Commit d8cf072e authored by Eric S. Raymond's avatar Eric S. Raymond

MAC function and module namespace cleanup.

parent 84bc64d3
......@@ -86,9 +86,9 @@ int ntp_getopt_long(int argc, char* const argv[], const char *optstring,
const struct option *longopts, int *longindex);
/* a_md5encrypt.c */
extern int MD5authdecrypt (int, uint8_t *, uint32_t *, int, int);
extern int MD5authencrypt (int, uint8_t *, uint32_t *, int);
extern void MD5auth_setkey (keyid_t, int, const uint8_t *, size_t);
extern int mac_authdecrypt (int, uint8_t *, uint32_t *, int, int);
extern int mac_authencrypt (int, uint8_t *, uint32_t *, int);
extern void mac_setkey (keyid_t, int, const uint8_t *, size_t);
extern uint32_t addr2refid (sockaddr_u *);
/* emalloc.c */
......
......@@ -486,7 +486,7 @@ authistrusted(
void
MD5auth_setkey(
mac_setkey(
keyid_t keyno,
int keytype,
const uint8_t *key,
......@@ -594,7 +594,7 @@ authencrypt(
return 0;
}
return MD5authencrypt(cache_type, cache_secret, pkt, length);
return mac_authencrypt(cache_type, cache_secret, pkt, length);
}
......@@ -621,6 +621,5 @@ authdecrypt(
return false;
}
return MD5authdecrypt(cache_type, cache_secret, pkt, length,
size);
return mac_authdecrypt(cache_type, cache_secret, pkt, length, size);
}
......@@ -162,7 +162,7 @@ msyslog(LOG_ERR, "authreadkeys: reading %s", file);
}
len = strlen(token);
if (len <= 20) { /* Bug 2537 */
MD5auth_setkey(keyno, keytype, (uint8_t *)token, len);
mac_setkey(keyno, keytype, (uint8_t *)token, len);
keys++;
} else {
char hex[] = "0123456789abcdef";
......@@ -186,7 +186,7 @@ msyslog(LOG_ERR, "authreadkeys: reading %s", file);
"authreadkeys: invalid hex digit for key %d", keyno);
continue;
}
MD5auth_setkey(keyno, keytype, keystr, jlim / 2);
mac_setkey(keyno, keytype, keystr, jlim / 2);
keys++;
}
}
......
......@@ -38,12 +38,12 @@ static bool ctmemeq(const void *s1, const void *s2, size_t n) {
}
/*
* MD5authencrypt - generate message digest
* mac_authencrypt - generate message digest
*
* Returns length of MAC including key ID and digest.
*/
int
MD5authencrypt(
mac_authencrypt(
int type, /* hash algorithm */
uint8_t *key, /* key pointer */
uint32_t *pkt, /* packet pointer */
......@@ -74,12 +74,12 @@ MD5authencrypt(
/*
* MD5authdecrypt - verify MD5 message authenticator
* mac_authdecrypt - verify MD5 message authenticator
*
* Returns one if digest valid, zero if invalid.
*/
int
MD5authdecrypt(
mac_authdecrypt(
int type, /* hash algorithm */
uint8_t *key, /* key pointer */
uint32_t *pkt, /* packet pointer */
......@@ -138,8 +138,7 @@ addr2refid(sockaddr_u *addr)
EVP_MD_CTX_set_flags(&ctx, EVP_MD_CTX_FLAG_NON_FIPS_ALLOW);
#endif
if (!EVP_DigestInit_ex(&ctx, EVP_md5(), NULL)) {
msyslog(LOG_ERR,
"MD5 init failed");
msyslog(LOG_ERR, "MD5 init failed");
exit(1);
}
......
......@@ -2,7 +2,6 @@ def build(ctx):
srcnode = ctx.srcnode.abspath()
libntp_source = [
"a_md5encrypt.c",
"atolfp.c",
"authkeys.c",
"authreadkeys.c",
......@@ -12,6 +11,7 @@ def build(ctx):
"dolfptoa.c",
"getopt.c",
"initnetwork.c",
"macencrypt.c",
"mstolfp.c",
"netof.c",
"ntp_endian.c",
......
......@@ -39,7 +39,6 @@ static void RunAllTests(void)
#endif
#ifdef TEST_LIBNTP
RUN_TEST_GROUP(a_md5encrypt);
RUN_TEST_GROUP(authkeys);
RUN_TEST_GROUP(calendar);
RUN_TEST_GROUP(clocktime);
......@@ -48,6 +47,7 @@ static void RunAllTests(void)
RUN_TEST_GROUP(humandate);
RUN_TEST_GROUP(lfpfunc);
RUN_TEST_GROUP(lfptostr);
RUN_TEST_GROUP(macencrypt);
RUN_TEST_GROUP(msyslog);
RUN_TEST_GROUP(netof);
RUN_TEST_GROUP(numtoa);
......
......@@ -45,7 +45,7 @@ void AddTrustedKey(keyid_t keyno) {
* We need to add a MD5-key in addition to setting the
* trust, because authhavekey() requires type != 0.
*/
MD5auth_setkey(keyno, KEYTYPE, NULL, 0);
mac_setkey(keyno, KEYTYPE, NULL, 0);
authtrust(keyno, true);
}
......
