diff options
-rw-r--r-- | src/kex.c | 8 | ||||
-rw-r--r-- | src/packet.c | 103 | ||||
-rw-r--r-- | src/packet_crypt.c | 35 | ||||
-rw-r--r-- | src/wrapper.c | 18 | ||||
-rw-r--r-- | tests/client/torture_algorithms.c | 216 | ||||
-rw-r--r-- | tests/pkd/pkd_hello.c | 99 | ||||
-rw-r--r-- | tests/unittests/torture_config.c | 2 | ||||
-rw-r--r-- | tests/unittests/torture_options.c | 8 | ||||
-rw-r--r-- | tests/unittests/torture_packet.c | 63 |
9 files changed, 465 insertions, 87 deletions
@@ -146,8 +146,8 @@ static const char *default_methods[] = { PUBLIC_KEY_ALGORITHMS, AES BLOWFISH DES, AES BLOWFISH DES, - "hmac-sha2-256,hmac-sha2-512,hmac-sha1", - "hmac-sha2-256,hmac-sha2-512,hmac-sha1", + "hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1", + "hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1", "none", "none", "", @@ -161,8 +161,8 @@ static const char *supported_methods[] = { PUBLIC_KEY_ALGORITHMS, CHACHA20 AES BLOWFISH DES_SUPPORTED, CHACHA20 AES BLOWFISH DES_SUPPORTED, - "hmac-sha2-256,hmac-sha2-512,hmac-sha1", - "hmac-sha2-256,hmac-sha2-512,hmac-sha1", + "hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1", + "hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1", ZLIB, ZLIB, "", diff --git a/src/packet.c b/src/packet.c index d0c5d60b..6acd2835 100644 --- a/src/packet.c +++ b/src/packet.c @@ -1045,6 +1045,8 @@ int ssh_packet_socket_callback(const void *data, size_t receivedlen, void *user) size_t processed = 0; /* number of byte processed from the callback */ enum ssh_packet_filter_result_e filter_result; struct ssh_crypto_struct *crypto = NULL; + bool etm = false; + int etm_packet_offset = 0; bool ok; crypto = ssh_packet_get_current_crypto(session, SSH_DIRECTION_IN); @@ -1052,9 +1054,17 @@ int ssh_packet_socket_callback(const void *data, size_t receivedlen, void *user) current_macsize = hmac_digest_len(crypto->in_hmac); blocksize = crypto->in_cipher->blocksize; lenfield_blocksize = crypto->in_cipher->lenfield_blocksize; + etm = crypto->in_hmac_etm; } - if (lenfield_blocksize == 0) { + if (etm) { + /* In EtM mode packet size is unencrypted. This means + * we need to use this offset and set the block size + * that is part of the encrypted part to 0. + */ + etm_packet_offset = sizeof(uint32_t); + lenfield_blocksize = 0; + } else if (lenfield_blocksize == 0) { lenfield_blocksize = blocksize; } if (data == NULL) { @@ -1077,10 +1087,10 @@ int ssh_packet_socket_callback(const void *data, size_t receivedlen, void *user) #endif switch(session->packet_state) { case PACKET_STATE_INIT: - if (receivedlen < lenfield_blocksize) { + if (receivedlen < lenfield_blocksize + etm_packet_offset) { /* - * We didn't receive enough data to read at least one - * block size, give up + * We didn't receive enough data to read either at least one + * block size or the unencrypted length in EtM mode. */ #ifdef DEBUG_PACKET SSH_LOG(SSH_LOG_PACKET, @@ -1107,13 +1117,20 @@ int ssh_packet_socket_callback(const void *data, size_t receivedlen, void *user) } } - ptr = ssh_buffer_allocate(session->in_buffer, lenfield_blocksize); - if (ptr == NULL) { - goto error; + if (!etm) { + ptr = ssh_buffer_allocate(session->in_buffer, lenfield_blocksize); + if (ptr == NULL) { + goto error; + } + packet_len = ssh_packet_decrypt_len(session, ptr, (uint8_t *)data); + to_be_read = packet_len - lenfield_blocksize + sizeof(uint32_t); + } else { + /* Length is unencrypted in case of Encrypt-then-MAC */ + packet_len = PULL_BE_U32(data, 0); + to_be_read = packet_len - etm_packet_offset; } - processed += lenfield_blocksize; - packet_len = ssh_packet_decrypt_len(session, ptr, (uint8_t *)data); + processed += lenfield_blocksize + etm_packet_offset; if (packet_len > MAX_PACKET_LEN) { ssh_set_error(session, SSH_FATAL, @@ -1121,7 +1138,6 @@ int ssh_packet_socket_callback(const void *data, size_t receivedlen, void *user) packet_len, packet_len); goto error; } - to_be_read = packet_len - lenfield_blocksize + sizeof(uint32_t); if (to_be_read < 0) { /* remote sshd sends invalid sizes? */ ssh_set_error(session, @@ -1136,7 +1152,7 @@ int ssh_packet_socket_callback(const void *data, size_t receivedlen, void *user) FALL_THROUGH; case PACKET_STATE_SIZEREAD: packet_len = session->in_packet.len; - processed = lenfield_blocksize; + processed = lenfield_blocksize + etm_packet_offset; to_be_read = packet_len + sizeof(uint32_t) + current_macsize; /* if to_be_read is zero, the whole packet was blocksize bytes. */ if (to_be_read != 0) { @@ -1151,13 +1167,13 @@ int ssh_packet_socket_callback(const void *data, size_t receivedlen, void *user) return 0; } - packet_second_block = (uint8_t*)data + lenfield_blocksize; + packet_second_block = (uint8_t*)data + lenfield_blocksize + etm_packet_offset; processed = to_be_read - current_macsize; } /* remaining encrypted bytes from the packet, MAC not included */ packet_remaining = - packet_len - (lenfield_blocksize - sizeof(uint32_t)); + packet_len - (lenfield_blocksize - sizeof(uint32_t) + etm_packet_offset); cleartext_packet = ssh_buffer_allocate(session->in_buffer, packet_remaining); if (cleartext_packet == NULL) { @@ -1166,16 +1182,30 @@ int ssh_packet_socket_callback(const void *data, size_t receivedlen, void *user) if (packet_second_block != NULL) { if (crypto != NULL) { + mac = packet_second_block + packet_remaining; + + if (etm) { + rc = ssh_packet_hmac_verify(session, + data, + processed, + mac, + crypto->in_hmac); + if (rc < 0) { + ssh_set_error(session, SSH_FATAL, "HMAC error"); + goto error; + } + } /* - * Decrypt the rest of the packet (lenfield_blocksize bytes - * already have been decrypted) + * Decrypt the packet. In case of EtM mode, the length is already + * known as it's unencrypted. In the other case, lenfield_blocksize bytes + * already have been decrypted. */ if (packet_remaining > 0) { rc = ssh_packet_decrypt(session, cleartext_packet, (uint8_t *)data, - lenfield_blocksize, - processed - lenfield_blocksize); + lenfield_blocksize + etm_packet_offset, + processed - (lenfield_blocksize + etm_packet_offset)); if (rc < 0) { ssh_set_error(session, SSH_FATAL, @@ -1183,16 +1213,17 @@ int ssh_packet_socket_callback(const void *data, size_t receivedlen, void *user) goto error; } } - mac = packet_second_block + packet_remaining; - rc = ssh_packet_hmac_verify(session, - ssh_buffer_get(session->in_buffer), - ssh_buffer_get_len(session->in_buffer), - mac, - crypto->in_hmac); - if (rc < 0) { - ssh_set_error(session, SSH_FATAL, "HMAC error"); - goto error; + if (!etm) { + rc = ssh_packet_hmac_verify(session, + ssh_buffer_get(session->in_buffer), + ssh_buffer_get_len(session->in_buffer), + mac, + crypto->in_hmac); + if (rc < 0) { + ssh_set_error(session, SSH_FATAL, "HMAC error"); + goto error; + } } processed += current_macsize; } else { @@ -1212,8 +1243,10 @@ int ssh_packet_socket_callback(const void *data, size_t receivedlen, void *user) } #endif - /* skip the size field which has been processed before */ - ssh_buffer_pass_bytes(session->in_buffer, sizeof(uint32_t)); + if (!etm) { + /* skip the size field which has been processed before */ + ssh_buffer_pass_bytes(session->in_buffer, sizeof(uint32_t)); + } rc = ssh_buffer_get_u8(session->in_buffer, &padding); if (rc == 0) { @@ -1525,12 +1558,15 @@ static int packet_send2(ssh_session session) uint8_t header[5] = {0}; uint8_t type, *payload; int rc = SSH_ERROR; + bool etm = false; + int etm_packet_offset = 0; crypto = ssh_packet_get_current_crypto(session, SSH_DIRECTION_OUT); if (crypto) { blocksize = crypto->out_cipher->blocksize; lenfield_blocksize = crypto->out_cipher->lenfield_blocksize; hmac_type = crypto->out_hmac; + etm = crypto->out_hmac_etm; } else { hmac_type = session->next_crypto->out_hmac; } @@ -1539,6 +1575,11 @@ static int packet_send2(ssh_session session) type = payload[0]; /* type is the first byte of the packet now */ payloadsize = currentlen; + if (etm) { + etm_packet_offset = sizeof(uint32_t); + lenfield_blocksize = 0; + } + #ifdef WITH_ZLIB if (crypto != NULL && crypto->do_compress_out && ssh_buffer_get_len(session->out_buffer) > 0) { @@ -1551,8 +1592,8 @@ static int packet_send2(ssh_session session) #endif /* WITH_ZLIB */ compsize = currentlen; /* compressed payload + packet len (4) + padding_size len (1) */ - /* totallen - lenfield_blocksize must be equal to 0 (mod blocksize) */ - padding_size = (blocksize - ((blocksize - lenfield_blocksize + currentlen + 5) % blocksize)); + /* totallen - lenfield_blocksize - etm_packet_offset must be equal to 0 (mod blocksize) */ + padding_size = (blocksize - ((blocksize - lenfield_blocksize - etm_packet_offset + currentlen + 5) % blocksize)); if (padding_size < 4) { padding_size += blocksize; } @@ -1567,7 +1608,7 @@ static int packet_send2(ssh_session session) } } - finallen = currentlen + padding_size + 1; + finallen = currentlen - etm_packet_offset + padding_size + 1; PUSH_BE_U32(header, 0, finallen); PUSH_BE_U8(header, 4, padding_size); diff --git a/src/packet_crypt.c b/src/packet_crypt.c index 2fd8e0fe..2ed097ad 100644 --- a/src/packet_crypt.c +++ b/src/packet_crypt.c @@ -42,6 +42,7 @@ #include "libssh/wrapper.h" #include "libssh/crypto.h" #include "libssh/buffer.h" +#include "libssh/bytearray.h" /** @internal * @brief decrypt the packet length from a raw encrypted packet, and store the first decrypted @@ -132,9 +133,11 @@ unsigned char *ssh_packet_encrypt(ssh_session session, void *data, uint32_t len) struct ssh_cipher_struct *cipher = NULL; HMACCTX ctx = NULL; char *out = NULL; + int etm_packet_offset = 0; unsigned int finallen, blocksize; uint32_t seq, lenfield_blocksize; enum ssh_hmac_e type; + bool etm; assert(len); @@ -145,7 +148,15 @@ unsigned char *ssh_packet_encrypt(ssh_session session, void *data, uint32_t len) blocksize = crypto->out_cipher->blocksize; lenfield_blocksize = crypto->out_cipher->lenfield_blocksize; - if ((len - lenfield_blocksize) % blocksize != 0) { + + type = crypto->out_hmac; + etm = crypto->out_hmac_etm; + + if (etm) { + etm_packet_offset = sizeof(uint32_t); + } + + if ((len - lenfield_blocksize - etm_packet_offset) % blocksize != 0) { ssh_set_error(session, SSH_FATAL, "Cryptographic functions must be set" " on at least one blocksize (received %d)", len); return NULL; @@ -155,23 +166,35 @@ unsigned char *ssh_packet_encrypt(ssh_session session, void *data, uint32_t len) return NULL; } - type = crypto->out_hmac; seq = ntohl(session->send_seq); cipher = crypto->out_cipher; if (cipher->aead_encrypt != NULL) { cipher->aead_encrypt(cipher, data, out, len, crypto->hmacbuf, session->send_seq); + memcpy(data, out, len); } else { ctx = hmac_init(crypto->encryptMAC, hmac_digest_len(type), type); if (ctx == NULL) { SAFE_FREE(out); return NULL; } - hmac_update(ctx,(unsigned char *)&seq,sizeof(uint32_t)); - hmac_update(ctx,data,len); - hmac_final(ctx, crypto->hmacbuf, &finallen); + if (!etm) { + hmac_update(ctx, (unsigned char *)&seq, sizeof(uint32_t)); + hmac_update(ctx, data, len); + hmac_final(ctx, crypto->hmacbuf, &finallen); + } + + cipher->encrypt(cipher, (uint8_t*)data + etm_packet_offset, out, len - etm_packet_offset); + memcpy((uint8_t*)data + etm_packet_offset, out, len - etm_packet_offset); + + if (etm) { + PUSH_BE_U32(data, 0, len - etm_packet_offset); + hmac_update(ctx, (unsigned char *)&seq, sizeof(uint32_t)); + hmac_update(ctx, data, len); + hmac_final(ctx, crypto->hmacbuf, &finallen); + } #ifdef DEBUG_CRYPTO ssh_print_hexa("mac: ",data,hmac_digest_len(type)); if (finallen != hmac_digest_len(type)) { @@ -179,9 +202,7 @@ unsigned char *ssh_packet_encrypt(ssh_session session, void *data, uint32_t len) } ssh_print_hexa("Packet hmac", crypto->hmacbuf, hmac_digest_len(type)); #endif - cipher->encrypt(cipher, data, out, len); } - memcpy(data, out, len); explicit_bzero(out, len); SAFE_FREE(out); diff --git a/src/wrapper.c b/src/wrapper.c index 33f55840..e13b4c27 100644 --- a/src/wrapper.c +++ b/src/wrapper.c @@ -56,13 +56,17 @@ #include "libssh/curve25519.h" static struct ssh_hmac_struct ssh_hmac_tab[] = { - { "hmac-sha1", SSH_HMAC_SHA1, false }, - { "hmac-sha2-256", SSH_HMAC_SHA256, false }, - { "hmac-sha2-512", SSH_HMAC_SHA512, false }, - { "hmac-md5", SSH_HMAC_MD5, false }, - { "aead-poly1305", SSH_HMAC_AEAD_POLY1305, false }, - { "aead-gcm", SSH_HMAC_AEAD_GCM, false }, - { NULL, 0, false } + { "hmac-sha1", SSH_HMAC_SHA1, false }, + { "hmac-sha2-256", SSH_HMAC_SHA256, false }, + { "hmac-sha2-512", SSH_HMAC_SHA512, false }, + { "hmac-md5", SSH_HMAC_MD5, false }, + { "aead-poly1305", SSH_HMAC_AEAD_POLY1305, false }, + { "aead-gcm", SSH_HMAC_AEAD_GCM, false }, + { "hmac-sha1-etm@openssh.com", SSH_HMAC_SHA1, true }, + { "hmac-sha2-256-etm@openssh.com", SSH_HMAC_SHA256, true }, + { "hmac-sha2-512-etm@openssh.com", SSH_HMAC_SHA512, true }, + { "hmac-md5-etm@openssh.com", SSH_HMAC_MD5, true }, + { NULL, 0, false } }; struct ssh_hmac_struct *ssh_get_hmactab(void) { diff --git a/tests/client/torture_algorithms.c b/tests/client/torture_algorithms.c index aa1bf524..3902d779 100644 --- a/tests/client/torture_algorithms.c +++ b/tests/client/torture_algorithms.c @@ -147,6 +147,24 @@ static void torture_algorithms_aes128_cbc_hmac_sha2_512(void **state) { test_algorithm(s->ssh.session, NULL/*kex*/, "aes128-cbc", "hmac-sha2-512"); } +static void torture_algorithms_aes128_cbc_hmac_sha1_etm(void **state) { + struct torture_state *s = *state; + + test_algorithm(s->ssh.session, NULL/*kex*/, "aes128-cbc", "hmac-sha1-etm@openssh.com"); +} + +static void torture_algorithms_aes128_cbc_hmac_sha2_256_etm(void **state) { + struct torture_state *s = *state; + + test_algorithm(s->ssh.session, NULL/*kex*/, "aes128-cbc", "hmac-sha2-256-etm@openssh.com"); +} + +static void torture_algorithms_aes128_cbc_hmac_sha2_512_etm(void **state) { + struct torture_state *s = *state; + + test_algorithm(s->ssh.session, NULL/*kex*/, "aes128-cbc", "hmac-sha2-512-etm@openssh.com"); +} + static void torture_algorithms_aes192_cbc_hmac_sha1(void **state) { struct torture_state *s = *state; @@ -165,6 +183,24 @@ static void torture_algorithms_aes192_cbc_hmac_sha2_512(void **state) { test_algorithm(s->ssh.session, NULL/*kex*/, "aes192-cbc", "hmac-sha2-512"); } +static void torture_algorithms_aes192_cbc_hmac_sha1_etm(void **state) { + struct torture_state *s = *state; + + test_algorithm(s->ssh.session, NULL/*kex*/, "aes192-cbc", "hmac-sha1-etm@openssh.com"); +} + +static void torture_algorithms_aes192_cbc_hmac_sha2_256_etm(void **state) { + struct torture_state *s = *state; + + test_algorithm(s->ssh.session, NULL/*kex*/, "aes192-cbc", "hmac-sha2-256-etm@openssh.com"); +} + +static void torture_algorithms_aes192_cbc_hmac_sha2_512_etm(void **state) { + struct torture_state *s = *state; + + test_algorithm(s->ssh.session, NULL/*kex*/, "aes192-cbc", "hmac-sha2-512-etm@openssh.com"); +} + static void torture_algorithms_aes256_cbc_hmac_sha1(void **state) { struct torture_state *s = *state; @@ -183,6 +219,24 @@ static void torture_algorithms_aes256_cbc_hmac_sha2_512(void **state) { test_algorithm(s->ssh.session, NULL/*kex*/, "aes256-cbc", "hmac-sha2-512"); } +static void torture_algorithms_aes256_cbc_hmac_sha1_etm(void **state) { + struct torture_state *s = *state; + + test_algorithm(s->ssh.session, NULL/*kex*/, "aes256-cbc", "hmac-sha1-etm@openssh.com"); +} + +static void torture_algorithms_aes256_cbc_hmac_sha2_256_etm(void **state) { + struct torture_state *s = *state; + + test_algorithm(s->ssh.session, NULL/*kex*/, "aes256-cbc", "hmac-sha2-256-etm@openssh.com"); +} + +static void torture_algorithms_aes256_cbc_hmac_sha2_512_etm(void **state) { + struct torture_state *s = *state; + + test_algorithm(s->ssh.session, NULL/*kex*/, "aes256-cbc", "hmac-sha2-512-etm@openssh.com"); +} + static void torture_algorithms_aes128_ctr_hmac_sha1(void **state) { struct torture_state *s = *state; @@ -201,6 +255,24 @@ static void torture_algorithms_aes128_ctr_hmac_sha2_512(void **state) { test_algorithm(s->ssh.session, NULL/*kex*/, "aes128-ctr", "hmac-sha2-512"); } +static void torture_algorithms_aes128_ctr_hmac_sha1_etm(void **state) { + struct torture_state *s = *state; + + test_algorithm(s->ssh.session, NULL/*kex*/, "aes128-ctr", "hmac-sha1-etm@openssh.com"); +} + +static void torture_algorithms_aes128_ctr_hmac_sha2_256_etm(void **state) { + struct torture_state *s = *state; + + test_algorithm(s->ssh.session, NULL/*kex*/, "aes128-ctr", "hmac-sha2-256-etm@openssh.com"); +} + +static void torture_algorithms_aes128_ctr_hmac_sha2_512_etm(void **state) { + struct torture_state *s = *state; + + test_algorithm(s->ssh.session, NULL/*kex*/, "aes128-ctr", "hmac-sha2-512-etm@openssh.com"); +} + static void torture_algorithms_aes192_ctr_hmac_sha1(void **state) { struct torture_state *s = *state; @@ -219,6 +291,24 @@ static void torture_algorithms_aes192_ctr_hmac_sha2_512(void **state) { test_algorithm(s->ssh.session, NULL/*kex*/, "aes192-ctr", "hmac-sha2-512"); } +static void torture_algorithms_aes192_ctr_hmac_sha1_etm(void **state) { + struct torture_state *s = *state; + + test_algorithm(s->ssh.session, NULL/*kex*/, "aes192-ctr", "hmac-sha1-etm@openssh.com"); +} + +static void torture_algorithms_aes192_ctr_hmac_sha2_256_etm(void **state) { + struct torture_state *s = *state; + + test_algorithm(s->ssh.session, NULL/*kex*/, "aes192-ctr", "hmac-sha2-256-etm@openssh.com"); +} + +static void torture_algorithms_aes192_ctr_hmac_sha2_512_etm(void **state) { + struct torture_state *s = *state; + + test_algorithm(s->ssh.session, NULL/*kex*/, "aes192-ctr", "hmac-sha2-512-etm@openssh.com"); +} + static void torture_algorithms_aes256_ctr_hmac_sha1(void **state) { struct torture_state *s = *state; @@ -237,6 +327,24 @@ static void torture_algorithms_aes256_ctr_hmac_sha2_512(void **state) { test_algorithm(s->ssh.session, NULL/*kex*/, "aes256-ctr", "hmac-sha2-512"); } +static void torture_algorithms_aes256_ctr_hmac_sha1_etm(void **state) { + struct torture_state *s = *state; + + test_algorithm(s->ssh.session, NULL/*kex*/, "aes256-ctr", "hmac-sha1-etm@openssh.com"); +} + +static void torture_algorithms_aes256_ctr_hmac_sha2_256_etm(void **state) { + struct torture_state *s = *state; + + test_algorithm(s->ssh.session, NULL/*kex*/, "aes256-ctr", "hmac-sha2-256-etm@openssh.com"); +} + +static void torture_algorithms_aes256_ctr_hmac_sha2_512_etm(void **state) { + struct torture_state *s = *state; + + test_algorithm(s->ssh.session, NULL/*kex*/, "aes256-ctr", "hmac-sha2-512-etm@openssh.com"); +} + static void torture_algorithms_aes128_gcm(void **state) { struct torture_state *s = *state; @@ -269,6 +377,24 @@ static void torture_algorithms_3des_cbc_hmac_sha2_512(void **state) { test_algorithm(s->ssh.session, NULL/*kex*/, "3des-cbc", "hmac-sha2-512"); } +static void torture_algorithms_3des_cbc_hmac_sha1_etm(void **state) { + struct torture_state *s = *state; + + test_algorithm(s->ssh.session, NULL/*kex*/, "3des-cbc", "hmac-sha1-etm@openssh.com"); +} + +static void torture_algorithms_3des_cbc_hmac_sha2_256_etm(void **state) { + struct torture_state *s = *state; + + test_algorithm(s->ssh.session, NULL/*kex*/, "3des-cbc", "hmac-sha2-256-etm@openssh.com"); +} + +static void torture_algorithms_3des_cbc_hmac_sha2_512_etm(void **state) { + struct torture_state *s = *state; + + test_algorithm(s->ssh.session, NULL/*kex*/, "3des-cbc", "hmac-sha2-512-etm@openssh.com"); +} + #ifdef WITH_BLOWFISH_CIPHER #if ((OPENSSH_VERSION_MAJOR == 7 && OPENSSH_VERSION_MINOR < 6) || OPENSSH_VERSION_MAJOR <= 6) static void torture_algorithms_blowfish_cbc_hmac_sha1(void **state) { @@ -288,6 +414,24 @@ static void torture_algorithms_blowfish_cbc_hmac_sha2_512(void **state) { test_algorithm(s->ssh.session, NULL/*kex*/, "blowfish-cbc", "hmac-sha2-512"); } + +static void torture_algorithms_blowfish_cbc_hmac_sha1_etm(void **state) { + struct torture_state *s = *state; + + test_algorithm(s->ssh.session, NULL/*kex*/, "blowfish-cbc", "hmac-sha1-etm@openssh.com"); +} + +static void torture_algorithms_blowfish_cbc_hmac_sha2_256_etm(void **state) { + struct torture_state *s = *state; + + test_algorithm(s->ssh.session, NULL/*kex*/, "blowfish-cbc", "hmac-sha2-256-etm@openssh.com"); +} + +static void torture_algorithms_blowfish_cbc_hmac_sha2_512_etm(void **state) { + struct torture_state *s = *state; + + test_algorithm(s->ssh.session, NULL/*kex*/, "blowfish-cbc", "hmac-sha2-512-etm@openssh.com"); +} #endif #endif /* WITH_BLOWFISH_CIPHER */ @@ -472,6 +616,15 @@ int torture_run_tests(void) { cmocka_unit_test_setup_teardown(torture_algorithms_aes128_cbc_hmac_sha2_512, session_setup, session_teardown), + cmocka_unit_test_setup_teardown(torture_algorithms_aes128_cbc_hmac_sha1_etm, + session_setup, + session_teardown), + cmocka_unit_test_setup_teardown(torture_algorithms_aes128_cbc_hmac_sha2_256_etm, + session_setup, + session_teardown), + cmocka_unit_test_setup_teardown(torture_algorithms_aes128_cbc_hmac_sha2_512_etm, + session_setup, + session_teardown), cmocka_unit_test_setup_teardown(torture_algorithms_aes192_cbc_hmac_sha1, session_setup, session_teardown), @@ -481,6 +634,15 @@ int torture_run_tests(void) { cmocka_unit_test_setup_teardown(torture_algorithms_aes192_cbc_hmac_sha2_512, session_setup, session_teardown), + cmocka_unit_test_setup_teardown(torture_algorithms_aes192_cbc_hmac_sha1_etm, + session_setup, + session_teardown), + cmocka_unit_test_setup_teardown(torture_algorithms_aes192_cbc_hmac_sha2_256_etm, + session_setup, + session_teardown), + cmocka_unit_test_setup_teardown(torture_algorithms_aes192_cbc_hmac_sha2_512_etm, + session_setup, + session_teardown), cmocka_unit_test_setup_teardown(torture_algorithms_aes256_cbc_hmac_sha1, session_setup, session_teardown), @@ -490,6 +652,15 @@ int torture_run_tests(void) { cmocka_unit_test_setup_teardown(torture_algorithms_aes256_cbc_hmac_sha2_512, session_setup, session_teardown), + cmocka_unit_test_setup_teardown(torture_algorithms_aes256_cbc_hmac_sha1_etm, + session_setup, + session_teardown), + cmocka_unit_test_setup_teardown(torture_algorithms_aes256_cbc_hmac_sha2_256_etm, + session_setup, + session_teardown), + cmocka_unit_test_setup_teardown(torture_algorithms_aes256_cbc_hmac_sha2_512_etm, + session_setup, + session_teardown), cmocka_unit_test_setup_teardown(torture_algorithms_aes128_ctr_hmac_sha1, session_setup, session_teardown), @@ -499,6 +670,15 @@ int torture_run_tests(void) { cmocka_unit_test_setup_teardown(torture_algorithms_aes128_ctr_hmac_sha2_512, session_setup, session_teardown), + cmocka_unit_test_setup_teardown(torture_algorithms_aes128_ctr_hmac_sha1_etm, + session_setup, + session_teardown), + cmocka_unit_test_setup_teardown(torture_algorithms_aes128_ctr_hmac_sha2_256_etm, + session_setup, + session_teardown), + cmocka_unit_test_setup_teardown(torture_algorithms_aes128_ctr_hmac_sha2_512_etm, + session_setup, + session_teardown), cmocka_unit_test_setup_teardown(torture_algorithms_aes192_ctr_hmac_sha1, session_setup, session_teardown), @@ -508,6 +688,15 @@ int torture_run_tests(void) { cmocka_unit_test_setup_teardown(torture_algorithms_aes192_ctr_hmac_sha2_512, session_setup, session_teardown), + cmocka_unit_test_setup_teardown(torture_algorithms_aes192_ctr_hmac_sha1_etm, + session_setup, + session_teardown), + cmocka_unit_test_setup_teardown(torture_algorithms_aes192_ctr_hmac_sha2_256_etm, + session_setup, + session_teardown), + cmocka_unit_test_setup_teardown(torture_algorithms_aes192_ctr_hmac_sha2_512_etm, + session_setup, + session_teardown), cmocka_unit_test_setup_teardown(torture_algorithms_aes256_ctr_hmac_sha1, session_setup, session_teardown), @@ -517,6 +706,15 @@ int torture_run_tests(void) { cmocka_unit_test_setup_teardown(torture_algorithms_aes256_ctr_hmac_sha2_512, session_setup, session_teardown), + cmocka_unit_test_setup_teardown(torture_algorithms_aes256_ctr_hmac_sha1_etm, + session_setup, + session_teardown), + cmocka_unit_test_setup_teardown(torture_algorithms_aes256_ctr_hmac_sha2_256_etm, + session_setup, + session_teardown), + cmocka_unit_test_setup_teardown(torture_algorithms_aes256_ctr_hmac_sha2_512_etm, + session_setup, + session_teardown), cmocka_unit_test_setup_teardown(torture_algorithms_aes128_gcm, session_setup, session_teardown), @@ -532,6 +730,15 @@ int torture_run_tests(void) { cmocka_unit_test_setup_teardown(torture_algorithms_3des_cbc_hmac_sha2_512, session_setup, session_teardown), + cmocka_unit_test_setup_teardown(torture_algorithms_3des_cbc_hmac_sha1_etm, + session_setup, + session_teardown), + cmocka_unit_test_setup_teardown(torture_algorithms_3des_cbc_hmac_sha2_256_etm, + session_setup, + session_teardown), + cmocka_unit_test_setup_teardown(torture_algorithms_3des_cbc_hmac_sha2_512_etm, + session_setup, + session_teardown), #ifdef WITH_BLOWFISH_CIPHER #if ((OPENSSH_VERSION_MAJOR == 7 && OPENSSH_VERSION_MINOR < 6) || OPENSSH_VERSION_MAJOR <= 6) cmocka_unit_test_setup_teardown(torture_algorithms_blowfish_cbc_hmac_sha1, @@ -543,6 +750,15 @@ int