Make WrongCertificateMessageType work in both 1.3 and 1.2.
In preparation for getting the tests going.
Change-Id: Ifd2ab09e6ce91f99abde759d5db8dc6554521572
Reviewed-on: https://boringssl-review.googlesource.com/8764
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: Steven Valdez <svaldez@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
diff --git a/ssl/test/runner/handshake_server.go b/ssl/test/runner/handshake_server.go
index 06823ed..fbc88e3 100644
--- a/ssl/test/runner/handshake_server.go
+++ b/ssl/test/runner/handshake_server.go
@@ -433,8 +433,12 @@
if !config.Bugs.EmptyCertificateList {
certMsg.certificates = hs.cert.Certificate
}
- hs.writeServerHash(certMsg.marshal())
- c.writeRecord(recordTypeHandshake, certMsg.marshal())
+ certMsgBytes := certMsg.marshal()
+ if config.Bugs.WrongCertificateMessageType {
+ certMsgBytes[0] += 42
+ }
+ hs.writeServerHash(certMsgBytes)
+ c.writeRecord(recordTypeHandshake, certMsgBytes)
certVerify := &certificateVerifyMsg{
hasSignatureAlgorithm: true,
diff --git a/ssl/test/runner/runner.go b/ssl/test/runner/runner.go
index 4f9861f..fb9086a 100644
--- a/ssl/test/runner/runner.go
+++ b/ssl/test/runner/runner.go
@@ -1680,6 +1680,18 @@
{
name: "WrongMessageType",
config: Config{
+ MaxVersion: VersionTLS12,
+ Bugs: ProtocolBugs{
+ WrongCertificateMessageType: true,
+ },
+ },
+ shouldFail: true,
+ expectedError: ":UNEXPECTED_MESSAGE:",
+ expectedLocalError: "remote error: unexpected message",
+ },
+ {
+ name: "WrongMessageType-TLS13",
+ config: Config{
Bugs: ProtocolBugs{
WrongCertificateMessageType: true,
},
