diff options
author | Hans Nilsson <[email protected]> | 2018-09-17 10:15:45 +0200 |
---|---|---|
committer | Hans Nilsson <[email protected]> | 2018-09-17 10:15:45 +0200 |
commit | 0a218353e4360e36bac304b6a4e0effe78d95615 (patch) | |
tree | b49be0991d2c08af5dd0dc65585b4672f2fccaf1 /lib/crypto/src | |
parent | 4b48d5b1d21d741b6802a7187129e4b78b87a052 (diff) | |
parent | 025bb085ab7b7305e5f464984d0714a94ad12bc9 (diff) | |
download | otp-0a218353e4360e36bac304b6a4e0effe78d95615.tar.gz otp-0a218353e4360e36bac304b6a4e0effe78d95615.tar.bz2 otp-0a218353e4360e36bac304b6a4e0effe78d95615.zip |
Merge branch 'hans/crypto/aes_ccm/OTP-15286' into maint
* hans/crypto/aes_ccm/OTP-15286:
crypto: Fix no_aead test
crypto: Document AES_CCM and fix errors in User's Guide The sizes in the Algorithms chapter for aes_gcm was wrong or incomplete.
crypto: AES_CCM test case
crypto: All aes_ccm vectors (including unused) This directory contains all aes_ccm vectors. However, effort is needed to include them in the test suite so they are left for later.
crypto: Add AES_CCM crypto Will be increase interoperability of future SSL application versions.
crypto: Generalize aes_gcm_(de|en)crypt nifs
Diffstat (limited to 'lib/crypto/src')
-rw-r--r-- | lib/crypto/src/crypto.erl | 54 |
1 files changed, 28 insertions, 26 deletions
diff --git a/lib/crypto/src/crypto.erl b/lib/crypto/src/crypto.erl index 7d8f0479ee..960fe46c09 100644 --- a/lib/crypto/src/crypto.erl +++ b/lib/crypto/src/crypto.erl @@ -262,7 +262,7 @@ | rc2_cbc . -type cbc_cipher() :: des_cbc | des3_cbc | aes_cbc | blowfish_cbc . --type aead_cipher() :: aes_gcm | chacha20_poly1305 . +-type aead_cipher() :: aes_gcm | aes_ccm | chacha20_poly1305 . -type cfb_cipher() :: aes_cfb128 | aes_cfb8 | blowfish_cfb64 | des3_cfb | des_cfb . -type block_cipher_without_iv() :: ecb_cipher() . @@ -493,23 +493,23 @@ poly1305(Key, Data) -> -spec block_encrypt(Type::block_cipher_with_iv(), Key::key()|des3_key(), Ivec::binary(), PlainText::iodata()) -> binary(); (Type::aead_cipher(), Key::iodata(), Ivec::binary(), {AAD::binary(), PlainText::iodata()}) -> {binary(), binary()}; - (aes_gcm, Key::iodata(), Ivec::binary(), {AAD::binary(), PlainText::iodata(), TagLength::1..16}) -> + (aes_gcm | aes_ccm, Key::iodata(), Ivec::binary(), {AAD::binary(), PlainText::iodata(), TagLength::1..16}) -> {binary(), binary()}. block_encrypt(Type, Key, Ivec, PlainText) when Type =:= des_cbc; - Type =:= des_cfb; - Type =:= blowfish_cbc; - Type =:= blowfish_cfb64; - Type =:= blowfish_ofb64; - Type =:= aes_cbc128; - Type =:= aes_cfb8; - Type =:= aes_cfb128; - Type =:= aes_cbc256; - Type =:= aes_cbc; - Type =:= rc2_cbc -> + Type =:= des_cfb; + Type =:= blowfish_cbc; + Type =:= blowfish_cfb64; + Type =:= blowfish_ofb64; + Type =:= aes_cbc128; + Type =:= aes_cfb8; + Type =:= aes_cfb128; + Type =:= aes_cbc256; + Type =:= aes_cbc; + Type =:= rc2_cbc -> block_crypt_nif(Type, Key, Ivec, PlainText, true); block_encrypt(Type, Key0, Ivec, PlainText) when Type =:= des3_cbc; - Type =:= des_ede3 -> + Type =:= des_ede3 -> Key = check_des3_key(Key0), block_crypt_nif(des_ede3_cbc, Key, Ivec, PlainText, true); block_encrypt(des3_cbf, Key0, Ivec, PlainText) -> % cfb misspelled @@ -520,10 +520,12 @@ block_encrypt(des3_cfb, Key0, Ivec, PlainText) -> block_crypt_nif(des_ede3_cfb, Key, Ivec, PlainText, true); block_encrypt(aes_ige256, Key, Ivec, PlainText) -> notsup_to_error(aes_ige_crypt_nif(Key, Ivec, PlainText, true)); -block_encrypt(aes_gcm, Key, Ivec, {AAD, PlainText}) -> - aes_gcm_encrypt(Key, Ivec, AAD, PlainText); -block_encrypt(aes_gcm, Key, Ivec, {AAD, PlainText, TagLength}) -> - aes_gcm_encrypt(Key, Ivec, AAD, PlainText, TagLength); +block_encrypt(Type, Key, Ivec, {AAD, PlainText}) when Type =:= aes_gcm; + Type =:= aes_ccm -> + aead_encrypt(Type, Key, Ivec, AAD, PlainText); +block_encrypt(Type, Key, Ivec, {AAD, PlainText, TagLength}) when Type =:= aes_gcm; + Type =:= aes_ccm -> + aead_encrypt(Type, Key, Ivec, AAD, PlainText, TagLength); block_encrypt(chacha20_poly1305, Key, Ivec, {AAD, PlainText}) -> chacha20_poly1305_encrypt(Key, Ivec, AAD, PlainText). @@ -554,8 +556,9 @@ block_decrypt(des3_cfb, Key0, Ivec, Data) -> block_crypt_nif(des_ede3_cfb, Key, Ivec, Data, false); block_decrypt(aes_ige256, Key, Ivec, Data) -> notsup_to_error(aes_ige_crypt_nif(Key, Ivec, Data, false)); -block_decrypt(aes_gcm, Key, Ivec, {AAD, Data, Tag}) -> - aes_gcm_decrypt(Key, Ivec, AAD, Data, Tag); +block_decrypt(Type, Key, Ivec, {AAD, Data, Tag}) when Type =:= aes_gcm; + Type =:= aes_ccm -> + aead_decrypt(Type, Key, Ivec, AAD, Data, Tag); block_decrypt(chacha20_poly1305, Key, Ivec, {AAD, Data, Tag}) -> chacha20_poly1305_decrypt(Key, Ivec, AAD, Data, Tag). @@ -580,10 +583,8 @@ next_iv(Type, Data) when is_binary(Data) -> IVecSize = case Type of des_cbc -> 8; des3_cbc -> 8; - blowfish_cbc -> 8; aes_cbc -> 16; - aes_ige -> 32; % For compatibility if someone has bug-adapted code - aes_ige256 -> 32 % The name used in block_encrypt et al + aes_ige -> 32 end, {_, IVec} = split_binary(Data, size(Data) - IVecSize), IVec; @@ -1609,10 +1610,11 @@ check_des3_key(Key) -> %% AES - in Galois/Counter Mode (GCM) %% %% The default tag length is EVP_GCM_TLS_TAG_LEN(16), -aes_gcm_encrypt(Key, Ivec, AAD, In) -> - aes_gcm_encrypt(Key, Ivec, AAD, In, 16). -aes_gcm_encrypt(_Key, _Ivec, _AAD, _In, _TagLength) -> ?nif_stub. -aes_gcm_decrypt(_Key, _Ivec, _AAD, _In, _Tag) -> ?nif_stub. +aead_encrypt(Type=aes_ccm, Key, Ivec, AAD, In) -> aead_encrypt(Type, Key, Ivec, AAD, In, 12); +aead_encrypt(Type=aes_gcm, Key, Ivec, AAD, In) -> aead_encrypt(Type, Key, Ivec, AAD, In, 16). + +aead_encrypt(_Type, _Key, _Ivec, _AAD, _In, _TagLength) -> ?nif_stub. +aead_decrypt(_Type, _Key, _Ivec, _AAD, _In, _Tag) -> ?nif_stub. %% %% Chacha20/Ppoly1305 |