diff options
author | Raimo Niskanen <[email protected]> | 2016-10-04 15:22:17 +0200 |
---|---|---|
committer | Raimo Niskanen <[email protected]> | 2016-10-04 15:22:17 +0200 |
commit | eaa61ca7e0100bdad0a53b79b010e6363a5a3cb9 (patch) | |
tree | 3322f7a0e6568e86f13277cb581ee23e0814eaf3 | |
parent | 43319147e3aa0145303dcb5bd9799b4766618afa (diff) | |
parent | 634d26929bb5852958870a7b18f67b4b8702bfa2 (diff) | |
download | otp-eaa61ca7e0100bdad0a53b79b010e6363a5a3cb9.tar.gz otp-eaa61ca7e0100bdad0a53b79b010e6363a5a3cb9.tar.bz2 otp-eaa61ca7e0100bdad0a53b79b010e6363a5a3cb9.zip |
Merge branch 'maint'
-rw-r--r-- | lib/crypto/c_src/crypto.c | 37 | ||||
-rw-r--r-- | lib/crypto/test/old_crypto_SUITE.erl | 10 | ||||
-rw-r--r-- | lib/public_key/test/pbe_SUITE.erl | 7 | ||||
-rw-r--r-- | lib/ssl/src/ssl_cipher.erl | 3 |
4 files changed, 49 insertions, 8 deletions
diff --git a/lib/crypto/c_src/crypto.c b/lib/crypto/c_src/crypto.c index f9fa80c0c7..ccb0a60dcb 100644 --- a/lib/crypto/c_src/crypto.c +++ b/lib/crypto/c_src/crypto.c @@ -50,8 +50,12 @@ #include <openssl/ripemd.h> #include <openssl/bn.h> #include <openssl/objects.h> -#include <openssl/rc4.h> -#include <openssl/rc2.h> +#ifndef OPENSSL_NO_RC4 + #include <openssl/rc4.h> +#endif /* OPENSSL_NO_RC4 */ +#ifndef OPENSSL_NO_RC2 + #include <openssl/rc2.h> +#endif #include <openssl/blowfish.h> #include <openssl/rand.h> #include <openssl/evp.h> @@ -475,7 +479,13 @@ struct cipher_type_t { struct cipher_type_t cipher_types[] = { - {{"rc2_cbc"}, {&EVP_rc2_cbc}}, + {{"rc2_cbc"}, +#ifndef OPENSSL_NO_RC2 + {&EVP_rc2_cbc} +#else + {NULL} +#endif + }, {{"des_cbc"}, {COND_NO_DES_PTR(&EVP_des_cbc)}}, {{"des_cfb"}, {COND_NO_DES_PTR(&EVP_des_cfb8)}}, {{"des_ecb"}, {COND_NO_DES_PTR(&EVP_des_ecb)}}, @@ -834,8 +844,12 @@ static void init_algorithms_types(ErlNifEnv* env) algo_cipher[algo_cipher_cnt++] = enif_make_atom(env,"blowfish_cfb64"); algo_cipher[algo_cipher_cnt++] = enif_make_atom(env,"blowfish_ofb64"); algo_cipher[algo_cipher_cnt++] = enif_make_atom(env,"blowfish_ecb"); +#ifndef OPENSSL_NO_RC2 algo_cipher[algo_cipher_cnt++] = enif_make_atom(env,"rc2_cbc"); +#endif +#ifndef OPENSSL_NO_RC4 algo_cipher[algo_cipher_cnt++] = enif_make_atom(env,"rc4"); +#endif #if defined(HAVE_GCM) algo_cipher[algo_cipher_cnt++] = enif_make_atom(env,"aes_gcm"); #endif @@ -2381,6 +2395,7 @@ static ERL_NIF_TERM do_exor(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]) static ERL_NIF_TERM rc4_encrypt(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]) {/* (Key, Data) */ +#ifndef OPENSSL_NO_RC4 ErlNifBinary key, data; RC4_KEY rc4_key; ERL_NIF_TERM ret; @@ -2394,10 +2409,14 @@ static ERL_NIF_TERM rc4_encrypt(ErlNifEnv* env, int argc, const ERL_NIF_TERM arg enif_make_new_binary(env, data.size, &ret)); CONSUME_REDS(env,data); return ret; -} +#else + return enif_raise_exception(env, atom_notsup); +#endif +} static ERL_NIF_TERM rc4_set_key(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]) {/* (Key) */ +#ifndef OPENSSL_NO_RC4 ErlNifBinary key; ERL_NIF_TERM ret; @@ -2407,11 +2426,14 @@ static ERL_NIF_TERM rc4_set_key(ErlNifEnv* env, int argc, const ERL_NIF_TERM arg