Implement BORINGSSL_UNSAFE_FUZZER_MODE for TLS 1.3.

I'll hold on regenerating the transcripts until either the protocol has
stablized more or we're ready to start actually deploying some of this,
but we can get this in now.

Confirmed these #ifdef points are covered by tests:
- BadFinished-*-TLS13
- *-InvalidSignature-*-TLS13

BUG=79

Change-Id: I5f6b9d0f50ac33d5cc79688928fb3fdf6df845ae
Reviewed-on: https://boringssl-review.googlesource.com/10500
Reviewed-by: Steven Valdez <svaldez@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>

ssl/tls13_both.c

@@ -254,6 +254,10 @@ int tls13_process_certificate_verify(SSL *ssl) {
   int sig_ok =
       ssl_public_key_verify(ssl, CBS_data(&signature), CBS_len(&signature),
                             signature_algorithm, pkey, msg, msg_len);
+#if defined(BORINGSSL_UNSAFE_FUZZER_MODE)
+  sig_ok = 1;
+  ERR_clear_error();
+#endif
   if (!sig_ok) {
     OPENSSL_PUT_ERROR(SSL, SSL_R_BAD_SIGNATURE);
     ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECRYPT_ERROR);
@@ -287,8 +291,13 @@ int tls13_process_finished(SSL *ssl) {
     return 0;
   }
 
-  if (ssl->init_num != verify_data_len ||
+  int finished_ok =
-      CRYPTO_memcmp(verify_data, ssl->init_msg, verify_data_len) != 0) {
+      ssl->init_num == verify_data_len &&
+      CRYPTO_memcmp(verify_data, ssl->init_msg, verify_data_len) == 0;
+#if defined(BORINGSSL_UNSAFE_FUZZER_MODE)
+  finished_ok = 1;
+#endif
+  if (!finished_ok) {
     ssl3_send_alert(ssl, SSL3_AL_FATAL, SSL_AD_DECRYPT_ERROR);
     OPENSSL_PUT_ERROR(SSL, SSL_R_DIGEST_CHECK_FAILED);
     return 0;