simple_nts_client 0.0.1

data/lib/nts/ntske/message.rb

@@ -0,0 +1,107 @@
+# frozen_string_literal: true
+
+module Nts
+  module Ntske
+    # https://tools.ietf.org/html/draft-ietf-ntp-using-nts-for-ntp-20#section-7.6
+    module RecordType
+      END_OF_MESSAGE                = 0
+      NTS_NEXT_PROTOCOL_NEGOTIATION = 1
+      ERROR                         = 2
+      WARNING                       = 3
+      AEAD_ALGORITHM_NEGOTIATION    = 4
+      NEW_COOKIE_FOR_NTPV4          = 5
+      NTPV4_SERVER_NEGOTIATION      = 6
+      NTPV4_PORT_NEGOTIATION        = 7
+    end
+
+    # https://tools.ietf.org/html/draft-ietf-ntp-using-nts-for-ntp-20#section-4
+    class Record
+      # @param c [Boolean]
+      # @param type [Integer] less than 32768(15 bits)
+      def initialize(c, type)
+        @c = c
+        @type = type
+      end
+
+      def serialize
+        # super class MUST override serialize_body.
+        sb = serialize_body
+        [(@c ? 32768 : 0) | @type, sb.length].pack('n2') + sb
+      end
+    end
+  end
+end
+
+Dir[File.dirname(__FILE__) + '/message/*.rb'].each { |f| require f }
+
+module Nts
+  module Ntske
+    module_function
+
+    # @param s [String]
+    #
+    # @raise [Exception | RuntimeError]
+    #
+    # @return [Array of Nts::Ntske::$Object]
+    # @return [String] surplus binary
+    # rubocop: disable Metrics/AbcSize
+    # rubocop: disable Metrics/CyclomaticComplexity
+    # rubocop: disable Metrics/MethodLength
+    # rubocop: disable Metrics/PerceivedComplexity
+    def response_deserialize(s)
+      res = []
+      i = 0
+      while i < s.length
+        return [res, s[i..]] if i + 4 > s.length
+
+        c = !(s[i].unpack1('c') | 32768).zero?
+        type = s.slice(i, 2).unpack1('n') & 32767
+        body_len = s.slice(i + 2, 2).unpack1('n')
+        return [res, s[i..]] if i + 4 + body_len > s.length
+
+        sb = s.slice(i + 4, body_len)
+        case type
+        when RecordType::END_OF_MESSAGE
+          e = 'The Critical Bit contained in End Of Message MUST be set'
+          raise e unless c
+
+          res << EndOfMessage.deserialize(sb)
+        when RecordType::NTS_NEXT_PROTOCOL_NEGOTIATION
+          e = 'The Critical Bit contained in NTS Next Protocol Negotiation ' \
+              'MUST be set'
+          raise e unless c
+
+          res << NtsNextProtocolNegotiation.deserialize(sb)
+        when RecordType::ERROR
+          e = 'The Critical Bit contained in Error MUST be set'
+          raise e unless c
+
+          res << ErrorRecord.deserialize(sb)
+        when RecordType::WARNING
+          e = 'The Critical Bit contained in Warning MUST be set'
+          raise e unless c
+
+          res << WarningRecord.deserialize(sb)
+        when RecordType::AEAD_ALGORITHM_NEGOTIATION
+          res << AeadAlgorithmNegotiation.deserialize(sb, c)
+        when RecordType::NEW_COOKIE_FOR_NTPV4
+          res << Cookie.deserialize(sb, c)
+        when RecordType::NTPV4_SERVER_NEGOTIATION
+          res << Ntsv4ServerNegotiation.deserialize(sb, c)
+        when RecordType::NTPV4_PORT_NEGOTIATION
+          res << Ntsv4PortNegotiation.deserialize(sb, c)
+        else
+          raise Exception if c
+        end
+        i += 4 + body_len
+      end
+      raise Exception unless i == s.length
+
+      [res, '']
+    end
+    # rubocop: enable Metrics/AbcSize
+    # rubocop: enable Metrics/CyclomaticComplexity
+    # rubocop: enable Metrics/MethodLength
+    # rubocop: enable Metrics/PerceivedComplexity
+  end
+end

