diff options
author | David Benjamin <davidben@google.com> | 2016-09-22 01:21:24 -0400 |
---|---|---|
committer | CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org> | 2016-09-22 21:26:23 +0000 |
commit | fbc45d7228de54e227d61dcc60ee49ef0dfea4e8 (patch) | |
tree | 784e356d0597221e5872bc40d8bd28c5b3331a73 /FUZZING.md | |
parent | 1e663e8f396e26025309553459bc334e2d21fd0e (diff) | |
download | boringssl-fbc45d7228de54e227d61dcc60ee49ef0dfea4e8.zip boringssl-fbc45d7228de54e227d61dcc60ee49ef0dfea4e8.tar.gz boringssl-fbc45d7228de54e227d61dcc60ee49ef0dfea4e8.tar.bz2 |
No-op ticket encryption in fuzzer mode.
This allows the fuzzer to discover server-side resumption paths by
simply supplying what we'd like the ticket to decrypt to in the clear.
We also have a natural way to get transcripts out of runner. We record
the runner-side transcripts, so all resumption handshakes will replay
the shim-created unencrypted tickets.
BUG=104
Change-Id: Icf9cbf4af520077d38e2c8c2766b6f8bfa3c9ab5
Reviewed-on: https://boringssl-review.googlesource.com/11224
Commit-Queue: David Benjamin <davidben@google.com>
Commit-Queue: Adam Langley <agl@google.com>
Reviewed-by: Adam Langley <agl@google.com>
CQ-Verified: CQ bot account: commit-bot@chromium.org <commit-bot@chromium.org>
Diffstat (limited to 'FUZZING.md')
-rw-r--r-- | FUZZING.md | 2 |
1 files changed, 2 insertions, 0 deletions
@@ -62,6 +62,8 @@ When `-DFUZZ=1` is passed into CMake, BoringSSL builds with `BORINGSSL_UNSAFE_FU * Use a hard-coded time instead of the actual time. +* Tickets are unencrypted and the MAC check is performed but ignored. + This is to prevent the fuzzer from getting stuck at a cryptographic invariant in the protocol. ## TLS transcripts |