test-change: remove ec-point-formats from test vectors

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.foundation>
MergeDate: Tue Mar 17 11:54:06 2026
(Merged from https://github.com/openssl/openssl/pull/30416)

(cherry picked from commit 0083444eb9464de1be9f0cb77ba778c15a3785e7)

diff --git a/test/ech_corrupt_test.c b/test/ech_corrupt_test.c
index 27537a39d4b45a6c1777bd50b9050e5046869223..ee1edeff5b69dfd7c5172fbe3c3e329f2e0de696 100644 (file)
--- a/test/ech_corrupt_test.c
+++ b/test/ech_corrupt_test.c
@@ -138,7 +138,7 @@ static const unsigned char entire_encoded_inner[] = {
     0x04, 0xd2, 0xdb, 0xe2, 0x89, 0x33, 0x36, 0x15,
     0x96, 0xc9, 0x00, 0x00, 0x08, 0x13, 0x02, 0x13,
     0x03, 0x13, 0x01, 0x00, 0xff, 0x01, 0x00, 0x00,
-    0x34, 0xfd, 0x00, 0x00, 0x13, 0x12, 0x00, 0x0b,
+    0x32, 0xfd, 0x00, 0x00, 0x11, 0x10,
     0x00, 0x0a, 0x00, 0x23, 0x00, 0x16, 0x00, 0x17,
     0x00, 0x0d, 0x00, 0x2b, 0x00, 0x2d, 0x00, 0x33,
     0x00, 0x00, 0x00, 0x14, 0x00, 0x12, 0x00, 0x00,
@@ -147,7 +147,8 @@ static const unsigned char entire_encoded_inner[] = {
     0xfe, 0x0d, 0x00, 0x01, 0x01, 0x00, 0x00, 0x00,
     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0x00, 0x00
 };
 
 /* a full padded, encoded inner client hello with no extensions */
@@ -178,13 +179,13 @@ static const unsigned char outer_short_encoded_inner[] = {
     0x04, 0xd2, 0xdb, 0xe2, 0x89, 0x33, 0x36, 0x15,
     0x96, 0xc9, 0x00, 0x00, 0x08, 0x13, 0x02, 0x13,
     0x03, 0x13, 0x01, 0x00, 0xff, 0x01, 0x00, 0x00,
-    0x34, 0xfd, 0x00, 0x00, 0x13, 0x12, 0x00, 0x0b,
+    0x32, 0xfd, 0x00, 0x00, 0x11, 0x10,
     0x00, 0x0a, 0x00, 0x23, 0x00, 0x16, 0x00, 0x17,
     0x00, 0x0d, 0x00, 0x2b, 0x00, 0x2d, 0x00, 0x33,
     0x00, 0x00, 0x00, 0x14, 0x00, 0x12, 0x00, 0x00,
     0x0f, 0x66, 0x6f, 0x6f, 0x2e, 0x65, 0x78, 0x61,
     0x6d, 0x70, 0x6c, 0x65, 0x2e, 0x63, 0x6f, 0x6d,
-    0xfe, 0x0d, 0x00, 0x01, 0x01
+    0xfe, 0x0d, 0x00, 0x01, 0x01, 0x00, 0x00
 };
 
 /* inner prefix up as far as outer_exts */
@@ -195,7 +196,7 @@ static const unsigned char encoded_inner_pre[] = {
     0x04, 0xd2, 0xdb, 0xe2, 0x89, 0x33, 0x36, 0x15,
     0x96, 0xc9, 0x00, 0x00, 0x08, 0x13, 0x02, 0x13,
     0x03, 0x13, 0x01, 0x00, 0xff, 0x01, 0x00, 0x00,
-    0x34
+    0x32
 };
 
 /* inner prefix with mad length of suites (0xDDDD) */
@@ -206,54 +207,54 @@ static const unsigned char badsuites_inner_pre[] = {
     0x04, 0xd2, 0xdb, 0xe2, 0x89, 0x33, 0x36, 0x15,
     0x96, 0xc9, 0x00, 0xDD, 0xDD, 0x13, 0x02, 0x13,
     0x03, 0x13, 0x01, 0x00, 0xff, 0x01, 0x00, 0x00,
-    0x34
+    0x32
 };
 
