[BACK]Return to a_md5encrypt.c CVS log [TXT] [DIR] Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / ntp / libntp
File:  [ELWIX - Embedded LightWeight unIX -] / embedaddon / ntp / libntp / a_md5encrypt.c
Revision 1.1.1.1 (vendor branch): download - view: text, annotated - select for diffs - revision graph
Tue May 29 12:08:38 2012 UTC (12 years, 3 months ago) by misho
Branches: ntp, MAIN
CVS tags: v4_2_6p5p0, v4_2_6p5, HEAD
ntp 4.2.6p5

    1: /*
    2:  *	digest support for NTP, MD5 and with OpenSSL more
    3:  */
    4: #ifdef HAVE_CONFIG_H
    5: #include <config.h>
    6: #endif
    7: 
    8: #include "ntp_fp.h"
    9: #include "ntp_string.h"
   10: #include "ntp_stdlib.h"
   11: #include "ntp.h"
   12: #ifdef OPENSSL
   13: # include "openssl/evp.h"
   14: #else
   15: # include "ntp_md5.h"	/* provides clone of OpenSSL MD5 API */
   16: #endif
   17: 
   18: /*
   19:  * MD5authencrypt - generate message digest
   20:  *
   21:  * Returns length of MAC including key ID and digest.
   22:  */
   23: int
   24: MD5authencrypt(
   25: 	int	type,		/* hash algorithm */
   26: 	u_char	*key,		/* key pointer */
   27: 	u_int32 *pkt,		/* packet pointer */
   28: 	int	length		/* packet length */
   29: 	)
   30: {
   31: 	u_char	digest[EVP_MAX_MD_SIZE];
   32: 	u_int	len;
   33: 	EVP_MD_CTX ctx;
   34: 
   35: 	/*
   36: 	 * Compute digest of key concatenated with packet. Note: the
   37: 	 * key type and digest type have been verified when the key
   38: 	 * was creaded.
   39: 	 */
   40: 	INIT_SSL();
   41: 	EVP_DigestInit(&ctx, EVP_get_digestbynid(type));
   42: 	EVP_DigestUpdate(&ctx, key, (u_int)cache_keylen);
   43: 	EVP_DigestUpdate(&ctx, (u_char *)pkt, (u_int)length);
   44: 	EVP_DigestFinal(&ctx, digest, &len);
   45: 	memmove((u_char *)pkt + length + 4, digest, len);
   46: 	return (len + 4);
   47: }
   48: 
   49: 
   50: /*
   51:  * MD5authdecrypt - verify MD5 message authenticator
   52:  *
   53:  * Returns one if digest valid, zero if invalid.
   54:  */
   55: int
   56: MD5authdecrypt(
   57: 	int	type,		/* hash algorithm */
   58: 	u_char	*key,		/* key pointer */
   59: 	u_int32	*pkt,		/* packet pointer */
   60: 	int	length,	 	/* packet length */
   61: 	int	size		/* MAC size */
   62: 	)
   63: {
   64: 	u_char	digest[EVP_MAX_MD_SIZE];
   65: 	u_int	len;
   66: 	EVP_MD_CTX ctx;
   67: 
   68: 	/*
   69: 	 * Compute digest of key concatenated with packet. Note: the
   70: 	 * key type and digest type have been verified when the key
   71: 	 * was created.
   72: 	 */
   73: 	INIT_SSL();
   74: 	EVP_DigestInit(&ctx, EVP_get_digestbynid(type));
   75: 	EVP_DigestUpdate(&ctx, key, (u_int)cache_keylen);
   76: 	EVP_DigestUpdate(&ctx, (u_char *)pkt, (u_int)length);
   77: 	EVP_DigestFinal(&ctx, digest, &len);
   78: 	if ((u_int)size != len + 4) {
   79: 		msyslog(LOG_ERR,
   80: 		    "MAC decrypt: MAC length error");
   81: 		return (0);
   82: 	}
   83: 	return (!memcmp(digest, (char *)pkt + length + 4, len));
   84: }
   85: 
   86: /*
   87:  * Calculate the reference id from the address. If it is an IPv4
   88:  * address, use it as is. If it is an IPv6 address, do a md5 on
   89:  * it and use the bottom 4 bytes.
   90:  * The result is in network byte order.
   91:  */
   92: u_int32
   93: addr2refid(sockaddr_u *addr)
   94: {
   95: 	u_char		digest[20];
   96: 	u_int32		addr_refid;
   97: 	EVP_MD_CTX	ctx;
   98: 	u_int		len;
   99: 
  100: 	if (IS_IPV4(addr))
  101: 		return (NSRCADR(addr));
  102: 
  103: 	INIT_SSL();
  104: 	EVP_DigestInit(&ctx, EVP_get_digestbynid(NID_md5));
  105: 	EVP_DigestUpdate(&ctx, (u_char *)PSOCK_ADDR6(addr),
  106: 	    sizeof(struct in6_addr));
  107: 	EVP_DigestFinal(&ctx, digest, &len);
  108: 	memcpy(&addr_refid, digest, 4);
  109: 	return (addr_refid);
  110: }
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>