Fix the TLS fuzzers for ECH draft-13.
Replace the hardcoded ECH config, which wasn't updated for draft-13,
with a call to SSL_marshal_ech_config.
Bug: 275, oss-fuzz:38054
Change-Id: I10c12b22015c9c0cb90dd6185eb375153a2531f4
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/49445
Commit-Queue: David Benjamin <davidben@google.com>
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/ssl/test/fuzzer.h b/ssl/test/fuzzer.h
index 509cfdb..00b5e84 100644
--- a/ssl/test/fuzzer.h
+++ b/ssl/test/fuzzer.h
@@ -231,16 +231,6 @@
0x01, 'a', 0x02, 'a', 'a', 0x03, 'a', 'a', 'a',
};
-const uint8_t kECHConfig[] = {
- 0xfe, 0x0a, 0x00, 0x47, 0x2a, 0x00, 0x20, 0x00, 0x20, 0x6c, 0x55,
- 0x96, 0x41, 0x3d, 0x12, 0x4e, 0x63, 0x3d, 0x39, 0x7a, 0xe9, 0xbc,
- 0xec, 0xb2, 0x55, 0xd0, 0xe6, 0xaa, 0xbd, 0xa9, 0x79, 0xb8, 0x86,
- 0x9a, 0x13, 0x61, 0xc6, 0x69, 0xac, 0xb4, 0x21, 0x00, 0x0c, 0x00,
- 0x01, 0x00, 0x01, 0x00, 0x01, 0x00, 0x02, 0x00, 0x01, 0x00, 0x03,
- 0x00, 0x10, 0x00, 0x0e, 0x70, 0x75, 0x62, 0x6c, 0x69, 0x63, 0x2e,
- 0x65, 0x78, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x00, 0x00,
-};
-
const uint8_t kECHKey[] = {
0x35, 0x6d, 0x45, 0x06, 0xb3, 0x88, 0x89, 0x2e, 0xd6, 0x87, 0x84,
0xd2, 0x2d, 0x6f, 0x83, 0x48, 0xad, 0xf2, 0xfd, 0x08, 0x51, 0x73,
@@ -458,11 +448,20 @@
if (role_ == kServer) {
bssl::UniquePtr<SSL_ECH_KEYS> keys(SSL_ECH_KEYS_new());
bssl::ScopedEVP_HPKE_KEY key;
+ uint8_t *ech_config;
+ size_t ech_config_len;
if (!keys ||
!EVP_HPKE_KEY_init(key.get(), EVP_hpke_x25519_hkdf_sha256(), kECHKey,
sizeof(kECHKey)) ||
- !SSL_ECH_KEYS_add(keys.get(), /*is_retry_config=*/true, kECHConfig,
- sizeof(kECHConfig), key.get()) ||
+ // Match |echConfig| in |addEncryptedClientHelloTests| from runner.go.
+ !SSL_marshal_ech_config(&ech_config, &ech_config_len,
+ /*config_id=*/42, key.get(), "public.example",
+ /*max_name_len=*/64)) {
+ return false;
+ }
+ bssl::UniquePtr<uint8_t> free_ech_config(ech_config);
+ if (!SSL_ECH_KEYS_add(keys.get(), /*is_retry_config=*/true, ech_config,
+ ech_config_len, key.get()) ||
!SSL_CTX_set1_ech_keys(ctx_.get(), keys.get())) {
return false;
}