2013-12-04 21:33:17 +00:00
|
|
|
#include <config.h>
|
|
|
|
|
#include "crypto.h"
|
|
|
|
|
#include <ctype.h>
|
2016-04-27 05:37:54 +00:00
|
|
|
#include "isc/string.h"
|
2013-12-04 21:33:17 +00:00
|
|
|
|
|
|
|
|
struct key *key_ptr;
|
2015-02-05 20:53:33 +00:00
|
|
|
size_t key_cnt = 0;
|
2013-12-04 21:33:17 +00:00
|
|
|
|
|
|
|
|
int
|
|
|
|
|
make_mac(
|
2016-01-21 08:50:56 +00:00
|
|
|
const void *pkt_data,
|
2013-12-04 21:33:17 +00:00
|
|
|
int pkt_size,
|
|
|
|
|
int mac_size,
|
2016-01-21 08:50:56 +00:00
|
|
|
const struct key *cmp_key,
|
|
|
|
|
void * digest
|
2013-12-04 21:33:17 +00:00
|
|
|
)
|
|
|
|
|
{
|
|
|
|
|
u_int len = mac_size;
|
|
|
|
|
int key_type;
|
|
|
|
|
EVP_MD_CTX ctx;
|
|
|
|
|
|
|
|
|
|
if (cmp_key->key_len > 64)
|
|
|
|
|
return 0;
|
|
|
|
|
if (pkt_size % 4 != 0)
|
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
|
|
INIT_SSL();
|
|
|
|
|
key_type = keytype_from_text(cmp_key->type, NULL);
|
|
|
|
|
EVP_DigestInit(&ctx, EVP_get_digestbynid(key_type));
|
2016-01-21 08:50:56 +00:00
|
|
|
EVP_DigestUpdate(&ctx, (const u_char *)cmp_key->key_seq, (u_int)cmp_key->key_len);
|
|
|
|
|
EVP_DigestUpdate(&ctx, pkt_data, (u_int)pkt_size);
|
|
|
|
|
EVP_DigestFinal(&ctx, digest, &len);
|
2013-12-04 21:33:17 +00:00
|
|
|
|
|
|
|
|
return (int)len;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2016-01-21 08:50:56 +00:00
|
|
|
/* Generates a md5 digest of the key specified in keyid concatenated with the
|
2013-12-04 21:33:17 +00:00
|
|
|
* ntp packet (exluding the MAC) and compares this digest to the digest in
|
|
|
|
|
* the packet's MAC. If they're equal this function returns 1 (packet is
|
|
|
|
|
* authentic) or else 0 (not authentic).
|
|
|
|
|
*/
|
|
|
|
|
int
|
|
|
|
|
auth_md5(
|
2016-01-21 08:50:56 +00:00
|
|
|
const void *pkt_data,
|
2013-12-04 21:33:17 +00:00
|
|
|
int pkt_size,
|
|
|
|
|
int mac_size,
|
2016-01-21 08:50:56 +00:00
|
|
|
const struct key *cmp_key
|
2013-12-04 21:33:17 +00:00
|
|
|
)
|
|
|
|
|
{
|
|
|
|
|
int hash_len;
|
|
|
|
|
int authentic;
|
|
|
|
|
char digest[20];
|
2016-01-21 08:50:56 +00:00
|
|
|
const u_char *pkt_ptr;
|
2015-02-05 20:53:33 +00:00
|
|
|
if (mac_size > (int)sizeof(digest))
|
2013-12-04 21:33:17 +00:00
|
|
|
return 0;
|
2016-01-21 08:50:56 +00:00
|
|
|
pkt_ptr = pkt_data;
|
|
|
|
|
hash_len = make_mac(pkt_ptr, pkt_size, sizeof(digest), cmp_key,
|
2013-12-04 21:33:17 +00:00
|
|
|
digest);
|
2016-04-27 05:37:54 +00:00
|
|
|
if (!hash_len) {
|
2013-12-04 21:33:17 +00:00
|
|
|
authentic = FALSE;
|
2016-04-27 05:37:54 +00:00
|
|
|
} else {
|
|
|
|
|
/* isc_tsmemcmp will be better when its easy to link
|
|
|
|
|
* with. sntp is a 1-shot program, so snooping for
|
|
|
|
|
* timing attacks is Harder.
|
|
|
|
|
*/
|
|
|
|
|
authentic = !memcmp(digest, pkt_data + pkt_size + 4,
|
2013-12-04 21:33:17 +00:00
|
|
|
hash_len);
|
2016-04-27 05:37:54 +00:00
|
|
|
}
|
2013-12-04 21:33:17 +00:00
|
|
|
return authentic;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int
|
|
|
|
|
hex_val(
|
|
|
|
|
unsigned char x
|
|
|
|
|
)
|
|
|
|
|
{
|
|
|
|
|
int val;
|
|
|
|
|
|
|
|
|
|
if ('0' <= x && x <= '9')
|
|
|
|
|
val = x - '0';
|
|
|
|
|
else if ('a' <= x && x <= 'f')
|
|
|
|
|
val = x - 'a' + 0xa;
|
|
|
|
|
else if ('A' <= x && x <= 'F')
|
|
|
|
|
val = x - 'A' + 0xA;
|
|
|
|
|
else
|
|
|
|
|
val = -1;
|
|
|
|
|
|
|
|
|
|
return val;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Load keys from the specified keyfile into the key structures.
