github.com/devops-filetransfer/sshego@v7.0.4+incompatible/_vendor/golang.org/x/crypto/ssh/cipher_test.go (about) 1 // Copyright 2011 The Go Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style 3 // license that can be found in the LICENSE file. 4 5 package ssh 6 7 import ( 8 "bytes" 9 "crypto" 10 "crypto/aes" 11 "crypto/rand" 12 "testing" 13 ) 14 15 func TestDefaultCiphersExist(t *testing.T) { 16 for _, cipherAlgo := range supportedCiphers { 17 if _, ok := cipherModes[cipherAlgo]; !ok { 18 t.Errorf("default cipher %q is unknown", cipherAlgo) 19 } 20 } 21 } 22 23 func TestPacketCiphers(t *testing.T) { 24 // Still test aes128cbc cipher although it's commented out. 25 cipherModes[aes128cbcID] = &streamCipherMode{16, aes.BlockSize, 0, nil} 26 defer delete(cipherModes, aes128cbcID) 27 28 for cipher := range cipherModes { 29 for mac := range macModes { 30 kr := &kexResult{Hash: crypto.SHA1} 31 algs := directionAlgorithms{ 32 Cipher: cipher, 33 MAC: mac, 34 Compression: "none", 35 } 36 client, err := newPacketCipher(clientKeys, algs, kr) 37 if err != nil { 38 t.Errorf("newPacketCipher(client, %q, %q): %v", cipher, mac, err) 39 continue 40 } 41 server, err := newPacketCipher(clientKeys, algs, kr) 42 if err != nil { 43 t.Errorf("newPacketCipher(client, %q, %q): %v", cipher, mac, err) 44 continue 45 } 46 47 want := "bla bla" 48 input := []byte(want) 49 buf := &bytes.Buffer{} 50 if err := client.writePacket(0, buf, rand.Reader, input); err != nil { 51 t.Errorf("writePacket(%q, %q): %v", cipher, mac, err) 52 continue 53 } 54 55 packet, err := server.readPacket(0, buf) 56 if err != nil { 57 t.Errorf("readPacket(%q, %q): %v", cipher, mac, err) 58 continue 59 } 60 61 if string(packet) != want { 62 t.Errorf("roundtrip(%q, %q): got %q, want %q", cipher, mac, packet, want) 63 } 64 } 65 } 66 } 67 68 func TestCBCOracleCounterMeasure(t *testing.T) { 69 cipherModes[aes128cbcID] = &streamCipherMode{16, aes.BlockSize, 0, nil} 70 defer delete(cipherModes, aes128cbcID) 71 72 kr := &kexResult{Hash: crypto.SHA1} 73 algs := directionAlgorithms{ 74 Cipher: aes128cbcID, 75 MAC: "hmac-sha1", 76 Compression: "none", 77 } 78 client, err := newPacketCipher(clientKeys, algs, kr) 79 if err != nil { 80 t.Fatalf("newPacketCipher(client): %v", err) 81 } 82 83 want := "bla bla" 84 input := []byte(want) 85 buf := &bytes.Buffer{} 86 if err := client.writePacket(0, buf, rand.Reader, input); err != nil { 87 t.Errorf("writePacket: %v", err) 88 } 89 90 packetSize := buf.Len() 91 buf.Write(make([]byte, 2*maxPacket)) 92 93 // We corrupt each byte, but this usually will only test the 94 // 'packet too large' or 'MAC failure' cases. 95 lastRead := -1 96 for i := 0; i < packetSize; i++ { 97 server, err := newPacketCipher(clientKeys, algs, kr) 98 if err != nil { 99 t.Fatalf("newPacketCipher(client): %v", err) 100 } 101 102 fresh := &bytes.Buffer{} 103 fresh.Write(buf.Bytes()) 104 fresh.Bytes()[i] ^= 0x01 105 106 before := fresh.Len() 107 _, err = server.readPacket(0, fresh) 108 if err == nil { 109 t.Errorf("corrupt byte %d: readPacket succeeded ", i) 110 continue 111 } 112 if _, ok := err.(cbcError); !ok { 113 t.Errorf("corrupt byte %d: got %v (%T), want cbcError", i, err, err) 114 continue 115 } 116 117 after := fresh.Len() 118 bytesRead := before - after 119 if bytesRead < maxPacket { 120 t.Errorf("corrupt byte %d: read %d bytes, want more than %d", i, bytesRead, maxPacket) 121 continue 122 } 123 124 if i > 0 && bytesRead != lastRead { 125 t.Errorf("corrupt byte %d: read %d bytes, want %d bytes read", i, bytesRead, lastRead) 126 } 127 lastRead = bytesRead 128 } 129 }