int Ttag, Tclass;
+		long Tlen;
 
 		/* Get our certificate private key*/
 		alg_a = s->s3->tmp.new_cipher->algorithm_auth;
@@ -2205,22 +2207,15 @@ ssl3_get_client_key_exchange(SSL *s)
 				ERR_clear_error();
 		}
 		/* Decrypt session key */
-		if ((*p != ( V_ASN1_SEQUENCE| V_ASN1_CONSTRUCTED))) {
-			SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-			    SSL_R_DECRYPTION_FAILED);
-			goto gerr;
-		}
-		if (p[1] == 0x81) {
-			start = p + 3;
-			inlen = p[2];
-		} else if (p[1] < 0x80) {
-			start = p + 2;
-			inlen = p[1];
-		} else {
+		if (ASN1_get_object((const unsigned char **)&p, &Tlen, &Ttag,
+		    &Tclass, n) != V_ASN1_CONSTRUCTED ||
+		    Ttag != V_ASN1_SEQUENCE || Tclass != V_ASN1_UNIVERSAL) {
 			SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
 			    SSL_R_DECRYPTION_FAILED);
 			goto gerr;
 		}
+		start = p;
+		inlen = Tlen;
 		if (EVP_PKEY_decrypt(pkey_ctx, premaster_secret, &outlen,
 		    start, inlen) <=0) {
 			SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
diff --git a/src/lib/libssl/src/ssl/s3_srvr.c b/src/lib/libssl/src/ssl/s3_srvr.c
index c31ac39fe1..b0bfe493e8 100644
--- a/src/lib/libssl/src/ssl/s3_srvr.c
+++ b/src/lib/libssl/src/ssl/s3_srvr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_srvr.c,v 1.72 2014/07/11 09:24:44 beck Exp $ */
+/* $OpenBSD: s3_srvr.c,v 1.73 2014/07/11 12:24:51 miod Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -2181,6 +2181,8 @@ ssl3_get_client_key_exchange(SSL *s)
 		unsigned char premaster_secret[32], *start;
 		size_t outlen = 32, inlen;
 		unsigned long alg_a;
+		int Ttag, Tclass;
+		long Tlen;
 
 		/* Get our certificate private key*/
 		alg_a = s->s3->tmp.new_cipher->algorithm_auth;
@@ -2205,22 +2207,15 @@ ssl3_get_client_key_exchange(SSL *s)
 				ERR_clear_error();
 		}
 		/* Decrypt session key */
-		if ((*p != ( V_ASN1_SEQUENCE| V_ASN1_CONSTRUCTED))) {
-			SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-			    SSL_R_DECRYPTION_FAILED);
-			goto gerr;
-		}
-		if (p[1] == 0x81) {
-			start = p + 3;
-			inlen = p[2];
-		} else if (p[1] < 0x80) {
-			start = p + 2;
-			inlen = p[1];
-		} else {
+		if (ASN1_get_object((const unsigned char **)&p, &Tlen, &Ttag,
+		    &Tclass, n) != V_ASN1_CONSTRUCTED ||
+		    Ttag != V_ASN1_SEQUENCE || Tclass != V_ASN1_UNIVERSAL) {
 			SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
 			    SSL_R_DECRYPTION_FAILED);
 			goto gerr;
 		}
+		start = p;
+		inlen = Tlen;
 		if (EVP_PKEY_decrypt(pkey_ctx, premaster_secret, &outlen,
 		    start, inlen) <=0) {
 			SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,
-- 
cgit v1.2.3-55-g6feb