1 files changed, 74 insertions, 0 deletions
diff --git a/regress/integrity.sh b/regress/integrity.sh
new file mode 100644
index 000000000..4d46926d5
--- /dev/null
+++ b/regress/integrity.sh
@@ -0,0 +1,74 @@
+#       $OpenBSD: integrity.sh,v 1.7 2013/02/20 08:27:50 djm Exp $
+#       Placed in the Public Domain.
+tid="integrity"
+# start at byte 2900 (i.e. after kex) and corrupt at different offsets
+# XXX the test hangs if we modify the low bytes of the packet length
+# XXX and ssh tries to read...
+tries=10
+startoffset=2900
+macs="hmac-sha1 hmac-md5 umac-64@openssh.com umac-128@openssh.com
+        hmac-sha1-96 hmac-md5-96 
+        hmac-sha1-etm@openssh.com hmac-md5-etm@openssh.com
+        umac-64-etm@openssh.com umac-128-etm@openssh.com
+        hmac-sha1-96-etm@openssh.com hmac-md5-96-etm@openssh.com"
+config_defined HAVE_EVP_SHA256 &&
+        macs="$macs hmac-sha2-256 hmac-sha2-512
+                hmac-sha2-256-etm@openssh.com hmac-sha2-512-etm@openssh.com"
+# The following are not MACs, but ciphers with integrated integrity. They are
+# handled specially below.
+config_defined OPENSSL_HAVE_EVPGCM && \
+        macs="$macs aes128-gcm@openssh.com aes256-gcm@openssh.com"
+# sshd-command for proxy (see test-exec.sh)
+cmd="$SUDO sh ${SRC}/sshd-log-wrapper.sh ${SSHD} ${TEST_SSH_LOGFILE} -i -f $OBJ/sshd_proxy"
+jot() {
+        awk "BEGIN { for (i = $2; i < $2 + $1; i++) { printf \"%d\n\", i } exit }"
+}
+for m in $macs; do
+        trace "test $tid: mac $m"
+        elen=0
+        epad=0
+        emac=0
+        ecnt=0
+        skip=0
+        for off in `jot $tries $startoffset`; do
+                skip=`expr $skip - 1`
+                if [ $skip -gt 0 ]; then
+                        # avoid modifying the high bytes of the length
+                        continue
+                fi
+                # modify output from sshd at offset $off
+                pxy="proxycommand=$cmd | $OBJ/modpipe -wm xor:$off:1"
+                case $m in
+                        aes*gcm*)       macopt="-c $m";;
+                        *)              macopt="-m $m";;
+                esac
+                output=`${SSH} $macopt -2F $OBJ/ssh_proxy -o "$pxy" \
+                    999.999.999.999 'printf "%4096s" " "' 2>&1`
+                if [ $? -eq 0 ]; then
+                        fail "ssh -m $m succeeds with bit-flip at $off"
+                fi
+                ecnt=`expr $ecnt + 1`
+                output=`echo $output | tr -s '\r\n' '.'`
+                verbose "test $tid: $m @$off $output"
+                case "$output" in
+                Bad?packet*)    elen=`expr $elen + 1`; skip=3;;
+                Corrupted?MAC* | Decryption?integrity?check?failed*)
+                                emac=`expr $emac + 1`; skip=0;;
+                padding*)       epad=`expr $epad + 1`; skip=0;;
+                *)              fail "unexpected error mac $m at $off";;
+                esac
+        done
+        verbose "test $tid: $ecnt errors: mac $emac padding $epad length $elen"
+        if [ $emac -eq 0 ]; then
+                fail "$m: no mac errors"
+        fi
+        expect=`expr $ecnt - $epad - $elen`
+        if [ $emac -ne $expect ]; then
+                fail "$m: expected $expect mac errors, got $emac"
+        fi
+done

diff --git a/regress/integrity.sh b/regress/integrity.sh new file mode 100644 index 000000000..4d46926d5 --- /dev/null +++ b/regress/integrity.sh
@@ -0,0 +1,74 @@
	1	# $OpenBSD: integrity.sh,v 1.7 2013/02/20 08:27:50 djm Exp $
	2	# Placed in the Public Domain.
