otp.git/lib/crypto/src, branch OTP-19.0 Mirror of Erlang/OTP repository. crypto: Deprecate rand_bytes/1 2016-04-25T09:25:04+00:00 Ingela Anderton Andin ingela@erlang.org 2016-04-15T08:29:31+00:00 1ad18832cb21fac5a5b513005f1e6a5ffd7d0329 OpenSSL has deprecated the function RAND_pseudo_bytes used by crypto:rand_bytes/1, so this function is now deprecated in OTP too. rand_bytes/3 also used this function, but was not documented so we can remove it right away. This commit also removes the fallback in generate_key to use rand_bytes/1 if strong_rand_bytes/1 throws low entropy. This is a potential incompatibility but we think it is desirable as crypto should provide cryptographically secure functions. 
OpenSSL has deprecated the function RAND_pseudo_bytes used by
crypto:rand_bytes/1, so this function is now deprecated in OTP too.

rand_bytes/3 also used this function, but was not documented
so we can remove it right away.

This commit also removes the fallback in generate_key to use
rand_bytes/1 if strong_rand_bytes/1 throws low entropy.
This is a potential incompatibility but we think it is desirable
as crypto should provide cryptographically secure functions.
Merge branch 'mururu/crypto/aes-gcm-tag-len.PR-998.OTP-13483' 2016-04-18T13:16:04+00:00 Sverker Eriksson sverker@erlang.org 2016-04-18T13:16:04+00:00 77c3110b00d7f5e80ca1da77df79650e2fa66efe 






crypto: Enable AES-GCM tag length to change
2016-03-26T03:01:36+00:00

Yuki Ito
yuki@gnnk.net

2016-03-25T08:55:17+00:00

f4f588683dce36c4470171cb6af74763778498ff

This commit enables AES-GCM encryption/decryption to change its tag
length between 1 to 16 bytes.





This commit enables AES-GCM encryption/decryption to change its tag
length between 1 to 16 bytes.







update copyright-year
2016-03-15T14:19:56+00:00

Henrik Nord
henrik@erlang.org

2016-03-15T14:19:56+00:00

6664eed554974336909d3ffe03f20349cc4c38fd












crypto: Support 192-bit keys for AES CBC
2015-12-11T17:07:47+00:00

Sverker Eriksson
sverker@erlang.org

2015-12-11T17:07:47+00:00

32eb9d7d9f680d320f42186de67db65688cdd53f

and deprecate aes_cbc128 and aes_cbc256 in favor of aes_cbc.

This commit is pr 832 squashed, rebased and made work on master

https://github.com/erlang/otp/pull/832/commits





and deprecate aes_cbc128 and aes_cbc256 in favor of aes_cbc.

This commit is pr 832 squashed, rebased and made work on master

https://github.com/erlang/otp/pull/832/commits







crypto: Refactor nif code to use EVP interface
2015-11-17T11:20:52+00:00

Sverker Eriksson
sverker@erlang.org

2015-11-16T18:40:24+00:00

cfc8f82f1f39da114574a28c57f5d4a29ebbafaf

Using the generic EVP_* API makes it possible to unify
algorithm-specific nif functions to a single generic
function. Effectively the same change that took place on the Erlang
API in R16B01 is now applied to the C code.

The old implementation using the low-level API is kept
for compiling against old OpenSSL,
as parts of the EVP API were introduced in OpenSSL 1.0.0.

There are various minor improvements as well:
- supported algorithms are now provided by the nif code (not a mix of
  the C and Erlang code)
- remove unnecessary variables and macro definitions

Most of the changes in this commit comes from Dániel Szoboszlay
https://github.com/dszoboszlay/otp/commit/07f7056f955b324df4ace
which is part of his 'fips' branch.

Now also rebased on master branch.





Using the generic EVP_* API makes it possible to unify
algorithm-specific nif functions to a single generic
function. Effectively the same change that took place on the Erlang
API in R16B01 is now applied to the C code.

The old implementation using the low-level API is kept
for compiling against old OpenSSL,
as parts of the EVP API were introduced in OpenSSL 1.0.0.

There are various minor improvements as well:
- supported algorithms are now provided by the nif code (not a mix of
  the C and Erlang code)
- remove unnecessary variables and macro definitions

Most of the changes in this commit comes from Dániel Szoboszlay
https://github.com/dszoboszlay/otp/commit/07f7056f955b324df4ace
which is part of his 'fips' branch.

Now also rebased on master branch.







crypto: Make ec_curves/0 return empty list if not supported
2015-08-19T15:36:36+00:00

Sverker Eriksson
sverker@erlang.org

2015-08-19T15:36:36+00:00

c73a53164269fd59a205696467622699dca92d83












Change license text to APLv2
2015-06-18T09:31:02+00:00

Bruce Yinhe
bruce@erlang.org

2015-06-18T09:31:02+00:00

738c34d4bb8f1a3811acd00af8c6c12107f8315b












crypto: Fix dialyzer error for aes_ecb_crypt/3
2015-02-11T15:13:17+00:00

Sverker Eriksson
sverker@erlang.org

2015-02-11T15:13:17+00:00

7783f908905264507e5406d7e0d70ceb2f64a278

by removing the spec. It's an internal function.





by removing the spec. It's an internal function.







Merge branch 'andreaTP/added-aes-ecb-to-crypto/OTP-12403'
2015-01-14T13:58:31+00:00

Marcus Arendt
marcus@erlang.org

2015-01-14T13:58:31+00:00

9c544a43348b920896ff2062db2caa128f08af83

* andreaTP/added-aes-ecb-to-crypto/OTP-12403:
  aligned implementation following last specs
  finally fixed docs
  fixed incorrect tag
  proposal of documentation
  fixes and tests
  add aes ecb to crypto library





* andreaTP/added-aes-ecb-to-crypto/OTP-12403:
  aligned implementation following last specs
  finally fixed docs
  fixed incorrect tag
  proposal of documentation
  fixes and tests
  add aes ecb to crypto library