commit 8a55ce4954a2f1cb2827bd993d311b1ebaa8406b
author David Benjamin <davidben@google.com> Sun Dec 11 03:03:42 2016 -0500
committer CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> Wed Dec 14 01:08:02 2016 +0000
tree bc0d6963d72f56d3956b4ceb111c8ca528970525
parent 4882a6c50bf1d62764c96677a9aaf50722df0904

Test SSL_get_curve_id behavior on resume.

Also test that TLS 1.3 can be resumed at a different curve.

Change-Id: Ic58e03ad858c861958b7c934813c3e448fb2829c
Reviewed-on: https://boringssl-review.googlesource.com/12692
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

ssl/test/runner/runner.go

diff --git a/ssl/test/runner/runner.go b/ssl/test/runner/runner.go
index b4c21b1..87a79a3 100644
--- a/ssl/test/runner/runner.go
+++ b/ssl/test/runner/runner.go
@@ -8104,6 +8104,65 @@
 		shouldFail:    true,
 		expectedError: ":INVALID_ENCODING:",
 	})
+
+	// The previous curve ID should be reported on TLS 1.2 resumption.
+	testCases = append(testCases, testCase{
+		name: "CurveID-Resume-Client",
+		config: Config{
+			MaxVersion:       VersionTLS12,
+			CipherSuites:     []uint16{TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256},
+			CurvePreferences: []CurveID{CurveX25519},
+		},
+		flags:         []string{"-expect-curve-id", strconv.Itoa(int(CurveX25519))},
+		resumeSession: true,
+	})
+	testCases = append(testCases, testCase{
+		testType: serverTest,
+		name:     "CurveID-Resume-Server",
+		config: Config{
+			MaxVersion:       VersionTLS12,
+			CipherSuites:     []uint16{TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256},
+			CurvePreferences: []CurveID{CurveX25519},
+		},
+		flags:         []string{"-expect-curve-id", strconv.Itoa(int(CurveX25519))},
+		resumeSession: true,
+	})
+
+	// TLS 1.3 allows resuming at a differet curve. If this happens, the new
+	// one should be reported.
+	testCases = append(testCases, testCase{
+		name: "CurveID-Resume-Client-TLS13",
+		config: Config{
+			MaxVersion:       VersionTLS13,
+			CurvePreferences: []CurveID{CurveX25519},
+		},
+		resumeConfig: &Config{
+			MaxVersion:       VersionTLS13,
+			CurvePreferences: []CurveID{CurveP256},
+		},
+		flags: []string{
+			"-expect-curve-id", strconv.Itoa(int(CurveX25519)),
+			"-expect-resume-curve-id", strconv.Itoa(int(CurveP256)),
+		},
+		resumeSession: true,
+	})
+	testCases = append(testCases, testCase{
+		testType: serverTest,
+		name:     "CurveID-Resume-Server-TLS13",
+		config: Config{
+			MaxVersion:       VersionTLS13,
+			CurvePreferences: []CurveID{CurveX25519},
+		},
+		resumeConfig: &Config{
+			MaxVersion:       VersionTLS13,
+			CurvePreferences: []CurveID{CurveP256},
+		},
+		flags: []string{
+			"-expect-curve-id", strconv.Itoa(int(CurveX25519)),
+			"-expect-resume-curve-id", strconv.Itoa(int(CurveP256)),
+		},
+		resumeSession: true,
+	})
 }
 
 func addTLS13RecordTests() {