aboutsummaryrefslogtreecommitdiffstats
path: root/lib/crypto
diff options
context:
space:
mode:
Diffstat (limited to 'lib/crypto')
-rw-r--r--lib/crypto/c_src/algorithms.c81
-rw-r--r--lib/crypto/c_src/algorithms.h7
-rw-r--r--lib/crypto/c_src/atoms.c2
-rw-r--r--lib/crypto/c_src/atoms.h1
-rw-r--r--lib/crypto/c_src/cipher.c46
-rw-r--r--lib/crypto/c_src/crypto.c7
-rw-r--r--lib/crypto/src/crypto.erl158
-rw-r--r--lib/crypto/test/crypto_SUITE.erl74
8 files changed, 254 insertions, 122 deletions
diff --git a/lib/crypto/c_src/algorithms.c b/lib/crypto/c_src/algorithms.c
index 20707c0531..75cddeb1e9 100644
--- a/lib/crypto/c_src/algorithms.c
+++ b/lib/crypto/c_src/algorithms.c
@@ -255,29 +255,66 @@ void init_algorithms_types(ErlNifEnv* env)
ASSERT(algo_rsa_opts_cnt <= sizeof(algo_rsa_opts)/sizeof(ERL_NIF_TERM));
}
-ERL_NIF_TERM algorithms(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
+
+ERL_NIF_TERM hash_algorithms(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
+{
+ unsigned int cnt =
+#ifdef FIPS_SUPPORT
+ FIPS_mode() ? algo_hash_fips_cnt :
+#endif
+ algo_hash_cnt;
+
+ return enif_make_list_from_array(env, algo_hash, cnt);
+}
+
+ERL_NIF_TERM pubkey_algorithms(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
+{
+ unsigned int cnt =
+#ifdef FIPS_SUPPORT
+ FIPS_mode() ? algo_pubkey_fips_cnt :
+#endif
+ algo_pubkey_cnt;
+
+ return enif_make_list_from_array(env, algo_pubkey, cnt);
+}
+
+
+ERL_NIF_TERM cipher_algorithms(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
+{
+ return cipher_types_as_list(env); /* Exclude old api ciphers */
+}
+
+ERL_NIF_TERM mac_algorithms(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
+{
+ unsigned int cnt =
+#ifdef FIPS_SUPPORT
+ FIPS_mode() ? algo_mac_fips_cnt :
+#endif
+ algo_mac_cnt;
+
+ return enif_make_list_from_array(env, algo_mac, cnt);
+}
+
+
+ERL_NIF_TERM curve_algorithms(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
{
+ unsigned int cnt =
#ifdef FIPS_SUPPORT
- int fips_mode = FIPS_mode();
+ FIPS_mode() ? algo_curve_fips_cnt :
+#endif
+ algo_curve_cnt;
+
+ return enif_make_list_from_array(env, algo_curve, cnt);
+}
+
+
+ERL_NIF_TERM rsa_opts_algorithms(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
+{
+ unsigned int cnt =
+#ifdef FIPS_SUPPORT
+ FIPS_mode() ? algo_rsa_opts_fips_cnt :
+#endif
+ algo_rsa_opts_cnt;
