Copy: kamlesh.agrawal@broadcom.com (Kamlesh Agrawal)

--0000000000007989ea0626eea950
Content-Type: text/plain; charset="UTF-8"

Hi,

I have upgraded NTP to 4.2.8p18, and the OpenSSL to 3.1.5.
NTP time sync with SHA2 key is not working, can you please let us know
whether SHA2 is supported on this version or not.

Thanks & Regards,
Samiya khanum

--
This electronic communication and the information and any files transmitted with it, or attached to it, are confidential and are intended solely for
the use of the individual or entity to whom it is addressed and may contain information that is confidential, legally privileged, protected by privacy laws, or otherwise restricted from disclosure to anyone else. If you are
not the intended recipient or the person responsible for delivering the
e-mail to the intended recipient, you are hereby notified that any use, copying, distributing, dissemination, forwarding, printing, or copying of
this e-mail is strictly prohibited. If you received this e-mail in error, please return the e-mail to the sender, delete it from your computer, and destroy any printed copy of it.

--0000000000007989ea0626eea950
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

<div dir="ltr"><div dir="ltr"><div><div class="gmail_default" style="font-size:small">Hi,</div><div class="gmail_default" style="font-size:small"><br></div><div class="gmail_default" style="font-size:small">I have upgraded NTP to 4.2.8p18, and the
OpenSSL to 3.1.5.</div><div class="gmail_default" style="font-size:small">NTP time sync with SHA2 key is not working, can you please let us know whether SHA2 is supported on this version or not.</div><div class="gmail_default" style="font-size:small"><

</div></div><div><div dir="ltr" class="gmail_signature"><div dir="ltr"><div><div dir="ltr">Thanks &amp; Regards,<br></div><div dir="ltr"><div>Samiya khanum</div></div></div></div></div></div></div></div>

<span style="background-color:rgb(255,255,255)"><font size="2">This electronic communication and the information and any files transmitted with it, or attached to it, are confidential and are intended solely for the use of the individual or entity to
whom it is addressed and may contain information that is confidential, legally privileged, protected by privacy laws, or otherwise restricted from disclosure to anyone else. If you are not the intended recipient or the person responsible for delivering
the e-mail to the intended recipient, you are hereby notified that any use, copying, distributing, dissemination, forwarding, printing, or copying of this e-mail is strictly prohibited. If you received this e-mail in error, please return the e-mail to
the sender, delete it from your computer, and destroy any printed copy of it.</font></span>
--0000000000007989ea0626eea950--

