commit 80842bdb44855dd7f1dde64a3fa9f4e782310fc7
author Adam Langley <agl@chromium.org> Fri Jun 20 12:00:00 2014 -0700
committer Adam Langley <agl@chromium.org> Fri Jun 20 13:17:37 2014 -0700
tree 1a048b3ee886b9e22496faa18d5241b0b3ab5e5f
parent cd8128d618f2c5d598141878d9821aac0d58bb26

Fix test of first of 255 CBC padding bytes.

Thanks to Peter Gijsels for pointing out that if a CBC record has 255
bytes of padding, the first was not being checked.

ssl/test/runner/runner.go

diff --git a/ssl/test/runner/runner.go b/ssl/test/runner/runner.go
index 1edd00b..b5743c5 100644
--- a/ssl/test/runner/runner.go
+++ b/ssl/test/runner/runner.go
@@ -47,6 +47,9 @@
 	config        Config
 	shouldFail    bool
 	expectedError string
+	// messageLen is the length, in bytes, of the test message that will be
+	// sent.
+	messageLen int
 }
 
 var clientTests = []testCase{
@@ -87,12 +90,17 @@
 	},
 }
 
-var testMessage = []byte("testing")
-
-func doExchange(tlsConn *Conn) error {
+func doExchange(tlsConn *Conn, messageLen int) error {
 	if err := tlsConn.Handshake(); err != nil {
 		return err
 	}
+	if messageLen == 0 {
+		messageLen = 32
+	}
+	testMessage := make([]byte, messageLen)
+	for i := range testMessage {
+		testMessage[i] = 0x42
+	}
 	tlsConn.Write(testMessage)
 
 	buf := make([]byte, len(testMessage))
@@ -168,7 +176,7 @@
 	}
 
 	tlsConn := Server(conn, &config)
-	err = doExchange(tlsConn)
+	err = doExchange(tlsConn, test.messageLen)
 
 	conn.Close()
 	childErr := client.Wait()
@@ -288,6 +296,45 @@
 	}
 }
 
+func addCBCPaddingTests() {
+	clientTests = append(clientTests, testCase{
+		name: "MaxCBCPadding",
+		config: Config{
+			CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA},
+			Bugs: ProtocolBugs{
+				MaxPadding: true,
+			},
+		},
+		messageLen: 12, // 20 bytes of SHA-1 + 12 == 0 % block size
+	})
+	clientTests = append(clientTests, testCase{
+		name: "BadCBCPadding",
+		config: Config{
+			CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA},
+			Bugs: ProtocolBugs{
+				PaddingFirstByteBad: true,
+			},
+		},
+		shouldFail:    true,
+		expectedError: "DECRYPTION_FAILED_OR_BAD_RECORD_MAC",
+	})
+	// OpenSSL previously had an issue where the first byte of padding in
+	// 255 bytes of padding wasn't checked.
+	clientTests = append(clientTests, testCase{
+		name: "BadCBCPadding255",
+		config: Config{
+			CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA},
+			Bugs: ProtocolBugs{
+				MaxPadding:               true,
+				PaddingFirstByteBadIf255: true,
+			},
+		},
+		messageLen:    12, // 20 bytes of SHA-1 + 12 == 0 % block size
+		shouldFail:    true,
+		expectedError: "DECRYPTION_FAILED_OR_BAD_RECORD_MAC",
+	})
+}
+
 func worker(statusChan chan statusMsg, c chan *testCase, wg *sync.WaitGroup) {
 	defer wg.Done()
 
@@ -334,6 +381,7 @@
 
 	addCipherSuiteTests()
 	addBadECDSASignatureTests()
+	addCBCPaddingTests()
 
 	var wg sync.WaitGroup