Convert the rest of ssl_test to GTest.

We never finished that up.

Change-Id: Iddb6a551ff88ee5475a3ccdd746cf3d38e4ba234
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/35784
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/ssl/ssl_test.cc b/ssl/ssl_test.cc
index 755510d..f06b1d9 100644
--- a/ssl/ssl_test.cc
+++ b/ssl/ssl_test.cc
@@ -737,103 +737,77 @@
   return true;
 }
 
-static bool TestSSL_SESSIONEncoding(const char *input_b64) {
-  const uint8_t *cptr;
-  uint8_t *ptr;
+TEST(SSLTest, SessionEncoding) {
+  for (const char *input_b64 : {
+           kOpenSSLSession,
+           kCustomSession,
+           kBoringSSLSession,
+       }) {
+    SCOPED_TRACE(std::string(input_b64));
+    // Decode the input.
+    std::vector<uint8_t> input;
+    ASSERT_TRUE(DecodeBase64(&input, input_b64));
 
-  // Decode the input.
-  std::vector<uint8_t> input;
-  if (!DecodeBase64(&input, input_b64)) {
-    return false;
+    // Verify the SSL_SESSION decodes.
+    bssl::UniquePtr<SSL_CTX> ssl_ctx(SSL_CTX_new(TLS_method()));
+    ASSERT_TRUE(ssl_ctx);
+    bssl::UniquePtr<SSL_SESSION> session(
+        SSL_SESSION_from_bytes(input.data(), input.size(), ssl_ctx.get()));
+    ASSERT_TRUE(session) << "SSL_SESSION_from_bytes failed";
+
+    // Verify the SSL_SESSION encoding round-trips.
+    size_t encoded_len;
+    bssl::UniquePtr<uint8_t> encoded;
+    uint8_t *encoded_raw;
+    ASSERT_TRUE(SSL_SESSION_to_bytes(session.get(), &encoded_raw, &encoded_len))
+        << "SSL_SESSION_to_bytes failed";
+    encoded.reset(encoded_raw);
+    EXPECT_EQ(Bytes(encoded.get(), encoded_len), Bytes(input))
+        << "SSL_SESSION_to_bytes did not round-trip";
+
+    // Verify the SSL_SESSION also decodes with the legacy API.
+    const uint8_t *cptr = input.data();
+    session.reset(d2i_SSL_SESSION(NULL, &cptr, input.size()));
+    ASSERT_TRUE(session) << "d2i_SSL_SESSION failed";
+    EXPECT_EQ(cptr, input.data() + input.size());
+
+    // Verify the SSL_SESSION encoding round-trips via the legacy API.
+    int len = i2d_SSL_SESSION(session.get(), NULL);
+    ASSERT_GT(len, 0) << "i2d_SSL_SESSION failed";
+    ASSERT_EQ(static_cast<size_t>(len), input.size())
+        << "i2d_SSL_SESSION(NULL) returned invalid length";
+
+    encoded.reset((uint8_t *)OPENSSL_malloc(input.size()));
+    ASSERT_TRUE(encoded);
+
+    uint8_t *ptr = encoded.get();
+    len = i2d_SSL_SESSION(session.get(), &ptr);
+    ASSERT_GT(len, 0) << "i2d_SSL_SESSION failed";
+    ASSERT_EQ(static_cast<size_t>(len), input.size())
+        << "i2d_SSL_SESSION(NULL) returned invalid length";
+    ASSERT_EQ(ptr, encoded.get() + input.size())
+        << "i2d_SSL_SESSION did not advance ptr correctly";
+    EXPECT_EQ(Bytes(encoded.get(), encoded_len), Bytes(input))
+        << "SSL_SESSION_to_bytes did not round-trip";
   }
 
-  // Verify the SSL_SESSION decodes.
-  bssl::UniquePtr<SSL_CTX> ssl_ctx(SSL_CTX_new(TLS_method()));
-  if (!ssl_ctx) {
-    return false;
-  }
-  bssl::UniquePtr<SSL_SESSION> session(
-      SSL_SESSION_from_bytes(input.data(), input.size(), ssl_ctx.get()));
-  if (!session) {
-    fprintf(stderr, "SSL_SESSION_from_bytes failed\n");
-    return false;
-  }
+  for (const char *input_b64 : {
+           kBadSessionExtraField,
+           kBadSessionVersion,
+           kBadSessionTrailingData,
+       }) {
+    SCOPED_TRACE(std::string(input_b64));
+    std::vector<uint8_t> input;
+    ASSERT_TRUE(DecodeBase64(&input, input_b64));
 