data/lib/nts/ntske.rb

@@ -0,0 +1,4 @@
+# frozen_string_literal: true
+
+require __dir__ + '/ntske/message.rb'
+require __dir__ + '/ntske/client.rb'

data/lib/nts/sntp/client.rb

@@ -0,0 +1,160 @@
+# encoding: ascii-8bit
+# frozen_string_literal: true
+
+module Nts
+  module Sntp
+    class Client
+      # @param hostname [String]
+      # @param port [Integer]
+      # @param cookie [String]
+      # @param c2s_key [String]
+      # @param s2c_key [String]
+      def initialize(hostname, port, cookie, c2s_key, s2c_key)
+        @hostname = hostname
+        @port = port
+        @cookie = cookie
+        @c2s_key = c2s_key
+        @s2c_key = s2c_key
+      end
+
+      # @return [Time]
+      # rubocop: disable Metrics/AbcSize
+      # rubocop: disable Metrics/MethodLength
+      def what_time
+        sock = UDPSocket.new
+        localtime = Time.now
+        origin_timestamp = t2timestamp(localtime)
+
+        # make NTS-protected NTP packet
+        ntp_header = sntp_request_header(origin_timestamp)
+        unique_identifier = Extension::UniqueIdentifier.new
+        extensions = [
+          unique_identifier,
+          Extension::NtsCookie.new(@cookie)
+        ]
+        nonce = OpenSSL::Random.random_bytes(16)
+        cipher = Miscreant::AEAD.new('AES-CMAC-SIV', @c2s_key)
+        plaintext = extensions.map(&:serialize).join
+        ad = ntp_header + plaintext
+        ciphertext = cipher.seal(plaintext, nonce: nonce, ad: ad)
+        extensions << Extension::NtsAuthenticator.new(nonce, ciphertext)
+
+        # send NTS-protected NTP packet
+        req = Sntp::Message.new(ntp_header, extensions)
+        sock.send(req.serialize, 0, @hostname, @port)
+
+        # recv NTS-protected NTP packet
+        s = nil
+        destination_timestamp = nil
+        read, = IO.select([sock], nil, nil, 1)
+        if read.nil?
+          warn 'Timeout: receiving for NTP packet'
+          exit 1
+        else
+          s, = sock.recvfrom(65536)
+          destination_timestamp = Time.now
+        end
+        res = Sntp::Message.deserialize(s)
+
+        # validate response timestamp
+        if res.origin_timestamp != origin_timestamp
+          warn 'NTP Response Origin Timestamp != NTP Request Transmit Timestamp'
+          exit 1
+        end
+
+        # validate Unique Identifier
+        if res.unique_identifier.id != unique_identifier.id
+          warn 'NTP Response Unique Identifier != NTP Request Unique Identifier'
+          exit 1
+        end
+
+        # validate NTS Authenticator and Encrypted Extension Fields
+        decipher = Miscreant::AEAD.new('AES-CMAC-SIV', @s2c_key)
+        ciphertext = res.nts_authenticator.ciphertext
+        nonce = res.nts_authenticator.nonce
+        ad = res.ntp_header + res.extensions.reject { |ex|
+          ex.is_a?(Extension::NtsAuthenticator)
+        }.map(&:serialize).join
+        plaintext = decipher.open(ciphertext, nonce: nonce, ad: ad)
+        Message.extensions_deserialize(plaintext)
+        # not handle decrypt any NTP Extensions
+
+        # calculate system clock offset
+        offset = offset(
+          localtime,
+          timestamp2t(res.receive_timestamp),
+          timestamp2t(res.transmit_timestamp),
+          destination_timestamp
+        )
+        destination_timestamp + offset
+      end
+      # rubocop: enable Metrics/AbcSize
+      # rubocop: enable Metrics/MethodLength
+
+      private
+
+      # https://tools.ietf.org/html/rfc5905#section-14
+      # https://tools.ietf.org/html/rfc4330#section-5
+      #
+      # @param xmt [String] transmit timestamp(8 bytes)
+      #
+      # @return [String]
+      def sntp_request_header(xmt)
+        # LI(0b00) | VN(0b100) | Mode(0b011) | Stratum(0x00)
+        # Poll(0x00) | Precision(0x00)
+        # Root Delay(0x00000000)
+        # Root Dispersion(0x00000000)
+        # Reference ID(0x00000000)
+        # Reference Timestamp(0x0000000000000000)
+        # Origin Timestamp(0x0000000000000000)
+        # Receive Timestamp(0x0000000000000000)
+        # Transmit Timestamp(xmt)
+        ['00' + '100' + '011'].pack('B8') + "\x00" * 39 + xmt
+      end
+
+      TIMESTAMP_BASE_DATE = Time.parse('1900-01-01 00:00:00+00:00').to_i
+      private_constant :TIMESTAMP_BASE_DATE
+
+      # https://tools.ietf.org/html/rfc5905#section-6
+      #
+      # @param t [Time]
+      #
+      # @return [String] NTP Timestamp Format(8 bytes)
+      def t2timestamp(t)
+        # In order to  minimize bias and help make timestamps unpredictable to
+        # an intruder, Fraction should be set to an unbiased random bit string.
+        [t.to_i - TIMESTAMP_BASE_DATE].pack('N') \
+        + OpenSSL::Random.random_bytes(4)
+      end
+
+      # @param s [String] NTP Timestamp Format(8 bytes)
+      #
+      # @return [Time]
+      def timestamp2t(s)
+        Time.at(s[0...4].unpack1('N') + TIMESTAMP_BASE_DATE \
+                + s[4..].unpack1('N') / (2.0**32))
+      end
+
+      # @param t1 [Time]
+      # @param t2 [Time]
+      # @param t3 [Time]
+      # @param t4 [Time]
+      #
+      # @return [Float]
+      def offset(t1, t2, t3, t4)
+        # Timestamp Name          ID   When Generated
+        # ------------------------------------------------------------
+        # Originate Timestamp     T1   time request sent by client
+        # Receive Timestamp       T2   time request received by server
+        # Transmit Timestamp      T3   time reply sent by server
+        # Destination Timestamp   T4   time reply received by client
+        #
+        # The roundtrip delay d and system clock offset t are defined as:
+        #
+        # d = (T4 - T1) - (T3 - T2)     t = ((T2 - T1) + (T3 - T4)) / 2.
+        # https://tools.ietf.org/html/rfc4330#section-5
+        ((t2 - t1) + (t3 - t4)) / 2
+      end
+    end
+  end
+end

