aboutsummaryrefslogtreecommitdiffstats
path: root/lib/crypto
diff options
context:
space:
mode:
authorSverker Eriksson <[email protected]>2013-11-27 18:00:30 +0100
committerSverker Eriksson <[email protected]>2013-11-27 18:00:30 +0100
commit998d043865059dcf7f5055a62586cc1420c221b9 (patch)
treeb9a1e6f399ccddea94c15230916925b3f4896daf /lib/crypto
parent9f2cdf704fa0732817b4c49067cd561dd13ff730 (diff)
downloadotp-998d043865059dcf7f5055a62586cc1420c221b9.tar.gz
otp-998d043865059dcf7f5055a62586cc1420c221b9.tar.bz2
otp-998d043865059dcf7f5055a62586cc1420c221b9.zip
crypto: Throw notsup for AES IGE if openssl older than 0.9.8c
Diffstat (limited to 'lib/crypto')
-rw-r--r--lib/crypto/c_src/crypto.c16
-rw-r--r--lib/crypto/doc/src/crypto.xml10
-rw-r--r--lib/crypto/src/crypto.erl8
3 files changed, 26 insertions, 8 deletions
diff --git a/lib/crypto/c_src/crypto.c b/lib/crypto/c_src/crypto.c
index 5caa47bcf4..1135a35b9f 100644
--- a/lib/crypto/c_src/crypto.c
+++ b/lib/crypto/c_src/crypto.c
@@ -81,12 +81,18 @@
# define HAVE_EC
#endif
+#if OPENSSL_VERSION_NUMBER >= 0x0090803fL
+# define HAVE_AES_IGE
+#endif
+
#if defined(HAVE_EC)
#include <openssl/ec.h>
#include <openssl/ecdh.h>
#include <openssl/ecdsa.h>
#endif
+
+
#ifdef VALGRIND
# include <valgrind/memcheck.h>
@@ -221,7 +227,7 @@ static ERL_NIF_TERM mod_exp_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM arg
static ERL_NIF_TERM dss_verify_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
static ERL_NIF_TERM rsa_verify_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
static ERL_NIF_TERM aes_cbc_crypt(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
-static ERL_NIF_TERM aes_ige_crypt(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
+static ERL_NIF_TERM aes_ige_crypt_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
static ERL_NIF_TERM do_exor(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
static ERL_NIF_TERM rc4_encrypt(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
static ERL_NIF_TERM rc4_set_key(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
@@ -350,7 +356,7 @@ static ErlNifFunc nif_funcs[] = {
{"dss_verify_nif", 4, dss_verify_nif},
{"rsa_verify_nif", 4, rsa_verify_nif},
{"aes_cbc_crypt", 4, aes_cbc_crypt},
- {"aes_ige_crypt", 4, aes_ige_crypt},
+ {"aes_ige_crypt_nif", 4, aes_ige_crypt_nif},
{"do_exor", 2, do_exor},
{"rc4_encrypt", 2, rc4_encrypt},
{"rc4_set_key", 1, rc4_set_key},
@@ -2092,8 +2098,9 @@ static ERL_NIF_TERM aes_cbc_crypt(ErlNifEnv* env, int argc, const ERL_NIF_TERM a
return ret;
}
-static ERL_NIF_TERM aes_ige_crypt(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
+static ERL_NIF_TERM aes_ige_crypt_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
{/* (Key, IVec, Data, IsEncrypt) */
+#ifdef HAVE_AES_IGE
ErlNifBinary key_bin, ivec_bin, data_bin;
AES_KEY aes_key;
unsigned char ivec[32];
@@ -2125,6 +2132,9 @@ static ERL_NIF_TERM aes_ige_crypt(ErlNifEnv* env, int argc, const ERL_NIF_TERM a
AES_ige_encrypt(data_bin.data, ret_ptr, data_bin.size, &aes_key, ivec, i);
CONSUME_REDS(env,data_bin);
return ret;
+#else
+ return atom_notsup;
+#endif
}
static ERL_NIF_TERM do_exor(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
diff --git a/lib/crypto/doc/src/crypto.xml b/lib/crypto/doc/src/crypto.xml
index 49c020dbe5..406fd5e59a 100644
--- a/lib/crypto/doc/src/crypto.xml
+++ b/lib/crypto/doc/src/crypto.xml
@@ -159,8 +159,9 @@
</type>
<desc>
<p>Encrypt <c>PlainText</c>according to <c>Type</c> block cipher.
- <c>IVec</c> is an arbitrary initializing vector.
- </p>
+ <c>IVec</c> is an arbitrary initializing vector.</p>
+ <p>May throw exception <c>notsup</c> in case the chosen <c>Type</c>
+ is not supported by the underlying OpenSSL implementation.</p>
</desc>
</func>
@@ -175,8 +176,9 @@
</type>
<desc>
<p>Decrypt <c>CipherText</c>according to <c>Type</c> block cipher.
- <c>IVec</c> is an arbitrary initializing vector.
- </p>
+ <c>IVec</c> is an arbitrary initializing vector.</p>
+ <p>May throw exception <c>notsup</c> in case the chosen <c>Type</c>
+ is not supported by the underlying OpenSSL implementation.</p>
</desc>
</func>
diff --git a/lib/crypto/src/crypto.erl b/lib/crypto/src/crypto.erl
index 0e8b80c1f9..41fe968558 100644
--- a/lib/crypto/src/crypto.erl
+++ b/lib/crypto/src/crypto.erl
@@ -1275,7 +1275,13 @@ aes_ige_256_encrypt(Key, IVec, Data) ->
aes_ige_256_decrypt(Key, IVec, Data) ->
aes_ige_crypt(Key, IVec, Data, false).
-aes_ige_crypt(_Key, _IVec, _Data, _IsEncrypt) -> ?nif_stub.
+aes_ige_crypt(Key, IVec, Data, IsEncrypt) ->
+ case aes_ige_crypt_nif(Key,IVec,Data,IsEncrypt) of
+ notsup -> erlang:error(notsup);
+ Bin -> Bin
+ end.
+
+aes_ige_crypt_nif(_Key, _IVec, _Data, _IsEncrypt) -> ?nif_stub.
%%
%% aes_ige_ivec(Data) -> binary()