13 const struct key *cmp_key,
21 if (cmp_key->key_len > 64)
23 if (pkt_size % 4 != 0)
27 key_type = keytype_from_text(cmp_key->type, NULL);
28 EVP_DigestInit(&ctx, EVP_get_digestbynid(key_type));
29 EVP_DigestUpdate(&ctx, (const u_char *)cmp_key->key_seq, (u_int)cmp_key->key_len);
30 EVP_DigestUpdate(&ctx, pkt_data, (u_int)pkt_size);
31 EVP_DigestFinal(&ctx, digest, &len);
37 /* Generates a md5 digest of the key specified in keyid concatenated with the
38 * ntp packet (exluding the MAC) and compares this digest to the digest in
39 * the packet's MAC. If they're equal this function returns 1 (packet is
40 * authentic) or else 0 (not authentic).
47 const struct key *cmp_key
53 const u_char *pkt_ptr;
54 if (mac_size > (int)sizeof(digest))
57 hash_len = make_mac(pkt_ptr, pkt_size, sizeof(digest), cmp_key,
62 authentic = !memcmp(digest, pkt_ptr + pkt_size + 4,
74 if ('0' <= x && x <= '9')
76 else if ('a' <= x && x <= 'f')
78 else if ('A' <= x && x <= 'F')
86 /* Load keys from the specified keyfile into the key structures.
87 * Returns -1 if the reading failed, otherwise it returns the
88 * number of keys it read
96 FILE *keyf = fopen(keyfile, "r");
97 struct key *prev = NULL;
98 int scan_cnt, line_cnt = 0;
104 printf("sntp auth_init: Couldn't open key file %s for reading!\n", keyfile);
109 printf("sntp auth_init: Key file %s is empty!\n", keyfile);
114 while (!feof(keyf)) {
119 if (NULL == fgets(kbuf, sizeof(kbuf), keyf))
122 kbuf[sizeof(kbuf) - 1] = '\0';
123 octothorpe = strchr(kbuf, '#');
126 act = emalloc(sizeof(*act));
127 scan_cnt = sscanf(kbuf, "%d %9s %128s", &act->key_id, act->type, keystring);
129 int len = strlen(keystring);
132 memcpy(act->key_seq, keystring, len + 1);
134 } else if ((len & 1) != 0) {
135 goodline = 0; /* it's bad */
139 act->key_len = len >> 1;
140 for (j = 0; j < len; j+=2) {
142 val = (hex_val(keystring[j]) << 4) |
143 hex_val(keystring[j+1]);
145 goodline = 0; /* it's bad */
148 act->key_seq[j>>1] = (char)val;
161 msyslog(LOG_DEBUG, "auth_init: scanf %d items, skipping line %d.",
173 /* Looks for the key with keyid key_id and sets the d_key pointer to the
174 * address of the key. If no matching key is found the pointer is not touched.
186 for (itr_key = key_ptr; itr_key; itr_key = itr_key->next) {
187 if (itr_key->key_id == key_id) {