	3
	4	tid="integrity"
	5
	6	# start at byte 2900 (i.e. after kex) and corrupt at different offsets
	7	# XXX the test hangs if we modify the low bytes of the packet length
	8	# XXX and ssh tries to read...
	9	tries=10
	10	startoffset=2900
	11	macs="hmac-sha1 hmac-md5 umac-64@openssh.com umac-128@openssh.com
	12	hmac-sha1-96 hmac-md5-96
	13	hmac-sha1-etm@openssh.com hmac-md5-etm@openssh.com
	14	umac-64-etm@openssh.com umac-128-etm@openssh.com
	15	hmac-sha1-96-etm@openssh.com hmac-md5-96-etm@openssh.com"
	16	config_defined HAVE_EVP_SHA256 &&
	17	macs="$macs hmac-sha2-256 hmac-sha2-512
	18	hmac-sha2-256-etm@openssh.com hmac-sha2-512-etm@openssh.com"
	19	# The following are not MACs, but ciphers with integrated integrity. They are
	20	# handled specially below.
	21	config_defined OPENSSL_HAVE_EVPGCM && \
	22	macs="$macs aes128-gcm@openssh.com aes256-gcm@openssh.com"
	23
	24	# sshd-command for proxy (see test-exec.sh)
	25	cmd="$SUDO sh ${SRC}/sshd-log-wrapper.sh ${SSHD} ${TEST_SSH_LOGFILE} -i -f $OBJ/sshd_proxy"
	26
	27	jot() {
	28	awk "BEGIN { for (i = $2; i < $2 + $1; i++) { printf \"%d\n\", i } exit }"
	29	}
	30
	31	for m in $macs; do
	32	trace "test $tid: mac $m"
	33	elen=0
	34	epad=0
	35	emac=0
	36	ecnt=0
	37	skip=0
	38	for off in `jot $tries $startoffset`; do
	39	skip=`expr $skip - 1`
	40	if [ $skip -gt 0 ]; then
	41	# avoid modifying the high bytes of the length
	42	continue
	43	fi
	44	# modify output from sshd at offset $off
	45	pxy="proxycommand=$cmd \| $OBJ/modpipe -wm xor:$off:1"
	46	case $m in
	47	aesgcm) macopt="-c $m";;
	48	*) macopt="-m $m";;
	49	esac
	50	output=`${SSH} $macopt -2F $OBJ/ssh_proxy -o "$pxy" \
	51	999.999.999.999 'printf "%4096s" " "' 2>&1`
	52	if [ $? -eq 0 ]; then
	53	fail "ssh -m $m succeeds with bit-flip at $off"
	54	fi
	55	ecnt=`expr $ecnt + 1`
	56	output=`echo $output \| tr -s '\r\n' '.'`
	57	verbose "test $tid: $m @$off $output"
	58	case "$output" in
	59	Bad?packet*) elen=`expr $elen + 1`; skip=3;;
	60	Corrupted?MAC* \| Decryption?integrity?check?failed*)
	61	emac=`expr $emac + 1`; skip=0;;
	62	padding*) epad=`expr $epad + 1`; skip=0;;
	63	*) fail "unexpected error mac $m at $off";;
	64	esac
	65	done
	66	verbose "test $tid: $ecnt errors: mac $emac padding $epad length $elen"
	67	if [ $emac -eq 0 ]; then
	68	fail "$m: no mac errors"
	69	fi
	70	expect=`expr $ecnt - $epad - $elen`
	71	if [ $emac -ne $expect ]; then
	72	fail "$m: expected $expect mac errors, got $emac"
	73	fi
	74	done