-  // Verify the SSL_SESSION encoding round-trips.
-  size_t encoded_len;
-  bssl::UniquePtr<uint8_t> encoded;
-  uint8_t *encoded_raw;
-  if (!SSL_SESSION_to_bytes(session.get(), &encoded_raw, &encoded_len)) {
-    fprintf(stderr, "SSL_SESSION_to_bytes failed\n");
-    return false;
+    // Verify that the SSL_SESSION fails to decode.
+    bssl::UniquePtr<SSL_CTX> ssl_ctx(SSL_CTX_new(TLS_method()));
+    ASSERT_TRUE(ssl_ctx);
+    bssl::UniquePtr<SSL_SESSION> session(
+        SSL_SESSION_from_bytes(input.data(), input.size(), ssl_ctx.get()));
+    EXPECT_FALSE(session) << "SSL_SESSION_from_bytes unexpectedly succeeded";
+    ERR_clear_error();
   }
-  encoded.reset(encoded_raw);
-  if (encoded_len != input.size() ||
-      OPENSSL_memcmp(input.data(), encoded.get(), input.size()) != 0) {
-    fprintf(stderr, "SSL_SESSION_to_bytes did not round-trip\n");
-    hexdump(stderr, "Before: ", input.data(), input.size());
-    hexdump(stderr, "After:  ", encoded_raw, encoded_len);
-    return false;
-  }
-
-  // Verify the SSL_SESSION also decodes with the legacy API.
-  cptr = input.data();
-  session.reset(d2i_SSL_SESSION(NULL, &cptr, input.size()));
-  if (!session || cptr != input.data() + input.size()) {
-    fprintf(stderr, "d2i_SSL_SESSION failed\n");
-    return false;
-  }
-
-  // Verify the SSL_SESSION encoding round-trips via the legacy API.
-  int len = i2d_SSL_SESSION(session.get(), NULL);
-  if (len < 0 || (size_t)len != input.size()) {
-    fprintf(stderr, "i2d_SSL_SESSION(NULL) returned invalid length\n");
-    return false;
-  }
-
-  encoded.reset((uint8_t *)OPENSSL_malloc(input.size()));
-  if (!encoded) {
-    fprintf(stderr, "malloc failed\n");
-    return false;
-  }
-
-  ptr = encoded.get();
-  len = i2d_SSL_SESSION(session.get(), &ptr);
-  if (len < 0 || (size_t)len != input.size()) {
-    fprintf(stderr, "i2d_SSL_SESSION returned invalid length\n");
-    return false;
-  }
-  if (ptr != encoded.get() + input.size()) {
-    fprintf(stderr, "i2d_SSL_SESSION did not advance ptr correctly\n");
-    return false;
-  }
-  if (OPENSSL_memcmp(input.data(), encoded.get(), input.size()) != 0) {
-    fprintf(stderr, "i2d_SSL_SESSION did not round-trip\n");
-    return false;
-  }
-
-  return true;
-}
-
-static bool TestBadSSL_SESSIONEncoding(const char *input_b64) {
-  std::vector<uint8_t> input;
-  if (!DecodeBase64(&input, input_b64)) {
-    return false;
-  }
-
-  // Verify that the SSL_SESSION fails to decode.
-  bssl::UniquePtr<SSL_CTX> ssl_ctx(SSL_CTX_new(TLS_method()));
-  if (!ssl_ctx) {
-    return false;
-  }
-  bssl::UniquePtr<SSL_SESSION> session(
-      SSL_SESSION_from_bytes(input.data(), input.size(), ssl_ctx.get()));
-  if (session) {
-    fprintf(stderr, "SSL_SESSION_from_bytes unexpectedly succeeded\n");
-    return false;
-  }
-  ERR_clear_error();
-  return true;
 }
 
 static void ExpectDefaultVersion(uint16_t min_version, uint16_t max_version,
@@ -1087,63 +1061,67 @@
   return client_hello.size() - SSL3_RT_HEADER_LENGTH;
 }
 
-struct PaddingTest {
-  size_t input_len, padded_len;
-};
+TEST(SSLTest, Padding) {
+  struct PaddingVersions {
+    uint16_t max_version, session_version;
+  };
+  static const PaddingVersions kPaddingVersions[] = {
+      // Test the padding extension at TLS 1.2.
+      {TLS1_2_VERSION, TLS1_2_VERSION},
+      // Test the padding extension at TLS 1.3 with a TLS 1.2 session, so there
+      // will be no PSK binder after the padding extension.
+      {TLS1_3_VERSION, TLS1_2_VERSION},
+      // Test the padding extension at TLS 1.3 with a TLS 1.3 session, so there
+      // will be a PSK binder after the padding extension.
+      {TLS1_3_VERSION, TLS1_3_VERSION},
 
-static const PaddingTest kPaddingTests[] = {
-    // ClientHellos of length below 0x100 do not require padding.
-    {0xfe, 0xfe},
-    {0xff, 0xff},
-    // ClientHellos of length 0x100 through 0x1fb are padded up to 0x200.
-    {0x100, 0x200},
-    {0x123, 0x200},
-    {0x1fb, 0x200},
-    // ClientHellos of length 0x1fc through 0x1ff get padded beyond 0x200. The
-    // padding extension takes a minimum of four bytes plus one required content
-    // byte. (To work around yet more server bugs, we avoid empty final
-    // extensions.)
-    {0x1fc, 0x201},
-    {0x1fd, 0x202},
-    {0x1fe, 0x203},
-    {0x1ff, 0x204},
-    // Finally, larger ClientHellos need no padding.
-    {0x200, 0x200},
-    {0x201, 0x201},
-};
+  };
 
