Fix flaky BadRSAClientKeyExchange-1 test.

Sometimes BadRSAClientKeyExchange-1 fails with DATA_TOO_LARGE_FOR_MODULUS if the corruption brings the ciphertext above the RSA modulus. Ensure this does not happen. Change-Id: I0d8ea6887dfcab946fdf5d38f5b196f5a927c4a9 Reviewed-on: https://boringssl-review.googlesource.com/6731 Reviewed-by: Adam Langley <agl@google.com>
2015-12-15 15:37:39 -05:00 · 2015-12-15 15:37:39 -05:00 · f28dd64d43
commit f28dd64d43
parent 423488557c
1 changed files with 3 additions and 1 deletions
--- a/ssl/test/runner/key_agreement.go
+++ b/ssl/test/runner/key_agreement.go
@ -165,7 +165,9 @@ func (ka *rsaKeyAgreement) generateClientKeyExchange(config *Config, clientHello
 		return nil, nil, err
 	}
 	if bad == RSABadValueCorrupt {
-		encrypted[0] ^= 1
+		encrypted[len(encrypted)-1] ^= 1
+		// Clear the high byte to ensure |encrypted| is still below the RSA modulus.
+		encrypted[0] = 0
 	}
 	ckx := new(clientKeyExchangeMsg)
 	if clientHello.vers != VersionSSL30 {