data/lib/nts/sntp/extension/nts_authenticator.rb

@@ -0,0 +1,53 @@
+# frozen_string_literal: true
+
+module Nts
+  module Sntp
+    module Extension
+      # https://tools.ietf.org/html/draft-ietf-ntp-using-nts-for-ntp-20#section-5.6
+      class NtsAuthenticator
+        include Extension
+        attr_reader :nonce, :ciphertext, :padding_length
+
+        # @param nonce [String]
+        # @param ciphertext [String]
+        # @param padding_length [Integer]
+        def initialize(nonce, ciphertext, padding_length = 0)
+          @field_type = ExtensionFieldType::NTS_AUTHENTICATOR
+          @nonce = nonce
+          @ciphertext = ciphertext
+          @padding_length = padding_length
+        end
+
+        # @return [String]
+        def serialize
+          pn = pad_zero(@nonce)
+          pc = pad_zero(@ciphertext)
+          value = [pn.length, pc.length].pack('n2') \
+                  + pn + pc + ("\x00" * @padding_length)
+          pv = pad_zero(value)
+          length = pv.length + 4
+
+          [@field_type, length].pack('n2') + pv
+        end
+
+        # @param s [String]
+        #
+        # @raise [Exception]
+        #
+        # @return [Nts::Sntp::Extension::NtsAuthenticator]
+        def self.deserialize(s)
+          raise Exception if s.length < 4
+
+          nl = s.slice(0, 2).unpack1('n')
+          cl = s.slice(2, 2).unpack1('n')
+          raise Exception if s.length < 4 + nl + cl
+
+          nonce = Extension.truncate_zero_padding(s.slice(4, nl))
+          ciphertext = Extension.truncate_zero_padding(s.slice(4 + nl, cl))
+          padding_length = s.length - 4 - nl - cl
+          NtsAuthenticator.new(nonce, ciphertext, padding_length)
+        end
+      end
+    end
+  end
+end