- unsigned int hash_cnt = fips_mode ? algo_hash_fips_cnt : algo_hash_cnt;
- unsigned int pubkey_cnt = fips_mode ? algo_pubkey_fips_cnt : algo_pubkey_cnt;
- unsigned int mac_cnt = fips_mode ? algo_mac_fips_cnt : algo_mac_cnt;
- unsigned int curve_cnt = fips_mode ? algo_curve_fips_cnt : algo_curve_cnt;
- unsigned int rsa_opts_cnt = fips_mode ? algo_rsa_opts_fips_cnt : algo_rsa_opts_cnt;
-#else
- unsigned int hash_cnt = algo_hash_cnt;
- unsigned int pubkey_cnt = algo_pubkey_cnt;
- unsigned int mac_cnt = algo_mac_cnt;
- unsigned int curve_cnt = algo_curve_cnt;
- unsigned int rsa_opts_cnt = algo_rsa_opts_cnt;
-#endif
- return enif_make_tuple6(env,
- enif_make_list_from_array(env, algo_hash, hash_cnt),
- enif_make_list_from_array(env, algo_pubkey, pubkey_cnt),
- cipher_types_as_list(env),
- enif_make_list_from_array(env, algo_mac, mac_cnt),
- enif_make_list_from_array(env, algo_curve, curve_cnt),
- enif_make_list_from_array(env, algo_rsa_opts, rsa_opts_cnt)
- );
+ return enif_make_list_from_array(env, algo_rsa_opts, cnt);
}
diff --git a/lib/crypto/c_src/algorithms.h b/lib/crypto/c_src/algorithms.h
index 068fb661ec..4ad8b56db8 100644
--- a/lib/crypto/c_src/algorithms.h
+++ b/lib/crypto/c_src/algorithms.h
@@ -25,6 +25,11 @@
void init_algorithms_types(ErlNifEnv* env);
-ERL_NIF_TERM algorithms(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
+ERL_NIF_TERM hash_algorithms(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
+ERL_NIF_TERM pubkey_algorithms(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
+ERL_NIF_TERM cipher_algorithms(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
+ERL_NIF_TERM mac_algorithms(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
+ERL_NIF_TERM curve_algorithms(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
+ERL_NIF_TERM rsa_opts_algorithms(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
#endif /* E_ALGORITHMS_H__ */
diff --git a/lib/crypto/c_src/atoms.c b/lib/crypto/c_src/atoms.c
index 0793ffa6ca..059c14690f 100644
--- a/lib/crypto/c_src/atoms.c
+++ b/lib/crypto/c_src/atoms.c
@@ -70,6 +70,7 @@ ERL_NIF_TERM atom_onbasis;
ERL_NIF_TERM atom_aes_cfb8;
ERL_NIF_TERM atom_aes_cfb128;
+ERL_NIF_TERM atom_aes_ige256;
#ifdef HAVE_GCM
ERL_NIF_TERM atom_aes_gcm;
#endif
@@ -188,6 +189,7 @@ int init_atoms(ErlNifEnv *env, const ERL_NIF_TERM fips_mode, const ERL_NIF_TERM
atom_aes_cfb8 = enif_make_atom(env, "aes_cfb8");
