integrity.sh revision 261320 
117651Speter#	$OpenBSD: integrity.sh,v 1.12 2013/11/21 03:18:51 djm Exp $
2205194Sdelphij#	Placed in the Public Domain.
3131377Stjr
417651Spetertid="integrity"
517651Speter
633904Ssteve# start at byte 2900 (i.e. after kex) and corrupt at different offsets
717651Speter# XXX the test hangs if we modify the low bytes of the packet length
8131377Stjr# XXX and ssh tries to read...
9131377Stjrtries=10
1017651Speterstartoffset=2900
1117651Spetermacs=`${SSH} -Q mac`
1217651Speter# The following are not MACs, but ciphers with integrated integrity. They are
1317651Speter# handled specially below.
14205194Sdelphijmacs="$macs `${SSH} -Q cipher-auth`"
15205194Sdelphij
1617651Speter# avoid DH group exchange as the extra traffic makes it harder to get the
17205194Sdelphij# offset into the stream right.
18205194Sdelphijecho "KexAlgorithms diffie-hellman-group14-sha1,diffie-hellman-group1-sha1" \
19205194Sdelphij	>> $OBJ/ssh_proxy
20205194Sdelphij
21205194Sdelphij# sshd-command for proxy (see test-exec.sh)
22205194Sdelphijcmd="$SUDO sh ${SRC}/sshd-log-wrapper.sh ${SSHD} ${TEST_SSHD_LOGFILE} -i -f $OBJ/sshd_proxy"
23205194Sdelphij
24205194Sdelphijfor m in $macs; do
25205194Sdelphij	trace "test $tid: mac $m"
26205194Sdelphij	elen=0
27205194Sdelphij	epad=0
28205194Sdelphij	emac=0
29205194Sdelphij	ecnt=0
30205194Sdelphij	skip=0
31205194Sdelphij	for off in `jot $tries $startoffset`; do
32205194Sdelphij		skip=`expr $skip - 1`
33205194Sdelphij		if [ $skip -gt 0 ]; then
34205194Sdelphij			# avoid modifying the high bytes of the length
35205194Sdelphij			continue
36145474Skientzle		fi
37205194Sdelphij		# modify output from sshd at offset $off
38205194Sdelphij		pxy="proxycommand=$cmd | $OBJ/modpipe -wm xor:$off:1"
39145474Skientzle		if ssh -Q cipher-auth | grep "^${m}\$" >/dev/null 2>&1 ; then
40145474Skientzle			macopt="-c $m"
41205194Sdelphij		else
42145474Skientzle			macopt="-m $m -c aes128-ctr"
43145474Skientzle		fi
44205194Sdelphij		verbose "test $tid: $m @$off"
45205194Sdelphij		${SSH} $macopt -2F $OBJ/ssh_proxy -o "$pxy" \
46205194Sdelphij		    -oServerAliveInterval=1 -oServerAliveCountMax=30 \
47205194Sdelphij		    999.999.999.999 'printf "%4096s" " "' >/dev/null
48205194Sdelphij		if [ $? -eq 0 ]; then
49205194Sdelphij			fail "ssh -m $m succeeds with bit-flip at $off"
50205194Sdelphij		fi
51205194Sdelphij		ecnt=`expr $ecnt + 1`
52205194Sdelphij		output=$(tail -2 $TEST_SSH_LOGFILE | egrep -v "^debug" | \
53205194Sdelphij		     tr -s '\r\n' '.')
54205194Sdelphij		case "$output" in
55205194Sdelphij		Bad?packet*)	elen=`expr $elen + 1`; skip=3;;
56205194Sdelphij		Corrupted?MAC* | Decryption?integrity?check?failed*)
57205194Sdelphij				emac=`expr $emac + 1`; skip=0;;
58205194Sdelphij		padding*)	epad=`expr $epad + 1`; skip=0;;
59205194Sdelphij		*)		fail "unexpected error mac $m at $off";;
60205194Sdelphij		esac
61205194Sdelphij	done
62205194Sdelphij	verbose "test $tid: $ecnt errors: mac $emac padding $epad length $elen"
63205194Sdelphij	if [ $emac -eq 0 ]; then
64205194Sdelphij		fail "$m: no mac errors"
65205194Sdelphij	fi
66205194Sdelphij	expect=`expr $ecnt - $epad - $elen`
67205194Sdelphij	if [ $emac -ne $expect ]; then
68205194Sdelphij		fail "$m: expected $expect mac errors, got $emac"
69205194Sdelphij	fi
70205194Sdelphijdone
71205194Sdelphij