|
|
|
|
|
* Returns -1 if the reading failed, otherwise it returns the
|
|
|
|
|
* number of keys it read
|
|
|
|
|
*/
|
|
|
|
|
int
|
|
|
|
|
auth_init(
|
|
|
|
|
const char *keyfile,
|
|
|
|
|
struct key **keys
|
|
|
|
|
)
|
|
|
|
|
{
|
|
|
|
|
FILE *keyf = fopen(keyfile, "r");
|
|
|
|
|
struct key *prev = NULL;
|
|
|
|
|
int scan_cnt, line_cnt = 0;
|
|
|
|
|
char kbuf[200];
|
|
|
|
|
char keystring[129];
|
|
|
|
|
|
|
|
|
|
if (keyf == NULL) {
|
2014-12-20 22:52:39 +00:00
|
|
|
if (debug)
|
2013-12-04 21:33:17 +00:00
|
|
|
printf("sntp auth_init: Couldn't open key file %s for reading!\n", keyfile);
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
if (feof(keyf)) {
|
2014-12-20 22:52:39 +00:00
|
|
|
if (debug)
|
2013-12-04 21:33:17 +00:00
|
|
|
printf("sntp auth_init: Key file %s is empty!\n", keyfile);
|
|
|
|
|
fclose(keyf);
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
key_cnt = 0;
|
|
|
|
|
while (!feof(keyf)) {
|
|
|
|
|
char * octothorpe;
|
2014-12-20 22:52:39 +00:00
|
|
|
struct key *act;
|
2013-12-04 21:33:17 +00:00
|
|
|
int goodline = 0;
|
|
|
|
|
|
|
|
|
|
if (NULL == fgets(kbuf, sizeof(kbuf), keyf))
|
|
|
|
|
continue;
|
|
|
|
|
|
|
|
|
|
kbuf[sizeof(kbuf) - 1] = '\0';
|
|
|
|
|
octothorpe = strchr(kbuf, '#');
|
|
|
|
|
if (octothorpe)
|
|
|
|
|
*octothorpe = '\0';
|
2014-12-20 22:52:39 +00:00
|
|
|
act = emalloc(sizeof(*act));
|
2013-12-04 21:33:17 +00:00
|
|
|
scan_cnt = sscanf(kbuf, "%d %9s %128s", &act->key_id, act->type, keystring);
|
|
|
|
|
if (scan_cnt == 3) {
|
|
|
|
|
int len = strlen(keystring);
|
|
|
|
|
if (len <= 20) {
|
|
|
|
|
act->key_len = len;
|
|
|
|
|
memcpy(act->key_seq, keystring, len + 1);
|
|
|
|
|
goodline = 1;
|
|
|
|
|
} else if ((len & 1) != 0) {
|
|
|
|
|
goodline = 0; /* it's bad */
|
|
|
|
|
} else {
|
|
|
|
|
int j;
|
|
|
|
|
goodline = 1;
|
|
|
|
|
act->key_len = len >> 1;
|
|
|
|
|
for (j = 0; j < len; j+=2) {
|
|
|
|
|
int val;
|
|
|
|
|
val = (hex_val(keystring[j]) << 4) |
|
|
|
|
|
hex_val(keystring[j+1]);
|
|
|
|
|
if (val < 0) {
|
|
|
|
|
goodline = 0; /* it's bad */
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
act->key_seq[j>>1] = (char)val;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
if (goodline) {
|
|
|
|
|
act->next = NULL;
|
|
|
|
|
if (NULL == prev)
|
|
|
|
|
*keys = act;
|
|
|
|
|
else
|
|
|
|
|
prev->next = act;
|
|
|
|
|
prev = act;
|
|
|
|
|
key_cnt++;
|
|
|
|
|
} else {
|
|
|
|
|
msyslog(LOG_DEBUG, "auth_init: scanf %d items, skipping line %d.",
|
|
|
|
|
scan_cnt, line_cnt);
|
|
|
|
|
free(act);
|
|
|
|
|
}
|
|
|
|
|
line_cnt++;
|
|
|
|
|
}
|
|
|
|
|
fclose(keyf);
|
|
|
|
|
|
|
|
|
|
key_ptr = *keys;
|
|
|
|
|
return key_cnt;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Looks for the key with keyid key_id and sets the d_key pointer to the
|
|
|
|
|
* address of the key. If no matching key is found the pointer is not touched.
|
|
|
|
|
*/
|
|
|
|
|
void
|
|
|
|
|
get_key(
|
|
|
|
|
int key_id,
|
|
|
|
|
struct key **d_key
|
|
|
|
|
)
|
|
|
|
|
{
|
|
|
|
|
struct key *itr_key;
|
|
|
|
|
|
|
|
|
|
if (key_cnt == 0)
|
|
|
|
|
return;
|
|
|
|
|
for (itr_key = key_ptr; itr_key; itr_key = itr_key->next) {
|
|
|
|
|
if (itr_key->key_id == key_id) {
|
|
|
|
|
*d_key = itr_key;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return;
|
|
|
|
|
}
|