atom_aes_cfb128 = enif_make_atom(env, "aes_cfb128");
+ atom_aes_ige256 = enif_make_atom(env, "aes_ige256");
#ifdef HAVE_GCM
atom_aes_gcm = enif_make_atom(env, "aes_gcm");
#endif
diff --git a/lib/crypto/c_src/atoms.h b/lib/crypto/c_src/atoms.h
index 24f6dc26fd..f5913de96f 100644
--- a/lib/crypto/c_src/atoms.h
+++ b/lib/crypto/c_src/atoms.h
@@ -74,6 +74,7 @@ extern ERL_NIF_TERM atom_onbasis;
extern ERL_NIF_TERM atom_aes_cfb8;
extern ERL_NIF_TERM atom_aes_cfb128;
+extern ERL_NIF_TERM atom_aes_ige256;
#ifdef HAVE_GCM
extern ERL_NIF_TERM atom_aes_gcm;
#endif
diff --git a/lib/crypto/c_src/cipher.c b/lib/crypto/c_src/cipher.c
index 8f0c93c5db..00072af632 100644
--- a/lib/crypto/c_src/cipher.c
+++ b/lib/crypto/c_src/cipher.c
@@ -62,34 +62,18 @@ static struct cipher_type_t cipher_types[] =
{{"blowfish_ecb"}, {NULL}, 0, 0},
#endif
- {{"aes_cbc"}, {&EVP_aes_128_cbc}, 16, 0},
- {{"aes_cbc"}, {&EVP_aes_192_cbc}, 24, 0},
- {{"aes_cbc"}, {&EVP_aes_256_cbc}, 32, 0},
-
{{"aes_128_cbc"}, {&EVP_aes_128_cbc}, 16, 0},
{{"aes_192_cbc"}, {&EVP_aes_192_cbc}, 24, 0},
{{"aes_256_cbc"}, {&EVP_aes_256_cbc}, 32, 0},
- {{"aes_cfb8"}, {&EVP_aes_128_cfb8}, 16, NO_FIPS_CIPHER | AES_CFBx},
- {{"aes_cfb8"}, {&EVP_aes_192_cfb8}, 24, NO_FIPS_CIPHER | AES_CFBx},
- {{"aes_cfb8"}, {&EVP_aes_256_cfb8}, 32, NO_FIPS_CIPHER | AES_CFBx},
-
{{"aes_128_cfb8"}, {&EVP_aes_128_cfb8}, 16, NO_FIPS_CIPHER | AES_CFBx},
{{"aes_192_cfb8"}, {&EVP_aes_192_cfb8}, 24, NO_FIPS_CIPHER | AES_CFBx},
{{"aes_256_cfb8"}, {&EVP_aes_256_cfb8}, 32, NO_FIPS_CIPHER | AES_CFBx},
- {{"aes_cfb128"}, {&EVP_aes_128_cfb128}, 16, NO_FIPS_CIPHER | AES_CFBx},
- {{"aes_cfb128"}, {&EVP_aes_192_cfb128}, 24, NO_FIPS_CIPHER | AES_CFBx},
- {{"aes_cfb128"}, {&EVP_aes_256_cfb128}, 32, NO_FIPS_CIPHER | AES_CFBx},
-
{{"aes_128_cfb128"}, {&EVP_aes_128_cfb128}, 16, NO_FIPS_CIPHER | AES_CFBx},
{{"aes_192_cfb128"}, {&EVP_aes_192_cfb128}, 24, NO_FIPS_CIPHER | AES_CFBx},
{{"aes_256_cfb128"}, {&EVP_aes_256_cfb128}, 32, NO_FIPS_CIPHER | AES_CFBx},
- {{"aes_ecb"}, {&EVP_aes_128_ecb}, 16, ECB_BUG_0_9_8L},
- {{"aes_ecb"}, {&EVP_aes_192_ecb}, 24, ECB_BUG_0_9_8L},
- {{"aes_ecb"}, {&EVP_aes_256_ecb}, 32, ECB_BUG_0_9_8L},
-
{{"aes_128_ecb"}, {&EVP_aes_128_ecb}, 16, ECB_BUG_0_9_8L},
{{"aes_192_ecb"}, {&EVP_aes_192_ecb}, 24, ECB_BUG_0_9_8L},
{{"aes_256_ecb"}, {&EVP_aes_256_ecb}, 32, ECB_BUG_0_9_8L},
