otp.git/lib/crypto, branch maint-19 Mirror of Erlang/OTP repository. Update release notes 2017-03-31T10:59:07+00:00 Erlang/OTP otp@erlang.org 2017-03-31T10:59:07+00:00 19427107ca9305a931dcaea8c2134017aa385fbd 






Update version numbers
2017-03-31T10:58:36+00:00

Erlang/OTP
otp@erlang.org

2017-03-31T10:58:36+00:00

71f7e9155c4867f4e8036704337c21127f508dfb












Fix bug with AES CFB 128
2017-03-29T14:49:17+00:00

Kelly McLaughlin
kelly@kelly-mclaughlin.com

2017-03-29T14:49:17+00:00

25b8f8119f5b64b5c07cb5ed4978f7df64d4799f

Fix a bug with the use of the aes_cfb128 cipher by calling the correct
underlying openssl interface function when the cipher is specified.





Fix a bug with the use of the aes_cfb128 cipher by calling the correct
underlying openssl interface function when the cipher is specified.







Demonstrate the bug with AES CFB 128 encryption
2017-03-29T13:24:46+00:00

Kelly McLaughlin
kelly@kelly-mclaughlin.com

2017-03-29T13:24:46+00:00

59099922f53a478903da304cc591c4baae549dc5

Demonstrate a bug with AES CFB 128 for certain key sizes introduced
with the Erlang 19.0 release. The code in the block_crypt_nif function
in the crypto.c source file incorrectly calls aes_cfb_8_crypt when the
specified cipher is aes_cfb8 or aes_cfb128 and the key size is 24 or
32. The aes_cfb_8_crypt function calls the AES_cfb8_encrypt function
from the openssl interface, but this is incorrect when the cipher is
aes_cfb128.

Unfortunately the test cases in the crypto test suite are insufficient
to detect an issue like this because it exercises the encryption and
decryption roundtrip using the same incorrect underlying function. The
problem was observed when trying to update an application to Erlang 19
that attempted to decrypt data that was encrypted using aes_cfb128 by
another source. In this commit I altered the crypto test suite to
provide a demonstration of this problem.





Demonstrate a bug with AES CFB 128 for certain key sizes introduced
with the Erlang 19.0 release. The code in the block_crypt_nif function
in the crypto.c source file incorrectly calls aes_cfb_8_crypt when the
specified cipher is aes_cfb8 or aes_cfb128 and the key size is 24 or
32. The aes_cfb_8_crypt function calls the AES_cfb8_encrypt function
from the openssl interface, but this is incorrect when the cipher is
aes_cfb128.

Unfortunately the test cases in the crypto test suite are insufficient
to detect an issue like this because it exercises the encryption and
decryption roundtrip using the same incorrect underlying function. The
problem was observed when trying to update an application to Erlang 19
that attempted to decrypt data that was encrypted using aes_cfb128 by
another source. In this commit I altered the crypto test suite to
provide a demonstration of this problem.







Prepare release
2017-03-14T14:59:23+00:00

Erlang/OTP
otp@erlang.org

2017-03-14T14:59:23+00:00

4d658008be5a08ddadbe75ebadb9ef124436b76e












Update copyright year
2017-03-10T14:00:46+00:00

Rickard Green
rickard@erlang.org

2017-03-10T14:00:46+00:00

26c3cd82529836cb5b6eefbf7f92f318fd91f847












ssh: document crypto:genarate_key(dh, [P,G,L])
2017-02-02T16:26:49+00:00

Hans Nilsson
hans@erlang.org

2017-02-02T16:25:51+00:00

d5d53966bff6ca9ab0c40ab96404d425d7438729












crypto: Added optional length to paramlist in generate_key
2017-01-27T13:32:55+00:00

Hans Nilsson
hans@erlang.org

2017-01-26T17:54:06+00:00

6468551301f906ce4199ef69b677147d88d64242












Add a missing aes_gcm -spec clause to crypto:block_encrypt/4
2017-01-17T01:24:05+00:00

Leo Liu
sdl.web@gmail.com

2017-01-17T01:06:25+00:00

6d2eb58ee86e3fe36e61f00dbe443ee8d49c421f

Fix https://bugs.erlang.org/browse/ERL-336.





Fix https://bugs.erlang.org/browse/ERL-336.







Prepare release
2016-12-09T10:45:22+00:00

Erlang/OTP
otp@erlang.org

2016-12-09T10:45:22+00:00

fc0427be6d482182ec70f3cd87c73027cfb17ea9