Hi, Upon receipt GET_CLIENT_KEY_EXCHANGE (after /* Decrypt session key */):
1. Manual decoder ASN.1 tag incomplete; 2. Possible buffer overflow, because "inlen" don't checked; Affected version: 1.0.0, 1.0.1, 1.0.2 and trunk. Attachment "ccgost-asn.140428-lowasn1.patch" (1 KiB) change manual decoder to call of ASN1_get_object().
ccgost-asn.140429-lowasn1.patch
Description: Binary data
-- Sorry for my bests English. Serguei E. Leontiev w:+7(495)939-2382 USSR,Moscow,Universitetskij 13 Sternberg Astronom. w:+7(495)780-4820 USSR,Moscow,127018,Sushchevskij val 16-5 Institute, MSU h:+7(495)318-1146 USSR,Moscow,113303,Kakhovka 6-40 m:+7(916)686-1081 SMS: <http://www.mts.ru/sms> <http://lnfm1.sai.msu.ru/~leo>