@@ -98,16 +82,10 @@ static struct cipher_type_t cipher_types[] =
{{"aes_128_ctr"}, {&EVP_aes_128_ctr}, 16, 0},
{{"aes_192_ctr"}, {&EVP_aes_192_ctr}, 24, 0},
{{"aes_256_ctr"}, {&EVP_aes_256_ctr}, 32, 0},
- {{"aes_ctr"}, {&EVP_aes_128_ctr}, 16, 0},
- {{"aes_ctr"}, {&EVP_aes_192_ctr}, 24, 0},
- {{"aes_ctr"}, {&EVP_aes_256_ctr}, 32, 0},
#else
{{"aes_128_ctr"}, {NULL}, 16, AES_CTR_COMPAT},
{{"aes_192_ctr"}, {NULL}, 24, AES_CTR_COMPAT},
{{"aes_256_ctr"}, {NULL}, 32, AES_CTR_COMPAT},
- {{"aes_ctr"}, {NULL}, 16, AES_CTR_COMPAT},
- {{"aes_ctr"}, {NULL}, 24, AES_CTR_COMPAT},
- {{"aes_ctr"}, {NULL}, 32, AES_CTR_COMPAT},
#endif
#if defined(HAVE_CHACHA20)
@@ -124,28 +102,20 @@ static struct cipher_type_t cipher_types[] =
#endif
#if defined(HAVE_GCM)
- {{"aes_gcm"}, {&EVP_aes_128_gcm}, 16, AEAD_CIPHER|GCM_MODE, {{EVP_CTRL_GCM_SET_IVLEN,EVP_CTRL_GCM_GET_TAG,EVP_CTRL_GCM_SET_TAG}}},
- {{"aes_gcm"}, {&EVP_aes_192_gcm}, 24, AEAD_CIPHER|GCM_MODE, {{EVP_CTRL_GCM_SET_IVLEN,EVP_CTRL_GCM_GET_TAG,EVP_CTRL_GCM_SET_TAG}}},
- {{"aes_gcm"}, {&EVP_aes_256_gcm}, 32, AEAD_CIPHER|GCM_MODE, {{EVP_CTRL_GCM_SET_IVLEN,EVP_CTRL_GCM_GET_TAG,EVP_CTRL_GCM_SET_TAG}}},
{{"aes_128_gcm"}, {&EVP_aes_128_gcm}, 16, AEAD_CIPHER|GCM_MODE, {{EVP_CTRL_GCM_SET_IVLEN,EVP_CTRL_GCM_GET_TAG,EVP_CTRL_GCM_SET_TAG}}},
{{"aes_192_gcm"}, {&EVP_aes_192_gcm}, 24, AEAD_CIPHER|GCM_MODE, {{EVP_CTRL_GCM_SET_IVLEN,EVP_CTRL_GCM_GET_TAG,EVP_CTRL_GCM_SET_TAG}}},
{{"aes_256_gcm"}, {&EVP_aes_256_gcm}, 32, AEAD_CIPHER|GCM_MODE, {{EVP_CTRL_GCM_SET_IVLEN,EVP_CTRL_GCM_GET_TAG,EVP_CTRL_GCM_SET_TAG}}},
#else
- {{"aes_gcm"}, {NULL}, 0, AEAD_CIPHER|GCM_MODE, {{0,0,0}}},
{{"aes_128_gcm"}, {NULL}, 16, AEAD_CIPHER|GCM_MODE, {{0,0,0}}},
{{"aes_192_gcm"}, {NULL}, 24, AEAD_CIPHER|GCM_MODE, {{0,0,0}}},
{{"aes_256_gcm"}, {NULL}, 32, AEAD_CIPHER|GCM_MODE, {{0,0,0}}},
#endif
#if defined(HAVE_CCM)
- {{"aes_ccm"}, {&EVP_aes_128_ccm}, 16, AEAD_CIPHER|CCM_MODE, {{EVP_CTRL_CCM_SET_IVLEN,EVP_CTRL_CCM_GET_TAG,EVP_CTRL_CCM_SET_TAG}}},
- {{"aes_ccm"}, {&EVP_aes_192_ccm}, 24, AEAD_CIPHER|CCM_MODE, {{EVP_CTRL_CCM_SET_IVLEN,EVP_CTRL_CCM_GET_TAG,EVP_CTRL_CCM_SET_TAG}}},
- {{"aes_ccm"}, {&EVP_aes_256_ccm}, 32, AEAD_CIPHER|CCM_MODE, {{EVP_CTRL_CCM_SET_IVLEN,EVP_CTRL_CCM_GET_TAG,EVP_CTRL_CCM_SET_TAG}}},
{{"aes_128_ccm"}, {&EVP_aes_128_ccm}, 16, AEAD_CIPHER|CCM_MODE, {{EVP_CTRL_CCM_SET_IVLEN,EVP_CTRL_CCM_GET_TAG,EVP_CTRL_CCM_SET_TAG}}},