MIIQcAYJKoZIhvcNAQcCoIIQYTCCEF0CAQExDzANBglghkgBZQMEAgEFADALBgkqhkiG9w0BBwGg gg3HMIIFDTCCA/WgAwIBAgIQeEqpED+lv77edQixNJMdADANBgkqhkiG9w0BAQsFADBMMSAwHgYD VQQLExdHbG9iYWxTaWduIFJvb3QgQ0EgLSBSMzETMBEGA1UEChMKR2xvYmFsU2lnbjETMBEGA1UE AxMKR2xvYmFsU2lnbjAeFw0yMDA5MTYwMDAwMDBaFw0yODA5MTYwMDAwMDBaMFsxCzAJBgNVBAYT AkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTEwLwYDVQQDEyhHbG9iYWxTaWduIEdDQyBS MyBQZXJzb25hbFNpZ24gMiBDQSAyMDIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA vbCmXCcsbZ/a0fRIQMBxp4gJnnyeneFYpEtNydrZZ+GeKSMdHiDgXD1UnRSIudKo+moQ6YlCOu4t rVWO/EiXfYnK7zeop26ry1RpKtogB7/O115zultAz64ydQYLe+a1e/czkALg3sgTcOOcFZTXk38e aqsXsipoX1vsNurqPtnC27TWsA7pk4uKXscFjkeUE8JZu9BDKaswZygxBOPBQBwrA5+20Wxlk6k1 e6EKaaNaNZUy30q3ArEf30ZDpXyfCtiXnupjSK8WU2cK4qsEtj09JS4+mhi0CTCrCnXAzum3tgcH cHRg0prcSzzEUDQWoFxyuqwiwhHu3sPQNmFOMwIDAQABo4IB2jCCAdYwDgYDVR0PAQH/BAQDAgGG MGAGA1UdJQRZMFcGCCsGAQUFBwMCBggrBgEFBQcDBAYKKwYBBAGCNxQCAgYKKwYBBAGCNwoDBAYJ KwYBBAGCNxUGBgorBgEEAYI3CgMMBggrBgEFBQcDBwYIKwYBBQUHAxEwEgYDVR0TAQH/BAgwBgEB /wIBADAdBgNVHQ4EFgQUljPR5lgXWzR1ioFWZNW+SN6hj88wHwYDVR0jBBgwFoAUj/BLf6guRSSu TVD6Y5qL3uLdG7wwegYIKwYBBQUHAQEEbjBsMC0GCCsGAQUFBzABhiFodHRwOi8vb2NzcC5nbG9i YWxzaWduLmNvbS9yb290cjMwOwYIKwYBBQUHMAKGL2h0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5j b20vY2FjZXJ0L3Jvb3QtcjMuY3J0MDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jcmwuZ2xvYmFs c2lnbi5jb20vcm9vdC1yMy5jcmwwWgYDVR0gBFMwUTALBgkrBgEEAaAyASgwQgYKKwYBBAGgMgEo CjA0MDIGCCsGAQUFBwIBFiZodHRwczovL3d3dy5nbG9iYWxzaWduLmNvbS9yZXBvc2l0b3J5LzAN BgkqhkiG9w0BAQsFAAOCAQEAdAXk/XCnDeAOd9nNEUvWPxblOQ/5o/q6OIeTYvoEvUUi2qHUOtbf jBGdTptFsXXe4RgjVF9b6DuizgYfy+cILmvi5hfk3Iq8MAZsgtW+A/otQsJvK2wRatLE61RbzkX8 9/OXEZ1zT7t/q2RiJqzpvV8NChxIj+P7WTtepPm9AIj0Keue+gS2qvzAZAY34ZZeRHgA7g5O4TPJ /oTd+4rgiU++wLDlcZYd/slFkaT3xg4qWDepEMjT4T1qFOQIL+ijUArYS4owpPg9NISTKa1qqKWJ jFoyms0d0GwOniIIbBvhI2MJ7BSY9MYtWVT5jJO3tsVHwj4cp92CSFuGwunFMzCCA18wggJHoAMC AQICCwQAAAAAASFYUwiiMA0GCSqGSIb3DQEBCwUAMEwxIDAeBgNVBAsTF0dsb2JhbFNpZ24gUm9v dCBDQSAtIFIzMRMwEQYDVQQKEwpHbG9iYWxTaWduMRMwEQYDVQQDEwpHbG9iYWxTaWduMB4XDTA5 MDMxODEwMDAwMFoXDTI5MDMxODEwMDAwMFowTDEgMB4GA1UECxMXR2xvYmFsU2lnbiBSb290IENB IC0gUjMxEzARBgNVBAoTCkdsb2JhbFNpZ24xEzARBgNVBAMTCkdsb2JhbFNpZ24wggEiMA0GCSqG SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMJXaQeQZ4Ihb1wIO2hMoonv0FdhHFrYhy/EYCQ8eyip0E XyTLLkvhYIJG4VKrDIFHcGzdZNHr9SyjD4I9DCuul9e2FIYQebs7E4B3jAjhSdJqYi8fXvqWaN+J J5U4nwbXPsnLJlkNc96wyOkmDoMVxu9bi9IEYMpJpij2aTv2y8gokeWdimFXN6x0FNx04Druci8u nPvQu7/1PQDhBjPogiuuU6Y6FnOM3UEOIDrAtKeh6bJPkC4yYOlXy7kEkmho5TgmYHWyn3f/kRTv riBJ/K1AFUjRAjFhGV64l++td7dkmnq/X8ET75ti+w1s4FRpFqkD2m7pg5NxdsZphYIXAgMBAAGj QjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSP8Et/qC5FJK5N UPpjmove4t0bvDANBgkqhkiG9w0BAQsFAAOCAQEAS0DbwFCq/sgM7/eWVEVJu5YACUGssxOGhigH M8pr5nS5ugAtrqQK0/Xx8Q+Kv3NnSoPHRHt44K9ubG8DKY4zOUXDjuS5V2yq/BKW7FPGLeQkbLmU Y/vcU2hnVj6DuM81IcPJaP7O2sJTqsyQiunwXUaMld16WCgaLx3ezQA3QY/tRG3XUyiXfvNnBB4V 