Fix multiple PSK identity parsing.

Change-Id: I3b43e8eb04c111731acc4fc06677fef8da09a646
Reviewed-on: https://boringssl-review.googlesource.com/12020
Reviewed-by: David Benjamin <davidben@google.com>

ssl/t1_lib.c

@@ -1982,7 +1982,7 @@ int ssl_ext_pre_shared_key_parse_clienthello(SSL *ssl,
       !CBS_get_u8_length_prefixed(&identity, &ke_modes) ||
       !CBS_get_u8_length_prefixed(&identity, &auth_modes) ||
       !CBS_get_u16_length_prefixed(&identity, &ticket) ||
-      CBS_len(&identity) != 0) {
+      CBS_len(contents) != 0) {
     *out_alert = SSL_AD_DECODE_ERROR;
     return 0;
   }

ssl/test/runner/common.go

@@ -1052,6 +1052,10 @@ type ProtocolBugs struct {
 	// the specified PSK identity index rather than the actual value.
 	SelectPSKIdentityOnResume uint16
 
+	// ExtraPSKIdentity, if true, causes the client to send an extra PSK
+	// identity.
+	ExtraPSKIdentity bool
+
 	// OmitServerHelloSignatureAlgorithms, if true, causes the server to omit the
 	// signature_algorithms extension in the ServerHello.
 	OmitServerHelloSignatureAlgorithms bool

ssl/test/runner/handshake_client.go

@@ -260,6 +260,10 @@ NextCipherSuite:
 			}
 
 			hello.pskIdentities = []pskIdentity{psk}
+
+			if c.config.Bugs.ExtraPSKIdentity {
+				hello.pskIdentities = append(hello.pskIdentities, psk)
+			}
 		}
 
 		if session.vers < VersionTLS13 || c.config.Bugs.SendBothTickets {

ssl/test/runner/runner.go

@@ -8783,6 +8783,18 @@ func addTLS13HandshakeTests() {
 		expectedError: ":PSK_IDENTITY_NOT_FOUND:",
 	})
 
+	testCases = append(testCases, testCase{
+		testType: serverTest,
+		name:     "TLS13-ExtraPSKIdentity",
+		config: Config{
+			MaxVersion: VersionTLS13,
+			Bugs: ProtocolBugs{
+				ExtraPSKIdentity: true,
+			},
+		},
+		resumeSession: true,
+	})
+
 	// Test that unknown NewSessionTicket extensions are tolerated.
 	testCases = append(testCases, testCase{
 		name: "TLS13-CustomTicketExtension",