{{"aes_192_ccm"}, {&EVP_aes_192_ccm}, 24, AEAD_CIPHER|CCM_MODE, {{EVP_CTRL_CCM_SET_IVLEN,EVP_CTRL_CCM_GET_TAG,EVP_CTRL_CCM_SET_TAG}}},
{{"aes_256_ccm"}, {&EVP_aes_256_ccm}, 32, AEAD_CIPHER|CCM_MODE, {{EVP_CTRL_CCM_SET_IVLEN,EVP_CTRL_CCM_GET_TAG,EVP_CTRL_CCM_SET_TAG}}},
#else
- {{"aes_ccm"}, {NULL}, 0, AEAD_CIPHER|CCM_MODE, {{0,0,0}}},
{{"aes_128_ccm"}, {NULL}, 16, AEAD_CIPHER|CCM_MODE, {{0,0,0}}},
{{"aes_192_ccm"}, {NULL}, 24, AEAD_CIPHER|CCM_MODE, {{0,0,0}}},
{{"aes_256_ccm"}, {NULL}, 32, AEAD_CIPHER|CCM_MODE, {{0,0,0}}},
@@ -359,13 +329,15 @@ ERL_NIF_TERM cipher_types_as_list(ErlNifEnv* env)
prev = atom_undefined;
for (p = cipher_types; (p->type.atom & (p->type.atom != atom_false)); p++) {
- if ((prev != p->type.atom) &&
- ((p->cipher.p != NULL) ||
- (p->flags & (NON_EVP_CIPHER|AES_CTR_COMPAT)) ) && /* Special handling. Bad indeed... */
- ! FORBIDDEN_IN_FIPS(p)
- )
- hd = enif_make_list_cell(env, p->type.atom, hd);
- prev = p->type.atom;
+ if ((prev == p->type.atom) ||
+ FORBIDDEN_IN_FIPS(p) )
+ continue;
+
+ if ((p->cipher.p != NULL) ||
+ (p->type.atom == atom_aes_ige256)) /* Special handling. Bad indeed... */
+ {
+ hd = enif_make_list_cell(env, p->type.atom, hd);
+ }
}
return hd;
diff --git a/lib/crypto/c_src/crypto.c b/lib/crypto/c_src/crypto.c
index a8014745c8..d533cba140 100644
--- a/lib/crypto/c_src/crypto.c
+++ b/lib/crypto/c_src/crypto.c
@@ -63,7 +63,12 @@ static ErlNifFunc nif_funcs[] = {
{"info_lib", 0, info_lib, 0},
{"info_fips", 0, info_fips, 0},
{"enable_fips_mode", 1, enable_fips_mode, 0},
- {"algorithms", 0, algorithms, 0},
+ {"hash_algorithms", 0, hash_algorithms, 0},
+ {"pubkey_algorithms", 0, pubkey_algorithms, 0},
+ {"cipher_algorithms", 0, cipher_algorithms, 0},
+ {"mac_algorithms", 0, mac_algorithms, 0},
+ {"curve_algorithms", 0, curve_algorithms, 0},
+ {"rsa_opts_algorithms", 0, rsa_opts_algorithms, 0},
{"hash_info", 1, hash_info_nif, 0},
{"hash_nif", 2, hash_nif, 0},
{"hash_init_nif", 1, hash_init_nif, 0},
diff --git a/lib/crypto/src/crypto.erl b/lib/crypto/src/crypto.erl
index 3b431cceba..98378412d4 100644
--- a/lib/crypto/src/crypto.erl
+++ b/lib/crypto/src/crypto.erl
@@ -61,7 +61,8 @@
crypto_one_time/4, crypto_one_time/5,
crypto_one_time_aead/6, crypto_one_time_aead/7,
crypto_dyn_iv_init/3,
- crypto_dyn_iv_update/3
+ crypto_dyn_iv_update/3,
+ supports/1
]).