torture_run_tests(void) { cmocka_unit_test_setup_teardown(torture_algorithms_blowfish_cbc_hmac_sha2_512, session_setup, session_teardown), + cmocka_unit_test_setup_teardown(torture_algorithms_blowfish_cbc_hmac_sha1_etm, + session_setup, + session_teardown), + cmocka_unit_test_setup_teardown(torture_algorithms_blowfish_cbc_hmac_sha2_256_etm, + session_setup, + session_teardown), + cmocka_unit_test_setup_teardown(torture_algorithms_blowfish_cbc_hmac_sha2_512_etm, + session_setup, + session_teardown), #endif #endif /* WITH_BLOWFISH_CIPHER */ cmocka_unit_test_setup_teardown(torture_algorithms_chacha20_poly1305, diff --git a/tests/pkd/pkd_hello.c b/tests/pkd/pkd_hello.c index c68c4dcd..964a01fa 100644 --- a/tests/pkd/pkd_hello.c +++ b/tests/pkd/pkd_hello.c @@ -476,44 +476,77 @@ static int torture_pkd_setup_ecdsa_521(void **state) { #ifdef HAVE_DSA #define PKDTESTS_MAC(f, client, maccmd) \ /* MACs. */ \ - f(client, rsa_hmac_sha1, maccmd("hmac-sha1"), setup_rsa, teardown) \ - f(client, dsa_hmac_sha1, maccmd("hmac-sha1"), setup_dsa, teardown) \ - f(client, ecdsa_256_hmac_sha1, maccmd("hmac-sha1"), setup_ecdsa_256, teardown) \ - f(client, ecdsa_384_hmac_sha1, maccmd("hmac-sha1"), setup_ecdsa_384, teardown) \ - f(client, ecdsa_521_hmac_sha1, maccmd("hmac-sha1"), setup_ecdsa_521, teardown) \ - f(client, rsa_hmac_sha2_256, maccmd("hmac-sha2-256"), setup_rsa, teardown) \ - f(client, dsa_hmac_sha2_256, maccmd("hmac-sha2-256"), setup_dsa, teardown) \ - f(client, ecdsa_256_hmac_sha2_256, maccmd("hmac-sha2-256"), setup_ecdsa_256, teardown) \ - f(client, ecdsa_384_hmac_sha2_256, maccmd("hmac-sha2-256"), setup_ecdsa_384, teardown) \ - f(client, ecdsa_521_hmac_sha2_256, maccmd("hmac-sha2-256"), setup_ecdsa_521, teardown) + f(client, dsa_hmac_sha1, maccmd("hmac-sha1"), setup_dsa, teardown) \ + f(client, dsa_hmac_sha2_256, maccmd("hmac-sha2-256"), setup_dsa, teardown) \ + f(client, ecdsa_256_hmac_sha1, maccmd("hmac-sha1"), setup_ecdsa_256, teardown) \ + f(client, ecdsa_256_hmac_sha2_256, maccmd("hmac-sha2-256"), setup_ecdsa_256, teardown) \ + f(client, ecdsa_384_hmac_sha1, maccmd("hmac-sha1"), setup_ecdsa_384, teardown) \ + f(client, ecdsa_384_hmac_sha2_256, maccmd("hmac-sha2-256"), setup_ecdsa_384, teardown) \ + f(client, ecdsa_521_hmac_sha1, maccmd("hmac-sha1"), setup_ecdsa_521, teardown) \ + f(client, ecdsa_521_hmac_sha2_256, maccmd("hmac-sha2-256"), setup_ecdsa_521, teardown) \ + f(client, rsa_hmac_sha1, maccmd("hmac-sha1"), setup_rsa, teardown) \ + f(client, rsa_hmac_sha2_256, maccmd("hmac-sha2-256"), setup_rsa, teardown) #define PKDTESTS_MAC_OPENSSHONLY(f, client, maccmd) \ - f(client, ed25519_hmac_sha1, maccmd("hmac-sha1"), setup_ed25519, teardown) \ - f(client, ed25519_hmac_sha2_256, maccmd("hmac-sha2-256"), setup_ed25519, teardown) \ - f(client, rsa_hmac_sha2_512, maccmd("hmac-sha2-512"), setup_rsa, teardown) \ - f(client, dsa_hmac_sha2_512, maccmd("hmac-sha2-512"), setup_dsa, teardown) \ - f(client, ed25519_hmac_sha2_512, maccmd("hmac-sha2-512"), setup_ed25519, teardown) \ - f(client, ecdsa_256_hmac_sha2_512, maccmd("hmac-sha2-512"), setup_ecdsa_256, teardown) \ - f(client, ecdsa_384_hmac_sha2_512, maccmd("hmac-sha2-512"), setup_ecdsa_384, teardown) \ - f(client, ecdsa_521_hmac_sha2_512, maccmd("hmac-sha2-512"), setup_ecdsa_521, teardown) + f(client, dsa_hmac_sha1_etm, maccmd("hmac-sha1-etm@openssh.com"), setup_dsa, teardown) \ + f(client, dsa_hmac_sha2_256_etm, maccmd("hmac-sha2-256-etm@openssh.com"), setup_dsa, teardown) \ + f(client, dsa_hmac_sha2_512, maccmd("hmac-sha2-512"), setup_dsa, teardown) \ + f(client, dsa_hmac_sha2_512_etm, maccmd("hmac-sha2-512-etm@openssh.com"), setup_dsa, teardown) \ + f(client, ecdsa_256_hmac_sha1_etm, maccmd("hmac-sha1-etm@openssh.com"), setup_ecdsa_256, teardown) \ + f(client, ecdsa_256_hmac_sha2_256_etm, maccmd("hmac-sha2-256-etm@openssh.com"), setup_ecdsa_256, teardown) \ + f(client, ecdsa_256_hmac_sha2_512, maccmd("hmac-sha2-512"), setup_ecdsa_256, teardown) \ + f(client, ecdsa_256_hmac_sha2_512_etm, maccmd("hmac-sha2-512-etm@openssh.com"), setup_ecdsa_256, teardown) \ + f(client, ecdsa_384_hmac_sha1_etm, maccmd("hmac-sha1-etm@openssh.com"), setup_ecdsa_384, teardown) \ + f(client, ecdsa_384_hmac_sha2_256_etm, maccmd("hmac-sha2-256-etm@openssh.com"), setup_ecdsa_384, teardown) \ + f(client, ecdsa_384_hmac_sha2_512, maccmd("hmac-sha2-512"), setup_ecdsa_384, teardown) \ + f(client, ecdsa_384_hmac_sha2_512_etm, maccmd("hmac-sha2-512-etm@openssh.com"), setup_ecdsa_384, teardown) \ + f(client, ecdsa_521_hmac_sha1_etm, maccmd("hmac-sha1-etm@openssh.com"), setup_ecdsa_521, teardown) \ + f(client, ecdsa_521_hmac_sha2_256_etm, maccmd("hmac-sha2-256-etm@openssh.com"), setup_ecdsa_521, teardown) \ + f(client, ecdsa_521_hmac_sha2_512, maccmd("hmac-sha2-512"), setup_ecdsa_521, teardown) \ + f(client, ecdsa_521_hmac_sha2_512_etm, maccmd("hmac-sha2-512-etm@openssh.com"), setup_ecdsa_521, teardown) \ + f(client, ed25519_hmac_sha1, maccmd("hmac-sha1"), setup_ed25519, teardown) \ + f(client, ed25519_hmac_sha1_etm, maccmd("hmac-sha1-etm@openssh.com"), setup_ed25519, teardown) \ + f(client, ed25519_hmac_sha2_256, maccmd("hmac-sha2-256"), setup_ed25519, teardown) \ + f(client, ed25519_hmac_sha2_256_etm, maccmd("hmac-sha2-256-etm@openssh.com"), setup_ed25519, teardown) \ + f(client, ed25519_hmac_sha2_512, maccmd("hmac-sha2-512"), setup_ed25519, teardown) \ + f(client, ed25519_hmac_sha2_512_etm, maccmd("hmac-sha2-512-etm@openssh.com"), setup_ed25519, teardown) \ + f(client, rsa_hmac_sha1_etm, maccmd("hmac-sha1-etm@openssh.com"), setup_rsa, teardown) \ + f(client, rsa_hmac_sha2_256_etm, maccmd("hmac-sha2-256-etm@openssh.com"), setup_rsa, teardown) \ + f(client, rsa_hmac_sha2_512, maccmd("hmac-sha2-512"), setup_rsa, teardown) \ + f(client, rsa_hmac_sha2_512_etm, maccmd("hmac-sha2-512-etm@openssh.com"), setup_rsa, teardown) #else #define PKDTESTS_MAC(f, client, maccmd) \ /* MACs. */ \ - f(client, rsa_hmac_sha1, maccmd("hmac-sha1"), setup_rsa, teardown) \ - f(client, ecdsa_256_hmac_sha1, maccmd("hmac-sha1"), setup_ecdsa_256, teardown) \ - f(client, ecdsa_384_hmac_sha1, maccmd("hmac-sha1"), setup_ecdsa_384, teardown) \ - f(client, ecdsa_521_hmac_sha1, maccmd("hmac-sha1"), setup_ecdsa_521, teardown) \ - f(client, rsa_hmac_sha2_256, maccmd("hmac-sha2-256"), setup_rsa, teardown) \ - f(client, ecdsa_256_hmac_sha2_256, maccmd("hmac-sha2-256"), setup_ecdsa_256, teardown) \ - f(client, ecdsa_384_hmac_sha2_256, maccmd("hmac-sha2-256"), setup_ecdsa_384, teardown) \ - f(client, ecdsa_521_hmac_sha2_256, maccmd("hmac-sha2-256"), setup_ecdsa_521, teardown) + f(client, ecdsa_256_hmac_sha1, maccmd("hmac-sha1"), setup_ecdsa_256, teardown) \ + f(client, ecdsa_256_hmac_sha2_256, maccmd("hmac-sha2-256"), setup_ecdsa_256, teardown) \ + f(client, ecdsa_384_hmac_sha1, maccmd("hmac-sha1"), setup_ecdsa_384, teardown) \ + f(client, ecdsa_384_hmac_sha2_256, maccmd("hmac-sha2-256"), setup_ecdsa_384, teardown) \ + f(client, ecdsa_521_hmac_sha1, maccmd("hmac-sha1"), setup_ecdsa_521, teardown) \ + f(client, ecdsa_521_hmac_sha2_256, maccmd("hmac-sha2-256"), setup_ecdsa_521, teardown) \ + f(client, rsa_hmac_sha1, maccmd("hmac-sha1"), setup_rsa, teardown) \ + f(client, rsa_hmac_sha2_256, maccmd("hmac-sha2-256"), setup_rsa, teardown) #define PKDTESTS_MAC_OPENSSHONLY(f, client, maccmd) \ - f(client, ed25519_hmac_sha1, maccmd("hmac-sha1"), setup_ed25519, teardown) \ - f(client, ed25519_hmac_sha2_256, maccmd("hmac-sha2-256"), setup_ed25519, teardown) \ - f(client, rsa_hmac_sha2_512, maccmd("hmac-sha2-512"), setup_rsa, teardown) \ - f(client, ed25519_hmac_sha2_512, maccmd("hmac-sha2-512"), setup_ed25519, teardown) \ - f(client, ecdsa_256_hmac_sha2_512, maccmd("hmac-sha2-512"), setup_ecdsa_256, teardown) \ - f(client, ecdsa_384_hmac_sha2_512, maccmd("hmac-sha2-512"), setup_ecdsa_384, teardown) \ - f(client, ecdsa_521_hmac_sha2_512, maccmd("hmac-sha2-512"), setup_ecdsa_521, teardown) + f(client, ecdsa_256_hmac_sha1_etm, maccmd("hmac-sha1-etm@openssh.com"), setup_ecdsa_256, teardown) \ + f(client, ecdsa_256_hmac_sha2_256_etm, maccmd("hmac-sha2-256-etm@openssh.com"), setup_ecdsa_256, teardown) \ + f(client, ecdsa_256_hmac_sha2_512, maccmd("hmac-sha2-512"), setup_ecdsa_256, teardown) \ + f(client, ecdsa_256_hmac_sha2_512_etm, maccmd("hmac-sha2-512-etm@openssh.com"), setup_ecdsa_256, teardown) \ + f(client, ecdsa_384_hmac_sha1_etm, maccmd("hmac-sha1-etm@openssh.com"), setup_ecdsa_384, teardown) \ + f(client, ecdsa_384_hmac_sha2_256_etm, maccmd("hmac-sha2-256-etm@openssh.com"), setup_ecdsa_384, teardown) \ + f(client, ecdsa_384_hmac_sha2_512, maccmd("hmac-sha2-512"), setup_ecdsa_384, teardown) \ + f(client, ecdsa_384_hmac_sha2_512_etm, maccmd("hmac-sha2-512-etm@openssh.com"), setup_ecdsa_384, teardown) \ + f(client, ecdsa_521_hmac_sha1_etm, maccmd("hmac-sha1-etm@openssh.com"), setup_ecdsa_521, teardown) \ + f(client, ecdsa_521_hmac_sha2_256_etm, maccmd("hmac-sha2-256-etm@openssh.com"), setup_ecdsa_521, teardown) \ + f(client, ecdsa_521_hmac_sha2_512, maccmd("hmac-sha2-512"), setup_ecdsa_521, teardown) \ + f(client, ecdsa_521_hmac_sha2_512_etm, maccmd("hmac-sha2-512-etm@openssh.com"), setup_ecdsa_521, teardown) \ + f(client, ed25519_hmac_sha1, maccmd("hmac-sha1"), setup_ed25519, teardown) \ + f(client, ed25519_hmac_sha1_etm, maccmd("hmac-sha1-etm@openssh.com"), setup_ed25519, teardown) \ + f(client, ed25519_hmac_sha2_256, maccmd("hmac-sha2-256"), setup_ed25519, teardown) \ + f(client, ed25519_hmac_sha2_256_etm, maccmd("hmac-sha2-256-etm@openssh.com"), setup_ed25519, teardown) \ + f(client, ed25519_hmac_sha2_512, maccmd("hmac-sha2-512"), setup_ed25519, teardown) \ + f(client, ed25519_hmac_sha2_512_etm, maccmd("hmac-sha2-512-etm@openssh.com"), setup_ed25519, teardown) \ + f(client, rsa_hmac_sha1_etm, maccmd("hmac-sha1-etm@openssh.com"), setup_rsa, teardown) \ + f(client, rsa_hmac_sha2_256_etm, maccmd("hmac-sha2-256-etm@openssh.com"), setup_rsa, teardown) \ + f(client, rsa_hmac_sha2_512, maccmd("hmac-sha2-512"), setup_rsa, teardown) \ + f(client, rsa_hmac_sha2_512_etm, maccmd("hmac-sha2-512-etm@openssh.com"), setup_rsa, teardown) #endif #define PKDTESTS_HOSTKEY_OPENSSHONLY(f, client, hkcmd) \ diff --git a/tests/unittests/torture_config.c b/tests/unittests/torture_config.c index 36f981c0..958a6b6d 100644 --- a/tests/unittests/torture_config.c +++ b/tests/unittests/torture_config.c @@ -28,7 +28,7 @@ extern LIBSSH_THREAD int ssh_log_level; #define KEXALGORITHMS "ecdh-sha2-nistp521,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha1" #define HOSTKEYALGORITHMS "ssh-ed25519,ecdsa-sha2-nistp521,ssh-rsa" #define PUBKEYACCEPTEDTYPES "rsa-sha2-512,ssh-rsa,ecdsa-sha2-nistp521" -#define MACS "hmac-sha1,hmac-sha2-256" +#define MACS "hmac-sha1,hmac-sha2-256,hmac-sha2-512,hmac-sha1-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com" #define USER_KNOWN_HOSTS "%d/my_known_hosts" #define GLOBAL_KNOWN_HOSTS "/etc/ssh/my_ssh_known_hosts" #define BIND_ADDRESS "::1" diff --git a/tests/unittests/torture_options.c b/tests/unittests/torture_options.c index 8dcc1b50..bb3b9cdf 100644 --- a/tests/unittests/torture_options.c +++ b/tests/unittests/torture_options.c @@ -184,15 +184,15 @@ static void torture_options_set_macs(void **state) { /* Test multiple known MACs */ rc = ssh_options_set(session, SSH_OPTIONS_HMAC_S_C, - "hmac-sha1,hmac-sha2-256"); + "hmac-sha1-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha1,hmac-sha2-256"); assert_true(rc == 0); assert_string_equal(session->opts.wanted_methods[SSH_MAC_S_C], - "hmac-sha1,hmac-sha2-256"); + "hmac-sha1-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha1,hmac-sha2-256"); /* Test unknown MACs */ - rc = ssh_options_set(session, SSH_OPTIONS_HMAC_S_C, "unknown-crap@example.com,hmac-sha1,unknown@example.com"); + rc = ssh_options_set(session, SSH_OPTIONS_HMAC_S_C, "unknown-crap@example.com,hmac-sha1-etm@openssh.com,unknown@example.com"); assert_true(rc == 0); - assert_string_equal(session->opts.wanted_methods[SSH_MAC_S_C], "hmac-sha1"); + assert_string_equal(session->opts.wanted_methods[SSH_MAC_S_C], "hmac-sha1-etm@openssh.com"); /* Test all unknown MACs */ rc = ssh_options_set(session, SSH_OPTIONS_HMAC_S_C, "unknown-crap@example.com"); diff --git a/tests/unittests/torture_packet.c b/tests/unittests/torture_packet.c index 32d91b61..922c8325 100644 --- a/tests/unittests/torture_packet.c +++ b/tests/unittests/torture_packet.c @@ -137,6 +137,30 @@ torture_packet(const char *cipher, const char *mac_type, ssh_free(session); } +static void torture_packet_aes128_ctr_etm(UNUSED_PARAM(void **state)) +{ + int i; + for (i = 1; i < 256; ++i) { + torture_packet("aes128-ctr", "hmac-sha1-etm@openssh.com", "none", i); + } +} + +static void torture_packet_aes192_ctr_etm(UNUSED_PARAM(void **state)) +{ + int i; + for (i = 1; i < 256; ++i) { + torture_packet("aes192-ctr", "hmac-sha1-etm@openssh.com", "none", i); + } +} + +static void torture_packet_aes256_ctr_etm(UNUSED_PARAM(void **state)) +{ + int i; + for (i = 1; i < 256; ++i) { + torture_packet("aes256-ctr", "hmac-sha1-etm@openssh.com", "none", i); + } +} + static void torture_packet_aes128_ctr(void **state) { int i; @@ -191,6 +215,30 @@ static void torture_packet_aes256_cbc(void **state) } } +static void torture_packet_aes128_cbc_etm(UNUSED_PARAM(void **state)) +{ + int i; + for (i = 1; i < 256; ++i) { + torture_packet("aes128-cbc", "hmac-sha1-etm@openssh.com", "none", i); + } +} + +static void torture_packet_aes192_cbc_etm(UNUSED_PARAM(void **state)) +{ + int i; + for (i = 1; i < 256; ++i) { + torture_packet("aes192-cbc", "hmac-sha1-etm@openssh.com", "none", i); + } +} + +static void torture_packet_aes256_cbc_etm(UNUSED_PARAM(void **state)) +{ + int i; + for (i = 1; i < 256; ++i) { + torture_packet("aes256-cbc", "hmac-sha1-etm@openssh.com", "none", i); + } +} + static void torture_packet_3des_cbc(void **state) { int i; @@ -200,6 +248,14 @@ static void torture_packet_3des_cbc(void **state) } } +static void torture_packet_3des_cbc_etm(UNUSED_PARAM(void **state)) +{ + int i; + for (i = 1; i < 256; ++i) { + torture_packet("3des-cbc", "hmac-sha1-etm@openssh.com", "none", i); + } +} + static void torture_packet_chacha20(void **state) { int i; @@ -251,10 +307,17 @@ int torture_run_tests(void) { cmocka_unit_test(torture_packet_aes128_ctr), cmocka_unit_test(torture_packet_aes192_ctr), cmocka_unit_test(torture_packet_aes256_ctr), + cmocka_unit_test(torture_packet_aes128_ctr_etm), + cmocka_unit_test(torture_packet_aes192_ctr_etm), + cmocka_unit_test(torture_packet_aes256_ctr_etm), cmocka_unit_test(torture_packet_aes128_cbc), cmocka_unit_test(torture_packet_aes192_cbc), cmocka_unit_test(torture_packet_aes256_cbc), + cmocka_unit_test(torture_packet_aes128_cbc_etm), + cmocka_unit_test(torture_packet_aes192_cbc_etm), + cmocka_unit_test(torture_packet_aes256_cbc_etm), cmocka_unit_test(torture_packet_3des_cbc), + cmocka_unit_test(torture_packet_3des_cbc_etm), cmocka_unit_test(torture_packet_chacha20), cmocka_unit_test(torture_packet_aes128_gcm), cmocka_unit_test(torture_packet_aes256_gcm), |