......@@ -4,11 +4,11 @@
#include "unity.h"
#include "unity_fixture.h"
TEST_GROUP(a_md5encrypt);
TEST_GROUP(macencrypt);
TEST_SETUP(a_md5encrypt) {}
TEST_SETUP(macencrypt) {}
TEST_TEAR_DOWN(a_md5encrypt) {}
TEST_TEAR_DOWN(macencrypt) {}
#include <openssl/err.h>
......@@ -30,37 +30,37 @@ const int digestLength = 16;
const int totalLength = 36; //error: initializer element is not constant packetLength + keyIdLength + digestLength;
const char *expectedPacket = "ijklmnopqrstuvwx\0\0\0\0\x0c\x0e\x84\xcf\x0b\xb7\xa8\x68\x8e\x52\x38\xdb\xbc\x1c\x39\x53";
TEST(a_md5encrypt, Encrypt) {
TEST(macencrypt, Encrypt) {
char *packetPtr[totalLength];
memset(packetPtr+packetLength, 0, keyIdLength);
memcpy(packetPtr, packet, packetLength);
cache_secretsize = keyLength;
int length = MD5authencrypt(keytype, (u_char*)key, (uint32_t*)packetPtr, packetLength);
int length = mac_authencrypt(keytype, (u_char*)key, (uint32_t*)packetPtr, packetLength);
TEST_ASSERT_TRUE(MD5authdecrypt(keytype, (u_char*)key, (uint32_t*)packetPtr, packetLength, length));
TEST_ASSERT_TRUE(mac_authdecrypt(keytype, (u_char*)key, (uint32_t*)packetPtr, packetLength, length));
TEST_ASSERT_EQUAL(20, length);
//XXX TEST_ASSERT_TRUE(memcmp(expectedPacket, packetPtr, totalLength) == 0); Does not pass
}
TEST(a_md5encrypt, DecryptValid) {
TEST(macencrypt, DecryptValid) {
cache_secretsize = keyLength;
TEST_ASSERT_TRUE(MD5authdecrypt(keytype, (u_char*)key, (uint32_t*)expectedPacket, packetLength, 20));
TEST_ASSERT_TRUE(mac_authdecrypt(keytype, (u_char*)key, (uint32_t*)expectedPacket, packetLength, 20));
}
TEST(a_md5encrypt, DecryptInvalid) {
TEST(macencrypt, DecryptInvalid) {
cache_secretsize = keyLength;
const char *invalidPacket = "ijklmnopqrstuvwx\0\0\0\0\x0c\x0e\x84\xcf\x0b\xb7\xa8\x68\x8e\x52\x38\xdb\xbc\x1c\x39\x54";
TEST_ASSERT_FALSE(MD5authdecrypt(keytype, (u_char*)key, (uint32_t*)invalidPacket, packetLength, 20));
TEST_ASSERT_FALSE(mac_authdecrypt(keytype, (u_char*)key, (uint32_t*)invalidPacket, packetLength, 20));
}
TEST(a_md5encrypt, IPv4AddressToRefId) {
TEST(macencrypt, IPv4AddressToRefId) {
sockaddr_u addr;
SET_AF(&addr, AF_INET);
SET_NSRCPORT(&addr, htons(80));
......@@ -70,7 +70,7 @@ TEST(a_md5encrypt, IPv4AddressToRefId) {
TEST_ASSERT_EQUAL(address, addr2refid(&addr));
}
TEST(a_md5encrypt, IPv6AddressToRefId) {
TEST(macencrypt, IPv6AddressToRefId) {
const struct in6_addr address = {{{
0x20, 0x01, 0x0d, 0xb8,
0x85, 0xa3, 0x08, 0xd3,
......@@ -88,10 +88,10 @@ TEST(a_md5encrypt, IPv6AddressToRefId) {
TEST_ASSERT_EQUAL(expected, addr2refid(&addr));
}
TEST_GROUP_RUNNER(a_md5encrypt) {
RUN_TEST_CASE(a_md5encrypt, Encrypt);
RUN_TEST_CASE(a_md5encrypt, DecryptValid);
RUN_TEST_CASE(a_md5encrypt, DecryptInvalid);
RUN_TEST_CASE(a_md5encrypt, IPv4AddressToRefId);
RUN_TEST_CASE(a_md5encrypt, IPv6AddressToRefId);
TEST_GROUP_RUNNER(macencrypt) {
RUN_TEST_CASE(macencrypt, Encrypt);
RUN_TEST_CASE(macencrypt, DecryptValid);
RUN_TEST_CASE(macencrypt, DecryptInvalid);
RUN_TEST_CASE(macencrypt, IPv4AddressToRefId);
RUN_TEST_CASE(macencrypt, IPv6AddressToRefId);
}
......@@ -26,7 +26,6 @@ def build(ctx):
# libntp/
libntp_source = [
"libntp/a_md5encrypt.c",
"libntp/authkeys.c",
"libntp/calendar.c",
"libntp/clocktime.c",
......@@ -35,6 +34,7 @@ def build(ctx):
"libntp/humandate.c",
"libntp/lfpfunc.c",
"libntp/lfptostr.c",
"libntp/macencrypt.c",
"libntp/msyslog.c",
"libntp/netof.c",
"libntp/numtoa.c",
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment