Gitiles
Code Review Sign In
gerrit.openfyde.cn / boringssl.googlesource.com / boringssl / 32c8927159d64f63d256b009dff817dff3952a4b^! / .
commit32c8927159d64f63d256b009dff817dff3952a4b[log] [tgz]
authorDavid Benjamin <davidben@google.com>Sun Mar 26 13:54:21 2017 -0500
committerCQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>Sun Mar 26 19:09:17 2017 +0000
treecd8fddfaa8576bf5b6619a97e5af4333e934564e
parent81a191dc4d2e996ed87c89aaa86006c5a4b86016 [diff]
Add a test for missing end_of_early_data.

BUG=76

Change-Id: I43672ee82a50f8fe706a5d607ef774a6e96db252
Reviewed-on: https://boringssl-review.googlesource.com/14379
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

diff --git a/ssl/test/runner/common.go b/ssl/test/runner/common.go
index 964d5e7..db4bcf6 100644
--- a/ssl/test/runner/common.go
+++ b/ssl/test/runner/common.go

@@ -533,6 +533,10 @@
 	// message.
 	SkipFinished bool
 
+	// SkipEndOfEarlyData causes the implementation to skip the
+	// end_of_early_data alert.
+	SkipEndOfEarlyData bool
+
 	// EarlyChangeCipherSpec causes the client to send an early
 	// ChangeCipherSpec message before the ClientKeyExchange. A value of
 	// zero disables this behavior. One and two configure variants for 0.9.8

diff --git a/ssl/test/runner/handshake_client.go b/ssl/test/runner/handshake_client.go
index 23aa701..d3ae110 100644
--- a/ssl/test/runner/handshake_client.go
+++ b/ssl/test/runner/handshake_client.go

@@ -891,7 +891,7 @@
 
 	// Send EndOfEarlyData and then switch write key to handshake
 	// traffic key.
-	if c.out.cipher != nil {
+	if c.out.cipher != nil && !c.config.Bugs.SkipEndOfEarlyData {
 		c.sendAlert(alertEndOfEarlyData)
 	}
 	c.out.useTrafficSecret(c.vers, hs.suite, clientHandshakeTrafficSecret, clientWrite)

diff --git a/ssl/test/runner/runner.go b/ssl/test/runner/runner.go
index bce2d4c..e19df1a 100644
--- a/ssl/test/runner/runner.go
+++ b/ssl/test/runner/runner.go

@@ -10380,6 +10380,25 @@
 		},
 	})
 
+	// Test that the server rejects 0-RTT streams without end_of_early_data.
+	// The subsequent records should fail to decrypt.
+	testCases = append(testCases, testCase{
+		testType: serverTest,
+		name:     "TLS13-EarlyData-SkipEndOfEarlyData",
+		config: Config{
+			MaxVersion: VersionTLS13,
+			Bugs: ProtocolBugs{
+				SendEarlyData:           [][]byte{},
+				ExpectEarlyDataAccepted: true,
+				SkipEndOfEarlyData:      true,
+			},
+		},
+		resumeSession:      true,
+		flags:              []string{"-enable-early-data"},
+		shouldFail:         true,
+		expectedLocalError: "remote error: bad record MAC",
+		expectedError:      ":BAD_DECRYPT:",
+	})
 }
 
 func addTLS13CipherPreferenceTests() {