14qWtNPeTCekTBtzc3b0F5nCH3oO4y0IrQocLP88q1UOD5F+NuvDV0m+4S4tfGCLw0FREyOdzvcy a5QBqJnnLDMfOjsl0oZAzjsshnjJYS8Uuu7bVW/fhO4FCU29KNhyztNiUGUe65KXgzHZs7XKR1g/ XzCCBU8wggQ3oAMCAQICDE447oxE0xxW9xhc+DANBgkqhkiG9w0BAQsFADBbMQswCQYDVQQGEwJC RTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTExMC8GA1UEAxMoR2xvYmFsU2lnbiBHQ0MgUjMg UGVyc29uYWxTaWduIDIgQ0EgMjAyMDAeFw0yMzA2MDgxNzUyNTdaFw0yNjA2MDgxNzUyNTdaMIGQ MQswCQYDVQQGEwJJTjESMBAGA1UECBMJS2FybmF0YWthMRIwEAYDVQQHEwlCYW5nYWxvcmUxFjAU BgNVBAoTDUJyb2FkY29tIEluYy4xFjAUBgNVBAMTDVNhbWl5YSBLaGFudW0xKTAnBgkqhkiG9w0B CQEWGnNhbWl5YS5raGFudW1AYnJvYWRjb20uY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB CgKCAQEA0JYGHmToeJ3HotboaroZiSCNUcBQl7N1vKQL4HEH+iXIG3P1EleeMxUcAmzcYRQC4xz8 5Q9EG0kYa+tVbDhQlXCqY3yYsYo3dyLptr2DUbGw1ZEpJgtCuMEgIsOzV6QTEl6gP0ckIOs2Fxwd 8fFP7/r8Hpe6fbUzunU/0wfrixItoBFGG4dLy4CALzSHrRi0Ta6JQIPWF5N+Uzd3319MrWqM49F7 bMhWGG4KcprA76TSgVT192NCQDDqQyVe7mpAjUU9Q3StR1tH4Yo0/JiEoBPoBybPg6lJZuv6Y/LE tAIv/faZqQzD3BXm4o+CAk8Ze9i70g6u0epcOkmO60xjyQIDAQABo4IB2zCCAdcwDgYDVR0PAQH/ BAQDAgWgMIGjBggrBgEFBQcBAQSBljCBkzBOBggrBgEFBQcwAoZCaHR0cDovL3NlY3VyZS5nbG9i YWxzaWduLmNvbS9jYWNlcnQvZ3NnY2NyM3BlcnNvbmFsc2lnbjJjYTIwMjAuY3J0MEEGCCsGAQUF BzABhjVodHRwOi8vb2NzcC5nbG9iYWxzaWduLmNvbS9nc2djY3IzcGVyc29uYWxzaWduMmNhMjAy MDBNBgNVHSAERjBEMEIGCisGAQQBoDIBKAowNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xv YmFsc2lnbi5jb20vcmVwb3NpdG9yeS8wCQYDVR0TBAIwADBJBgNVHR8EQjBAMD6gPKA6hjhodHRw Oi8vY3JsLmdsb2JhbHNpZ24uY29tL2dzZ2NjcjNwZXJzb25hbHNpZ24yY2EyMDIwLmNybDAlBgNV HREEHjAcgRpzYW1peWEua2hhbnVtQGJyb2FkY29tLmNvbTATBgNVHSUEDDAKBggrBgEFBQcDBDAf BgNVHSMEGDAWgBSWM9HmWBdbNHWKgVZk1b5I3qGPzzAdBgNVHQ4EFgQUI7TwfDqVBACzI/4KeNsS 7yksh04wDQYJKoZIhvcNAQELBQADggEBAFQjjaHObY5dl9vGw32UCGwC80PE9/FfjdBmng60z8CD zlHFj7MWRnvvzIj/93kuS67riULYQPYOULdPYpL7cyQKUWeOSpgxCBjarrR7dndVXGwrgLJHTfpH facrhzBlOtIavrD6QhYTsz0NhATHqIdsDwgU7/mNwoNrDzje14DtIW8UdfoBH55a5d+4f2RdDKcO 91/S61Ko2i9T2vQ8r+SZGKdsxMj5ZL5XhsexyPZhuP9zKUVPqinX/PQcFqWNlJg/aVkDQSSyQIXT yFp9aI8sN29RAaiCEyFZscbteDaDHvFcD3FOqPzwC43owlpnCwI441vri5NpjUZSHrhwJrIxggJt MIICaQIBATBrMFsxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTEwLwYD VQQDEyhHbG9iYWxTaWduIEdDQyBSMyBQZXJzb25hbFNpZ24gMiBDQSAyMDIwAgxOOO6MRNMcVvcY XPgwDQYJYIZIAWUDBAIBBQCggdQwLwYJKoZIhvcNAQkEMSIEIOMzdXyeUOsHmwi21EUk4HBSIBq9 BRmDI5MJY9LYs41dMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8XDTI0 MTExNTA3MzkwN1owaQYJKoZIhvcNAQkPMVwwWjALBglghkgBZQMEASowCwYJYIZIAWUDBAEWMAsG CWCGSAFlAwQBAjAKBggqhkiG9w0DBzALBgkqhkiG9w0BAQowCwYJKoZIhvcNAQEHMAsGCWCGSAFl AwQCATANBgkqhkiG9w0BAQEFAASCAQCQYYo29q8lxgZm3IIq0L+ndd+dWn8Hlbqig6peog93PWtc sII/4sFesvU5fFRbjgt6hCYrlNx9Ie07+9jdm1XoAK92IzGL7/L78+4n2N0cCxNOTbE6VayrZHRK Zc4kaXAqJrktNMFuDt8PHt6smToSqQ28wkFUb8JHiNmW02ewqcID37q4+h5P1/qd6uHE84WRNazA bk0y5RyEhv+0t4Jm1uuN8l/F7BI+6MFjk3ghB81KQO5J/zkxRLYJfTmMkxPJWngNP9qO17UnK3nh HMSs5/nDRWNAu9OSWgOJwVTdsJcq7JQ7R8MgoyPLRyqmUDzl8LIWcWb0lfdZ1zxUdjme