data/lib/nts/sntp/extension/nts_cookie.rb

@@ -0,0 +1,34 @@
+# frozen_string_literal: true
+
+module Nts
+  module Sntp
+    module Extension
+      # https://tools.ietf.org/html/draft-ietf-ntp-using-nts-for-ntp-20#section-5.4
+      class NtsCookie
+        include Extension
+        attr_reader :cookie
+
+        # @param cookie [String]
+        def initialize(cookie)
+          @field_type = ExtensionFieldType::NTS_COOKIE
+          @cookie = cookie
+        end
+
+        # @return [String]
+        def serialize
+          pc = pad_zero(@cookie)
+          length = pc.length + 4
+
+          [@field_type, length].pack('n2') + pc
+        end
+
+        # @param s [String]
+        #
+        # @return [Nts::Sntp::Extension::NtsCookie]
+        def self.deserialize(s)
+          NtsCookie.new(Extension.truncate_zero_padding(s))
+        end
+      end
+    end
+  end
+end

data/lib/nts/sntp/extension/unique_identifier.rb

@@ -0,0 +1,36 @@
+# frozen_string_literal: true
+
+module Nts
+  module Sntp
+    module Extension
+      # https://tools.ietf.org/html/draft-ietf-ntp-using-nts-for-ntp-20#section-5.3
+      class UniqueIdentifier
+        include Extension
+        attr_reader :id
+
+        # @param id [String]
+        def initialize(id = OpenSSL::Random.random_bytes(32))
+          raise Exception if id.length < 32
+
+          @field_type = ExtensionFieldType::UNIQUE_IDENTIFIER
+          @id = id
+        end
+
+        # @return [String]
+        def serialize
+          pi = pad_zero(@id)
+          length = pi.length + 4
+
+          [@field_type, length].pack('n2') + pi
+        end
+
+        # @param s [String]
+        #
+        # @return [Nts::Sntp::Extension::UniqueIdentifier]
+        def self.deserialize(s)
+          UniqueIdentifier.new(Extension.truncate_zero_padding(s))
+        end
+      end
+    end
+  end
+end

data/lib/nts/sntp/extension/unknown_extension.rb

@@ -0,0 +1,36 @@
+# frozen_string_literal: true
+
+module Nts
+  module Sntp
+    module Extension
+      class UnknownExtension
+        include Extension
+        attr_reader :field_type
+        attr_reader :value
+
+        # @param value [String]
+        # @param field_type [Integer]
+        def initialize(value, field_type)
+          @field_type = field_type
+          @value = value
+        end
+
+        # @return [String]
+        def serialize
+          pv = pad_zero(@value)
+          length = pv.length + 4
+
+          [@field_type, length].pack('n2') + pv
+        end
+
+        # @param s [String]
+        # @param field_type [Integer]
+        #
+        # @return [Nts::Sntp::Extension::UnknownExtension]
+        def self.deserialize(s, field_type)
+          UnknownExtension.new(Extension.truncate_zero_padding(s), field_type)
+        end
+      end
+    end
+  end
+end

