Test bad records at all cipher suites.

We have AEAD-level coverage for these, but we should also test this in the TLS stack, and at maximum size per upstream's CVE-2016-7054. Change-Id: I1f4ad0356e793d6a3eefdc2d55a9c7e05ea08261 Reviewed-on: https://boringssl-review.googlesource.com/12187 Commit-Queue: David Benjamin <davidben@google.com> Commit-Queue: Adam Langley <agl@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> Reviewed-by: Adam Langley <agl@google.com>
2016-11-10 10:46:00 -05:00 · 2016-11-10 10:46:00 -05:00 · 231a475355
commit 231a475355
parent 126fa278f8
2 changed files with 30 additions and 2 deletions
--- a/ssl/test/runner/runner.go
+++ b/ssl/test/runner/runner.go
@ -2488,7 +2488,8 @@ func addCipherSuiteTests() {
 				if !shouldClientFail {
 					// Ensure the maximum record size is accepted.
 					testCases = append(testCases, testCase{
-						name: prefix + ver.name + "-" + suite.name + "-LargeRecord",
+						protocol: protocol,
+						name:     prefix + ver.name + "-" + suite.name + "-LargeRecord",
 						config: Config{
 							MinVersion:           ver.version,
 							MaxVersion:           ver.version,
@ -2500,6 +2501,33 @@ func addCipherSuiteTests() {
 						flags:      flags,
 						messageLen: maxPlaintext,
 					})
+
+					// Test bad records for all ciphers. Bad records are fatal in TLS
+					// and ignored in DTLS.
+					var shouldFail bool
+					var expectedError string
+					if protocol == tls {
+						shouldFail = true
+						expectedError = ":DECRYPTION_FAILED_OR_BAD_RECORD_MAC:"
+					}
+
+					testCases = append(testCases, testCase{
+						protocol: protocol,
+						name:     prefix + ver.name + "-" + suite.name + "-BadRecord",
+						config: Config{
+							MinVersion:           ver.version,
+							MaxVersion:           ver.version,
+							CipherSuites:         []uint16{suite.id},
+							Certificates:         []Certificate{cert},
+							PreSharedKey:         []byte(psk),
+							PreSharedKeyIdentity: pskIdentity,
+						},
+						flags:            flags,
+						damageFirstWrite: true,
+						messageLen:       maxPlaintext,
+						shouldFail:       shouldFail,
+						expectedError:    expectedError,
+					})
 				}
 			}
 		}
--- a/ssl/test/runner/shim_ticket.go
+++ b/ssl/test/runner/shim_ticket.go
@ -62,7 +62,7 @@ func DecryptShimTicket(in []byte) ([]byte, error) {
 	// Decrypt in-place.
 	iv := in[:block.BlockSize()]
 	in = in[block.BlockSize():]
-	if l := len(in); l == 0 || l % block.BlockSize() != 0 {
+	if l := len(in); l == 0 || l%block.BlockSize() != 0 {
 		return nil, errors.New("tls: ticket ciphertext not a multiple of the block size")
 	}
 	out := make([]byte, len(in))