 /* outer extensions - we play with variations of this */
 static const unsigned char encoded_inner_outers[] = {
-    0xfd, 0x00, 0x00, 0x13, 0x12, 0x00, 0x0b,
+    0xfd, 0x00, 0x00, 0x11, 0x10,
     0x00, 0x0a, 0x00, 0x23, 0x00, 0x16, 0x00, 0x17,
     0x00, 0x0d, 0x00, 0x2b, 0x00, 0x2d, 0x00, 0x33
 };
 
-/* outers with repetition of one extension (0x0B) */
+/* outers with repetition of one extension (0x23) */
 static const unsigned char borked_outer1[] = {
-    0xfd, 0x00, 0x00, 0x13, 0x12, 0x00, 0x0b,
-    0x00, 0x0B, 0x00, 0x23, 0x00, 0x16, 0x00, 0x17,
+    0xfd, 0x00, 0x00, 0x11, 0x10,
+    0x00, 0x23, 0x00, 0x23, 0x00, 0x16, 0x00, 0x17,
     0x00, 0x0d, 0x00, 0x2b, 0x00, 0x2d, 0x00, 0x33
 };
 
 /* outers including a non-used extension (0xFFAB) */
 static const unsigned char borked_outer2[] = {
-    0xfd, 0x00, 0x00, 0x13, 0x12, 0x00, 0x0b,
+    0xfd, 0x00, 0x00, 0x11, 0x10,
     0x00, 0x0a, 0x00, 0x23, 0x00, 0x16, 0x00, 0x17,
     0xFF, 0xAB, 0x00, 0x2b, 0x00, 0x2d, 0x00, 0x33
 };
 
 /* refer to SNI in outers! 2nd-last is 0x0000 */
 static const unsigned char borked_outer3[] = {
-    0xfd, 0x00, 0x00, 0x13, 0x12, 0x00, 0x0b,
+    0xfd, 0x00, 0x00, 0x11, 0x10,
     0x00, 0x0a, 0x00, 0x23, 0x00, 0x16, 0x00, 0x17,
     0x00, 0x0d, 0x00, 0x2b, 0x00, 0x00, 0x00, 0x33
 };
 
 /* refer to ECH (0xfe0d) within outers */
 static const unsigned char borked_outer4[] = {
-    0xfd, 0x00, 0x00, 0x13, 0x12, 0x00, 0x0b,
+    0xfd, 0x00, 0x00, 0x11, 0x10,
     0x00, 0x0a, 0x00, 0x23, 0x00, 0x16, 0x00, 0x17,
     0xFE, 0x0D, 0x00, 0x2b, 0x00, 0x2d, 0x00, 0x33
 };
 
 /* refer to outers (0xfd00) within outers */
 static const unsigned char borked_outer5[] = {
-    0xfd, 0x00, 0x00, 0x13, 0x12, 0x00, 0x0b,
+    0xfd, 0x00, 0x00, 0x11, 0x10,
     0x00, 0x0a, 0x00, 0x23, 0x00, 0x16, 0x00, 0x17,
     0xFD, 0x00, 0x00, 0x2b, 0x00, 0x2d, 0x00, 0x33
 };
 
 /* no outers at all! include unknown ext 0xFF99 instead */
 static const unsigned char borked_outer6[] = {
-    0xFF, 0x99, 0x00, 0x13, 0x12, 0x00, 0x0b,
+    0xFF, 0x99, 0x00, 0x11, 0x10,
     0x00, 0x0a, 0x00, 0x23, 0x00, 0x16, 0x00, 0x17,
     0x00, 0x0d, 0x00, 0x2b, 0x00, 0x2d, 0x00, 0x33
 };
@@ -264,42 +265,42 @@ static const unsigned char borked_outer6[] = {
  * to ensure overall decode succeeds
  */
 static const unsigned char borked_outer7[] = {
-    0xfd, 0x00, 0x00, 0x0E, 0x12, 0x00, 0x0b,
+    0xfd, 0x00, 0x00, 0x0E, 0x10,
     0x00, 0x0a, 0x00, 0x23, 0x00, 0x16, 0x00, 0x17,
     0x00, 0x0d, 0x00, 0xFF, 0xFF, 0x00, 0x01, 0x00
 };
 
 /* outer with bad inner length (odd number of octets)  */
 static const unsigned char borked_outer8[] = {
-    0xfd, 0x00, 0x00, 0x13, 0x11, 0x00, 0x0b,
+    0xfd, 0x00, 0x00, 0x11, 0x11,
     0x00, 0x0a, 0x00, 0x23, 0x00, 0x16, 0x00, 0x17,
     0x00, 0x0d, 0x00, 0x2b, 0x00, 0x2d, 0x00, 0x33
 };
 
