commit 32c8927159d64f63d256b009dff817dff3952a4b
author David Benjamin <davidben@google.com> Sun Mar 26 13:54:21 2017 -0500
committer CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> Sun Mar 26 19:09:17 2017 +0000
tree cd8fddfaa8576bf5b6619a97e5af4333e934564e
parent 81a191dc4d2e996ed87c89aaa86006c5a4b86016

Add a test for missing end_of_early_data.

BUG=76

Change-Id: I43672ee82a50f8fe706a5d607ef774a6e96db252
Reviewed-on: https://boringssl-review.googlesource.com/14379
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

ssl/test/runner/runner.go

diff --git a/ssl/test/runner/runner.go b/ssl/test/runner/runner.go
index bce2d4c..e19df1a 100644
--- a/ssl/test/runner/runner.go
+++ b/ssl/test/runner/runner.go
@@ -10380,6 +10380,25 @@
 		},
 	})
 
+	// Test that the server rejects 0-RTT streams without end_of_early_data.
+	// The subsequent records should fail to decrypt.
+	testCases = append(testCases, testCase{
+		testType: serverTest,
+		name:     "TLS13-EarlyData-SkipEndOfEarlyData",
+		config: Config{
+			MaxVersion: VersionTLS13,
+			Bugs: ProtocolBugs{
+				SendEarlyData:           [][]byte{},
+				ExpectEarlyDataAccepted: true,
+				SkipEndOfEarlyData:      true,
+			},
+		},
+		resumeSession:      true,
+		flags:              []string{"-enable-early-data"},
+		shouldFail:         true,
+		expectedLocalError: "remote error: bad record MAC",
+		expectedError:      ":BAD_DECRYPT:",
+	})
 }
 
 func addTLS13CipherPreferenceTests() {