Validate ClientHellos in tests some more.

This way we'll notice if we ever generate a bad padding extension or duplicate an extension. This did require fixing one of the JDK11 test vectors. When I manually added a padding extension, I forgot the contents were all zeros and incorrectly put in "padding" instead. Change-Id: Ifec5bb01a739014ed0fdf5b49b82a6b514646e9a Reviewed-on: https://boringssl-review.googlesource.com/c/33444 Commit-Queue: David Benjamin <davidben@google.com> Commit-Queue: Adam Langley <agl@google.com> Reviewed-by: Adam Langley <agl@google.com>
2018-11-22 11:04:07 -06:00 · 2018-11-22 11:04:07 -06:00 · 278b3120ee
commit 278b3120ee
parent 0f5ecd3a85
2 changed files with 34 additions and 5 deletions
--- a/ssl/test/runner/handshake_messages.go
+++ b/ssl/test/runner/handshake_messages.go
@ -653,6 +653,23 @@ func parseSignatureAlgorithms(reader *byteReader, out *[]signatureAlgorithm, all
 	return true
 }

+func checkDuplicateExtensions(extensions byteReader) bool {
+	seen := make(map[uint16]struct{})
+	for len(extensions) > 0 {
+		var extension uint16
+		var body byteReader
+		if !extensions.readU16(&extension) ||
+			!extensions.readU16LengthPrefixed(&body) {
+			return false
+		}
+		if _, ok := seen[extension]; ok {
+			return false
+		}
+		seen[extension] = struct{}{}
+	}
+	return true
+}
+
 func (m *clientHelloMsg) unmarshal(data []byte) bool {
 	m.raw = data
 	reader := byteReader(data[4:])
@ -707,7 +724,7 @@ func (m *clientHelloMsg) unmarshal(data []byte) bool {
 	}

 	var extensions byteReader
-	if !reader.readU16LengthPrefixed(&extensions) || len(reader) != 0 {
+	if !reader.readU16LengthPrefixed(&extensions) || len(reader) != 0 || !checkDuplicateExtensions(extensions) {
 		return false
 	}
 	for len(extensions) > 0 {
@ -923,6 +940,13 @@ func (m *clientHelloMsg) unmarshal(data []byte) bool {
 				seen[algID] = struct{}{}
 				m.compressedCertAlgs = append(m.compressedCertAlgs, algID)
 			}
+		case extensionPadding:
+			// Padding bytes must be all zero.
+			for _, b := range body {
+				if b != 0 {
+					return false
+				}
+			}
 		}

 		if isGREASEValue(extension) {
@ -1067,7 +1091,7 @@ func (m *serverHelloMsg) unmarshal(data []byte) bool {
 	}

 	var extensions byteReader
-	if !reader.readU16LengthPrefixed(&extensions) || len(reader) != 0 {
+	if !reader.readU16LengthPrefixed(&extensions) || len(reader) != 0 || !checkDuplicateExtensions(extensions) {
 		return false
 	}

@ -1330,6 +1354,10 @@ func (m *serverExtensions) unmarshal(data byteReader, version uint16) bool {
 	// Reset all fields.
 	*m = serverExtensions{}

+	if !checkDuplicateExtensions(data) {
+		return false
+	}
+
 	for len(data) > 0 {
 		var extension uint16
 		var body byteReader
@ -1651,7 +1679,7 @@ func (m *certificateMsg) unmarshal(data []byte) bool {
 		}
 		if m.hasRequestContext {
 			var extensions byteReader
-			if !certs.readU16LengthPrefixed(&extensions) {
+			if !certs.readU16LengthPrefixed(&extensions) || !checkDuplicateExtensions(extensions) {
 				return false
 			}
 			for len(extensions) > 0 {
@ -2010,7 +2038,8 @@ func (m *certificateRequestMsg) unmarshal(data []byte) bool {
 		var extensions byteReader
 		if !reader.readU8LengthPrefixedBytes(&m.requestContext) ||
 			!reader.readU16LengthPrefixed(&extensions) ||
-			len(reader) != 0 {
+			len(reader) != 0 ||
+			!checkDuplicateExtensions(extensions) {
 			return false
 		}
 		for len(extensions) > 0 {
--- a/ssl/test/runner/runner.go
+++ b/ssl/test/runner/runner.go
@ -14680,7 +14680,7 @@ func addJDK11WorkaroundTests() {
 		},
 		{
 			// The above with a padding extension added at the end.
-			decodeHexOrPanic("010001b4030336a379aa355a22a064b4402760efae1c73977b0b4c975efc7654c35677723dde201fe3f8a2bca60418a68f72463ea19f3c241e7cbfceb347e451a62bd2417d8981005a13011302c02cc02bc030009dc02ec032009f00a3c02f009cc02dc031009e00a2c024c028003dc026c02a006b006ac00ac0140035c005c00f00390038c023c027003cc025c02900670040c009c013002fc004c00e0033003200ff01000111000000080006000003736e69000500050100000000000a0020001e0017001800190009000a000b000c000d000e001601000101010201030104000b00020100000d002800260403050306030804080508060809080a080b04010501060104020303030103020203020102020032002800260403050306030804080508060809080a080b04010501060104020303030103020203020102020011000900070200040000000000170000002b0009080304030303020301002d000201010033004700450017004104721f007464cb08a0f36e093ad178eb78d6968df20077b2dd882694a85dc4c9884caf5092db41f16cc3f8d41f59426992fa5e32cfb9ad08deee752cdd95b1a6b50015000770616464696e67"),
+			decodeHexOrPanic("010001b4030336a379aa355a22a064b4402760efae1c73977b0b4c975efc7654c35677723dde201fe3f8a2bca60418a68f72463ea19f3c241e7cbfceb347e451a62bd2417d8981005a13011302c02cc02bc030009dc02ec032009f00a3c02f009cc02dc031009e00a2c024c028003dc026c02a006b006ac00ac0140035c005c00f00390038c023c027003cc025c02900670040c009c013002fc004c00e0033003200ff01000111000000080006000003736e69000500050100000000000a0020001e0017001800190009000a000b000c000d000e001601000101010201030104000b00020100000d002800260403050306030804080508060809080a080b04010501060104020303030103020203020102020032002800260403050306030804080508060809080a080b04010501060104020303030103020203020102020011000900070200040000000000170000002b0009080304030303020301002d000201010033004700450017004104721f007464cb08a0f36e093ad178eb78d6968df20077b2dd882694a85dc4c9884caf5092db41f16cc3f8d41f59426992fa5e32cfb9ad08deee752cdd95b1a6b50015000700000000000000"),
 			false,
 		},
 		{