Bug #16655: pfSense GUI Enforces 64-Character SHA-256 NTP Key, Incompatible with NTPv3/v4 Protocol Constraints - pfSense - pfSense bugtracker

Actions

Copy link

Bug #16655

closed

pfSense GUI Enforces 64-Character SHA-256 NTP Key, Incompatible with NTPv3/v4 Protocol Constraints

Added by Elvis Impersonator 14 days ago. Updated 9 days ago.

Status:

Rejected

Priority:

Normal

Assignee:

Category:

NTPD

Target version:

Start date:

Due date:

% Done:

Estimated time:

Plus Target Version:

Release Notes:

Default

Affected Version:

2.8.1

Affected Architecture:

All

Description

Summary:
The pfSense GUI enforces a 64-character hexadecimal key when configuring NTP authentication with SHA-256. However, the NTPv3/v4 symmetric key authentication protocol only supports 160-bit MACs, which limits usable keys to 40 hexadecimal characters. This is a protocol-level constraint — not specific to NIST — and applies regardless of the hash algorithm selected. While the GUI correctly enforces a 40-character key for SHA-1, it incorrectly requires 64 characters for SHA-256, making it impossible to configure standards-compliant authenticated NTP using SHA-256.

Steps to Reproduce:
1. Navigate to System > General Setup > NTP Servers in pfSense.
2. Add a new NTP server (e.g., ntp-b.nist.gov) and select SHA256 as the authentication method.
3. Attempt to enter a 40-character hex key (the maximum usable length per NTPv3/v4).
4. Observe that the GUI rejects the key as too short, requiring 64 characters.

Expected Behavior:
- The GUI should allow 40-character keys for any hash algorithm used with NTPv3/v4 symmetric key authentication.
- It should validate against actual protocol constraints, not just the digest length of the selected hash.
- If SHA-256 is selected, the GUI should either:
- Allow shorter keys (if ntpd internally hashes them), or
- Warn that SHA-256 is not compatible with legacy NTP MAC field sizes.

Actual Behavior:
- The GUI enforces a 64-character minimum for SHA-256 keys.
- This breaks compatibility with any NTP server that adheres to the NTPv3/v4 MAC format (e.g., NIST, USNO).
- Users must bypass the GUI and manually edit /etc/ntp.keys, which is not persistent across reboots or configuration reloads.

Technical Background:
- NTPv3/v4 symmetric key authentication appends a fixed-size MAC:
- 4-byte Key ID
- 16-byte (MD5) or 20-byte (SHA-1) digest
- The MAC field is not extensible — it cannot accommodate SHA-256’s 32-byte output.
- Therefore, only 160-bit (40 hex character) keys are usable, regardless of the hash algorithm.
- This is documented in:
- RFC 5905 §7.3: https://datatracker.ietf.org/doc/html/rfc5905#section-7.3
- RFC 1305 §3.4.4: https://datatracker.ietf.org/doc/html/rfc1305#section-3.4.4

Suggested Fix:
- Update GUI validation logic to:
- Allow 40-character keys for SHA-256 when used with NTPv3/v4.
- Provide contextual help text or tooltips to clarify the protocol limitation.