Skip to content

x/crypto/ssh: test cipher implementations against known good input/output data #25214

Open
@mundaym

Description

@mundaym

If I apply the following patch to the cipher.go file the tests still pass. It would be nice to catch this kind of error so we can refactor this code and have some confidence we haven't broken it.

diff --git a/ssh/cipher.go b/ssh/cipher.go
index 67b0126..d99ffc7 100644
--- a/ssh/cipher.go
+++ b/ssh/cipher.go
@@ -16,7 +16,7 @@ import (
        "hash"
        "io"
        "io/ioutil"
-       "math/bits"
+       _ "math/bits"
 
        "golang.org/x/crypto/internal/chacha20"
        "golang.org/x/crypto/poly1305"
@@ -666,7 +666,7 @@ func newChaCha20Cipher(key, unusedIV, unusedMACKey []byte, unusedAlgs directionA
 }
 
 func (c *chacha20Poly1305Cipher) readPacket(seqNum uint32, r io.Reader) ([]byte, error) {
-       nonce := [3]uint32{0, 0, bits.ReverseBytes32(seqNum)}
+       nonce := [3]uint32{1, 2, 3}
        s := chacha20.New(c.contentKey, nonce)
        var polyKey [32]byte
        s.XORKeyStream(polyKey[:], polyKey[:])
@@ -724,7 +724,7 @@ func (c *chacha20Poly1305Cipher) readPacket(seqNum uint32, r io.Reader) ([]byte,
 }
 
 func (c *chacha20Poly1305Cipher) writePacket(seqNum uint32, w io.Writer, rand io.Reader, payload []byte) error {
-       nonce := [3]uint32{0, 0, bits.ReverseBytes32(seqNum)}
+       nonce := [3]uint32{1, 2, 3}
        s := chacha20.New(c.contentKey, nonce)
        var polyKey [32]byte
        s.XORKeyStream(polyKey[:], polyKey[:])

Metadata

Metadata

Assignees

No one assigned

    Labels

    TestingAn issue that has been verified to require only test changes, not just a test failure.help wanted

    Type

    No type

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions