Add tests for OCSP stapling and SCT lists.

We forgot to add those when we implemented the features. (Also relevant because
they will provide test coverage later for configuring features when using the
generic method tables rather than *_client_method.)

Change-Id: Ie08b27de893095e01a05a7084775676616459807
Reviewed-on: https://boringssl-review.googlesource.com/2410
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/ssl/test/runner/runner.go b/ssl/test/runner/runner.go
index 1ee6362..697437b 100644
--- a/ssl/test/runner/runner.go
+++ b/ssl/test/runner/runner.go
@@ -45,17 +45,24 @@
 var channelIDKey *ecdsa.PrivateKey
 var channelIDBytes []byte
 
+var testOCSPResponse = []byte{1, 2, 3, 4}
+var testSCTList = []byte{5, 6, 7, 8}
+
 func initCertificates() {
 	var err error
 	rsaCertificate, err = LoadX509KeyPair(rsaCertificateFile, rsaKeyFile)
 	if err != nil {
 		panic(err)
 	}
+	rsaCertificate.OCSPStaple = testOCSPResponse
+	rsaCertificate.SignedCertificateTimestampList = testSCTList
 
 	ecdsaCertificate, err = LoadX509KeyPair(ecdsaCertificateFile, ecdsaKeyFile)
 	if err != nil {
 		panic(err)
 	}
+	ecdsaCertificate.OCSPStaple = testOCSPResponse
+	ecdsaCertificate.SignedCertificateTimestampList = testSCTList
 
 	channelIDPEMBlock, err := ioutil.ReadFile(channelIDKeyFile)
 	if err != nil {
@@ -1878,6 +1885,23 @@
 		shouldFail:    true,
 		expectedError: ":BAD_SRTP_PROTECTION_PROFILE_LIST:",
 	})
+	// Test OCSP stapling and SCT list.
+	testCases = append(testCases, testCase{
+		name: "OCSPStapling",
+		flags: []string{
+			"-enable-ocsp-stapling",
+			"-expect-ocsp-response",
+			base64.StdEncoding.EncodeToString(testOCSPResponse),
+		},
+	})
+	testCases = append(testCases, testCase{
+		name: "SignedCertificateTimestampList",
+		flags: []string{
+			"-enable-signed-cert-timestamps",
+			"-expect-signed-cert-timestamps",
+			base64.StdEncoding.EncodeToString(testSCTList),
+		},
+	})
 }
 
 func addResumptionVersionTests() {