integrity.sh revision 323136
1170263Sdarrenr# $OpenBSD: integrity.sh,v 1.20 2017/01/06 02:26:10 dtucker Exp $ 2255332Scy# Placed in the Public Domain. 3255332Scy 4255332Scytid="integrity" 5255332Scycp $OBJ/sshd_proxy $OBJ/sshd_proxy_bak 6255332Scy 7255332Scy# start at byte 2900 (i.e. after kex) and corrupt at different offsets 8145510Sdarrenrtries=10 9145510Sdarrenrstartoffset=2900 10145510Sdarrenrmacs=`${SSH} -Q mac` 11145510Sdarrenr# The following are not MACs, but ciphers with integrated integrity. They are 12170263Sdarrenr# handled specially below. 13170263Sdarrenrmacs="$macs `${SSH} -Q cipher-auth`" 14255332Scy 15255332Scy# avoid DH group exchange as the extra traffic makes it harder to get the 16145510Sdarrenr# offset into the stream right. 17145510Sdarrenrecho "KexAlgorithms diffie-hellman-group14-sha1,diffie-hellman-group1-sha1" \ 18145510Sdarrenr >> $OBJ/ssh_proxy 19145510Sdarrenr 20255332Scy# sshd-command for proxy (see test-exec.sh) 21145510Sdarrenrcmd="$SUDO sh ${SRC}/sshd-log-wrapper.sh ${TEST_SSHD_LOGFILE} ${SSHD} -i -f $OBJ/sshd_proxy" 22145510Sdarrenr 23145510Sdarrenrfor m in $macs; do 24255332Scy trace "test $tid: mac $m" 25255332Scy elen=0 26145510Sdarrenr epad=0 27255332Scy emac=0 28255332Scy etmo=0 29145510Sdarrenr ecnt=0 30255332Scy skip=0 31255332Scy for off in `jot $tries $startoffset`; do 32255332Scy skip=`expr $skip - 1` 33145510Sdarrenr if [ $skip -gt 0 ]; then 34255332Scy # avoid modifying the high bytes of the length 35145510Sdarrenr continue 36145510Sdarrenr fi 37145510Sdarrenr cp $OBJ/sshd_proxy_bak $OBJ/sshd_proxy 38145510Sdarrenr # modify output from sshd at offset $off 39145510Sdarrenr pxy="proxycommand=$cmd | $OBJ/modpipe -wm xor:$off:1" 40145510Sdarrenr if ${SSH} -Q cipher-auth | grep "^${m}\$" >/dev/null 2>&1 ; then 41145510Sdarrenr echo "Ciphers=$m" >> $OBJ/sshd_proxy 42145510Sdarrenr macopt="-c $m" 43255332Scy else 44255332Scy echo "Ciphers=aes128-ctr" >> $OBJ/sshd_proxy 45145510Sdarrenr echo "MACs=$m" >> $OBJ/sshd_proxy 46255332Scy macopt="-m $m -c aes128-ctr" 47145510Sdarrenr fi 48145510Sdarrenr verbose "test $tid: $m @$off" 49255332Scy ${SSH} $macopt -2F $OBJ/ssh_proxy -o "$pxy" \ 50145510Sdarrenr -oServerAliveInterval=1 -oServerAliveCountMax=30 \ 51145510Sdarrenr 999.999.999.999 'printf "%4096s" " "' >/dev/null 52145510Sdarrenr if [ $? -eq 0 ]; then 53255332Scy fail "ssh -m $m succeeds with bit-flip at $off" 54145510Sdarrenr fi 55145510Sdarrenr ecnt=`expr $ecnt + 1` 56145510Sdarrenr out=$(egrep -v "^debug" $TEST_SSH_LOGFILE | tail -2 | \ 57170263Sdarrenr tr -s '\r\n' '.') 58255332Scy case "$out" in 59255332Scy Bad?packet*) elen=`expr $elen + 1`; skip=3;; 60145510Sdarrenr Corrupted?MAC* | *message?authentication?code?incorrect*) 61145510Sdarrenr emac=`expr $emac + 1`; skip=0;; 62170263Sdarrenr padding*) epad=`expr $epad + 1`; skip=0;; 63145510Sdarrenr *) fail "unexpected error mac $m at $off: $out";; 64145510Sdarrenr esac 65170263Sdarrenr done 66255332Scy verbose "test $tid: $ecnt errors: mac $emac padding $epad length $elen" 67145510Sdarrenr if [ $emac -eq 0 ]; then 68145510Sdarrenr fail "$m: no mac errors" 69145510Sdarrenr fi 70145510Sdarrenr expect=`expr $ecnt - $epad - $elen` 71145510Sdarrenr if [ $emac -ne $expect ]; then 72145510Sdarrenr fail "$m: expected $expect mac errors, got $emac" 73145510Sdarrenr fi 74145510Sdarrenrdone 75255332Scy