@@ -499,15 +500,22 @@ stop() ->
Macs :: [hmac | cmac | poly1305],
Curves :: [ec_named_curve() | edwards_curve_dh() | edwards_curve_ed()],
RSAopts :: [rsa_sign_verify_opt() | rsa_opt()] .
-supports()->
- {Hashs, PubKeys, Ciphers, Macs, Curves, RsaOpts} = algorithms(),
- [{hashs, Hashs},
- {ciphers, prepend_cipher_aliases(Ciphers)},
- {public_keys, PubKeys},
- {macs, Macs},
- {curves, Curves},
- {rsa_opts, RsaOpts}
- ].
+supports() ->
+ [{hashs, hash_algorithms()},
+ {ciphers, prepend_old_aliases( cipher_algorithms())},
+ {public_keys, pubkey_algorithms()},
+ {macs, mac_algorithms()},
+ {curves, curve_algorithms()},
+ {rsa_opts, rsa_opts_algorithms()}
+ ].
+
+supports(hashs) -> hash_algorithms();
+supports(public_keys) -> pubkey_algorithms();
+supports(ciphers) -> cipher_algorithms();
+supports(macs) -> mac_algorithms();
+supports(curves) -> curve_algorithms();
+supports(rsa_opts) -> rsa_opts_algorithms().
+
-spec info_lib() -> [{Name,VerNum,VerStr}] when Name :: binary(),
VerNum :: integer(),
@@ -700,7 +708,7 @@ poly1305(Key, Data) ->
| xts_mode
.
-%% These ciphers are not available via the EVP interface on older cryptolibs.
+%% %% These ciphers are not available via the EVP interface on older cryptolibs.
cipher_info(aes_ctr) ->
#{block_size => 1,iv_length => 16,key_length => 32,mode => ctr_mode,type => undefined};
cipher_info(aes_128_ctr) ->
@@ -709,9 +717,36 @@ cipher_info(aes_192_ctr) ->
#{block_size => 1,iv_length => 16,key_length => 24,mode => ctr_mode,type => undefined};
cipher_info(aes_256_ctr) ->
#{block_size => 1,iv_length => 16,key_length => 32,mode => ctr_mode,type => undefined};
-%% This cipher is handled specialy.
+%% %% This cipher is handled specialy.
cipher_info(aes_ige256) ->
#{block_size => 16,iv_length => 32,key_length => 16,mode => ige_mode,type => undefined};
+%% %% These ciphers belong to the "old" interface:
+%% cipher_info(aes_cbc) ->
+%% #{block_size => 16,iv_length => 16,key_length => 24,mode => cbc_mode,type => 423};
+%% cipher_info(aes_cbc128) ->
+%% #{block_size => 16,iv_length => 16,key_length => 16,mode => cbc_mode,type => 419};
+%% cipher_info(aes_cbc256) ->
+%% #{block_size => 16,iv_length => 16,key_length => 32,mode => cbc_mode,type => 427};
+%% cipher_info(aes_ccm) ->
+%% #{block_size => 1,iv_length => 12,key_length => 24,mode => ccm_mode,type => 899};
+%% cipher_info(aes_cfb128) ->
+%% #{block_size => 1,iv_length => 16,key_length => 32,mode => cfb_mode,type => 429};
+%% cipher_info(aes_cfb8) ->
+%% #{block_size => 1,iv_length => 16,key_length => 32,mode => cfb_mode,type => 429};
+%% cipher_info(aes_ecb) ->
+%% #{block_size => 16,iv_length => 0,key_length => 24,mode => ecb_mode,type => 422};
+%% cipher_info(aes_gcm) ->
+%% #{block_size => 1,iv_length => 12,key_length => 24,mode => gcm_mode,type => 898};
+%% cipher_info(des3_cbc) ->
+%% #{block_size => 8,iv_length => 8,key_length => 24,mode => cbc_mode,type => 44};
+%% cipher_info(des3_cbf) ->
+%% #{block_size => 1,iv_length => 8,key_length => 24,mode => cfb_mode,type => 30};
+%% cipher_info(des3_cfb) ->
+%% #{block_size => 1,iv_length => 8,key_length => 24,mode => cfb_mode,type => 30};
+%% cipher_info(des_ede3) ->
+%% #{block_size => 8,iv_length => 8,key_length => 24,mode => cbc_mode,type => 44};
+%% cipher_info(des_ede3_cbf) ->
+%% #{block_size => 1,iv_length => 8,key_length => 24,mode => cfb_mode,type => 30};
cipher_info(Type) ->
cipher_info_nif(alias(Type)).