-/* outer with HUGE length (0xFF13) */
+/* outer with HUGE length (0xFF11) */
 static const unsigned char borked_outer9[] = {
-    0xfd, 0x00, 0xFF, 0x13, 0x12, 0x00, 0x0b,
+    0xfd, 0x00, 0xFF, 0x11, 0x10,
     0x00, 0x0a, 0x00, 0x23, 0x00, 0x16, 0x00, 0x17,
     0x00, 0x0d, 0x00, 0x2b, 0x00, 0x2d, 0x00, 0x33
 };
 
 /* outer with zero length, followed by bogus ext */
 static const unsigned char borked_outer10[] = {
-    0xfd, 0x00, 0x00, 0x00, 0xFF, 0xFF, 0x00,
-    0x0F, 0x0a, 0x00, 0x23, 0x00, 0x16, 0x00, 0x17,
+    0xfd, 0x00, 0x00, 0x00, 0xFF,
+    0x0F, 0x00, 0x0D, 0x23, 0x00, 0x16, 0x00, 0x17,
     0x00, 0x0d, 0x00, 0x2b, 0x00, 0x2d, 0x00, 0x33
 };
 
 /* refer to key-share 0x00 0x33 (51) twice within outers */
 static const unsigned char borked_outer11[] = {
-    0xfd, 0x00, 0x00, 0x13, 0x12, 0x00, 0x0b,
+    0xfd, 0x00, 0x00, 0x11, 0x10,
     0x00, 0x0a, 0x00, 0x23, 0x00, 0x16, 0x00, 0x17,
     0x00, 0x33, 0x00, 0x2b, 0x00, 0x2d, 0x00, 0x33
 };
 
 /* refer to psk kex mode (0x00 0x2D/45) within outers */
 static const unsigned char borked_outer12[] = {
-    0xfd, 0x00, 0x00, 0x13, 0x12, 0x00, 0x0b,
+    0xfd, 0x00, 0x00, 0x11, 0x10,
     0x00, 0x0a, 0x00, 0x23, 0x00, 0x16, 0x00, 0x17,
     0x00, 0x2D, 0x00, 0x2b, 0x00, 0x2d, 0x00, 0x33
 };
@@ -311,7 +312,8 @@ static const unsigned char encoded_inner_post[] = {
     0xfe, 0x0d, 0x00, 0x01, 0x01, 0x00, 0x00, 0x00,
     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0x00, 0x00
 };
 
 /* muck up the padding by including non-zero stuff */
@@ -322,7 +324,8 @@ static const unsigned char bad_pad_encoded_inner_post[] = {
     0xfe, 0x0d, 0x00, 0x01, 0x01, 0x00, 0x00, 0x00,
     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
     0xFF, 0xFF, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
+    0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+    0x00, 0x00
 };
 
 /* an encoded inner that's just too short */
@@ -360,8 +363,7 @@ static const unsigned char too_many_outers[] = {
     0xfd, 0x00, /* outers */
     0x00, 0x2b, /* len of outers */
     0x2a, /* above minus one (42) 21 outers */
-    0x00, 0x0b, /* the 9 'normal' outers */
-    0x00, 0x0a,
+    0x00, 0x0a, /* the 8 'normal' outers */
     0x00, 0x23,
     0x00, 0x16,
     0x00, 0x17,
@@ -369,6 +371,7 @@ static const unsigned char too_many_outers[] = {
     0x00, 0x2b,
     0x00, 0x2d,
     0x00, 0x33,
+    0x00, 0x0b, /* point encoding, not actually in outer */
     /* 12 more outers, set 'em all to ALPN (16, 0x10) */
     0x00, 0x10, 0x00, 0x10, 0x00, 0x10, 0x00, 0x10,
     0x00, 0x10, 0x00, 0x10, 0x00, 0x10, 0x00, 0x10,
@@ -394,7 +397,7 @@ static const unsigned char no_supported_exts[] = {
     0x04, 0xd2, 0xdb, 0xe2, 0x89, 0x33, 0x36, 0x15,
     0x96, 0xc9, 0x00, 0x00, 0x08, 0x13, 0x02, 0x13,
     0x03, 0x13, 0x01, 0x00, 0xff, 0x01, 0x00, 0x00,
-    0x32, 0xfd, 0x00, 0x00, 0x11, 0x10, 0x00, 0x0b,
+    0x30, 0xfd, 0x00, 0x00, 0x0f, 0x0e,
     0x00, 0x0a, 0x00, 0x23, 0x00, 0x16, 0x00, 0x17,
     0x00, 0x0d, 0x00, 0x2d, 0x00, 0x33,
     0x00, 0x00, 0x00, 0x14, 0x00, 0x12, 0x00, 0x00,
@@ -404,7 +407,7 @@ static const unsigned char no_supported_exts[] = {
     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-    0x00, 0x00
+    0x00, 0x00, 0x00, 0x00
 };
 
