Change unsupported KEM identifier
To a definitely not real one. Otherwise tests fail if you do actually
support DHKEM(P-256, HKDF-SHA256).
Change-Id: Icb60458bba94e8df1954f154f5f6c9965543af45
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/67927
Reviewed-by: David Benjamin <davidben@google.com>
Commit-Queue: David Benjamin <davidben@google.com>
Commit-Queue: Roland Shoemaker <bracewell@google.com>
diff --git a/ssl/test/runner/runner.go b/ssl/test/runner/runner.go
index 6f2befd..45693d1 100644
--- a/ssl/test/runner/runner.go
+++ b/ssl/test/runner/runner.go
@@ -18002,10 +18002,9 @@
// Test that the client iterates over configurations in the
// ECHConfigList and selects the first with supported parameters.
- p256Key := ecdsaP256Certificate.PrivateKey.(*ecdsa.PrivateKey)
unsupportedKEM := generateServerECHConfig(&ECHConfig{
- KEM: hpke.P256WithHKDFSHA256,
- PublicKey: elliptic.Marshal(elliptic.P256(), p256Key.X, p256Key.Y),
+ KEM: 0x6666,
+ PublicKey: []byte{1, 2, 3, 4},
}).ECHConfig
unsupportedCipherSuites := generateServerECHConfig(&ECHConfig{
CipherSuites: []HPKECipherSuite{{0x1111, 0x2222}},