From: Marten Seemann <martenseemann@gmail.com>
Date: Fri, 17 Aug 2018 11:03:55 +0000 (+0700)
Subject: crypto/tls: fix ServerHello SCT test
X-Git-Tag: go1.12beta1~851
X-Git-Url: http://www.git.cypherpunks.su/?a=commitdiff_plain;h=465d1c61685db9e249d77db7d4ceca578f400b27;p=gostls13.git

crypto/tls: fix ServerHello SCT test

According to https://tools.ietf.org/html/rfc6962#section-3.3, the SCT
must be at least one byte long. The parsing code correctly checks for
this condition, but rarely the test does generate an empty SCT.

Change-Id: If36a34985b4470a5a9f96affc159195c04f6bfad
Reviewed-on: https://go-review.googlesource.com/c/129755
Reviewed-by: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
---

diff --git a/src/crypto/tls/handshake_messages_test.go b/src/crypto/tls/handshake_messages_test.go
index 37eb748eea..4a4a466768 100644
--- a/src/crypto/tls/handshake_messages_test.go
+++ b/src/crypto/tls/handshake_messages_test.go
@@ -188,7 +188,7 @@ func (*serverHelloMsg) Generate(rand *rand.Rand, size int) reflect.Value {
 		numSCTs := rand.Intn(4)
 		m.scts = make([][]byte, numSCTs)
 		for i := range m.scts {
-			m.scts[i] = randomBytes(rand.Intn(500), rand)
+			m.scts[i] = randomBytes(rand.Intn(500)+1, rand)
 		}
 	}