Add a few more tests around processing the server PSK extension.
The server acknowledging a non-existent session is a particularly
interesting case since getting it wrong means a NULL crash.
Change-Id: Iabde4955de883595239cfd8e9d84a7711e60a886
Reviewed-on: https://boringssl-review.googlesource.com/11500
Reviewed-by: Steven Valdez <svaldez@google.com>
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: Steven Valdez <svaldez@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
diff --git a/ssl/t1_lib.c b/ssl/t1_lib.c
index b9d359e..2aca268 100644
--- a/ssl/t1_lib.c
+++ b/ssl/t1_lib.c
@@ -2061,11 +2061,13 @@
uint16_t psk_id;
if (!CBS_get_u16(contents, &psk_id) ||
CBS_len(contents) != 0) {
+ OPENSSL_PUT_ERROR(SSL, SSL_R_DECODE_ERROR);
*out_alert = SSL_AD_DECODE_ERROR;
return 0;
}
if (psk_id != 0) {
+ OPENSSL_PUT_ERROR(SSL, SSL_R_PSK_IDENTITY_NOT_FOUND);
*out_alert = SSL_AD_UNKNOWN_PSK_IDENTITY;
return 0;
}
diff --git a/ssl/test/runner/common.go b/ssl/test/runner/common.go
index ae46505..309cd82 100644
--- a/ssl/test/runner/common.go
+++ b/ssl/test/runner/common.go
@@ -1030,6 +1030,14 @@
// resumption.
NegotiatePSKResumption bool
+ // AlwaysSelectPSKIdentity, if true, causes the server in TLS 1.3 to
+ // always acknowledge a session, regardless of one was offered.
+ AlwaysSelectPSKIdentity bool
+
+ // SelectPSKIdentityOnResume, if non-zero, causes the server to select
+ // the specified PSK identity index rather than the actual value.
+ SelectPSKIdentityOnResume uint16
+
// OmitServerHelloSignatureAlgorithms, if true, causes the server to omit the
// signature_algorithms extension in the ServerHello.
OmitServerHelloSignatureAlgorithms bool
diff --git a/ssl/test/runner/handshake_server.go b/ssl/test/runner/handshake_server.go
index c2fae55..7c2fd17 100644
--- a/ssl/test/runner/handshake_server.go
+++ b/ssl/test/runner/handshake_server.go
@@ -469,10 +469,18 @@
hs.suite = suite
hs.hello.hasPSKIdentity = true
hs.hello.pskIdentity = uint16(i)
+ if config.Bugs.SelectPSKIdentityOnResume != 0 {
+ hs.hello.pskIdentity = config.Bugs.SelectPSKIdentityOnResume
+ }
c.didResume = true
break
}
+ if config.Bugs.AlwaysSelectPSKIdentity {
+ hs.hello.hasPSKIdentity = true
+ hs.hello.pskIdentity = 0
+ }
+
// If not resuming, select the cipher suite.
if hs.suite == nil {
var preferenceList, supportedList []uint16
diff --git a/ssl/test/runner/runner.go b/ssl/test/runner/runner.go
index e164843..248c6eb 100644
--- a/ssl/test/runner/runner.go
+++ b/ssl/test/runner/runner.go
@@ -8559,6 +8559,31 @@
shouldFail: true,
expectedError: ":DECODE_ERROR:",
})
+
+ testCases = append(testCases, testCase{
+ name: "TLS13-AlwaysSelectPSKIdentity",
+ config: Config{
+ MaxVersion: VersionTLS13,
+ Bugs: ProtocolBugs{
+ AlwaysSelectPSKIdentity: true,
+ },
+ },
+ shouldFail: true,
+ expectedError: ":UNEXPECTED_EXTENSION:",
+ })
+
+ testCases = append(testCases, testCase{
+ name: "TLS13-InvalidPSKIdentity",
+ config: Config{
+ MaxVersion: VersionTLS13,
+ Bugs: ProtocolBugs{
+ SelectPSKIdentityOnResume: 1,
+ },
+ },
+ resumeSession: true,
+ shouldFail: true,
+ expectedError: ":PSK_IDENTITY_NOT_FOUND:",
+ })
}
func addPeekTests() {
