Implement BORINGSSL_UNSAFE_FUZZER_MODE for TLS 1.3.

I'll hold on regenerating the transcripts until either the protocol has stablized more or we're ready to start actually deploying some of this, but we can get this in now. Confirmed these #ifdef points are covered by tests: - BadFinished-*-TLS13 - *-InvalidSignature-*-TLS13 BUG=79 Change-Id: I5f6b9d0f50ac33d5cc79688928fb3fdf6df845ae Reviewed-on: https://boringssl-review.googlesource.com/10500 Reviewed-by: Steven Valdez <svaldez@google.com> Reviewed-by: David Benjamin <davidben@google.com> Commit-Queue: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2016-08-19 14:51:10 -04:00 · 2016-08-19 14:51:10 -04:00 · 04aa694363
commit 04aa694363
parent 0e95015aa5
1 changed files with 11 additions and 2 deletions
--- a/ssl/tls13_both.c
+++ b/ssl/tls13_both.c
@ -254,6 +254,10 @@ int tls13_process_certificate_verify(SSL *ssl) {
  int sig_ok =
      ssl_public_key_verify(ssl, CBS_data(&signature), CBS_len(&signature),
                            signature_algorithm, pkey, msg, msg_len);
+#if defined(BORINGSSL_UNSAFE_FUZZER_MODE)
+  sig_ok = 1;
+  ERR_clear_error();
+#endif
  if (!sig_ok) {
    OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_SIGNATURE);
    ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECRYPT_ERROR);
@ -287,8 +291,13 @@ int tls13_process_finished(SSL *ssl) {
    return 0;
  }

-  if (ssl->init_num != verify_data_len ||
-      CRYPTO_memcmp(verify_data, ssl->init_msg, verify_data_len) != 0) {
+  int finished_ok =
+      ssl->init_num == verify_data_len &&
+      CRYPTO_memcmp(verify_data, ssl->init_msg, verify_data_len) == 0;
+#if defined(BORINGSSL_UNSAFE_FUZZER_MODE)
+  finished_ok = 1;
+#endif
+  if (!finished_ok) {
    ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECRYPT_ERROR);
    OPENSSL_PUT_ERROR(SSL, SSL_R_DIGEST_CHECK_FAILED);
    return 0;