otp.git/lib/crypto/src, branch OTP-19.3 Mirror of Erlang/OTP repository. Update copyright year 2017-03-10T14:00:46+00:00 Rickard Green rickard@erlang.org 2017-03-10T14:00:46+00:00 26c3cd82529836cb5b6eefbf7f92f318fd91f847 






crypto: Added optional length to paramlist in generate_key
2017-01-27T13:32:55+00:00

Hans Nilsson
hans@erlang.org

2017-01-26T17:54:06+00:00

6468551301f906ce4199ef69b677147d88d64242












Add a missing aes_gcm -spec clause to crypto:block_encrypt/4
2017-01-17T01:24:05+00:00

Leo Liu
sdl.web@gmail.com

2017-01-17T01:06:25+00:00

6d2eb58ee86e3fe36e61f00dbe443ee8d49c421f

Fix https://bugs.erlang.org/browse/ERL-336.





Fix https://bugs.erlang.org/browse/ERL-336.







Add '_cfb' alias for misspelled '_cbf' cipher
2016-09-02T14:01:46+00:00

Raimo Niskanen
raimo@erlang.org

2016-09-02T12:31:02+00:00

05caf563c08b368ad5b6884ea9db3b2484953932












crypto: Deprecate rand_bytes/1
2016-04-25T09:25:04+00:00

Ingela Anderton Andin
ingela@erlang.org

2016-04-15T08:29:31+00:00

1ad18832cb21fac5a5b513005f1e6a5ffd7d0329

OpenSSL has deprecated the function RAND_pseudo_bytes used by
crypto:rand_bytes/1, so this function is now deprecated in OTP too.

rand_bytes/3 also used this function, but was not documented
so we can remove it right away.

This commit also removes the fallback in generate_key to use
rand_bytes/1 if strong_rand_bytes/1 throws low entropy.
This is a potential incompatibility but we think it is desirable
as crypto should provide cryptographically secure functions.





OpenSSL has deprecated the function RAND_pseudo_bytes used by
crypto:rand_bytes/1, so this function is now deprecated in OTP too.

rand_bytes/3 also used this function, but was not documented
so we can remove it right away.

This commit also removes the fallback in generate_key to use
rand_bytes/1 if strong_rand_bytes/1 throws low entropy.
This is a potential incompatibility but we think it is desirable
as crypto should provide cryptographically secure functions.







Merge branch 'mururu/crypto/aes-gcm-tag-len.PR-998.OTP-13483'
2016-04-18T13:16:04+00:00

Sverker Eriksson
sverker@erlang.org

2016-04-18T13:16:04+00:00

77c3110b00d7f5e80ca1da77df79650e2fa66efe












crypto: Enable AES-GCM tag length to change
2016-03-26T03:01:36+00:00

Yuki Ito
yuki@gnnk.net

2016-03-25T08:55:17+00:00

f4f588683dce36c4470171cb6af74763778498ff

This commit enables AES-GCM encryption/decryption to change its tag
length between 1 to 16 bytes.





This commit enables AES-GCM encryption/decryption to change its tag
length between 1 to 16 bytes.







update copyright-year
2016-03-15T14:19:56+00:00

Henrik Nord
henrik@erlang.org

2016-03-15T14:19:56+00:00

6664eed554974336909d3ffe03f20349cc4c38fd












crypto: Support 192-bit keys for AES CBC
2015-12-11T17:07:47+00:00

Sverker Eriksson
sverker@erlang.org

2015-12-11T17:07:47+00:00

32eb9d7d9f680d320f42186de67db65688cdd53f

and deprecate aes_cbc128 and aes_cbc256 in favor of aes_cbc.

This commit is pr 832 squashed, rebased and made work on master

https://github.com/erlang/otp/pull/832/commits





and deprecate aes_cbc128 and aes_cbc256 in favor of aes_cbc.

This commit is pr 832 squashed, rebased and made work on master

https://github.com/erlang/otp/pull/832/commits







crypto: Refactor nif code to use EVP interface
2015-11-17T11:20:52+00:00

Sverker Eriksson
sverker@erlang.org

2015-11-16T18:40:24+00:00

cfc8f82f1f39da114574a28c57f5d4a29ebbafaf

Using the generic EVP_* API makes it possible to unify
algorithm-specific nif functions to a single generic
function. Effectively the same change that took place on the Erlang
API in R16B01 is now applied to the C code.

The old implementation using the low-level API is kept
for compiling against old OpenSSL,
as parts of the EVP API were introduced in OpenSSL 1.0.0.

There are various minor improvements as well:
- supported algorithms are now provided by the nif code (not a mix of
  the C and Erlang code)
- remove unnecessary variables and macro definitions

Most of the changes in this commit comes from Dániel Szoboszlay
https://github.com/dszoboszlay/otp/commit/07f7056f955b324df4ace
which is part of his 'fips' branch.

Now also rebased on master branch.





Using the generic EVP_* API makes it possible to unify
algorithm-specific nif functions to a single generic
function. Effectively the same change that took place on the Erlang
API in R16B01 is now applied to the C code.

The old implementation using the low-level API is kept
for compiling against old OpenSSL,
as parts of the EVP API were introduced in OpenSSL 1.0.0.

There are various minor improvements as well:
- supported algorithms are now provided by the nif code (not a mix of
  the C and Erlang code)
- remove unnecessary variables and macro definitions

Most of the changes in this commit comes from Dániel Szoboszlay
https://github.com/dszoboszlay/otp/commit/07f7056f955b324df4ace
which is part of his 'fips' branch.

Now also rebased on master branch.