Chiebot-Mirror
/
boringssl
mirror of https://gitee.com/mirrors/boringssl.git
8
0
Fork 0
Code Issues Projects Releases Wiki Activity

runner: Reject all zero client and server randoms.

Browse Source 
If we ever forget to fill it in the randoms, they'll end up all zero.
Particularly at the ClientHello, that logic is getting increasingly far
away from ClientHello serialization, so add a test to make sure we
notice.

(This will flakily fail with probability 2^-256, which is reasonably
unlikely.)

Change-Id: I81f32fd96dbccf377cb92198a222b557ab66976b
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/47665
Reviewed-by: Adam Langley <agl@google.com>
chromium-5359
David Benjamin 4 years ago committed by Adam Langley
parent b778b9c1b3
commit aef0a88e51
3 changed files with 25 additions and 0 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 9
      ssl/test/runner/common.go
  2. 11
      ssl/test/runner/handshake_client.go
  3. 5
      ssl/test/runner/handshake_server.go

9
ssl/test/runner/common.go
Unescape View File

@ -2281,3 +2281,12 @@ func containsGREASE(values []uint16) bool {
}
return false
}
func isAllZero(v []byte) bool {
for _, b := range v {
if b != 0 {
return false
}
}
return true
}

11
ssl/test/runner/handshake_client.go
Unescape View File

@ -353,6 +353,11 @@ func (c *Conn) clientHandshake() error {
c.sendAlert(alertUnexpectedMessage)
return unexpectedMessageError(hs.serverHello, msg)
}
if isAllZero(hs.serverHello.random) {
// If the server forgets to fill in the server random, it will
// likely be all zero.
return errors.New("tls: ServerHello random was all zero")
}
hs.writeServerHash(hs.serverHello.marshal())
if c.config.Bugs.EarlyChangeCipherSpec > 0 {
@ -984,6 +989,12 @@ func (hs *clientHandshakeState) doTLS13Handshake(msg interface{}) error {
return unexpectedMessageError(hs.serverHello, msg)
}
if isAllZero(hs.serverHello.random) {
// If the server forgets to fill in the server random, it will
// likely be all zero.
return errors.New("tls: ServerHello random was all zero")
}
if c.wireVersion != hs.serverHello.vers {
c.sendAlert(alertIllegalParameter)
return fmt.Errorf("tls: server sent non-matching version %x vs %x", c.wireVersion, hs.serverHello.vers)

5
ssl/test/runner/handshake_server.go
Unescape View File

@ -167,6 +167,11 @@ func (hs *serverHandshakeState) readClientHello() error {
if size := config.Bugs.RequireClientHelloSize; size != 0 && len(hs.clientHello.raw) != size {
return fmt.Errorf("tls: ClientHello record size is %d, but expected %d", len(hs.clientHello.raw), size)
}
if isAllZero(hs.clientHello.random) {
// If the client forgets to fill in the client random, it will likely be
// all zero.
return errors.New("tls: ClientHello random was all zero")
}
if c.isDTLS && !config.Bugs.SkipHelloVerifyRequest {
// Per RFC 6347, the version field in HelloVerifyRequest SHOULD

Write Preview
Loading…
Cancel
Save