diff options
author | Sverker Eriksson <[email protected]> | 2013-11-27 18:00:30 +0100 |
---|---|---|
committer | Sverker Eriksson <[email protected]> | 2013-11-27 18:00:30 +0100 |
commit | 998d043865059dcf7f5055a62586cc1420c221b9 (patch) | |
tree | b9a1e6f399ccddea94c15230916925b3f4896daf /lib/crypto | |
parent | 9f2cdf704fa0732817b4c49067cd561dd13ff730 (diff) | |
download | otp-998d043865059dcf7f5055a62586cc1420c221b9.tar.gz otp-998d043865059dcf7f5055a62586cc1420c221b9.tar.bz2 otp-998d043865059dcf7f5055a62586cc1420c221b9.zip |
crypto: Throw notsup for AES IGE if openssl older than 0.9.8c
Diffstat (limited to 'lib/crypto')
-rw-r--r-- | lib/crypto/c_src/crypto.c | 16 | ||||
-rw-r--r-- | lib/crypto/doc/src/crypto.xml | 10 | ||||
-rw-r--r-- | lib/crypto/src/crypto.erl | 8 |
3 files changed, 26 insertions, 8 deletions
diff --git a/lib/crypto/c_src/crypto.c b/lib/crypto/c_src/crypto.c index 5caa47bcf4..1135a35b9f 100644 --- a/lib/crypto/c_src/crypto.c +++ b/lib/crypto/c_src/crypto.c @@ -81,12 +81,18 @@ # define HAVE_EC #endif +#if OPENSSL_VERSION_NUMBER >= 0x0090803fL +# define HAVE_AES_IGE +#endif + #if defined(HAVE_EC) #include <openssl/ec.h> #include <openssl/ecdh.h> #include <openssl/ecdsa.h> #endif + + #ifdef VALGRIND # include <valgrind/memcheck.h> @@ -221,7 +227,7 @@ static ERL_NIF_TERM mod_exp_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM arg static ERL_NIF_TERM dss_verify_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]); static ERL_NIF_TERM rsa_verify_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]); static ERL_NIF_TERM aes_cbc_crypt(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]); -static ERL_NIF_TERM aes_ige_crypt(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]); +static ERL_NIF_TERM aes_ige_crypt_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]); static ERL_NIF_TERM do_exor(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]); static ERL_NIF_TERM rc4_encrypt(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]); static ERL_NIF_TERM rc4_set_key(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]); @@ -350,7 +356,7 @@ static ErlNifFunc nif_funcs[] = { {"dss_verify_nif", 4, dss_verify_nif}, {"rsa_verify_nif", 4, rsa_verify_nif}, {"aes_cbc_crypt", 4, aes_cbc_crypt}, - {"aes_ige_crypt", 4, aes_ige_crypt}, + {"aes_ige_crypt_nif", 4, aes_ige_crypt_nif}, {"do_exor", 2, do_exor}, {"rc4_encrypt", 2, rc4_encrypt}, {"rc4_set_key", 1, rc4_set_key}, @@ -2092,8 +2098,9 @@ static ERL_NIF_TERM aes_cbc_crypt(ErlNifEnv* env, int argc, const ERL_NIF_TERM a return ret; } -static ERL_NIF_TERM aes_ige_crypt(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]) +static ERL_NIF_TERM aes_ige_crypt_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]) {/* (Key, IVec, Data, IsEncrypt) */ +#ifdef HAVE_AES_IGE ErlNifBinary key_bin, ivec_bin, data_bin; AES_KEY aes_key; unsigned char ivec[32]; @@ -2125,6 +2132,9 @@ static ERL_NIF_TERM aes_ige_crypt(ErlNifEnv* env, int argc, const ERL_NIF_TERM a AES_ige_encrypt(data_bin.data, ret_ptr, data_bin.size, &aes_key, ivec, i); CONSUME_REDS(env,data_bin); return ret; +#else + return atom_notsup; +#endif } static ERL_NIF_TERM do_exor(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]) diff --git a/lib/crypto/doc/src/crypto.xml b/lib/crypto/doc/src/crypto.xml index 49c020dbe5..406fd5e59a 100644 --- a/lib/crypto/doc/src/crypto.xml +++ b/lib/crypto/doc/src/crypto.xml @@ -159,8 +159,9 @@ </type> <desc> <p>Encrypt <c>PlainText</c>according to <c>Type</c> block cipher. - <c>IVec</c> is an arbitrary initializing vector. - </p> + <c>IVec</c> is an arbitrary initializing vector.</p> + <p>May throw exception <c>notsup</c> in case the chosen <c>Type</c> + is not supported by the underlying OpenSSL implementation.</p> </desc> </func> @@ -175,8 +176,9 @@ </type> <desc> <p>Decrypt <c>CipherText</c>according to <c>Type</c> block cipher. - <c>IVec</c> is an arbitrary initializing vector. - </p> + <c>IVec</c> is an arbitrary initializing vector.</p> + <p>May throw exception <c>notsup</c> in case the chosen <c>Type</c> + is not supported by the underlying OpenSSL implementation.</p> </desc> </func> diff --git a/lib/crypto/src/crypto.erl b/lib/crypto/src/crypto.erl index 0e8b80c1f9..41fe968558 100644 --- a/lib/crypto/src/crypto.erl +++ b/lib/crypto/src/crypto.erl @@ -1275,7 +1275,13 @@ aes_ige_256_encrypt(Key, IVec, Data) -> aes_ige_256_decrypt(Key, IVec, Data) -> aes_ige_crypt(Key, IVec, Data, false). -aes_ige_crypt(_Key, _IVec, _Data, _IsEncrypt) -> ?nif_stub. +aes_ige_crypt(Key, IVec, Data, IsEncrypt) -> + case aes_ige_crypt_nif(Key,IVec,Data,IsEncrypt) of + notsup -> erlang:error(notsup); + Bin -> Bin + end. + +aes_ige_crypt_nif(_Key, _IVec, _Data, _IsEncrypt) -> ?nif_stub. %% %% aes_ige_ivec(Data) -> binary() |