Merge branch 'nick/ssh_crypto/strengthened_random/OTP-9225' into maint-r14

* nick/ssh_crypto/strengthened_random/OTP-9225: Renamed the function strong_rand_uniform to strong_rand_mpint. Added some checks in crypto.erl and crypto.c. Changed ssh_bits to use strong_rand_mpint. Fixed SSH appup, copyright headers SSH vsn and SSH release note. Adds NIFs for cryptographically strong random number generation. Also adds documentation and unit tests.
author: Erlang/OTP <[email protected]> 2011-04-20 11:01:49 +0200
committer: Erlang/OTP <[email protected]> 2011-04-20 11:01:49 +0200
commit: 459bde53cf564d47d26d9248ab964a09ed4e40b4 (patch)
tree: b0a68a6be769ceb640e9f4eaec65b1d27ec48538 /lib/crypto/c_src/crypto.c
parent: a34016f35625c77f4487b649f8234b0af3b1bb3b (diff)
parent: afe36b58bb77012f94b19213ed9602c2eb9fd420 (diff)
download: otp-459bde53cf564d47d26d9248ab964a09ed4e40b4.tar.gz
otp-459bde53cf564d47d26d9248ab964a09ed4e40b4.tar.bz2
otp-459bde53cf564d47d26d9248ab964a09ed4e40b4.zip
1 files changed, 61 insertions, 0 deletions
diff --git a/lib/crypto/c_src/crypto.c b/lib/crypto/c_src/crypto.c
index b8786f6f94..3ebf62d87c 100644
--- a/lib/crypto/c_src/crypto.c
+++ b/lib/crypto/c_src/crypto.c
@@ -134,7 +134,9 @@ static ERL_NIF_TERM des_ede3_cbc_crypt(ErlNifEnv* env, int argc, const ERL_NIF_T
 static ERL_NIF_TERM aes_cfb_128_crypt(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
 static ERL_NIF_TERM aes_ctr_encrypt(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
 static ERL_NIF_TERM rand_bytes_1(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
+static ERL_NIF_TERM strong_rand_bytes_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
 static ERL_NIF_TERM rand_bytes_3(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
+static ERL_NIF_TERM strong_rand_mpint_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
 static ERL_NIF_TERM rand_uniform_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
 static ERL_NIF_TERM mod_exp_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
 static ERL_NIF_TERM dss_verify(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
@@ -204,7 +206,9 @@ static ErlNifFunc nif_funcs[] = {
     {"aes_ctr_encrypt", 3, aes_ctr_encrypt},
     {"aes_ctr_decrypt", 3, aes_ctr_encrypt},
     {"rand_bytes", 1, rand_bytes_1},
+    {"strong_rand_bytes_nif", 1, strong_rand_bytes_nif},
     {"rand_bytes", 3, rand_bytes_3},
+    {"strong_rand_mpint_nif", 3, strong_rand_mpint_nif},
     {"rand_uniform_nif", 2, rand_uniform_nif},
     {"mod_exp_nif", 3, mod_exp_nif},
     {"dss_verify", 4, dss_verify},
@@ -704,6 +708,22 @@ static ERL_NIF_TERM rand_bytes_1(ErlNifEnv* env, int argc, const ERL_NIF_TERM ar
     ERL_VALGRIND_MAKE_MEM_DEFINED(data, bytes);
     return ret;
 }
+static ERL_NIF_TERM strong_rand_bytes_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
+{/* (Bytes) */     
+    unsigned bytes;
+    unsigned char* data;
+    ERL_NIF_TERM ret;
+    if (!enif_get_uint(env, argv[0], &bytes)) {
+	return enif_make_badarg(env);
+    }
+    data = enif_make_new_binary(env, bytes, &ret);
+    if ( RAND_bytes(data, bytes) != 1) {
+        return atom_false;
+    }
+    ERL_VALGRIND_MAKE_MEM_DEFINED(data, bytes);
+    return ret;
+}
+
 static ERL_NIF_TERM rand_bytes_3(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
 {/* (Bytes, TopMask, BottomMask) */    
     unsigned bytes;
@@ -724,6 +744,47 @@ static ERL_NIF_TERM rand_bytes_3(ErlNifEnv* env, int argc, const ERL_NIF_TERM ar
     }
     return ret;
 }
+static ERL_NIF_TERM strong_rand_mpint_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
+{/* (Bytes, TopMask, BottomMask) */    
+    unsigned bits;
+    BIGNUM *bn_rand;
+    int top, bottom;
+    unsigned char* data;
+    unsigned dlen;
+    ERL_NIF_TERM ret;
+    if (!enif_get_uint(env, argv[0], &bits)
+	|| !enif_get_int(env, argv[1], &top)
+	|| !enif_get_int(env, argv[2], &bottom)) {
+	return enif_make_badarg(env);
+    }
+    if (! (top == -1 || top == 0 || top == 1) ) {
+        return enif_make_badarg(env);
+    }
+    if (! (bottom == 0 || bottom == 1) ) {
+        return enif_make_badarg(env);
+    }
+
+    bn_rand = BN_new();
+    if (! bn_rand ) {
+        return enif_make_badarg(env);
+    }
+
+    /* Get a (bits) bit random number */
+    if (!BN_rand(bn_rand, bits, top, bottom)) {
+        ret = atom_false;
+    }
+    else {
+	/* Copy the bignum into an erlang mpint binary. */
+	dlen = BN_num_bytes(bn_rand);
+	data = enif_make_new_binary(env, dlen+4, &ret);
+	put_int32(data, dlen);
+	BN_bn2bin(bn_rand, data+4);
+	ERL_VALGRIND_MAKE_MEM_DEFINED(data+4, dlen);
+    }
+    BN_free(bn_rand);
+
+    return ret;
+}
 
 static int get_bn_from_mpint(ErlNifEnv* env, ERL_NIF_TERM term, BIGNUM** bnp)
 {
author	Erlang/OTP <[email protected]>	2011-04-20 11:01:49 +0200
committer	Erlang/OTP <[email protected]>	2011-04-20 11:01:49 +0200
commit	459bde53cf564d47d26d9248ab964a09ed4e40b4 (patch)
tree	b0a68a6be769ceb640e9f4eaec65b1d27ec48538 /lib/crypto/c_src/crypto.c
parent	a34016f35625c77f4487b649f8234b0af3b1bb3b (diff)
parent	afe36b58bb77012f94b19213ed9602c2eb9fd420 (diff)
download	otp-459bde53cf564d47d26d9248ab964a09ed4e40b4.tar.gz otp-459bde53cf564d47d26d9248ab964a09ed4e40b4.tar.bz2 otp-459bde53cf564d47d26d9248ab964a09ed4e40b4.zip