Test bad records at all cipher suites.

We have AEAD-level coverage for these, but we should also test this in
the TLS stack, and at maximum size per upstream's CVE-2016-7054.

Change-Id: I1f4ad0356e793d6a3eefdc2d55a9c7e05ea08261
Reviewed-on: https://boringssl-review.googlesource.com/12187
Commit-Queue: David Benjamin <davidben@google.com>
Commit-Queue: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
Reviewed-by: Adam Langley <agl@google.com>
This commit is contained in:
David Benjamin 2016-11-10 10:46:00 -05:00 committed by CQ bot account: commit-bot@chromium.org
parent 126fa278f8
commit 231a475355
2 changed files with 30 additions and 2 deletions

View File

@ -2488,6 +2488,7 @@ func addCipherSuiteTests() {
if !shouldClientFail {
// Ensure the maximum record size is accepted.
testCases = append(testCases, testCase{
protocol: protocol,
name: prefix + ver.name + "-" + suite.name + "-LargeRecord",
config: Config{
MinVersion: ver.version,
@ -2500,6 +2501,33 @@ func addCipherSuiteTests() {
flags: flags,
messageLen: maxPlaintext,
})
// Test bad records for all ciphers. Bad records are fatal in TLS
// and ignored in DTLS.
var shouldFail bool
var expectedError string
if protocol == tls {
shouldFail = true
expectedError = ":DECRYPTION_FAILED_OR_BAD_RECORD_MAC:"
}
testCases = append(testCases, testCase{
protocol: protocol,
name: prefix + ver.name + "-" + suite.name + "-BadRecord",
config: Config{
MinVersion: ver.version,
MaxVersion: ver.version,
CipherSuites: []uint16{suite.id},
Certificates: []Certificate{cert},
PreSharedKey: []byte(psk),
PreSharedKeyIdentity: pskIdentity,
},
flags: flags,
damageFirstWrite: true,
messageLen: maxPlaintext,
shouldFail: shouldFail,
expectedError: expectedError,
})
}
}
}

View File

@ -62,7 +62,7 @@ func DecryptShimTicket(in []byte) ([]byte, error) {
// Decrypt in-place.
iv := in[:block.BlockSize()]
in = in[block.BlockSize():]
if l := len(in); l == 0 || l % block.BlockSize() != 0 {
if l := len(in); l == 0 || l%block.BlockSize() != 0 {
return nil, errors.New("tls: ticket ciphertext not a multiple of the block size")
}
out := make([]byte, len(in))