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Copy: questions@lists.ntp.org
Copy: kamlesh.agrawal@broadcom.com (Kamlesh Agrawal)
Copy: sachin.suman@broadcom.com (Sachin Suman)

--0000000000003ecd0b062729ab20
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

Hi Dave,

Thank you for your response.

Yes, in the previous version "4.2.8p17", SHA2 is working fine.

I have built NTP with OpenSSL library version 3.1.5.
The supported algorithms in both NTP versions are the same.
*# ntpq -c "help keytype"*
*function: set key type to use for authenticated requests, one of:*
* AES128CMAC, MD5, RIPEMD160, SHA1, SHAKE128*

I am wondering how SHA2 is working in the previous version and not in the latest version(4.2.8p18). Could you please elaborate more on this?

Thanks & Regards,
Samiya khanum


On Sat, Nov 16, 2024 at 3:38 PM Dave Hart <davehart@gmail.com> wrote:

On Fri, Nov 15, 2024 at 10:44 AM Samiya Khanum <questions@lists.ntp.org> wrote:

Hi,

Hello, Samiya.

I have upgraded NTP to 4.2.8p18, and the OpenSSL to 3.1.5.

NTP time sync with SHA2 key is not working, can you please let us know
whether SHA2 is supported on this version or not.

Was SHA2 working for you with an earlier version? If not, try SHA1.

I'm working on a change to enable ntpd to support stronger digest
algorithms that produce more than 160 bits. It will only use the first 160 bits of the digest, but it will still be a stronger signature using the
more modern digests. Using that test version, I don't see SHA2 supported
by OpenSSL 3.x, but I see SHA256, SHA384, and SHA512, which I'm guessing
are SHA2 with different digest lengths, as there are also SHA3-224, SHA3-256, SHA3-384, and SHA3-512 available.

