lib/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2025-08-05 20:55:46 +03:00
Code Activity

tests: Test MAC algorithm mismatch when AEAD cipher is selected

Browse Source 
Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
This commit is contained in:
Jakub Jelen
2020-10-02 11:43:23 +02:00
parent f9bd1db8c3
commit 22f89e043b
1 changed files with 57 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

57
tests/client/torture_algorithms.c
View File

@@ -45,6 +45,16 @@ static int sshd_teardown(void **state) {
return 0; return 0;
} }
static int sshd_setup_hmac(void **state)
{
torture_setup_sshd_server(state, false);
/* Set MAC to be something other than what the client will offer */
torture_update_sshd_config(state, "MACs hmac-sha2-512");
return 0;
}
static int session_setup(void **state) { static int session_setup(void **state) {
struct torture_state *s = *state; struct torture_state *s = *state;
int verbosity = torture_libssh_verbosity(); int verbosity = torture_libssh_verbosity();
@@ -412,6 +422,20 @@ static void torture_algorithms_aes256_gcm(void **state)
test_algorithm(s->ssh.session, NULL/*kex*/, "aes256-gcm@openssh.com", NULL); test_algorithm(s->ssh.session, NULL/*kex*/, "aes256-gcm@openssh.com", NULL);
} }
static void torture_algorithms_aes128_gcm_mac(void **state)
{
struct torture_state *s = *state;
test_algorithm(s->ssh.session, NULL/*kex*/, "aes128-gcm@openssh.com", "hmac-sha1");
}
static void torture_algorithms_aes256_gcm_mac(void **state)
{
struct torture_state *s = *state;
test_algorithm(s->ssh.session, NULL/*kex*/, "aes256-gcm@openssh.com", "hmac-sha1");
}
static void torture_algorithms_3des_cbc_hmac_sha1(void **state) { static void torture_algorithms_3des_cbc_hmac_sha1(void **state) {
struct torture_state *s = *state; struct torture_state *s = *state;
@@ -548,6 +572,19 @@ static void torture_algorithms_chacha20_poly1305(void **state)
"chacha20-poly1305@openssh.com", "chacha20-poly1305@openssh.com",
NULL); NULL);
} }
static void torture_algorithms_chacha20_poly1305_mac(void **state)
{
struct torture_state *s = *state;
if (ssh_fips_mode()) {
skip();
}
test_algorithm(s->ssh.session,
NULL, /*kex*/
"chacha20-poly1305@openssh.com",
"hmac-sha1"); /* different from the server */
}
#endif /* OPENSSH_CHACHA20_POLY1305_OPENSSH_COM */ #endif /* OPENSSH_CHACHA20_POLY1305_OPENSSH_COM */
static void torture_algorithms_zlib(void **state) { static void torture_algorithms_zlib(void **state) {
@@ -951,10 +988,30 @@ int torture_run_tests(void) {
#endif #endif
}; };
struct CMUnitTest tests_hmac[] = {
cmocka_unit_test_setup_teardown(torture_algorithms_aes128_gcm_mac,
session_setup,
session_teardown),
cmocka_unit_test_setup_teardown(torture_algorithms_aes256_gcm_mac,
session_setup,
session_teardown),
#ifdef OPENSSH_CHACHA20_POLY1305_OPENSSH_COM
cmocka_unit_test_setup_teardown(torture_algorithms_chacha20_poly1305_mac,
session_setup,
session_teardown),
#endif /* OPENSSH_CHACHA20_POLY1305_OPENSSH_COM */
};
ssh_init(); ssh_init();
torture_filter_tests(tests); torture_filter_tests(tests);
rc = cmocka_run_group_tests(tests, sshd_setup, sshd_teardown); rc = cmocka_run_group_tests(tests, sshd_setup, sshd_teardown);
if (rc != 0) {
return rc;
}
torture_filter_tests(tests);
rc = cmocka_run_group_tests(tests_hmac, sshd_setup_hmac, sshd_teardown);
ssh_finalize(); ssh_finalize();