otp.git/lib/crypto/c_src, branch OTP-19.3.6.6 Mirror of Erlang/OTP repository. Fix bug with AES CFB 128 2017-03-29T14:49:17+00:00 Kelly McLaughlin kelly@kelly-mclaughlin.com 2017-03-29T14:49:17+00:00 25b8f8119f5b64b5c07cb5ed4978f7df64d4799f Fix a bug with the use of the aes_cfb128 cipher by calling the correct underlying openssl interface function when the cipher is specified. 
Fix a bug with the use of the aes_cfb128 cipher by calling the correct
underlying openssl interface function when the cipher is specified.
Demonstrate the bug with AES CFB 128 encryption 2017-03-29T13:24:46+00:00 Kelly McLaughlin kelly@kelly-mclaughlin.com 2017-03-29T13:24:46+00:00 59099922f53a478903da304cc591c4baae549dc5 Demonstrate a bug with AES CFB 128 for certain key sizes introduced with the Erlang 19.0 release. The code in the block_crypt_nif function in the crypto.c source file incorrectly calls aes_cfb_8_crypt when the specified cipher is aes_cfb8 or aes_cfb128 and the key size is 24 or 32. The aes_cfb_8_crypt function calls the AES_cfb8_encrypt function from the openssl interface, but this is incorrect when the cipher is aes_cfb128. Unfortunately the test cases in the crypto test suite are insufficient to detect an issue like this because it exercises the encryption and decryption roundtrip using the same incorrect underlying function. The problem was observed when trying to update an application to Erlang 19 that attempted to decrypt data that was encrypted using aes_cfb128 by another source. In this commit I altered the crypto test suite to provide a demonstration of this problem. 
Demonstrate a bug with AES CFB 128 for certain key sizes introduced
with the Erlang 19.0 release. The code in the block_crypt_nif function
in the crypto.c source file incorrectly calls aes_cfb_8_crypt when the
specified cipher is aes_cfb8 or aes_cfb128 and the key size is 24 or
32. The aes_cfb_8_crypt function calls the AES_cfb8_encrypt function
from the openssl interface, but this is incorrect when the cipher is
aes_cfb128.

Unfortunately the test cases in the crypto test suite are insufficient
to detect an issue like this because it exercises the encryption and
decryption roundtrip using the same incorrect underlying function. The
problem was observed when trying to update an application to Erlang 19
that attempted to decrypt data that was encrypted using aes_cfb128 by
another source. In this commit I altered the crypto test suite to
provide a demonstration of this problem.
Update copyright year 2017-03-10T14:00:46+00:00 Rickard Green rickard@erlang.org 2017-03-10T14:00:46+00:00 26c3cd82529836cb5b6eefbf7f92f318fd91f847 






crypto: Added optional length to paramlist in generate_key
2017-01-27T13:32:55+00:00

Hans Nilsson
hans@erlang.org

2017-01-26T17:54:06+00:00

6468551301f906ce4199ef69b677147d88d64242












crypto: Return source line number from failed load/upgrade
2016-10-05T13:43:52+00:00

Sverker Eriksson
sverker@erlang.org

2016-10-05T13:43:52+00:00

cf102c1b1225450e7918a6119b7d949eb7e575c4

Renamed the init function as the return semantics are changed.





Renamed the init function as the return semantics are changed.







Merge branch 'RoadRunnr/crypto/no-rc4/PR-1169/OTP-13896' into maint
2016-10-04T13:22:00+00:00

Raimo Niskanen
raimo@erlang.org

2016-10-04T13:16:55+00:00

634d26929bb5852958870a7b18f67b4b8702bfa2

* RoadRunnr/crypto/no-rc4/PR-1169/OTP-13896:
  disable RC4 in SSL when crypto doesn't support it
  Fix compilation when OpenSSL doesn't support RC4

Conflicts:
	lib/crypto/c_src/crypto.c





* RoadRunnr/crypto/no-rc4/PR-1169/OTP-13896:
  disable RC4 in SSL when crypto doesn't support it
  Fix compilation when OpenSSL doesn't support RC4

Conflicts:
	lib/crypto/c_src/crypto.c







Fix compilation when OpenSSL doesn't support RC4
2016-09-22T09:11:25+00:00

Andreas Schultz
aschultz@tpip.net

2016-09-14T08:05:20+00:00

25c665f745bce31cc89e9f48980c7a9683259259

When OpenSSL has been configured with the "no-rc4" option, the header
file rc4.h doesn't exist, and neither does the rc4 functions.
Let's handle those by checking whether OPENSSL_NO_RC4 is defined.





When OpenSSL has been configured with the "no-rc4" option, the header
file rc4.h doesn't exist, and neither does the rc4 functions.
Let's handle those by checking whether OPENSSL_NO_RC4 is defined.







Fix compilation when OpenSSL doesn't support RC2
2016-09-14T13:31:31+00:00

Magnus Henoch
magnus@erlang-solutions.com

2016-09-08T14:49:13+00:00

6b4cf6c5759d1f1f952708ab191f563175950aa0

When OpenSSL has been configured with the "no-rc2" option, the header
file rc2.h doesn't exist, and neither does the function EVP_rc2_cbc.
Let's handle those by checking whether OPENSSL_NO_RC2 is defined.

Also update pbe_SUITE, which uses RC2-CBC in one of the tests.





When OpenSSL has been configured with the "no-rc2" option, the header
file rc2.h doesn't exist, and neither does the function EVP_rc2_cbc.
Let's handle those by checking whether OPENSSL_NO_RC2 is defined.

Also update pbe_SUITE, which uses RC2-CBC in one of the tests.







Silence warnings in crypto
2016-09-13T07:54:34+00:00

Raimo Niskanen
raimo@erlang.org

2016-09-13T07:54:34+00:00

ec56f41f7a48055896037ac77927b99202371e62












Add '_cfb' alias for misspelled '_cbf' cipher
2016-09-02T14:01:46+00:00

Raimo Niskanen
raimo@erlang.org

2016-09-02T12:31:02+00:00

05caf563c08b368ad5b6884ea9db3b2484953932