data/lib/nts/sntp/extension.rb

@@ -0,0 +1,38 @@
+# frozen_string_literal: true
+
+module Nts
+  module Sntp
+    # https://tools.ietf.org/html/draft-ietf-ntp-using-nts-for-ntp-20#section-7.5
+    module ExtensionFieldType
+      UNIQUE_IDENTIFIER      = 260
+      NTS_COOKIE             = 516
+      NTS_COOKIE_PLACEHOLDER = 772
+      NTS_AUTHENTICATOR      = 1028
+    end
+
+    # https://tools.ietf.org/html/rfc7822#section-3
+    module Extension
+      ZERO_PADDING = ['', "\x00\x00\x00", "\x00\x00", "\x00"].freeze
+
+      module_function
+
+      # @param s [String]
+      #
+      # @return [String]
+      def pad_zero(s)
+        s + ZERO_PADDING[s.length % 4]
+      end
+
+      # @param s [String]
+      #
+      # @return [String]
+      def truncate_zero_padding(s)
+        i = 1
+        i += 1 while s[-i] == "\x00"
+        s[0..-i]
+      end
+    end
+  end
+end
+
+Dir[File.dirname(__FILE__) + '/extension/*.rb'].each { |f| require f }

data/lib/nts/sntp/message.rb

@@ -0,0 +1,119 @@
+# frozen_string_literal: true
+
+require __dir__ + '/extension.rb'
+
+module Nts
+  module Sntp
+    # https://tools.ietf.org/html/rfc5905#section-7.3
+    class Message
+      attr_reader :ntp_header
+      attr_reader :extensions
+
+      # @param ntp_header [String] 48-octet NTP header(leap ~ xmt)
+      # @param extensions [Array of Nts::Sntp::Extension::$Object]
+      #
+      # @raise [Exception]
+      def initialize(ntp_header, extensions = [])
+        @ntp_header = ntp_header
+        @extensions = extensions
+
+        raise 'extensions include only Sntp::Extension::$Object' \
+          unless @extensions.all? do |ex|
+            ex.class.ancestors.include?(Sntp::Extension)
+          end
+      end
+
+      # @return [Nts::Sntp::Extension::UniqueIdentifier]
+      def unique_identifier
+        @extensions.find { |ex| ex.is_a?(Extension::UniqueIdentifier) }
+      end
+
+      # @return [Nts::Sntp::Extension::NtsCookie]
+      def nts_cookie
+        @extensions.find { |ex| ex.is_a?(Extension::NtsCookie) }
+      end
+
+      # @return [Nts::Sntp::Extension::NtsAuthenticator]
+      def nts_authenticator
+        @extensions.find { |ex| ex.is_a?(Extension::NtsAuthenticator) }
+      end
+
+      # @return [String]
+      def serialize
+        @ntp_header + @extensions.map(&:serialize).join
+      end
+
+      # @param s [String]
+      #
+      # @raise [Exception]
+      #
+      # @return [Nts::Sntp::Message]
+      def self.deserialize(s)
+        raise Exception if s.length < 48
+
+        ntp_header = s.slice(0, 48)
+        extensions = extensions_deserialize(s[48..])
+
+        Message.new(ntp_header, extensions)
+      end
+
+      # @param s [String]
+      #
+      # @raise [Exception]
+      #
+      # @return [Array of Nts::Sntp::Extension::$Object]
+      # rubocop: disable Metrics/AbcSize
+      # rubocop: disable Metrics/CyclomaticComplexity
+      def self.extensions_deserialize(s)
+        i = 0
+        extensions = []
+        while i < s.length
+          raise Exception if i + 4 > s.length
+
+          field_type = s.slice(i, 2).unpack1('n')
+          value_len = s.slice(i + 2, 2).unpack1('n')
+          raise Exception if i + value_len > s.length
+
+          # `value_len` indicates the length of the entire extension field
+          # in octets.
+          sv = s.slice(i + 4, value_len - 4)
+          case field_type
+          when ExtensionFieldType::UNIQUE_IDENTIFIER
+            extensions << Extension::UniqueIdentifier.deserialize(sv)
+          when ExtensionFieldType::NTS_COOKIE
+            extensions << Extension::NtsCookie.deserialize(sv)
+          when ExtensionFieldType::NTS_COOKIE_PLACEHOLDER
+            # unsupported NtsCookiePlaceholder
+            warn sv.bytes.map { |x| x.to_s(16).rjust(2, '0') }.join(' ')
+          when ExtensionFieldType::NTS_AUTHENTICATOR
+            extensions << Extension::NtsAuthenticator.deserialize(sv)
+          else
+            extensions \
+            << Extension::UnknownExtension.deserialize(sv, field_type)
+          end
+          i += value_len
+        end
+        raise Exception unless i == s.length
+
+        extensions
+      end
+      # rubocop: enable Metrics/AbcSize
+      # rubocop: enable Metrics/CyclomaticComplexity
+
+      # @return [String]
+      def origin_timestamp
+        @ntp_header.slice(24, 8)
+      end
+
+      # @return [String]
+      def receive_timestamp
+        @ntp_header.slice(32, 8)
+      end
+
+      # @return [String]
+      def transmit_timestamp
+        @ntp_header.slice(40, 8)
+      end
+    end
+  end
+end

