diff options
author | Hans Nilsson <[email protected]> | 2018-09-11 17:21:30 +0200 |
---|---|---|
committer | Hans Nilsson <[email protected]> | 2018-09-14 12:22:04 +0200 |
commit | 2cf63f4e429c60b7d77bd15c73fd298ee53710ae (patch) | |
tree | 09e502358684925a5a41a0673fe02dcb19e5fe11 /lib/crypto/src/crypto.erl | |
parent | f11391139c4165e8541a52d45cd1525343a83927 (diff) | |
download | otp-2cf63f4e429c60b7d77bd15c73fd298ee53710ae.tar.gz otp-2cf63f4e429c60b7d77bd15c73fd298ee53710ae.tar.bz2 otp-2cf63f4e429c60b7d77bd15c73fd298ee53710ae.zip |
crypto: Add AES_CCM crypto
Will be increase interoperability of future SSL application versions.
Diffstat (limited to 'lib/crypto/src/crypto.erl')
-rw-r--r-- | lib/crypto/src/crypto.erl | 40 |
1 files changed, 22 insertions, 18 deletions
diff --git a/lib/crypto/src/crypto.erl b/lib/crypto/src/crypto.erl index cb281aac42..2f612b6121 100644 --- a/lib/crypto/src/crypto.erl +++ b/lib/crypto/src/crypto.erl @@ -262,7 +262,7 @@ | rc2_cbc . -type cbc_cipher() :: des_cbc | des3_cbc | aes_cbc | blowfish_cbc . --type aead_cipher() :: aes_gcm | chacha20_poly1305 . +-type aead_cipher() :: aes_gcm | aes_ccm | chacha20_poly1305 . -type cfb_cipher() :: aes_cfb128 | aes_cfb8 | blowfish_cfb64 | des3_cfb | des_cfb . -type block_cipher_without_iv() :: ecb_cipher() . @@ -490,23 +490,23 @@ poly1305(Key, Data) -> -spec block_encrypt(Type::block_cipher_with_iv(), Key::key()|des3_key(), Ivec::binary(), PlainText::iodata()) -> binary(); (Type::aead_cipher(), Key::iodata(), Ivec::binary(), {AAD::binary(), PlainText::iodata()}) -> {binary(), binary()}; - (aes_gcm, Key::iodata(), Ivec::binary(), {AAD::binary(), PlainText::iodata(), TagLength::1..16}) -> + (aes_gcm | aes_ccm, Key::iodata(), Ivec::binary(), {AAD::binary(), PlainText::iodata(), TagLength::1..16}) -> {binary(), binary()}. block_encrypt(Type, Key, Ivec, PlainText) when Type =:= des_cbc; - Type =:= des_cfb; - Type =:= blowfish_cbc; - Type =:= blowfish_cfb64; - Type =:= blowfish_ofb64; - Type =:= aes_cbc128; - Type =:= aes_cfb8; - Type =:= aes_cfb128; - Type =:= aes_cbc256; - Type =:= aes_cbc; - Type =:= rc2_cbc -> + Type =:= des_cfb; + Type =:= blowfish_cbc; + Type =:= blowfish_cfb64; + Type =:= blowfish_ofb64; + Type =:= aes_cbc128; + Type =:= aes_cfb8; + Type =:= aes_cfb128; + Type =:= aes_cbc256; + Type =:= aes_cbc; + Type =:= rc2_cbc -> block_crypt_nif(Type, Key, Ivec, PlainText, true); block_encrypt(Type, Key0, Ivec, PlainText) when Type =:= des3_cbc; - Type =:= des_ede3 -> + Type =:= des_ede3 -> Key = check_des3_key(Key0), block_crypt_nif(des_ede3_cbc, Key, Ivec, PlainText, true); block_encrypt(des3_cbf, Key0, Ivec, PlainText) -> % cfb misspelled @@ -517,10 +517,12 @@ block_encrypt(des3_cfb, Key0, Ivec, PlainText) -> block_crypt_nif(des_ede3_cfb, Key, Ivec, PlainText, true); block_encrypt(aes_ige256, Key, Ivec, PlainText) -> notsup_to_error(aes_ige_crypt_nif(Key, Ivec, PlainText, true)); -block_encrypt(aes_gcm, Key, Ivec, {AAD, PlainText}) -> - aead_encrypt(Key, Ivec, AAD, PlainText); -block_encrypt(aes_gcm, Key, Ivec, {AAD, PlainText, TagLength}) -> - aead_encrypt(Key, Ivec, AAD, PlainText, TagLength); +block_encrypt(Type, Key, Ivec, {AAD, PlainText}) when Type =:= aes_gcm; + Type =:= aes_ccm -> + aead_encrypt(Type, Key, Ivec, AAD, PlainText); +block_encrypt(Type, Key, Ivec, {AAD, PlainText, TagLength}) when Type =:= aes_gcm; + Type =:= aes_ccm -> + aead_encrypt(Type, Key, Ivec, AAD, PlainText, TagLength); block_encrypt(chacha20_poly1305, Key, Ivec, {AAD, PlainText}) -> chacha20_poly1305_encrypt(Key, Ivec, AAD, PlainText). @@ -551,7 +553,8 @@ block_decrypt(des3_cfb, Key0, Ivec, Data) -> block_crypt_nif(des_ede3_cfb, Key, Ivec, Data, false); block_decrypt(aes_ige256, Key, Ivec, Data) -> notsup_to_error(aes_ige_crypt_nif(Key, Ivec, Data, false)); -block_decrypt(Type, Key, Ivec, {AAD, Data, Tag}) when Type =:= aes_gcm -> +block_decrypt(Type, Key, Ivec, {AAD, Data, Tag}) when Type =:= aes_gcm; + Type =:= aes_ccm -> aead_decrypt(Type, Key, Ivec, AAD, Data, Tag); block_decrypt(chacha20_poly1305, Key, Ivec, {AAD, Data, Tag}) -> chacha20_poly1305_decrypt(Key, Ivec, AAD, Data, Tag). @@ -1604,6 +1607,7 @@ check_des3_key(Key) -> %% AES - in Galois/Counter Mode (GCM) %% %% The default tag length is EVP_GCM_TLS_TAG_LEN(16), +aead_encrypt(Type=aes_ccm, Key, Ivec, AAD, In) -> aead_encrypt(Type, Key, Ivec, AAD, In, 12); aead_encrypt(Type=aes_gcm, Key, Ivec, AAD, In) -> aead_encrypt(Type, Key, Ivec, AAD, In, 16). aead_encrypt(_Type, _Key, _Ivec, _AAD, _In, _TagLength) -> ?nif_stub. |