hmurray at megapathdsl.net
Wed Jun 13 10:43:34 UTC 2018
I just pushed the code to add CMAC authentication.
There may be some very old systems with versions of OpenSSL/libcrypt that
don't support CMACs. I haven't conditionalized any of the code. Be alert to
errors about a missing openssl/cmac.h
gitlab said my pipeline passed.
If somebody finds a system without it, we get to decide if we should require
CMAC support in libcrypto, or add the ifdefs to build on systems without it.
I haven't tested authentication with ntpq.
The documentation probably needs more work. (It needed it before my changes.)
I want to work on some of the auth tests to actually read a keys file.
The general idea is to use AES CMAC rather than message digests for
authentication. The code will work with any encryption algorithm with a CBC
mode that is supported by your local libcrypt.
The new tag in the keys file is "AES" which is short for AES-128. (The
key-reading code adds the "-CBC".)
It works with ntp classic 4.2.8p11. It doesn't work with 4.2.8p10 which is
shipping with Raspian/Debian for the Pi. They use AES128CMAC in the keys
file, so I accept that too.
A big part of the work was removing the cache of the most recent key lookup.
The old key-lookup code left results in global variables and picked them up
later on. The code now passes around a pointer to a struct with all the data
for a key. That part of the code would probably work with multiple threads.
The normal case where a cache would help is a server replying to an
authenticated request. The new code just passes around the pointer which is
also a flag indicating the need for authentication.
CMAC keys have to be the right length. (digest keys can be any length.) For
AES-128, that's 128 bits or 16 bytes. The key-reading code truncates or pads
if necessary. ntpkeygen has been updated to make 2 batches of AES keys, one
with 16 bytes of text and the second with 16 bytes encoded as hex.
These are my opinions. I hate spam.
More information about the devel