For a complete list of digests algorithms supported by your ntpd, try:

ntpq -c "help keytype"
Cheers,
Dave Hart

--
This electronic communication and the information and any files transmitted with it, or attached to it, are confidential and are intended solely for
the use of the individual or entity to whom it is addressed and may contain information that is confidential, legally privileged, protected by privacy laws, or otherwise restricted from disclosure to anyone else. If you are
not the intended recipient or the person responsible for delivering the
e-mail to the intended recipient, you are hereby notified that any use, copying, distributing, dissemination, forwarding, printing, or copying of
this e-mail is strictly prohibited. If you received this e-mail in error, please return the e-mail to the sender, delete it from your computer, and destroy any printed copy of it.

--0000000000003ecd0b062729ab20
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

<div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div><div class="gmail_default" style="font-

Copy: questions@lists.ntp.org
Copy: kamlesh.agrawal@broadcom.com (Kamlesh Agrawal)
Copy: sachin.suman@broadcom.com (Sachin Suman)

--000000000000901a860627403b62
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

Hi Dave,

Could you please respond to the email.

Thanks & Regards,
Samiya khanum


On Mon, Nov 18, 2024 at 11:32 AM Samiya Khanum <samiya.khanum@broadcom.com> wrote:

Hi Dave,

Thank you for your response.

Yes, in the previous version "4.2.8p17", SHA2 is working fine.

I have built NTP with OpenSSL library version 3.1.5.
The supported algorithms in both NTP versions are the same.
*# ntpq -c "help keytype"*
*function: set key type to use for authenticated requests, one of:*
* AES128CMAC, MD5, RIPEMD160, SHA1, SHAKE128*

I am wondering how SHA2 is working in the previous version and not in the latest version(4.2.8p18). Could you please elaborate more on this?

Thanks & Regards,
Samiya khanum

On Sat, Nov 16, 2024 at 3:38 PM Dave Hart <davehart@gmail.com> wrote:

On Fri, Nov 15, 2024 at 10:44 AM Samiya Khanum <questions@lists.ntp.org> >> wrote:

Hi,

Hello, Samiya.

I have upgraded NTP to 4.2.8p18, and the OpenSSL to 3.1.5.

NTP time sync with SHA2 key is not working, can you please let us know
whether SHA2 is supported on this version or not.

Was SHA2 working for you with an earlier version? If not, try SHA1.

I'm working on a change to enable ntpd to support stronger digest
algorithms that produce more than 160 bits. It will only use the first 160 >> bits of the digest, but it will still be a stronger signature using the
more modern digests. Using that test version, I don't see SHA2 supported
by OpenSSL 3.x, but I see SHA256, SHA384, and SHA512, which I'm guessing
are SHA2 with different digest lengths, as there are also SHA3-224,
SHA3-256, SHA3-384, and SHA3-512 available.

For a complete list of digests algorithms supported by your ntpd, try:

ntpq -c "help keytype"
Cheers,
Dave Hart

--
This electronic communication and the information and any files transmitted with it, or attached to it, are confidential and are intended solely for
the use of the individual or entity to whom it is addressed and may contain information that is confidential, legally privileged, protected by privacy laws, or otherwise restricted from disclosure to anyone else. If you are
not the intended recipient or the person responsible for delivering the
e-mail to the intended recipient, you are hereby notified that any use, copying, distributing, dissemination, forwarding, printing, or copying of
this e-mail is strictly prohibited. If you received this e-mail in error, please return the e-mail to the sender, delete it from your computer, and destroy any printed copy of it.

--000000000000901a860627403b62
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

<div dir="ltr"><div><div class="gmail_default" style="font-size:small">Hi Dave,</div><div class="gmail_d

Copy: questions@lists.ntp.org
Copy: kamlesh.agrawal@broadcom.com (Kamlesh Agrawal)
Copy: sachin.suman@broadcom.com (Sachin Suman)

--00000000000012c655062751bf6b
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

Hi Dave,

I appreciate you taking the time to respond and thank you for providing the information.

I have filed the bug below, please let me know if any fields need to be set
in the bug.
https://bugs.ntp.org/show_bug.cgi?id=3954

Thanks & Regards,
Samiya khanum


On Tue, Nov 19, 2024 at 7:22 PM Dave Hart <davehart@gmail.com> wrote:

Thanks for the reminder to respond, I managed to miss the your first
response due to a fast-filling inbox, please accept my apologies.