RC4_set_key((RC4_KEY*)enif_make_new_binary(env, sizeof(RC4_KEY), &ret), key.size, key.data); return ret; +#else + return enif_raise_exception(env, atom_notsup); +#endif } static ERL_NIF_TERM rc4_encrypt_with_state(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]) {/* (State, Data) */ - +#ifndef OPENSSL_NO_RC4 ErlNifBinary state, data; RC4_KEY* rc4_key; ERL_NIF_TERM new_state, new_data; @@ -2427,7 +2449,10 @@ static ERL_NIF_TERM rc4_encrypt_with_state(ErlNifEnv* env, int argc, const ERL_N enif_make_new_binary(env, data.size, &new_data)); CONSUME_REDS(env,data); return enif_make_tuple2(env,new_state,new_data); -} +#else + return enif_raise_exception(env, atom_notsup); +#endif +} static int get_rsa_private_key(ErlNifEnv* env, ERL_NIF_TERM key, RSA *rsa) { diff --git a/lib/crypto/test/old_crypto_SUITE.erl b/lib/crypto/test/old_crypto_SUITE.erl index 4a6753b2ed..324ed39c6d 100644 --- a/lib/crypto/test/old_crypto_SUITE.erl +++ b/lib/crypto/test/old_crypto_SUITE.erl @@ -1080,7 +1080,9 @@ rc2_cbc(doc) -> "Encrypt and decrypt according to RC2 CBC and check the result. " "Example stripped out from public_key application test"; rc2_cbc(Config) when is_list(Config) -> - + if_supported(rc2_cbc, fun rc2_cbc_do/0). + +rc2_cbc_do() -> Key = <<146,210,160,124,215,227,153,239,227,17,222,140,3,93,27,191>>, IV = <<72,91,135,182,25,42,35,210>>, @@ -2117,6 +2119,9 @@ rc4_test(doc) -> rc4_test(suite) -> []; rc4_test(Config) when is_list(Config) -> + if_supported(rc4, fun rc4_test_do/0). + +rc4_test_do() -> CT1 = <<"Yo baby yo">>, R1 = <<118,122,68,110,157,166,141,212,139,39>>, K = "apaapa", @@ -2132,6 +2137,9 @@ rc4_stream_test(doc) -> rc4_stream_test(suite) -> []; rc4_stream_test(Config) when is_list(Config) -> + if_supported(rc4, fun rc4_stream_test_do/0). + +rc4_stream_test_do() -> CT1 = <<"Yo ">>, CT2 = <<"baby yo">>, K = "apaapa", diff --git a/lib/public_key/test/pbe_SUITE.erl b/lib/public_key/test/pbe_SUITE.erl index 004eaefc27..44caf479e5 100644 --- a/lib/public_key/test/pbe_SUITE.erl +++ b/lib/public_key/test/pbe_SUITE.erl @@ -219,7 +219,12 @@ pbes2() -> pbes2(Config) when is_list(Config) -> decode_encode_key_file("pbes2_des_cbc_enc_key.pem", "password", "DES-CBC", Config), decode_encode_key_file("pbes2_des_ede3_cbc_enc_key.pem", "password", "DES-EDE3-CBC", Config), - decode_encode_key_file("pbes2_rc2_cbc_enc_key.pem", "password", "RC2-CBC", Config). + case lists:member(rc2_cbc, proplists:get_value(ciphers, crypto:supports())) of + true -> + decode_encode_key_file("pbes2_rc2_cbc_enc_key.pem", "password", "RC2-CBC", Config); + false -> + ok + end. check_key_info(#'PrivateKeyInfo'{privateKeyAlgorithm = #'PrivateKeyInfo_privateKeyAlgorithm'{algorithm = ?rsaEncryption}, diff --git a/lib/ssl/src/ssl_cipher.erl b/lib/ssl/src/ssl_cipher.erl index 19e1517194..02873ce522 100644 --- a/lib/ssl/src/ssl_cipher.erl +++ b/lib/ssl/src/ssl_cipher.erl @@ -1464,6 +1464,9 @@ is_acceptable_cipher(Cipher, Algos) is_acceptable_cipher(Cipher, Algos) when Cipher == chacha20_poly1305 -> proplists:get_bool(Cipher, Algos); +is_acceptable_cipher(Cipher, Algos) + when Cipher == rc4_128 -> + proplists:get_bool(rc4, Algos); is_acceptable_cipher(_, _) -> true. |