Test interaction of RSA key exchange and ClientHello.version. If we see garbage in ClientHello.version and then select static RSA, that garbage is what goes in the premaster. Change-Id: I65190a44439745e6b5ffaf7669f063da725c8097 Reviewed-on: https://boringssl-review.googlesource.com/11092 Reviewed-by: Adam Langley <agl@google.com> Commit-Queue: Adam Langley <agl@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

commit: e63d9d76250fb4ea4985c56536d8c14029f146b0 [log] [tgz]
author: David Benjamin <davidben@google.com> Mon Sep 19 18:27:34 2016 -0400
committer: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> Tue Sep 20 23:13:52 2016 +0000
tree: ee6bc0b8ae1ea223f01edcc5fece6caf607d8bfd
parent: 786793411aee3589ac58ecd23c28608e099aa64c [diff] [blame]
diff --git a/ssl/test/runner/runner.go b/ssl/test/runner/runner.go
index feef62c..854bcea 100644
--- a/ssl/test/runner/runner.go
+++ b/ssl/test/runner/runner.go

@@ -6930,6 +6930,20 @@
 			expectedError: ":DECRYPTION_FAILED_OR_BAD_RECORD_MAC:",
 		})
 	}
+
+	// The server must compare whatever was in ClientHello.version for the
+	// RSA premaster.
+	testCases = append(testCases, testCase{
+		testType: serverTest,
+		name:     "SendClientVersion-RSA",
+		config: Config{
+			CipherSuites: []uint16{TLS_RSA_WITH_AES_128_GCM_SHA256},
+			Bugs: ProtocolBugs{
+				SendClientVersion: 0x1234,
+			},
+		},
+		flags: []string{"-max-version", strconv.Itoa(VersionTLS12)},
+	})
 }
 
 var testCurves = []struct {
commit	e63d9d76250fb4ea4985c56536d8c14029f146b0	[log] [tgz]
author	David Benjamin <davidben@google.com>	Mon Sep 19 18:27:34 2016 -0400
committer	CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>	Tue Sep 20 23:13:52 2016 +0000
tree	ee6bc0b8ae1ea223f01edcc5fece6caf607d8bfd
parent	786793411aee3589ac58ecd23c28608e099aa64c [diff] [blame]