[Git][NTPsec/ntpsec][master] pylib: truncate authenticators to the lesser of 20 octets ...
Hal Murray (@hal.murray)
gitlab at mg.gitlab.com
Sat Nov 18 19:10:11 UTC 2023
Hal Murray pushed to branch master at NTPsec / ntpsec
Commits:
d9982f7a by James Browning at 2023-11-17T16:07:43-08:00
pylib: truncate authenticators to the lesser of 20 octets ...
or reported output length; this is needed to make pylib work
with long digests such as BLAKE2, SHA-2, and SHA-3. NTPsec
truncates CMACs to 16 octets already.
- - - - -
4 changed files:
- pylib/ntpc.py
- pylib/packet.py
- tests/pylib/test_ntpc.py
- tests/pylib/test_packet.py
Changes:
=====================================
pylib/ntpc.py
=====================================
@@ -83,7 +83,7 @@ def mac(data, key, name):
ntp.poly.polybytes(data), len(data),
ntp.poly.polybytes(key), len(key),
ctypes.byref(result), ctypes.byref(resultlen))
- return ntp.poly.polybytes(bytearray(result)[:resultlen.value])
+ return ntp.poly.polybytes(bytearray(result)[:min(resultlen.value, 20)])
def setprogname(in_string):
=====================================
pylib/packet.py
=====================================
@@ -1747,7 +1747,7 @@ class Authenticator:
if not ntp.ntpc.checkname(keytype):
return False
mac2 = ntp.ntpc.mac(ntp.poly.polybytes(payload),
- ntp.poly.polybytes(passwd), keytype)
+ ntp.poly.polybytes(passwd), keytype)[:20]
if not mac2 or len(mac2) == 0:
return b''
return struct.pack("!I", keyid) + mac2
@@ -1773,7 +1773,7 @@ class Authenticator:
if not ntp.ntpc.checkname(keytype):
return False
mac2 = ntp.ntpc.mac(ntp.poly.polybytes(payload),
- ntp.poly.polybytes(passwd), keytype)
+ ntp.poly.polybytes(passwd), keytype)[:20]
if not mac2:
return False
# typically preferred to avoid timing attacks client-side (in theory)
=====================================
tests/pylib/test_ntpc.py
=====================================
@@ -30,7 +30,7 @@ class TestPylibNtpc(unittest.TestCase):
self.assertEqual(ntp.ntpc.prettydate(in_string), to_string)
self.assertAlmostEqual(ntp.ntpc.lfptofloat(in_string), to_float)
- def test_nul_trunc(self):
+ def test_nul_trunc16(self):
k_type = "aes-128"
key = ntp.util.hexstr2octets(
"0fd2287c1e97a50cb9d3cb9f80debcb6")
@@ -45,6 +45,22 @@ class TestPylibNtpc(unittest.TestCase):
mac1 = ntp.poly.polybytes(sample[52:])
self.assertEqual([len(mac1), mac1], [len(mac2), mac2], msg="nul trunc")
+ def test_nul_trunc16(self):
+ k_type = "aes-256"
+ key = ntp.util.hexstr2octets(
+ "fc0af35640142bb85ad03a892a81fa9d" +
+ "891b108289c3f6725a01a10f697c1b4c")
+ sample = ntp.util.hexstr2octets(
+ "e3000000000000000000000000000000"
+ "00000000000000000000000000000000" +
+ "0000000000000000e8640b021a39a000" +
+ "0000003d" +
+ "3110829513e46cde2bcca37609669b9c")
+ mac2 = ntp.ntpc.mac(ntp.poly.polybytes(sample[:48]),
+ ntp.poly.polybytes(key), k_type)
+ mac1 = ntp.poly.polybytes(sample[52:][:16])
+ self.assertEqual([len(mac1), mac1], [len(mac2), mac2], msg="nul trunc")
+
if __name__ == '__main__':
unittest.main()
=====================================
tests/pylib/test_packet.py
=====================================
@@ -2091,13 +2091,18 @@ class TestAuthenticator(unittest.TestCase):
def test_compute_mac(self):
f = self.target.compute_mac
- pkt = ntp.util.hexstr2octets('240300e8000012ce0000091941138e89' +
- 'e25b102e9fe94dc9e25b1175bd5a3000' + 'e25b1175bd6cf48ee25b1175bd70e594')
+ pkt = ntp.util.hexstr2octets('240300e8000012ce0000091941138e89'
+ 'e25b102e9fe94dc9e25b1175bd5a3000'
+ 'e25b1175bd6cf48ee25b1175bd70e594')
mac1 = b'\x00\x00\x00\rL\x7f\xc1\xd1\xe9\xd3\xf8\xec\x91\xdf\xecS\x89e\xc5\xf3'
+ mac2 = b'\x00\x00\x00\x0e\'\xca\xf3\xa8G\xbe\x99\xaf\x96!<\x1a\x95\xd6\xc7i'
key1 = ntp.util.hexstr2octets('2f3badbb640bf975fec519df8a83e829')
- key2 = ''
+ key2 = ntp.util.hexstr2octets('fc0af35640142bb85ad03a892a81fa9d'
+ '891b108289c3f6725a01a10f697c1b4c')
+ key3 = ''
self.assertEqual(f(pkt, 0x0d, 'aes', key1), mac1)
- self.assertEqual(f(pkt, 0x0e, 'neun', key2), False)
+ self.assertEqual(f(pkt, 0x0e, 'aes-256', key2), mac2)
+ self.assertEqual(f(pkt, 0x0f, 'neun', key3), False)
def test_have_mac(self):
f = self.target.have_mac
@@ -2112,12 +2117,16 @@ class TestAuthenticator(unittest.TestCase):
cls = self.target()
cls.passwords[0x0d] = (
'aes-128', ntp.util.hexstr2octets('2f3badbb640bf975fec519df8a83e829'))
- good_pkt = '240300e80000139a00000ae8cc0286a2' + 'e25c0c4dfff93ee2e25c0cca53f45000' + \
- 'e25c0cca54048d79e25c0cca5408646b' + \
- '0000000dbe93e3f1d530d9252147c298' + 'c00c85f9'
- bad_pkt = '240300e80000131f00000779cc0286a2' + 'e25c0d54ff6e4835e25c0dc2bea43000' + \
- 'e25c0dc2beb78905e25c0dc2bebc0737' + \
- '0000000d4c2d64c447e701b74e3ad98c' + 'e65d13c3'
+ good_pkt = ('240300e80000139a00000ae8cc0286a2'
+ 'e25c0c4dfff93ee2e25c0cca53f45000'
+ 'e25c0cca54048d79e25c0cca5408646b'
+ '0000000d'
+ 'be93e3f1d530d9252147c298c00c85f9')
+ bad_pkt = ('240300e80000131f00000779cc0286a2'
+ 'e25c0d54ff6e4835e25c0dc2bea43000'
+ 'e25c0dc2beb78905e25c0dc2bebc0737'
+ '0000000d'
+ '4c2d64c447e701b74e3ad98ce65d13c3')
# Test good
self.assertEqual(cls.verify_mac(ntp.poly.polybytes(
ntp.util.hexstr2octets(good_pkt)), packet_end=48, mac_begin=48), True)
View it on GitLab: https://gitlab.com/NTPsec/ntpsec/-/commit/d9982f7ac1bb75890adc95a5f71179092a018161
--
View it on GitLab: https://gitlab.com/NTPsec/ntpsec/-/commit/d9982f7ac1bb75890adc95a5f71179092a018161
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ntpsec.org/pipermail/vc/attachments/20231118/396fc4a0/attachment-0001.htm>
More information about the vc
mailing list