data/lib/nts/sntp.rb

@@ -0,0 +1,4 @@
+# frozen_string_literal: true
+
+require __dir__ + '/sntp/message.rb'
+require __dir__ + '/sntp/client.rb'

data/lib/nts/version.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+module Nts
+  VERSION = '0.0.1'
+end

data/lib/nts.rb

@@ -0,0 +1,12 @@
+# frozen_string_literal: true
+
+require 'openssl'
+require 'socket'
+require 'time'
+require 'tttls1.3'
+require 'miscreant'
+
+require 'nts/ntske'
+require 'nts/sntp'
+require 'nts/cli'
+require 'nts/version'

data/simple_nts_client.gemspec

@@ -0,0 +1,27 @@
+# frozen_string_literal: true
+
+lib = File.expand_path('lib', __dir__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'nts/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = 'simple_nts_client'
+  spec.version       = Nts::VERSION
+  spec.authors       = ['thekuwayama']
+  spec.email         = ['thekuwayama@gmail.com']
+  spec.summary       = 'Simple NTS(Network Time Security) Client'
+  spec.description   = spec.summary
+  spec.homepage      = 'https://github.com/thekuwayama/simple_nts_client'
+  spec.license       = 'MIT'
+  spec.required_ruby_version = '>=2.6.1'
+
+  spec.files         = `git ls-files`.split($INPUT_RECORD_SEPARATOR)
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ['lib']
+  spec.bindir        = 'exe'
+  spec.executables   = ['simple_nts_client']
+
+  spec.add_development_dependency 'bundler'
+  spec.add_dependency             'miscreant'
+  spec.add_dependency             'tttls1.3', '>= 0.2.7'
+end

data/spec/aead_algorithm_negotiation_spec.rb

@@ -0,0 +1,28 @@
+# encoding: ascii-8bit
+# frozen_string_literal: true
+
+require_relative 'spec_helper'
+
+RSpec.describe AeadAlgorithmNegotiation do
+  context 'initialized with AEAD_AES_SIV_CMAC_256' do
+    let(:message) do
+      AeadAlgorithmNegotiation.new([AeadAlgorithm::AEAD_AES_SIV_CMAC_256])
+    end
+
+    it 'should be serialized' do
+      expect(message.algorithms).to eq [AeadAlgorithm::AEAD_AES_SIV_CMAC_256]
+      expect(message.serialize).to eq "\x00\x04\x00\x02\x00\x0F"
+    end
+  end
+
+  context 'received "\x00\x0f" means AEAD_AES_SIV_CMAC_256' do
+    let(:message) do
+      AeadAlgorithmNegotiation.deserialize("\x00\x0F", false)
+    end
+
+    it 'should be deserialized' do
+      expect(message.algorithms).to eq [AeadAlgorithm::AEAD_AES_SIV_CMAC_256]
+      expect(message.serialize).to eq "\x00\x04\x00\x02\x00\x0F"
+    end
+  end
+end