Add missing tests for the Channel ID / 0-RTT interaction.

Clients or servers enabling both should not stop functioning. Change-Id: I5cca09f8adfc8ff56b8943123847bbdaf8885cf4 Reviewed-on: https://boringssl-review.googlesource.com/14485 Reviewed-by: David Benjamin <davidben@google.com> Commit-Queue: David Benjamin <davidben@google.com> CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
2017-03-29 16:35:57 -05:00 · 2017-03-29 16:35:57 -05:00 · 6bb507bc9c
commit 6bb507bc9c
parent e94ec3f85b
1 changed files with 70 additions and 4 deletions
--- a/ssl/test/runner/runner.go
+++ b/ssl/test/runner/runner.go
@ -10295,10 +10295,11 @@ func addTLS13HandshakeTests() {
 		},
 	})

-	// Test that we fail on early data with Channel ID.
+	// Test that the client offering 0-RTT and Channel ID forbids the server
+	// from accepting both.
 	testCases = append(testCases, testCase{
 		testType: clientTest,
-		name:     "TLS13-EarlyData-ChannelID-Client",
+		name:     "TLS13-EarlyDataChannelID-AcceptBoth-Client",
 		config: Config{
 			MaxVersion:       VersionTLS13,
 			MaxEarlyDataSize: 16384,
@ -10315,14 +10316,57 @@ func addTLS13HandshakeTests() {
 		},
 	})

+	// Test that the client offering Channel ID and 0-RTT allows the server
+	// to decline 0-RTT.
+	testCases = append(testCases, testCase{
+		testType: clientTest,
+		name:     "TLS13-EarlyDataChannelID-AcceptChannelID-Client",
+		config: Config{
+			MaxVersion:       VersionTLS13,
+			MaxEarlyDataSize: 16384,
+			RequestChannelID: true,
+			Bugs: ProtocolBugs{
+				AlwaysRejectEarlyData: true,
+			},
+		},
+		resumeSession:   true,
+		expectChannelID: true,
+		flags: []string{
+			"-enable-early-data",
+			"-expect-early-data-info",
+			"-send-channel-id", path.Join(*resourceDir, channelIDKeyFile),
+			"-expect-reject-early-data",
+		},
+	})
+
+	// Test that the client offering Channel ID and 0-RTT allows the server
+	// to decline Channel ID.
+	testCases = append(testCases, testCase{
+		testType: clientTest,
+		name:     "TLS13-EarlyDataChannelID-AcceptEarlyData-Client",
+		config: Config{
+			MaxVersion:       VersionTLS13,
+			MaxEarlyDataSize: 16384,
+		},
+		resumeSession: true,
+		flags: []string{
+			"-enable-early-data",
+			"-expect-early-data-info",
+			"-send-channel-id", path.Join(*resourceDir, channelIDKeyFile),
+			"-expect-accept-early-data",
+		},
+	})
+
+	// Test that the server supporting Channel ID and 0-RTT declines 0-RTT
+	// if it would negotiate Channel ID.
 	testCases = append(testCases, testCase{
 		testType: serverTest,
-		name:     "TLS13-EarlyData-ChannelID-Server",
+		name:     "TLS13-EarlyDataChannelID-OfferBoth-Server",
 		config: Config{
 			MaxVersion: VersionTLS13,
 			ChannelID:  channelIDKey,
 			Bugs: ProtocolBugs{
-				SendEarlyData:           [][]byte{{}},
+				SendEarlyData:           [][]byte{{1, 2, 3, 4}},
 				ExpectEarlyDataAccepted: false,
 			},
 		},
@ -10336,6 +10380,28 @@ func addTLS13HandshakeTests() {
 		},
 	})

+	// Test that the server supporting Channel ID and 0-RTT accepts 0-RTT
+	// if not offered Channel ID.
+	testCases = append(testCases, testCase{
+		testType: serverTest,
+		name:     "TLS13-EarlyDataChannelID-OfferEarlyData-Server",
+		config: Config{
+			MaxVersion: VersionTLS13,
+			Bugs: ProtocolBugs{
+				SendEarlyData:           [][]byte{{1, 2, 3, 4}},
+				ExpectEarlyDataAccepted: true,
+				ExpectHalfRTTData:       [][]byte{{254, 253, 252, 251}},
+			},
+		},
+		resumeSession:   true,
+		expectChannelID: false,
+		flags: []string{
+			"-enable-early-data",
+			"-expect-accept-early-data",
+			"-enable-channel-id",
+		},
+	})
+
 	// Test that the server rejects 0-RTT streams without end_of_early_data.
 	// The subsequent records should fail to decrypt.
 	testCases = append(testCases, testCase{