diff options
Diffstat (limited to 'lib/crypto/src/crypto.erl')
| -rw-r--r-- | lib/crypto/src/crypto.erl | 81 |
1 files changed, 62 insertions, 19 deletions
diff --git a/lib/crypto/src/crypto.erl b/lib/crypto/src/crypto.erl index 8e8370f3b0..12ff060bf9 100644 --- a/lib/crypto/src/crypto.erl +++ b/lib/crypto/src/crypto.erl @@ -183,7 +183,7 @@ %%-type ec_key() :: {Curve :: ec_curve(), PrivKey :: binary() | undefined, PubKey :: ec_point() | undefined}. -on_load(on_load/0). --define(CRYPTO_NIF_VSN,201). +-define(CRYPTO_NIF_VSN,301). -define(nif_stub,nif_stub_error(?LINE)). nif_stub_error(Line) -> @@ -204,20 +204,13 @@ stop() -> application:stop(crypto). supports()-> - Algs = algorithms(), - PubKeyAlgs = - case lists:member(ec, Algs) of - true -> - {public_keys, [rsa, dss, ecdsa, dh, srp, ecdh]}; - false -> - {public_keys, [rsa, dss, dh, srp]} - end, - [{hashs, Algs -- [ec]}, - {ciphers, [des_cbc, des_cfb, des3_cbc, des3_cbf, des_ede3, blowfish_cbc, + {Hashs, PubKeys, Ciphers} = algorithms(), + + [{hashs, Hashs}, + {ciphers, [des_cbc, des_cfb, des3_cbc, des_ede3, blowfish_cbc, blowfish_cfb64, blowfish_ofb64, blowfish_ecb, aes_cbc128, aes_cfb128, - aes_cbc256, rc2_cbc, aes_ctr, rc4 - ]}, - PubKeyAlgs + aes_cbc256, rc2_cbc, aes_ctr, rc4] ++ Ciphers}, + {public_keys, [rsa, dss, dh, srp] ++ PubKeys} ]. info_lib() -> ?nif_stub. @@ -309,13 +302,16 @@ block_encrypt(aes_cbc128, Key, Ivec, Data) -> aes_cbc_128_encrypt(Key, Ivec, Data); block_encrypt(aes_cbc256, Key, Ivec, Data) -> aes_cbc_256_encrypt(Key, Ivec, Data); +block_encrypt(aes_ige256, Key, Ivec, Data) -> + aes_ige_256_encrypt(Key, Ivec, Data); block_encrypt(aes_cfb128, Key, Ivec, Data) -> aes_cfb_128_encrypt(Key, Ivec, Data); block_encrypt(rc2_cbc, Key, Ivec, Data) -> rc2_cbc_encrypt(Key, Ivec, Data). -spec block_decrypt(des_cbc | des_cfb | des3_cbc | des3_cbf | des_ede3 | blowfish_cbc | - blowfish_cfb64 | blowfish_ofb64 | aes_cbc128 | aes_cbc256 | aes_cfb128 | rc2_cbc, + blowfish_cfb64 | blowfish_ofb64 | aes_cbc128 | aes_cbc256 | aes_ige256 | + aes_cfb128 | rc2_cbc, Key::iodata(), Ivec::binary(), Data::iodata()) -> binary(). block_decrypt(des_cbc, Key, Ivec, Data) -> @@ -338,6 +334,8 @@ block_decrypt(aes_cbc128, Key, Ivec, Data) -> aes_cbc_128_decrypt(Key, Ivec, Data); block_decrypt(aes_cbc256, Key, Ivec, Data) -> aes_cbc_256_decrypt(Key, Ivec, Data); +block_decrypt(aes_ige256, Key, Ivec, Data) -> + aes_ige_256_decrypt(Key, Ivec, Data); block_decrypt(aes_cfb128, Key, Ivec, Data) -> aes_cfb_128_decrypt(Key, Ivec, Data); block_decrypt(rc2_cbc, Key, Ivec, Data) -> @@ -357,14 +355,16 @@ block_decrypt(des_ecb, Key, Data) -> block_decrypt(blowfish_ecb, Key, Data) -> blowfish_ecb_decrypt(Key, Data). --spec