aboutsummaryrefslogtreecommitdiffstats
path: root/lib/crypto/src/crypto.erl
diff options
context:
space:
mode:
Diffstat (limited to 'lib/crypto/src/crypto.erl')
-rw-r--r--lib/crypto/src/crypto.erl103
1 files changed, 80 insertions, 23 deletions
diff --git a/lib/crypto/src/crypto.erl b/lib/crypto/src/crypto.erl
index 8e8370f3b0..5bf52fc8a4 100644
--- a/lib/crypto/src/crypto.erl
+++ b/lib/crypto/src/crypto.erl
@@ -34,6 +34,8 @@
-export([public_encrypt/4, private_decrypt/4]).
-export([private_encrypt/4, public_decrypt/4]).
-export([dh_generate_parameters/2, dh_check/1]). %% Testing see
+-export([ec_curve/1, ec_curves/0]).
+-export([rand_seed/1]).
%% DEPRECATED
%% Replaced by hash_*
@@ -183,7 +185,7 @@
%%-type ec_key() :: {Curve :: ec_curve(), PrivKey :: binary() | undefined, PubKey :: ec_point() | undefined}.
-on_load(on_load/0).
--define(CRYPTO_NIF_VSN,201).
+-define(CRYPTO_NIF_VSN,301).
-define(nif_stub,nif_stub_error(?LINE)).
nif_stub_error(Line) ->
@@ -204,20 +206,13 @@ stop() ->
application:stop(crypto).
supports()->
- Algs = algorithms(),
- PubKeyAlgs =
- case lists:member(ec, Algs) of
- true ->
- {public_keys, [rsa, dss, ecdsa, dh, srp, ecdh]};
- false ->
- {public_keys, [rsa, dss, dh, srp]}
- end,
- [{hashs, Algs -- [ec]},
- {ciphers, [des_cbc, des_cfb, des3_cbc, des3_cbf, des_ede3, blowfish_cbc,
+ {Hashs, PubKeys, Ciphers} = algorithms(),
+
+ [{hashs, Hashs},
+ {ciphers, [des_cbc, des_cfb, des3_cbc, des_ede3, blowfish_cbc,
blowfish_cfb64, blowfish_ofb64, blowfish_ecb, aes_cbc128, aes_cfb128,
- aes_cbc256, rc2_cbc, aes_ctr, rc4
- ]},
- PubKeyAlgs
+ aes_cbc256, rc2_cbc, aes_ctr, rc4] ++ Ciphers},
+ {public_keys, [rsa, dss, dh, srp] ++ PubKeys}
].
info_lib() -> ?nif_stub.
@@ -309,13 +304,16 @@ block_encrypt(aes_cbc128, Key, Ivec, Data) ->
aes_cbc_128_encrypt(Key, Ivec, Data);
block_encrypt(aes_cbc256, Key, Ivec, Data) ->
aes_cbc_256_encrypt(Key, Ivec, Data);
+block_encrypt(aes_ige256, Key, Ivec, Data) ->
+ aes_ige_256_encrypt(Key, Ivec, Data);
block_encrypt(aes_cfb128, Key, Ivec, Data) ->
aes_cfb_128_encrypt(Key, Ivec, Data);
block_encrypt(rc2_cbc, Key, Ivec, Data) ->
rc2_cbc_encrypt(Key, Ivec, Data).
-spec block_decrypt(des_cbc | des_cfb | des3_cbc | des3_cbf | des_ede3 | blowfish_cbc |
- blowfish_cfb64 | blowfish_ofb64 | aes_cbc128 | aes_cbc256 | aes_cfb128 | rc2_cbc,
+ blowfish_cfb64 | blowfish_ofb64 | aes_cbc128 | aes_cbc256 | aes_ige256 |
+ aes_cfb128 | rc2_cbc,
Key::iodata(), Ivec::binary(), Data::iodata()) -> binary().
block_decrypt(des_cbc, Key, Ivec, Data) ->
@@ -338,6 +336,8 @@ block_decrypt(aes_cbc128, Key, Ivec, Data) ->
aes_cbc_128_decrypt(Key, Ivec, Data);
block_decrypt(aes_cbc256, Key, Ivec, Data) ->
aes_cbc_256_decrypt(Key, Ivec, Data);
+block_decrypt(aes_ige256, Key, Ivec, Data) ->
+ aes_ige_256_decrypt(Key, Ivec, Data);
block_decrypt(aes_cfb128, Key, Ivec, Data) ->
aes_cfb_128_decrypt(Key, Ivec, Data);
block_decrypt(rc2_cbc, Key, Ivec, Data) ->
@@ -357,14 +357,16 @@ block_decrypt(des_ecb, Key, Data) ->
block_decrypt(blowfish_ecb, Key, Data) ->
blowfish_ecb_decrypt(Key, Data).
--spec next_iv(des_cbc | des3_cbc | aes_cbc, Data::iodata()) -> binary().
+-spec next_iv(des_cbc | des3_cbc | aes_cbc | aes_ige, Data::iodata()) -> binary().
next_iv(des_cbc, Data) ->
des_cbc_ivec(Data);
next_iv(des3_cbc, Data) ->
des_cbc_ivec(Data);
next_iv(aes_cbc, Data) ->
- aes_cbc_ivec(Data).
+ aes_cbc_ivec(Data);
+next_iv(aes_ige, Data) ->
+ aes_ige_ivec(Data).
-spec next_iv(des_cfb, Data::iodata(), Ivec::binary()) -> binary().
@@ -436,6 +438,11 @@ rand_uniform_pos(_,_) ->
rand_uniform_nif(_From,_To) -> ?nif_stub.