-static bool TestPaddingExtension(uint16_t max_version,
-                                 uint16_t session_version) {
-  // Sample a baseline length.
-  size_t base_len = GetClientHelloLen(max_version, session_version, 1);
-  if (base_len == 0) {
-    return false;
-  }
+  struct PaddingTest {
+    size_t input_len, padded_len;
+  };
+  static const PaddingTest kPaddingTests[] = {
+      // ClientHellos of length below 0x100 do not require padding.
+      {0xfe, 0xfe},
+      {0xff, 0xff},
+      // ClientHellos of length 0x100 through 0x1fb are padded up to 0x200.
+      {0x100, 0x200},
+      {0x123, 0x200},
+      {0x1fb, 0x200},
+      // ClientHellos of length 0x1fc through 0x1ff get padded beyond 0x200. The
+      // padding extension takes a minimum of four bytes plus one required
+      // content
+      // byte. (To work around yet more server bugs, we avoid empty final
+      // extensions.)
+      {0x1fc, 0x201},
+      {0x1fd, 0x202},
+      {0x1fe, 0x203},
+      {0x1ff, 0x204},
+      // Finally, larger ClientHellos need no padding.
+      {0x200, 0x200},
+      {0x201, 0x201},
+  };
 
-  for (const PaddingTest &test : kPaddingTests) {
-    if (base_len > test.input_len) {
-      fprintf(stderr,
-              "Baseline ClientHello too long (max_version = %04x, "
-              "session_version = %04x).\n",
-              max_version, session_version);
-      return false;
-    }
+  for (const PaddingVersions &versions : kPaddingVersions) {
+    SCOPED_TRACE(versions.max_version);
+    SCOPED_TRACE(versions.session_version);
 
-    size_t padded_len = GetClientHelloLen(max_version, session_version,
-                                          1 + test.input_len - base_len);
-    if (padded_len != test.padded_len) {
-      fprintf(stderr,
-              "%u-byte ClientHello padded to %u bytes, not %u (max_version = "
-              "%04x, session_version = %04x).\n",
-              static_cast<unsigned>(test.input_len),
-              static_cast<unsigned>(padded_len),
-              static_cast<unsigned>(test.padded_len), max_version,
-              session_version);
-      return false;
+    // Sample a baseline length.
+    size_t base_len =
+        GetClientHelloLen(versions.max_version, versions.session_version, 1);
+    ASSERT_NE(base_len, 0u) << "Baseline length could not be sampled";
+
+    for (const PaddingTest &test : kPaddingTests) {
+      SCOPED_TRACE(test.input_len);
+      ASSERT_LE(base_len, test.input_len) << "Baseline ClientHello too long";
+
+      size_t padded_len =
+          GetClientHelloLen(versions.max_version, versions.session_version,
+                            1 + test.input_len - base_len);
+      EXPECT_EQ(padded_len, test.padded_len)
+          << "ClientHello was not padded to expected length";
     }
   }
-
-  return true;
 }
 
 static bssl::UniquePtr<X509> GetTestCertificate() {
@@ -4706,7 +4684,7 @@
     thread.join();
   }
 }
-#endif
+#endif  // OPENSSL_THREADS
 
 constexpr size_t kNumQUICLevels = 4;
 static_assert(ssl_encryption_initial < kNumQUICLevels,
@@ -5372,25 +5350,5 @@
   EXPECT_EQ(1, BORINGSSL_enum_c_type_test());
 }
 
-// TODO(davidben): Convert this file to GTest properly.
-TEST(SSLTest, AllTests) {
-  if (!TestSSL_SESSIONEncoding(kOpenSSLSession) ||
-      !TestSSL_SESSIONEncoding(kCustomSession) ||
-      !TestSSL_SESSIONEncoding(kBoringSSLSession) ||
-      !TestBadSSL_SESSIONEncoding(kBadSessionExtraField) ||
-      !TestBadSSL_SESSIONEncoding(kBadSessionVersion) ||
-      !TestBadSSL_SESSIONEncoding(kBadSessionTrailingData) ||
-      // Test the padding extension at TLS 1.2.
-      !TestPaddingExtension(TLS1_2_VERSION, TLS1_2_VERSION) ||
-      // Test the padding extension at TLS 1.3 with a TLS 1.2 session, so there
-      // will be no PSK binder after the padding extension.
-      !TestPaddingExtension(TLS1_3_VERSION, TLS1_2_VERSION) ||
-      // Test the padding extension at TLS 1.3 with a TLS 1.3 session, so there
-      // will be a PSK binder after the padding extension.
-      !TestPaddingExtension(TLS1_3_VERSION, TLS1_3_VERSION)) {
-    ADD_FAILURE() << "Tests failed";
-  }
-}
-
 }  // namespace
 BSSL_NAMESPACE_END