1999-07-03 16:30:16 +04:00
|
|
|
/* $NetBSD: a_md5encrypt.c,v 1.6 1999/07/03 12:30:28 simonb Exp $ */
|
1998-01-09 06:15:09 +03:00
|
|
|
|
1997-04-18 17:22:49 +04:00
|
|
|
/*
|
|
|
|
* md5crypt - MD5 based authentication routines
|
|
|
|
*/
|
|
|
|
|
|
|
|
#include "ntp_types.h"
|
|
|
|
#include "ntp_string.h"
|
|
|
|
#include "md5.h"
|
|
|
|
#include "ntp_stdlib.h"
|
|
|
|
|
1998-03-06 21:17:12 +03:00
|
|
|
extern u_int32 cache_keyid;
|
1997-04-18 17:22:49 +04:00
|
|
|
extern char *cache_key;
|
|
|
|
extern int cache_keylen;
|
|
|
|
|
|
|
|
#ifndef HAVE_MEMMOVE
|
|
|
|
extern void *memmove P((void *, const void *, size_t));
|
|
|
|
#endif
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Stat counters, imported from data base module
|
|
|
|
*/
|
|
|
|
extern u_int32 authencryptions;
|
|
|
|
extern u_int32 authdecryptions;
|
|
|
|
extern u_int32 authkeyuncached;
|
|
|
|
extern u_int32 authnokey;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* For our purposes an NTP packet looks like:
|
|
|
|
*
|
|
|
|
* a variable amount of encrypted data, multiple of 8 bytes, followed by:
|
|
|
|
* NOCRYPT_OCTETS worth of unencrypted data, followed by:
|
|
|
|
* BLOCK_OCTETS worth of ciphered checksum.
|
1999-07-03 16:30:16 +04:00
|
|
|
*/
|
1997-04-18 17:22:49 +04:00
|
|
|
#define NOCRYPT_OCTETS 4
|
|
|
|
#define BLOCK_OCTETS 16
|
|
|
|
|
|
|
|
#define NOCRYPT_int32S ((NOCRYPT_OCTETS)/sizeof(u_int32))
|
|
|
|
#define BLOCK_int32S ((BLOCK_OCTETS)/sizeof(u_int32))
|
|
|
|
|
|
|
|
|
|
|
|
int
|
|
|
|
MD5authencrypt(keyno, pkt, length)
|
1998-03-06 21:17:12 +03:00
|
|
|
u_int32 keyno;
|
1997-04-18 17:22:49 +04:00
|
|
|
u_int32 *pkt;
|
|
|
|
int length; /* length of encrypted portion of packet */
|
|
|
|
{
|
|
|
|
MD5_CTX ctx;
|
|
|
|
int len; /* in 4 byte quantities */
|
1998-03-06 21:17:12 +03:00
|
|
|
#ifdef __NetBSD__
|
|
|
|
unsigned char hash[16];
|
|
|
|
#endif
|
1997-04-18 17:22:49 +04:00
|
|
|
|
|
|
|
authencryptions++;
|
|
|
|
|
|
|
|
if (keyno != cache_keyid) {
|
|
|
|
authkeyuncached++;
|
|
|
|
if (!authhavekey(keyno)) {
|
|
|
|
authnokey++;
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
len = length / sizeof(u_int32);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Generate the authenticator.
|
|
|
|
*/
|
|
|
|
MD5Init(&ctx);
|
|
|
|
MD5Update(&ctx, (unsigned const char *)cache_key, cache_keylen);
|
|
|
|
MD5Update(&ctx, (unsigned const char *)pkt, length);
|
1998-03-06 21:17:12 +03:00
|
|
|
#ifdef __NetBSD__
|
1997-04-18 17:53:26 +04:00
|
|
|
MD5Final(hash, &ctx);
|
1998-03-06 21:17:12 +03:00
|
|
|
#else
|
|
|
|
MD5Final(&ctx);
|
|
|
|
#endif
|
1997-04-18 17:22:49 +04:00
|
|
|
|
|
|
|
memmove((char *)&pkt[NOCRYPT_int32S + len],
|
1998-03-06 21:17:12 +03:00
|
|
|
#ifdef __NetBSD__
|
1997-04-18 17:53:26 +04:00
|
|
|
(char *) hash,
|
1998-03-06 21:17:12 +03:00
|
|
|
#else
|
|
|
|
(char *) ctx.digest,
|
|
|
|
#endif
|
1997-04-18 17:22:49 +04:00
|
|
|
BLOCK_OCTETS);
|
|
|
|
return (4 + BLOCK_OCTETS); /* return size of key and MAC */
|
|
|
|
}
|