* Moved from ntpd/ntp_crypto.c crypto_setup()
*/
#ifdef HAVE_CONFIG_H
-#include <config.h>
+# include <config.h>
#endif
#include <ctype.h>
#include <ntp.h>
#include <lib_strbuf.h>
#ifdef OPENSSL
-#include "openssl/cmac.h"
-#include "openssl/crypto.h"
-#include "openssl/err.h"
-#include "openssl/evp.h"
-#include "openssl/opensslv.h"
-#include "libssl_compat.h"
+# include "openssl/cmac.h"
+# include "openssl/crypto.h"
+# include "openssl/err.h"
+# include "openssl/evp.h"
+# include "openssl/opensslv.h"
+# include "libssl_compat.h"
-#define MD5_LENGTH 16
-#define CMAC_LENGTH 16
-#define CMAC "AES128CMAC"
+# define MD5_LENGTH 16
+# define CMAC_LENGTH 16
+# define CMAC "AES128CMAC"
int ssl_init_done;
u_int digest_len;
#ifdef OPENSSL
const u_long max_digest_len = MAX_MAC_LEN - sizeof(keyid_t);
- u_char digest[EVP_MAX_MD_SIZE];
char * upcased;
char * pch;
if (NULL != pdigest_len) {
#ifdef OPENSSL
- EVP_MD * md;
+ const EVP_MD * md = EVP_get_digestbynid(key_type);
- md = EVP_get_digestbynid(key_type);
digest_len = (md) ? EVP_MD_size(md) : 0;
if (!md || digest_len <= 0) {
}
#endif
+#ifdef OPENSSL
+# ifdef HAVE_EVP_MD_DO_ALL_SORTED
+# define K_PER_LINE 8
+# define K_NL_PFX_STR "\n "
+# define K_DELIM_STR ", "
+# endif
+#endif
+
#ifndef BUILD_AS_LIB
int
ntpqmain(
size_t icmd;
#ifdef OPENSSL
# ifdef HAVE_EVP_MD_DO_ALL_SORTED
-# define K_PER_LINE 8
-# define K_NL_PFX_STR "\n "
-# define K_DELIM_STR ", "
-
int nl;
int append;
size_t len;
cmac_p = strstr(list, cmac_sn);
/* CMAC in list if found followed by null or "," */
- if (cmac_p)
+ if (cmac_p) {
cmac_p += strlen(cmac_sn);
+ }
- append = !(cmap_p && (!*cmap_p || ',' == *cmap_p));
+ append = !(cmac_p && (!*cmac_p || ',' == *cmac_p));
if (append) {
char *last_nl;
len = strlen(list) + strlen(CMAC);
/* Check if new entry will fit on last line */
- last_nl = strrchr(list, "\n");
- if (!last_nl) last_nl = list;
+ last_nl = strrchr(list, '\n');
+
+ if (!last_nl) {
+ last_nl = list;
+ }
+
/* Do we need a new line? */
nl = (len - (last_nl - list) + strlen(K_DELIM_STR) > 72);
len += (nl) ? strlen(K_NL_PFX_STR) : strlen(K_DELIM_STR);
}
/* Check if we need to append an entry */
- if (append)
+ if (append) {
sprintf(list + strlen(list), "%s%s",
((nl) ? K_NL_PFX_STR : K_DELIM_STR),
CMAC);
+ }
# endif
my_easprintf(&msg,
#include "isc/string.h"
#include "ntp_md5.h"
+#ifdef OPENSSL
+# include "openssl/cmac.h"
+# define CMAC "AES128CMAC"
+#endif
+
struct key *key_ptr;
size_t key_cnt = 0;
#ifdef OPENSSL
/* Check if CMAC key type specific code required */
- if (key_type = NID_cmac) {
+ if (key_type == NID_cmac) {
CMAC_CTX * ctx;
if (!(ctx = CMAC_CTX_new())) {
fprintf(stderr, "make_mac: CMAC %s CTX new failed.\n", CMAC);
msyslog(LOG_ERR, "make_mac: CMAC %s CTX new failed.", CMAC);
+ len = 0;
} else
if (!CMAC_Init(ctx, (const u_char *)cmp_key->key_seq,
(u_int)cmp_key->key_len, EVP_aes_128_cbc(), NULL)) {
fprintf(stderr, "make_mac: CMAC %s Init failed.\n", CMAC);
msyslog(LOG_ERR, "make_mac: CMAC %s Init failed.", CMAC);
+ len = 0;
} else
if (!CMAC_Update(ctx, pkt_data, (u_int)pkt_size)) {
fprintf(stderr, "make_mac: CMAC %s Update failed.\n", CMAC);
msyslog(LOG_ERR, "make_mac: CMAC %s Update failed.", CMAC);
+ len = 0;
} else
if (!CMAC_Final(ctx, digest, &len)) {
fprintf(stderr, "make_mac: CMAC %s Final failed.\n", CMAC);
msyslog(LOG_ERR, "make_mac: CMAC %s Final failed.", CMAC);
+ len = 0;
}
CMAC_CTX_cleanup(ctx);
#endif
EVP_MD_CTX * ctx;
-#ifdef OPENSSL
if (!(ctx = EVP_MD_CTX_new())) {
fprintf(stderr, "make_mac: MAC %s Digest CTX new failed.\n",
cmp_key->type);
msyslog(LOG_ERR, "make_mac: MAC %s Digest CTX new failed.",
cmp_key->type);
- } else
+ len = 0;
+ }
+#ifdef OPENSSL /* OpenSSL 1 supports return codes 0 fail, 1 okay */
+ else
if (!EVP_DigestInit(ctx, EVP_get_digestbynid(key_type))) {
fprintf(stderr, "make_mac: MAC %s Digest Init failed.\n",
cmp_key->type);
msyslog(LOG_ERR, "make_mac: MAC %s Digest Init failed.",
cmp_key->type);
+ len = 0;
} else
if (!EVP_DigestUpdate(ctx, (const u_char *)cmp_key->key_seq,
(u_int)cmp_key->key_len)) {
cmp_key->type);
msyslog(LOG_ERR, "make_mac: MAC %s Digest Update key failed.",
cmp_key->type);
+ len = 0;
} else
if (!EVP_DigestUpdate(ctx, pkt_data, (u_int)pkt_size)) {
fprintf(stderr, "make_mac: MAC %s Digest Update data failed.\n",
cmp_key->type);
msyslog(LOG_ERR, "make_mac: MAC %s Digest Update data failed.",
cmp_key->type);
+ len = 0;
} else
if (!EVP_DigestFinal(ctx, digest, &len)) {
fprintf(stderr, "make_mac: MAC %s Digest Final failed.\n",
cmp_key->type);
msyslog(LOG_ERR, "make_mac: MAC %s Digest Final failed.",
cmp_key->type);
+ len = 0;
}
#else /* !OPENSSL */
- ctx = EVP_MD_CTX_new();
EVP_DigestInit(ctx, EVP_get_digestbynid(key_type));
EVP_DigestUpdate(ctx, (const u_char *)cmp_key->key_seq,
(u_int)cmp_key->key_len);
projects / thirdparty / ntp.git / commitdiff
