From: Harlan Stenn Date: Wed, 11 Nov 2009 08:08:32 +0000 (-0500) Subject: new crypto signature cleanup X-Git-Tag: NTP_4_2_5P243_RC~2^2 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=50a25c3e99b57dbc4d79f6d4997cd1bb71660b98;p=thirdparty%2Fntp.git new crypto signature cleanup bk: 4afa7100ksceNnQ7QJuUutQWG873eA --- diff --git a/ChangeLog b/ChangeLog index cc7814630..d7fd572a4 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,4 @@ +* new crypto signature cleanup. (4.2.5p242-RC) 2009/11/10 Released by Harlan Stenn * [Bug 1363] CID 92 clarify fallthrough case in clk_trimtsip.c * [Bug 1366] ioctl(TIOCSCTTY, 0) fails on NetBSD *[0-2].* > 3.99.7. diff --git a/html/authopt.html b/html/authopt.html index 288628d9c..2909193ad 100644 --- a/html/authopt.html +++ b/html/authopt.html @@ -23,7 +23,7 @@

Our resident cryptographer; now you see him, now you don't.

Last update: - 07-Nov-2009 20:25 + 11-Nov-2009 5:48 UTC


@@ -73,8 +73,8 @@ UTC

conformance to FIPS 140-2 is required, only a limited subset of these algorithms is available.

-

NTPv4 includes the NTPv3 scheme, properly called symmetric key cryptography, - and in addition a new scheme based on public key cryptography and called +

NTPv4 includes the NTPv3 scheme + and optionally a new scheme based on public key cryptography and called Autokey. Public key cryptography is generally considered more secure than symmetric key cryptography, since the security is based on private and public values which are generated by each participant and where the private value @@ -83,7 +83,15 @@ UTC

or the ntp-keygen utility program in the NTP software distribution.

-

While the algorithms for symmetric key cryptography are included in the NTPv4 software distribution, Autokey cryptography requires the OpenSSL software library to be installed before building the NTP distribution. This library is available from http://www.openssl.org and can be installed using the procedures outlined in the Building and Installing the Distribution page. Once installed, the configure and build process automatically detects the library and links the library routines required.

+

While the algorithms for MD5 symmetric key cryptography are included in the + NTPv4 software distribution, modern algorithms for symmetric key and public + key cryptograpny requires the OpenSSL software library + to be installed before building the NTP distribution. This library is available + from http://www.openssl.org and + can be installed using the procedures outlined in the Building + and Installing the Distribution page. Once installed, the configure and + build process automatically detects the library and links the library routines + required.

Note that according to US law, NTP binaries including OpenSSL library components, including the OpenSSL library itself, cannot be exported outside the @@ -112,7 +120,8 @@ UTC

program generates pseudo-random keys, one key for each line. Each line consists of three fields, the key identifier as a decimal number from 1 to 65534 inclusive, a key type chosen from the keywords of the digest option of the crypto command, - and a 16-character printable ASCII string as the key itself.

+ and a 20-character printable ASCII string or a 40-character hex string as + the key itself.

When ntpd is first started, it reads the key file specified by the keys command and installs the keys in the key cache. However, individual keys must be activated with the trustedkey configuration command before use. This allows, for instance, the installation of possibly several batches of keys and then activating a key remotely using ntpdc. The requestkey command selects the key ID used as the password for the ntpdc utility, while the controlkey command selects the key ID used as the password for the ntpq utility.

By default, the message digest algorithm is MD5 selected by the key type diff --git a/html/keygen.html b/html/keygen.html index 3d72220fe..04508a4d0 100644 --- a/html/keygen.html +++ b/html/keygen.html @@ -17,7 +17,7 @@

Alice holds the key.

Last update: - 04-Nov-2009 21:40 + 11-Nov-2009 6:01


@@ -51,10 +51,19 @@

Description

-

This program generates cryptographic data files used by the NTPv4 authentication and identity schemes. It generates MD5 keys used in symmetric key cryptography and, if the OpenSSL software library has been installed, it generates host keys, sign keys, certificates and identity keys used in the Autokey public key cryptography. The symmetric keys file is generated in a format compatible with NTPv3. All other files are in PEM-encoded printable ASCII format so they can be embedded as MIME attachments in mail to other sites.

+

This program generates cryptographic data files used by the NTPv4 authentication + and identity schemes. It generates MD5 message digest keys used in symmetric + key cryptography and, if the OpenSSL software library has been installed, + it generates message digest keys for other algorithms, as well as host keys, + sign keys, certificates and identity keys used in the Autokey public key + cryptography. The symmetric keys file is generated in a format compatible + with NTPv3. All other files are in PEM-encoded printable ASCII format so + they can be embedded as MIME attachments in mail to other sites.

