diff options
author | David Benjamin <davidben@google.com> | 2016-09-21 23:23:27 +0300 |
---|---|---|
committer | David Benjamin <davidben@google.com> | 2016-09-22 23:41:41 +0300 |
commit | 196df5bfa24eb2b82524af22d2d86454d9f58565 (patch) | |
tree | b7b411d29ee0d1a9c4e0ba5689f4a0fb354b73b0 | |
parent | a78e6a5ab537ecb2e320438d0819442a8fe2b1f1 (diff) |
Add a InvalidChannelIDSignature test.
Apparently we never wrote one of those. Also send a decrypt_error alert
to be consistent with all the other signature checks.
Change-Id: Ib5624d098d1e3086245192cdce92f5df26005064
Reviewed-on: https://boringssl-review.googlesource.com/11180
Reviewed-by: David Benjamin <davidben@google.com>
-rw-r--r-- | ssl/handshake_server.c | 1 | ||||
-rw-r--r-- | ssl/test/runner/common.go | 4 | ||||
-rw-r--r-- | ssl/test/runner/handshake_client.go | 3 | ||||
-rw-r--r-- | ssl/test/runner/runner.go | 16 |
4 files changed, 24 insertions, 0 deletions
diff --git a/ssl/handshake_server.c b/ssl/handshake_server.c index d57735a9..4e443845 100644 --- a/ssl/handshake_server.c +++ b/ssl/handshake_server.c @@ -1841,6 +1841,7 @@ static int ssl3_get_channel_id(SSL *ssl) { * were called. */ if (!ECDSA_do_verify(channel_id_hash, channel_id_hash_len, &sig, key)) { OPENSSL_PUT_ERROR(SSL, SSL_R_CHANNEL_ID_SIGNATURE_INVALID); + ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECRYPT_ERROR); ssl->s3->tlsext_channel_id_valid = 0; goto err; } diff --git a/ssl/test/runner/common.go b/ssl/test/runner/common.go index 715a94be..3300d33d 100644 --- a/ssl/test/runner/common.go +++ b/ssl/test/runner/common.go @@ -1080,6 +1080,10 @@ type ProtocolBugs struct { // TrailingKeyShareData, if true, causes the client key share list to // include a trailing byte. TrailingKeyShareData bool + + // InvalidChannelIDSignature, if true, causes the client to generate an + // invalid Channel ID signature. + InvalidChannelIDSignature bool } func (c *Config) serverInit() { diff --git a/ssl/test/runner/handshake_client.go b/ssl/test/runner/handshake_client.go index c5c4495c..05cf0c27 100644 --- a/ssl/test/runner/handshake_client.go +++ b/ssl/test/runner/handshake_client.go @@ -1349,6 +1349,9 @@ func (hs *clientHandshakeState) sendFinished(out []byte, isResume bool) error { writeIntPadded(channelID[32:64], c.config.ChannelID.Y) writeIntPadded(channelID[64:96], r) writeIntPadded(channelID[96:128], s) + if c.config.Bugs.InvalidChannelIDSignature { + channelID[64] ^= 1 + } channelIDMsg.channelID = channelID c.channelID = &c.config.ChannelID.PublicKey diff --git a/ssl/test/runner/runner.go b/ssl/test/runner/runner.go index 01de14fd..ba337d20 100644 --- a/ssl/test/runner/runner.go +++ b/ssl/test/runner/runner.go @@ -5010,6 +5010,22 @@ func addExtensionTests() { }, flags: []string{"-advertise-npn", "\x03foo\x03bar\x03baz"}, }) + + testCases = append(testCases, testCase{ + testType: serverTest, + name: "InvalidChannelIDSignature", + config: Config{ + MaxVersion: VersionTLS12, + ChannelID: channelIDKey, + Bugs: ProtocolBugs{ + InvalidChannelIDSignature: true, + }, + }, + flags: []string{"-enable-channel-id"}, + shouldFail: true, + expectedError: ":CHANNEL_ID_SIGNATURE_INVALID:", + expectedLocalError: "remote error: error decrypting message", + }) } func addResumptionVersionTests() { |