 static const unsigned char tlsv12_inner[] = {
@@ -419,10 +422,9 @@ static const unsigned char tlsv12_inner[] = {
     0x01, 0x00, /* no compression */
     0x00, 0x32, /* extslen */
     0xfd, 0x00, /* outers */
-    0x00, 0x11, /* len of outers */
-    0x10, /* above minus one (16) 8 outers */
-    0x00, 0x0b, /* the 'normal' outers, minus supported_versions */
-    0x00, 0x0a,
+    0x00, 0x10, /* len of outers */
+    0x0e, /* above minus one (16) 8 outers */
+    0x00, 0x0a, /* the 'normal' outers, minus supported_versions */
     0x00, 0x23,
     0x00, 0x16,
     0x00, 0x17,
@@ -434,7 +436,7 @@ static const unsigned char tlsv12_inner[] = {
     0x0f, 0x66, 0x6f, 0x6f, 0x2e, 0x65, 0x78, 0x61,
     0x6d, 0x70, 0x6c, 0x65, 0x2e, 0x63, 0x6f, 0x6d,
     0xfe, 0x0d, 0x00, 0x01, 0x01,
-    0x00, 0x00, 0x00,
+    0x00, 0x00, 0x00, 0x00, 0x00,
     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
@@ -450,17 +452,20 @@ static TEST_ECHINNER test_inners[] = {
     { NULL, 0,
         outer_short_encoded_inner, sizeof(outer_short_encoded_inner),
         NULL, 0,
-        0, /* expected result */ SSL_R_BAD_EXTENSION },
+        0, /* expected result */
+        SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC },
     /* 3. otherwise-correct case that fails only due to client random */
     { NULL, 0,
         entire_encoded_inner, sizeof(entire_encoded_inner),
         NULL, 0,
-        0, /* expected result */ SSL_R_BAD_EXTENSION },
+        0, /* expected result */
+        SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC },
     /* 4. otherwise-correct case that fails only due to client random */
     { encoded_inner_pre, sizeof(encoded_inner_pre),
         encoded_inner_outers, sizeof(encoded_inner_outers),
         encoded_inner_post, sizeof(encoded_inner_post),
-        0, /* expected result */ SSL_R_BAD_EXTENSION },
+        0, /* expected result */
+        SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC },
     /* 5. fails HPKE decryption due to bad padding so treated as GREASE */
     { encoded_inner_pre, sizeof(encoded_inner_pre),
         encoded_inner_outers, sizeof(encoded_inner_outers),
@@ -594,7 +599,7 @@ static TEST_ECHINNER test_inners[] = {
     { NULL, 0,
         no_supported_exts, sizeof(no_supported_exts),
         NULL, 0,
-        0, /* expected result */ SSL_R_BAD_EXTENSION },
+        0, /* expected result */ SSL_R_UNSUPPORTED_PROTOCOL },
     /*
      * 23. no supported_versions hence TLSv1.2, with server set to
      * allow max tlsv1.2
@@ -611,13 +616,12 @@ static TEST_ECHINNER test_inners[] = {
     { NULL, 0,
         no_supported_exts, sizeof(no_supported_exts),
         NULL, 0,
-        0, /* expected result */ SSL_R_BAD_EXTENSION },
+        0, /* expected result */ SSL_R_UNSUPPORTED_PROTOCOL },
     /* 25. smuggled TLSv1.2 CH */
     { NULL, 0,
         tlsv12_inner, sizeof(tlsv12_inner),
         NULL, 0,
         0, /* expected result */ SSL_R_BAD_EXTENSION },
-
 };
 
 /*