Don't crash on EnableAllCiphers in deriveTrafficAEAD. deriveTrafficAEAD gets confused by the EnableAllCiphers bug. As a hack, just return the nil cipher. We only need to progress far enough to read the shim's error code. Change-Id: I72d25ac463a03a0e99dd08c38a1a7daef1f94311 Reviewed-on: https://boringssl-review.googlesource.com/8763 Commit-Queue: David Benjamin <davidben@google.com> Reviewed-by: Steven Valdez <svaldez@google.com> Reviewed-by: David Benjamin <davidben@google.com>

commit: c78aa4a351e4eeaefffd9feb7adb99dfef2a9400 [log] [tgz]
author: David Benjamin <davidben@google.com> Wed Jul 13 16:55:34 2016 -0400
committer: David Benjamin <davidben@google.com> Wed Jul 13 21:24:05 2016 +0000
tree: fe44cbbd03139abcb051551792c2e766b8633693
parent: 9deb117409ae1d9ec2eace4d508e07121a3ebf48 [diff]
diff --git a/ssl/test/runner/prf.go b/ssl/test/runner/prf.go
index 0fd5762..723763f 100644
--- a/ssl/test/runner/prf.go
+++ b/ssl/test/runner/prf.go

@@ -471,7 +471,13 @@
 
 // deriveTrafficAEAD derives traffic keys and constructs an AEAD given a traffic
 // secret.
-func deriveTrafficAEAD(version uint16, suite *cipherSuite, secret, phase []byte, side trafficDirection) *tlsAead {
+func deriveTrafficAEAD(version uint16, suite *cipherSuite, secret, phase []byte, side trafficDirection) interface{} {
+	// We may have forcibly selected a non-AEAD cipher from the
+	// EnableAllCiphers bug. Use the NULL cipher to avoid crashing the test.
+	if suite.aead == nil {
+		return nil
+	}
+
 	label := make([]byte, 0, len(phase)+2+16)
 	label = append(label, phase...)
 	if side == clientWrite {
commit	c78aa4a351e4eeaefffd9feb7adb99dfef2a9400	[log] [tgz]
author	David Benjamin <davidben@google.com>	Wed Jul 13 16:55:34 2016 -0400
committer	David Benjamin <davidben@google.com>	Wed Jul 13 21:24:05 2016 +0000
tree	fe44cbbd03139abcb051551792c2e766b8633693
parent	9deb117409ae1d9ec2eace4d508e07121a3ebf48 [diff]