+-spec rand_seed(binary()) -> ok.
+rand_seed(Seed) ->
+ rand_seed_nif(Seed).
+
+rand_seed_nif(_Seed) -> ?nif_stub.
-spec mod_pow(binary()|integer(), binary()|integer(), binary()|integer()) -> binary() | error.
mod_pow(Base, Exponent, Prime) ->
@@ -557,7 +564,7 @@ generate_key(srp, {user, [Generator, Prime, Version]}, PrivateArg)
user_srp_gen_key(Private, Generator, Prime);
generate_key(ecdh, Curve, undefined) ->
- ec_key_generate(Curve).
+ ec_key_generate(nif_curve_params(Curve)).
compute_key(dh, OthersPublicKey, MyPrivateKey, DHParameters) ->
@@ -640,7 +647,7 @@ on_load() ->
end
end,
Lib = filename:join([PrivDir, "lib", LibName]),
- Status = case erlang:load_nif(Lib, {?CRYPTO_NIF_VSN,Lib}) of
+ Status = case erlang:load_nif(Lib, {?CRYPTO_NIF_VSN,path2bin(Lib)}) of
ok -> ok;
{error, {load_failed, _}}=Error1 ->
ArchLibDir =
@@ -652,7 +659,7 @@ on_load() ->
[] -> Error1;
_ ->
ArchLib = filename:join([ArchLibDir, LibName]),
- erlang:load_nif(ArchLib, {?CRYPTO_NIF_VSN,ArchLib})
+ erlang:load_nif(ArchLib, {?CRYPTO_NIF_VSN,path2bin(ArchLib)})
end;
Error1 -> Error1
end,
@@ -663,6 +670,14 @@ on_load() ->
"OpenSSL might not be installed on this system.~n",[E,Str]),
Status
end.
+
+path2bin(Path) when is_list(Path) ->
+ Encoding = file:native_name_encoding(),
+ case unicode:characters_to_binary(Path,Encoding,Encoding) of
+ Bin when is_binary(Bin) ->
+ Bin
+ end.
+
%%--------------------------------------------------------------------
%%% Internal functions (some internal API functions are part of the deprecated API)
%%--------------------------------------------------------------------
@@ -1255,6 +1270,41 @@ aes_cbc_ivec(Data) when is_list(Data) ->
aes_cbc_ivec(list_to_binary(Data)).
+%%
+%% AES - with 256 bit key in infinite garble extension mode (IGE)
+%%
+
+-spec aes_ige_256_decrypt(iodata(), binary(), iodata()) ->
+ binary().
+
+aes_ige_256_encrypt(Key, IVec, Data) ->
+ aes_ige_crypt(Key, IVec, Data, true).
+
+aes_ige_256_decrypt(Key, IVec, Data) ->
+ aes_ige_crypt(Key, IVec, Data, false).
+
+aes_ige_crypt(Key, IVec, Data, IsEncrypt) ->
+ case aes_ige_crypt_nif(Key,IVec,Data,IsEncrypt) of
+ notsup -> erlang:error(notsup);
+ Bin -> Bin
+ end.
+
+aes_ige_crypt_nif(_Key, _IVec, _Data, _IsEncrypt) -> ?nif_stub.
+
+%%
+%% aes_ige_ivec(Data) -> binary()
+%%
+%% Returns the IVec to be used in the next iteration of
+%% aes_ige_*_[encrypt|decrypt].
+%% IVec size: 32 bytes
+%%
+aes_ige_ivec(Data) when is_binary(Data) ->
+ {_, IVec} = split_binary(Data, size(Data) - 32),
+ IVec;
+aes_ige_ivec(Data) when is_list(Data) ->
+ aes_ige_ivec(list_to_binary(Data)).
+
+
%% Stream ciphers --------------------------------------------------------------------
stream_crypt(Fun, State, Data, Size, MaxByts, []) when Size =< MaxByts ->
@@ -1459,21 +1509,27 @@ ec_key_generate(_Key) -> ?nif_stub.
ecdh_compute_key_nif(_Others, _Curve, _My) -> ?nif_stub.
+ec_curves() ->
+ crypto_ec_curves:curves().
+
+ec_curve(X) ->
+ crypto_ec_curves:curve(X).
+
%%
%% EC
%%
term_to_nif_prime({prime_field, Prime}) ->
- {prime_field, int_to_bin(Prime)};
+ {prime_field, ensure_int_as_bin(Prime)};
term_to_nif_prime(PrimeField) ->
PrimeField.
term_to_nif_curve({A, B, Seed}) ->
{ensure_int_as_bin(A), ensure_int_as_bin(B), Seed}.
nif_curve_params({PrimeField, Curve, BasePoint, Order, CoFactor}) ->
- {term_to_nif_prime(PrimeField), term_to_nif_curve(Curve), ensure_int_as_bin(BasePoint), int_to_bin(Order), int_to_bin(CoFactor)};
+ {term_to_nif_prime(PrimeField), term_to_nif_curve(Curve), ensure_int_as_bin(BasePoint), ensure_int_as_bin(Order), ensure_int_as_bin(CoFactor)};
nif_curve_params(Curve) when is_atom(Curve) ->
%% named curve
- Curve.
+ crypto_ec_curves:curve(Curve).
%% MISC --------------------------------------------------------------------
@@ -1724,6 +1780,7 @@ mod_exp_nif(_Base,_Exp,_Mod,_bin_hdr) -> ?nif_stub.
rand_bytes,
strong_rand_bytes,
rand_uniform,
+ rand_seed,
mod_pow,
exor,
%% deprecated