From: Miroslav Lichvar Date: Thu, 9 Jul 2020 11:14:55 +0000 (+0200) Subject: nts: don't assume field position in NNA_DecryptAuthEF() X-Git-Tag: 4.0-pre3~59 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=de4ecc72d19418151d7760bced9c39da100f01ab;p=thirdparty%2Fchrony.git nts: don't assume field position in NNA_DecryptAuthEF() Modify NNA_DecryptAuthEF() to not assume that the authenticator is the last extension field in the packet as some extension fields specified in future may need to be placed after the authenticator. The caller of the function is supposed to verify the position. --- diff --git a/nts_ntp_auth.c b/nts_ntp_auth.c index 2ff6d0d0..86cd7cdb 100644 --- a/nts_ntp_auth.c +++ b/nts_ntp_auth.c @@ -167,7 +167,7 @@ NNA_DecryptAuthEF(NTP_Packet *packet, NTP_PacketInfo *info, SIV_Instance siv, in *plaintext_length = ciphertext_length - siv_tag_length; - if (!SIV_Decrypt(siv, nonce, nonce_length, packet, info->length - ef_body_length - 4, + if (!SIV_Decrypt(siv, nonce, nonce_length, packet, ef_start, ciphertext, ciphertext_length, plaintext, *plaintext_length)) { DEBUG_LOG("SIV decrypt failed"); return 0; diff --git a/nts_ntp_server.c b/nts_ntp_server.c index f4df796b..c0d3e06e 100644 --- a/nts_ntp_server.c +++ b/nts_ntp_server.c @@ -135,6 +135,11 @@ NNS_CheckRequestAuth(NTP_Packet *packet, NTP_PacketInfo *info, uint32_t *kod) cookie_length = ef_body_length; break; case NTP_EF_NTS_AUTH_AND_EEF: + if (parsed + ef_length != info->length) { + DEBUG_LOG("Auth not last EF"); + return 0; + } + auth_start = parsed; has_auth = 1; break;