[Git][NTPsec/ntpsec][master] ntp.ntpc: Fix issue where mac wrapper stops before sending a NUL, '\0'
Richard Laager (@rlaager)
gitlab at mg.gitlab.com
Sun Apr 24 23:01:57 UTC 2022
Richard Laager pushed to branch master at NTPsec / ntpsec
Commits:
2bd0054d by James Browning at 2022-04-24T23:01:51+00:00
ntp.ntpc: Fix issue where mac wrapper stops before sending a NUL, '\0'
- - - - -
3 changed files:
- pylib/ntpc.py
- pylib/packet.py
- tests/pylib/test_packet.py
Changes:
=====================================
pylib/ntpc.py
=====================================
@@ -76,14 +76,14 @@ def checkname(name):
def mac(data, key, name):
"""Compute HMAC or CMAC from data, key, and algorithm name."""
resultlen = ctypes.c_size_t()
- result = (ctypes.c_char * 64)()
+ result = (ctypes.c_ubyte * 64)()
result.value = b'\0' * 64
_ntpc.do_mac.restype = None
_ntpc.do_mac(ntp.poly.polybytes(name),
ntp.poly.polybytes(data), len(data),
ntp.poly.polybytes(key), len(key),
ctypes.byref(result), ctypes.byref(resultlen))
- return result.value
+ return (resultlen.value, bytearray(result))
def setprogname(in_string):
=====================================
pylib/packet.py
=====================================
@@ -1746,9 +1746,9 @@ class Authenticator:
'Create the authentication payload to send'
if not ntp.ntpc.checkname(keytype):
return False
- mac2 = ntp.ntpc.mac(ntp.poly.polybytes(payload),
- ntp.poly.polybytes(passwd), keytype)
- if not mac2 or len(mac2) == 0:
+ rlen, mac2 = ntp.ntpc.mac(payload, passwd, keytype)
+ mac2 = mac2[:min(len(passwd),MAX_BARE_MAC_LENGTH)]
+ if not (mac2 and len(mac2) in (16, 20)):
return b''
return struct.pack("!I", keyid) + mac2
@@ -1772,9 +1772,11 @@ class Authenticator:
(keytype, passwd) = self.passwords[keyid]
if not ntp.ntpc.checkname(keytype):
return False
- mac2 = ntp.ntpc.mac(ntp.poly.polybytes(payload),
- ntp.poly.polybytes(passwd), keytype)
- if not mac2:
+ len2, mac2 = ntp.ntpc.mac(payload, passwd, keytype)
+ mac2 = mac2[:min(len2,MAX_BARE_MAC_LENGTH)] # clip to current standard
+ mac2 = bytes(mac2)
+ len2 = len(mac2)
+ if not mac2 or len2 != len(mac):
return False
# typically preferred to avoid timing attacks client-side (in theory)
try:
=====================================
tests/pylib/test_packet.py
=====================================
@@ -2115,6 +2115,19 @@ class TestAuthenticator(unittest.TestCase):
self.assertEqual(cls.verify_mac(ntp.poly.polybytes(
ntp.util.hexstr2octets(bad_pkt)), packet_end=48, mac_begin=48), False)
+ def test_nul_trunc(self):
+ k_type = "aria-128"
+ key = ntp.util.hexstr2octets("74a98aedbd555de8016bc61bd3030a5e")
+ sample = ntp.util.hexstr2octets("240100eb000000000000005050505300" + \
+ "e60c1ccd1a87cb02e60c1cc930725000" + \
+ "e60c1cdc4fc6d5bde60c1cdc4fd93178" + \
+ "0000006eb30b6d000cdb7aee4a5e15a1" + \
+ "607ba83d")
+ len2, mac = ntp.ntpc.mac(ntp.poly.polybytes(sample[:48]),
+ ntp.poly.polybytes(key), k_type)
+ mac1 = ntp.poly.polybytes(sample[52:])
+ mac2 = mac[:len2]
+ self.assertEqual([len(mac1), mac1], [len(mac2), mac2], 'nulltrunc')
if __name__ == "__main__":
unittest.main()
View it on GitLab: https://gitlab.com/NTPsec/ntpsec/-/commit/2bd0054d74a87d0574ff20b9a824ee3bb9269f3e
--
View it on GitLab: https://gitlab.com/NTPsec/ntpsec/-/commit/2bd0054d74a87d0574ff20b9a824ee3bb9269f3e
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ntpsec.org/pipermail/vc/attachments/20220424/e113e81a/attachment-0001.htm>
More information about the vc
mailing list