diff options
author | Kenny Root <kroot@google.com> | 2015-07-24 21:02:57 +0000 |
---|---|---|
committer | Android Git Automerger <android-git-automerger@android.com> | 2015-07-24 21:02:57 +0000 |
commit | 3b2c60656d36f47063e972b9aa2c11ef235253a6 (patch) | |
tree | 4d210b442e8e6742e9b0ff9dca4fc158c1a6a03e /src/ssl/ssl_test.cc | |
parent | ffd8e0a5b40ce124e6dce4cb7546a26680d33d16 (diff) | |
parent | 07f4f42347557420f105a72d9a93bc8ee88a3dc5 (diff) | |
download | external_boringssl-3b2c60656d36f47063e972b9aa2c11ef235253a6.zip external_boringssl-3b2c60656d36f47063e972b9aa2c11ef235253a6.tar.gz external_boringssl-3b2c60656d36f47063e972b9aa2c11ef235253a6.tar.bz2 |
am 07f4f423: Merge changes Icdc56a50,I63d5dc28,Ia7d0c5d8,I47406533
* commit '07f4f42347557420f105a72d9a93bc8ee88a3dc5':
Handle RDRAND failures.
dsa_pub_encode: Write out DSA parameters (p, q, g) in addition to key.
Fix for CVE-2015-1789.
Fixes for CVE-2015-1791.
Diffstat (limited to 'src/ssl/ssl_test.cc')
-rw-r--r-- | src/ssl/ssl_test.cc | 35 |
1 files changed, 28 insertions, 7 deletions
diff --git a/src/ssl/ssl_test.cc b/src/ssl/ssl_test.cc index 1c6e24a..9f2ddb9 100644 --- a/src/ssl/ssl_test.cc +++ b/src/ssl/ssl_test.cc @@ -359,6 +359,18 @@ static const char kBadSessionVersion[] = "q+Topyzvx9USFgRvyuoxn0Hgb+R0A3j6SLRuyOdAi4gv7Y5oliynrSIEIAYGBgYG" "BgYGBgYGBgYGBgYGBgYGBgYGBgYGBgYGBgYGrgMEAQevAwQBBLADBAEF"; +// kBadSessionTrailingData is a custom serialized SSL_SESSION with trailing data +// appended. +static const char kBadSessionTrailingData[] = + "MIIBdgIBAQICAwMEAsAvBCAG5Q1ndq4Yfmbeo1zwLkNRKmCXGdNgWvGT3cskV0yQ" + "kAQwJlrlzkAWBOWiLj/jJ76D7l+UXoizP2KI2C7I2FccqMmIfFmmkUy32nIJ0mZH" + "IWoJoQYCBFRDO46iBAICASykAwQBAqUDAgEUphAEDnd3dy5nb29nbGUuY29tqAcE" + "BXdvcmxkqQUCAwGJwKqBpwSBpBwUQvoeOk0Kg36SYTcLEkXqKwOBfF9vE4KX0Nxe" + "LwjcDTpsuh3qXEaZ992r1N38VDcyS6P7I6HBYN9BsNHM362zZnY27GpTw+Kwd751" + "CLoXFPoaMOe57dbBpXoro6Pd3BTbf/Tzr88K06yEOTDKPNj3+inbMaVigtK4PLyP" + "q+Topyzvx9USFgRvyuoxn0Hgb+R0A3j6SLRuyOdAi4gv7Y5oliynrSIEIAYGBgYG" + "BgYGBgYGBgYGBgYGBgYGBgYGBgYGBgYGBgYGrgMEAQevAwQBBLADBAEFAAAA"; + static bool DecodeBase64(std::vector<uint8_t> *out, const char *in) { size_t len; if (!EVP_DecodedLength(&len, strlen(in))) { @@ -387,10 +399,10 @@ static bool TestSSL_SESSIONEncoding(const char *input_b64) { } // Verify the SSL_SESSION decodes. - cptr = bssl::vector_data(&input); - ScopedSSL_SESSION session(d2i_SSL_SESSION(NULL, &cptr, input.size())); - if (!session || cptr != bssl::vector_data(&input) + input.size()) { - fprintf(stderr, "d2i_SSL_SESSION failed\n"); + ScopedSSL_SESSION session(SSL_SESSION_from_bytes(bssl::vector_data(&input), + input.size())); + if (!session) { + fprintf(stderr, "SSL_SESSION_from_bytes failed\n"); return false; } @@ -409,6 +421,14 @@ static bool TestSSL_SESSIONEncoding(const char *input_b64) { return false; } + // Verify the SSL_SESSION also decodes with the legacy API. + cptr = bssl::vector_data(&input); + session.reset(d2i_SSL_SESSION(NULL, &cptr, input.size())); + if (!session || cptr != bssl::vector_data(&input) + input.size()) { + fprintf(stderr, "d2i_SSL_SESSION failed\n"); + return false; + } + // Verify the SSL_SESSION encoding round-trips via the legacy API. int len = i2d_SSL_SESSION(session.get(), NULL); if (len < 0 || (size_t)len != input.size()) { @@ -447,10 +467,10 @@ static bool TestBadSSL_SESSIONEncoding(const char *input_b64) { } // Verify that the SSL_SESSION fails to decode. - const uint8_t *ptr = bssl::vector_data(&input); - ScopedSSL_SESSION session(d2i_SSL_SESSION(NULL, &ptr, input.size())); + ScopedSSL_SESSION session(SSL_SESSION_from_bytes(bssl::vector_data(&input), + input.size())); if (session) { - fprintf(stderr, "d2i_SSL_SESSION unexpectedly succeeded\n"); + fprintf(stderr, "SSL_SESSION_from_bytes unexpectedly succeeded\n"); return false; } ERR_clear_error(); @@ -537,6 +557,7 @@ int main(void) { !TestSSL_SESSIONEncoding(kCustomSession) || !TestBadSSL_SESSIONEncoding(kBadSessionExtraField) || !TestBadSSL_SESSIONEncoding(kBadSessionVersion) || + !TestBadSSL_SESSIONEncoding(kBadSessionTrailingData) || !TestDefaultVersion(0, &TLS_method) || !TestDefaultVersion(SSL3_VERSION, &SSLv3_method) || !TestDefaultVersion(TLS1_VERSION, &TLSv1_method) || |