When used to generate symmetric keys, the program produces a file containing - 16 pseudo-random keys of 128 bits in length. If this is the only need, run ntp-keygen with + ten pseudo-random printable ASCII strings, as well as ten random hex strings, + both of `60 bits in length. + If this is the only need, run ntp-keygen with the -M option and disregard the remainder of this page. The file can be edited later with purpose-chosen passwords for the ntpq and ntpdc programs. diff --git a/libntp/authkeys.c b/libntp/authkeys.c index 9c32e09f3..b9b76d9e6 100644 --- a/libntp/authkeys.c +++ b/libntp/authkeys.c @@ -390,8 +390,17 @@ MD5auth_setkey( sk->next = key_hash[KEYHASH(keyno)]; key_hash[KEYHASH(keyno)] = sk; #ifdef DEBUG - if (debug) - printf("auth_setkey: key %d type %d\n", sk->keyid, sk->type); + if (debug > 1) { + char hex[] = "0123456789abcdef"; + int j; + + printf("auth_setkey: key %d type %d len %d ", sk->keyid, + sk->type, sk->keylen); + for (j = 0; j < sk->keylen; j++) + printf("%c%c", hex[key[j] >> 4], + hex[key[j] & 0xf]); + printf("\n"); + } #endif authnumkeys++; } diff --git a/libntp/authreadkeys.c b/libntp/authreadkeys.c index 38f25b2b6..b329159e5 100644 --- a/libntp/authreadkeys.c +++ b/libntp/authreadkeys.c @@ -22,7 +22,7 @@ static char *nexttok (char **); */ static char * nexttok( - char **str + char **str ) { register char *cp; @@ -69,12 +69,15 @@ authreadkeys( const char *file ) { - FILE *fp; - char *line; - char *token, *keystr; - keyid_t keyno; - int keytype; - char buf[512]; /* lots of room for line */ + FILE *fp; + char *line; + char *token; + keyid_t keyno; + int keytype; + char buf[512]; /* lots of room for line */ + u_char keystr[20]; + int len; + int j; /* * Open file. Complain and return if it can't be opened. @@ -134,7 +137,7 @@ authreadkeys( * by OpenSSL. The key type is the NID used by the message * digest algorithm. Ther are a number of inconsistencies in * the OpenSSL database. We attempt to discover them here - * and prevent use of inconsistent data. + * and prevent use of inconsistent data later. */ if (strcmp(token, "M") == 0 || strcmp(token, "m") == 0) token = "MD5"; @@ -162,10 +165,12 @@ authreadkeys( } keytype = KEY_TYPE_MD5; #endif /* OPENSSL */ - keystr = token; /* - * Finally, get key and insert it + * Finally, get key and insert it. If it is longer than 20 + * characters, it is a binary string encoded in hex; + * otherwise, it is a text string of printable ASCII + * characters. */ token = nexttok(&line); if (token == NULL) { @@ -173,8 +178,29 @@ authreadkeys( "authreadkeys: no key for key %d", keyno); continue; } - MD5auth_setkey(keyno, keytype, (u_char *)token, - strlen(token)); + len = strlen(token); + if (len <= 20) { + MD5auth_setkey(keyno, keytype, (u_char *)token, len); + } else { + char hex[] = "0123456789abcdef"; + int temp; + char *ptr; + + for (j = 0; j < len; j++) { + ptr = strchr(hex, tolower(token[j])); + if (ptr == NULL) { + msyslog(LOG_ERR, + "authreadkeys: invalid hex digit for key %d", keyno); + continue; + } + temp = ptr - hex; + if (j & 1) + keystr[j / 2] |= temp; + else + keystr[j / 2] = temp << 4; + } + MD5auth_setkey(keyno, keytype, keystr, len / 2); + } } fclose(fp); return (1); diff --git a/util/ntp-keygen.c b/util/ntp-keygen.c index 61eba4d5f..da12b2125 100644 --- a/util/ntp-keygen.c +++ b/util/ntp-keygen.c @@ -109,7 +109,8 @@ /* * Cryptodefines */ -#define MD5KEYS 16 /* number of MD5 keys generated */ +#define MD5KEYS 10 /* number of keys generated of each type */ +#define MD5SIZE 20 /* maximum key size */ #define JAN_1970 2208988800UL /* NTP seconds */ #define YEAR ((long)60*60*24*365) /* one year in seconds */ #define MAXFILENAME 256 /* max file name length */ @@ -690,7 +691,9 @@ main( /* - * Generate semi-random MD5 keys compatible with NTPv3 and NTPv4 + * Generate semi-random MD5 keys compatible with NTPv3 and NTPv4. Also, + * if OpenSSL is around, generate random SHA1 keys compatible with + * symmetric key cryptography. */ int gen_md5( @@ -700,11 +703,16 @@ gen_md5( u_char md5key[16+1]; /* MD5 key */ FILE *str; int i, j; +#ifdef OPENSSL + u_char keystr[MD5SIZE]; + u_char hexstr[2 * MD5SIZE + 1]; + u_char hex[] = "0123456789abcdef"; +#endif /* OPENSSL */ str = fheader("MD5key", id, groupname); ntp_srandom((u_long)epoch); for (i = 1; i <= MD5KEYS; i++) { - for (j = 0; j < 16; j++) { + for (j = 0; j < MD5SIZE; j++) { int temp; while (1) { @@ -718,9 +726,21 @@ gen_md5( md5key[j] = (u_char)temp; } md5key[j] = '\0'; - fprintf(str, "%2d MD5 %16s # MD5 key\n", i, + fprintf(str, "%2d MD5 %s # MD5 key\n", i, md5key); } +#ifdef OPENSSL + for (i = 1; i <= MD5KEYS; i++) { + RAND_bytes(keystr, 20); + for (j = 0; j < MD5SIZE; j++) { + hexstr[2 * j] = hex[keystr[j] >> 4]; + hexstr[2 * j + 1] = hex[keystr[j] & 0xf]; + } + hexstr[2 * MD5SIZE] = '\0'; + fprintf(str, "%2d SHA1 %s # SHA1 key\n", i + MD5KEYS, + hexstr); + } +#endif /* OPENSSL */ fclose(str); return (1); }