next_iv(des_cbc | des3_cbc | aes_cbc, Data::iodata()) -> binary(). +-spec next_iv(des_cbc | des3_cbc | aes_cbc | aes_ige, Data::iodata()) -> binary(). next_iv(des_cbc, Data) -> des_cbc_ivec(Data); next_iv(des3_cbc, Data) -> des_cbc_ivec(Data); next_iv(aes_cbc, Data) -> - aes_cbc_ivec(Data). + aes_cbc_ivec(Data); +next_iv(aes_ige, Data) -> + aes_ige_ivec(Data). -spec next_iv(des_cfb, Data::iodata(), Ivec::binary()) -> binary(). @@ -640,7 +640,7 @@ on_load() -> end end, Lib = filename:join([PrivDir, "lib", LibName]), - Status = case erlang:load_nif(Lib, {?CRYPTO_NIF_VSN,Lib}) of + Status = case erlang:load_nif(Lib, {?CRYPTO_NIF_VSN,path2bin(Lib)}) of ok -> ok; {error, {load_failed, _}}=Error1 -> ArchLibDir = @@ -652,7 +652,7 @@ on_load() -> [] -> Error1; _ -> ArchLib = filename:join([ArchLibDir, LibName]), - erlang:load_nif(ArchLib, {?CRYPTO_NIF_VSN,ArchLib}) + erlang:load_nif(ArchLib, {?CRYPTO_NIF_VSN,path2bin(ArchLib)}) end; Error1 -> Error1 end, @@ -663,6 +663,14 @@ on_load() -> "OpenSSL might not be installed on this system.~n",[E,Str]), Status end. + +path2bin(Path) when is_list(Path) -> + Encoding = file:native_name_encoding(), + case unicode:characters_to_binary(Path,Encoding,Encoding) of + Bin when is_binary(Bin) -> + Bin + end. + %%-------------------------------------------------------------------- %%% Internal functions (some internal API functions are part of the deprecated API) %%-------------------------------------------------------------------- @@ -1255,6 +1263,41 @@ aes_cbc_ivec(Data) when is_list(Data) -> aes_cbc_ivec(list_to_binary(Data)). +%% +%% AES - with 256 bit key in infinite garble extension mode (IGE) +%% + +-spec aes_ige_256_decrypt(iodata(), binary(), iodata()) -> + binary(). + +aes_ige_256_encrypt(Key, IVec, Data) -> + aes_ige_crypt(Key, IVec, Data, true). + +aes_ige_256_decrypt(Key, IVec, Data) -> + aes_ige_crypt(Key, IVec, Data, false). + +aes_ige_crypt(Key, IVec, Data, IsEncrypt) -> + case aes_ige_crypt_nif(Key,IVec,Data,IsEncrypt) of + notsup -> erlang:error(notsup); + Bin -> Bin + end. + +aes_ige_crypt_nif(_Key, _IVec, _Data, _IsEncrypt) -> ?nif_stub. + +%% +%% aes_ige_ivec(Data) -> binary() +%% +%% Returns the IVec to be used in the next iteration of +%% aes_ige_*_[encrypt|decrypt]. +%% IVec size: 32 bytes +%% +aes_ige_ivec(Data) when is_binary(Data) -> + {_, IVec} = split_binary(Data, size(Data) - 32), + IVec; +aes_ige_ivec(Data) when is_list(Data) -> + aes_ige_ivec(list_to_binary(Data)). + + %% Stream ciphers -------------------------------------------------------------------- stream_crypt(Fun, State, Data, Size, MaxByts, []) when Size =< MaxByts -> |