Test that client curve preferences are enforced.

Change-Id: Idc8ac43bd59607641ac2ad0b7179b2f942c0b0ce Reviewed-on: https://boringssl-review.googlesource.com/4403 Reviewed-by: Adam Langley <agl@google.com>
2015-04-20 11:13:01 -04:00 · 2015-04-20 11:13:01 -04:00 · c574f4114d
commit c574f4114d
parent 4b0afdd220
4 changed files with 24 additions and 0 deletions
--- a/ssl/test/runner/common.go
+++ b/ssl/test/runner/common.go
@ -97,6 +97,7 @@ const (
 type CurveID uint16

 const (
+	CurveP224 CurveID = 21
 	CurveP256 CurveID = 23
 	CurveP384 CurveID = 24
 	CurveP521 CurveID = 25
@ -687,6 +688,10 @@ type ProtocolBugs struct {
 	// signature algorithm preferences to be ignored.
 	IgnorePeerSignatureAlgorithmPreferences bool

+	// IgnorePeerCurvePreferences, if true, causes the peer's curve
+	// preferences to be ignored.
+	IgnorePeerCurvePreferences bool
+
 	// SendWarningAlerts, if non-zero, causes every record to be prefaced by
 	// a warning alert.
 	SendWarningAlerts alert
--- a/ssl/test/runner/handshake_server.go
+++ b/ssl/test/runner/handshake_server.go
@ -215,6 +215,9 @@ func (hs *serverHandshakeState) readClientHello() (isResume bool, err error) {

 	supportedCurve := false
 	preferredCurves := config.curvePreferences()
+	if config.Bugs.IgnorePeerCurvePreferences {
+		hs.clientHello.supportedCurves = preferredCurves
+	}
 Curves:
 	for _, curve := range hs.clientHello.supportedCurves {
 		for _, supported := range preferredCurves {
--- a/ssl/test/runner/key_agreement.go
+++ b/ssl/test/runner/key_agreement.go
@ -234,6 +234,8 @@ func pickTLS12HashForSignature(sigType uint8, clientList, serverList []signature

 func curveForCurveID(id CurveID) (elliptic.Curve, bool) {
 	switch id {
+	case CurveP224:
+		return elliptic.P224(), true
 	case CurveP256:
 		return elliptic.P256(), true
 	case CurveP384:
--- a/ssl/test/runner/runner.go
+++ b/ssl/test/runner/runner.go
@ -914,6 +914,20 @@ var testCases = []testCase{
 		shouldFail:    true,
 		expectedError: ":WRONG_CIPHER_RETURNED:",
 	},
+	{
+		name: "UnsupportedCurve",
+		config: Config{
+			CipherSuites: []uint16{TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256},
+			// BoringSSL implements P-224 but doesn't enable it by
+			// default.
+			CurvePreferences: []CurveID{CurveP224},
+			Bugs: ProtocolBugs{
+				IgnorePeerCurvePreferences: true,
+			},
+		},
+		shouldFail:    true,
+		expectedError: ":WRONG_CURVE:",
+	},
 	{
 		name: "SendWarningAlerts",
 		config: Config{