Lines Matching +full:mac +full:- +full:s
45 * overhead in time-critical paths. ntpsec also caches the algorithms
47 * This is not thread-safe, but that is
64 msyslog(LOG_ERR, "%s init failed", OBJ_nid2sn(nid)); in get_md_ctx()
96 void const * keyptr = key->buf; in make_mac()
100 if (AES_128_KEY_SIZE > key->len) { in make_mac()
101 memcpy(keybuf, keyptr, key->len); in make_mac()
102 zero_mem((keybuf + key->len), in make_mac()
103 (AES_128_KEY_SIZE - key->len)); in make_mac()
108 msyslog(LOG_ERR, "MAC encrypt: CMAC %s CTX new failed.", CMAC); in make_mac()
112 msyslog(LOG_ERR, "MAC encrypt: CMAC %s Init failed.", CMAC); in make_mac()
115 if (cmac_ctx_size(ctx) > digest->len) { in make_mac()
116 msyslog(LOG_ERR, "MAC encrypt: CMAC %s buf too small.", CMAC); in make_mac()
119 if (!CMAC_Update(ctx, msg->buf, msg->len)) { in make_mac()
120 msyslog(LOG_ERR, "MAC encrypt: CMAC %s Update failed.", CMAC); in make_mac()
123 if (!CMAC_Final(ctx, digest->buf, &retlen)) { in make_mac()
124 msyslog(LOG_ERR, "MAC encrypt: CMAC %s Final failed.", CMAC); in make_mac()
133 { /* generic MAC handling */ in make_mac()
141 if ((size_t)EVP_MD_CTX_size(ctx) > digest->len) { in make_mac()
142 msyslog(LOG_ERR, "MAC encrypt: MAC %s buf too small.", in make_mac()
146 if (!EVP_DigestUpdate(ctx, key->buf, (u_int)key->len)) { in make_mac()
147 msyslog(LOG_ERR, "MAC encrypt: MAC %s Digest Update key failed.", in make_mac()
151 if (!EVP_DigestUpdate(ctx, msg->buf, (u_int)msg->len)) { in make_mac()
152 msyslog(LOG_ERR, "MAC encrypt: MAC %s Digest Update data failed.", in make_mac()
156 if (!EVP_DigestFinal(ctx, digest->buf, &uilen)) { in make_mac()
157 msyslog(LOG_ERR, "MAC encrypt: MAC %s Digest Final failed.", in make_mac()
171 if (digest->len < MD5_LENGTH) { in make_mac()
172 msyslog(LOG_ERR, "%s", "MAC encrypt: MAC md5 buf too small."); in make_mac()
175 MD5Update(ctx, (const void *)key->buf, key->len); in make_mac()
176 MD5Update(ctx, (const void *)msg->buf, msg->len); in make_mac()
177 MD5Final(digest->buf, ctx); in make_mac()
181 msyslog(LOG_ERR, "MAC encrypt: invalid key type %d", ktype); in make_mac()
191 * MD5authencrypt - generate message digest
193 * Returns 0 on failure or length of MAC including key ID.
221 * MD5authdecrypt - verify MD5 message authenticator
232 size_t size, /* MAC size */ in MD5authdecrypt()
245 "MAC decrypt: MAC length error: %u not %u for key %u", in MD5authdecrypt()
258 * IPv6, ntpd long differed in the hash calculated on big-endian
259 * vs. little-endian because the first four bytes of the MD5 hash
261 * the refid-based loop detection between mixed-endian systems.
262 * In order to preserve behavior on the more-common little-endian
263 * systems, the hash is now byte-swapped on big-endian systems to
264 * match the little-endian hash. This is ugly but it seems better
265 * than changing the IPv6 refid calculation on the more-common