PKG_SSH_V1.0, FCS_SSH_EXT.1.3, tests 1 and 2 require testing for large packets by identifying the maximum supported size in the TOE SSH implementation and sending a packet 1 byte larger than this.  PKG_SSH_V1.0 section 3.2 also requires that TOE conform to RFC 4253.

However, RFC 4253 section 6 specifies that SSH packets must have a size or length which is a multiple of 8 bytes, using padding to accomplish this as necessary.

These requirements are in conflict, because it is not possible to increment an SSH packet by 1 byte; all valid SSH packets must be multiples of 8 bytes.

5/19/2023: This TD has been archived and superseded by TD 732.

PKG_SSH_V1.0, FCS_SSH_EXT.1.3, Test 2, step b shall be updated as follows with underline denoting additions and strikethroughs denoting deletions:

b. Next the evaluator shall craft a packet that is one a multiple of eight bytes larger than the maximum size specified in this component and send it through the established SSH connection to the TOE.

See Issue Description.