Thank you also for letting me know this is a regression in 4.2.8p18
compared to 4.2.8p17, it helps prioritize the problem. I have already been working on a fix, in fact, as it affects many algorithms, not just SHA2.
The problem is with some changes I made in this code to rationalize the return value of a function, which was returning the total MAC size on success, and 4 on failure, which is the size in bytes of the key number without the actual digest signature which would be there on success. I changed it to return zero in the failure case, which is a more common expected pattern, but failed to change all the places that touch it.

I should have a patch available soon. Rather than a laser-focused patch, I've been also working to update the unit tests around symmetric keys and improve the "help keytype" output to reflect which algorithms will actually work, after observing the behavior with OpenSSL 3 with and without FIPS
mode enabled, which disables some older digest algorithms but didn't
prevent them from appearing in "help keytype" output.

Please file a bug report at https://bugs.ntp.org/ to track the issue.
I've been tracking it under the re-opening of https://bugs.ntp.org/3940
but it would be best to have a new report noting it's a regression which
will also enable you to be notified when I have a fix ready to test.

Cheers,
Dave Hart

On Mon, Nov 18, 2024 at 6:03 AM Samiya Khanum <samiya.khanum@broadcom.com> wrote:

Hi Dave,

Thank you for your response.

Yes, in the previous version "4.2.8p17", SHA2 is working fine.

I have built NTP with OpenSSL library version 3.1.5.
The supported algorithms in both NTP versions are the same.
*# ntpq -c "help keytype"*
*function: set key type to use for authenticated requests, one of:*
* AES128CMAC, MD5, RIPEMD160, SHA1, SHAKE128*

I am wondering how SHA2 is working in the previous version and not in the
latest version(4.2.8p18). Could you please elaborate more on this?

Thanks & Regards,
Samiya khanum


On Sat, Nov 16, 2024 at 3:38 PM Dave Hart <davehart@gmail.com> wrote:

On Fri, Nov 15, 2024 at 10:44 AM Samiya Khanum <questions@lists.ntp.org> >>> wrote:

Hi,

Hello, Samiya.

I have upgraded NTP to 4.2.8p18, and the OpenSSL to 3.1.5.

NTP time sync with SHA2 key is not working, can you please let us know >>>> whether SHA2 is supported on this version or not.

Was SHA2 working for you with an earlier version? If not, try SHA1.

I'm working on a change to enable ntpd to support stronger digest
algorithms that produce more than 160 bits. It will only use the first 160 >>> bits of the digest, but it will still be a stronger signature using the
more modern digests. Using that test version, I don't see SHA2 supported >>> by OpenSSL 3.x, but I see SHA256, SHA384, and SHA512, which I'm guessing >>> are SHA2 with different digest lengths, as there are also SHA3-224,
SHA3-256, SHA3-384, and SHA3-512 available.

For a complete list of digests algorithms supported by your ntpd, try:

ntpq -c "help keytype"
Cheers,
Dave Hart

This electronic communication and the information and any files
transmitted with it, or attached to it, are confidential and are intended
solely for the use of the individual or entity to whom it is addressed and >> may contain information that is confidential, legally privileged, protected >> by privacy laws, or otherwise restricted from disclosure to anyone else. If >> you are not the intended recipient or the person responsible for delivering >> the e-mail to the intended recipient, you are hereby notified that any use, >> copying, distributing, dissemination, forwarding, printing, or copying of
this e-mail is strictly prohibited. If you received this e-mail in error,
please return the e-mail to the sender, delete it from your computer, and
destroy any printed copy of it.

--
This electronic communication and the information and any files transmitted with it, or attached to it, are confidential and are intended solely for
the use of the individual or entity to whom it is addressed and may contain information that is confidential, legally privileged, protected by privacy laws, or otherwise restricted from disclosure to anyone else. If you are
not the intended recipient or the person responsible for delivering the
e-mail to the intended recipient, you are hereby notified that any use, copying, distributing, dissemination, forwarding, printing, or copying of
this e-mail is strictly prohibited. If you received this e-mail in error, please return the e-mail to the sender, delete it from your computer, and destroy any printed copy of it.

--00000000000012c655062751bf6b
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

<div dir="ltr"><div dir="ltr"><div dir="ltr"><div><div class="gmail_default" style="font-size:small">Hi