Darren Tucker | a955041 | 2013-11-07 15:21:19 +1100 | [diff] [blame] | 1 | # $OpenBSD: integrity.sh,v 1.11 2013/11/07 02:48:38 dtucker Exp $ |
Damien Miller | 1fb593a | 2012-12-12 10:54:37 +1100 | [diff] [blame] | 2 | # Placed in the Public Domain. |
| 3 | |
| 4 | tid="integrity" |
| 5 | |
Damien Miller | 0dc3bc9 | 2013-02-19 09:28:32 +1100 | [diff] [blame] | 6 | # start at byte 2900 (i.e. after kex) and corrupt at different offsets |
Damien Miller | 1fb593a | 2012-12-12 10:54:37 +1100 | [diff] [blame] | 7 | # XXX the test hangs if we modify the low bytes of the packet length |
| 8 | # XXX and ssh tries to read... |
| 9 | tries=10 |
Damien Miller | 0dc3bc9 | 2013-02-19 09:28:32 +1100 | [diff] [blame] | 10 | startoffset=2900 |
Darren Tucker | a955041 | 2013-11-07 15:21:19 +1100 | [diff] [blame] | 11 | macs=`${SSH} -Q mac` |
Damien Miller | 846dc7f | 2013-01-12 22:46:26 +1100 | [diff] [blame] | 12 | # The following are not MACs, but ciphers with integrated integrity. They are |
| 13 | # handled specially below. |
Darren Tucker | a955041 | 2013-11-07 15:21:19 +1100 | [diff] [blame] | 14 | macs="$macs `${SSH} -Q cipher | grep gcm@openssh.com`" |
Damien Miller | 1fb593a | 2012-12-12 10:54:37 +1100 | [diff] [blame] | 15 | |
Darren Tucker | 91af05c | 2013-05-17 13:16:59 +1000 | [diff] [blame] | 16 | # avoid DH group exchange as the extra traffic makes it harder to get the |
| 17 | # offset into the stream right. |
| 18 | echo "KexAlgorithms diffie-hellman-group14-sha1,diffie-hellman-group1-sha1" \ |
| 19 | >> $OBJ/ssh_proxy |
| 20 | |
Damien Miller | 1fb593a | 2012-12-12 10:54:37 +1100 | [diff] [blame] | 21 | # sshd-command for proxy (see test-exec.sh) |
Darren Tucker | 7512902 | 2013-05-17 09:19:10 +1000 | [diff] [blame] | 22 | cmd="$SUDO sh ${SRC}/sshd-log-wrapper.sh ${SSHD} ${TEST_SSHD_LOGFILE} -i -f $OBJ/sshd_proxy" |
Damien Miller | 1fb593a | 2012-12-12 10:54:37 +1100 | [diff] [blame] | 23 | |
| 24 | for m in $macs; do |
| 25 | trace "test $tid: mac $m" |
| 26 | elen=0 |
| 27 | epad=0 |
| 28 | emac=0 |
| 29 | ecnt=0 |
| 30 | skip=0 |
Tim Rice | f9e2060 | 2013-02-26 20:27:29 -0800 | [diff] [blame] | 31 | for off in `jot $tries $startoffset`; do |
| 32 | skip=`expr $skip - 1` |
Damien Miller | 9fec296 | 2012-12-12 12:10:10 +1100 | [diff] [blame] | 33 | if [ $skip -gt 0 ]; then |
Damien Miller | 1fb593a | 2012-12-12 10:54:37 +1100 | [diff] [blame] | 34 | # avoid modifying the high bytes of the length |
| 35 | continue |
| 36 | fi |
| 37 | # modify output from sshd at offset $off |
Damien Miller | 1e657d5 | 2013-02-26 18:58:06 +1100 | [diff] [blame] | 38 | pxy="proxycommand=$cmd | $OBJ/modpipe -wm xor:$off:1" |
Damien Miller | 846dc7f | 2013-01-12 22:46:26 +1100 | [diff] [blame] | 39 | case $m in |
| 40 | aes*gcm*) macopt="-c $m";; |
| 41 | *) macopt="-m $m";; |
| 42 | esac |
Darren Tucker | 34035be | 2013-05-17 14:47:51 +1000 | [diff] [blame] | 43 | verbose "test $tid: $m @$off" |
Darren Tucker | dfea3bc | 2013-05-17 09:31:39 +1000 | [diff] [blame] | 44 | ${SSH} $macopt -2F $OBJ/ssh_proxy -o "$pxy" \ |
| 45 | 999.999.999.999 'printf "%4096s" " "' >/dev/null |
Damien Miller | 1fb593a | 2012-12-12 10:54:37 +1100 | [diff] [blame] | 46 | if [ $? -eq 0 ]; then |
| 47 | fail "ssh -m $m succeeds with bit-flip at $off" |
| 48 | fi |
Tim Rice | f9e2060 | 2013-02-26 20:27:29 -0800 | [diff] [blame] | 49 | ecnt=`expr $ecnt + 1` |
Darren Tucker | dfea3bc | 2013-05-17 09:31:39 +1000 | [diff] [blame] | 50 | output=$(tail -2 $TEST_SSH_LOGFILE | egrep -v "^debug" | \ |
| 51 | tr -s '\r\n' '.') |
Damien Miller | 1fb593a | 2012-12-12 10:54:37 +1100 | [diff] [blame] | 52 | case "$output" in |
Tim Rice | f9e2060 | 2013-02-26 20:27:29 -0800 | [diff] [blame] | 53 | Bad?packet*) elen=`expr $elen + 1`; skip=3;; |
Damien Miller | 846dc7f | 2013-01-12 22:46:26 +1100 | [diff] [blame] | 54 | Corrupted?MAC* | Decryption?integrity?check?failed*) |
Tim Rice | f9e2060 | 2013-02-26 20:27:29 -0800 | [diff] [blame] | 55 | emac=`expr $emac + 1`; skip=0;; |
| 56 | padding*) epad=`expr $epad + 1`; skip=0;; |
Damien Miller | 1fb593a | 2012-12-12 10:54:37 +1100 | [diff] [blame] | 57 | *) fail "unexpected error mac $m at $off";; |
| 58 | esac |
| 59 | done |
| 60 | verbose "test $tid: $ecnt errors: mac $emac padding $epad length $elen" |
| 61 | if [ $emac -eq 0 ]; then |
| 62 | fail "$m: no mac errors" |
| 63 | fi |
Tim Rice | f9e2060 | 2013-02-26 20:27:29 -0800 | [diff] [blame] | 64 | expect=`expr $ecnt - $epad - $elen` |
Damien Miller | 1fb593a | 2012-12-12 10:54:37 +1100 | [diff] [blame] | 65 | if [ $emac -ne $expect ]; then |
| 66 | fail "$m: expected $expect mac errors, got $emac" |
| 67 | fi |
| 68 | done |