@@ -1058,20 +1093,34 @@ ng_crypto_one_time_nif(_Cipher, _Key, _IVec, _Data, _EncryptFlg) -> ?nif_stub.
%%%----------------------------------------------------------------
%%% Cipher aliases
%%%
-prepend_cipher_aliases(L0) ->
- L =
- case lists:member(des_ede3_cbc, L0) of
+-define(if_also(Cipher, Ciphers, AliasCiphers),
+ case lists:member(Cipher, Ciphers) of
true ->
- [des3_cbc, des_ede3, des_ede3_cbf, des3_cbf, des3_cfb | L0];
+ AliasCiphers;
false ->
- L0
- end,
- case lists:member(aes_128_cbc, L0) of
- true ->
- [aes_cbc128, aes_cbc256 | L];
- false ->
- L
- end.
+ Ciphers
+ end).
+
+
+prepend_old_aliases(L0) ->
+ L1 = ?if_also(des_ede3_cbc, L0,
+ [des3_cbc, des_ede3, des_ede3_cbf, des3_cbf, des3_cfb | L0]),
+ L2 = ?if_also(aes_128_cbc, L1,
+ [aes_cbc, aes_cbc128, aes_cbc256 | L1]),
+ L3 = ?if_also(aes_128_ctr, L2,
+ [aes_ctr | L2]),
+ L4 = ?if_also(aes_128_ccm, L3,
+ [aes_ccm | L3]),
+ L5 = ?if_also(aes_128_gcm, L4,
+ [aes_gcm | L4]),
+ L6 = ?if_also(aes_128_cfb8, L5,
+ [aes_cfb8 | L5]),
+ L7 = ?if_also(aes_128_cfb128, L6,
+ [aes_cfb128 | L6]),
+ L8 = ?if_also(aes_128_ecb, L7,
+ [aes_ecb | L7]),
+ L8.
+
%%%---- des_ede3_cbc
@@ -1088,42 +1137,37 @@ alias(aes_cbc256) -> aes_256_cbc;
alias(Alg) -> Alg.
-%%%---- des_ede3_cbc
-alias(des3_cbc, _) -> des_ede3_cbc;
-alias(des_ede3, _) -> des_ede3_cbc;
-%%%---- des_ede3_cfb
-alias(des_ede3_cbf,_ ) -> des_ede3_cfb;
-alias(des3_cbf, _) -> des_ede3_cfb;
-alias(des3_cfb, _) -> des_ede3_cfb;
-%%%---- aes_*_cbc
-alias(aes_cbc128, _) -> aes_128_cbc;
-alias(aes_cbc256, _) -> aes_256_cbc;
+alias(Ciph, Key) -> alias2(alias(Ciph), Key).
+
+alias2(aes_cbc, Key) when size(Key)==16 -> aes_128_cbc;
+alias2(aes_cbc, Key) when size(Key)==24 -> aes_192_cbc;
+alias2(aes_cbc, Key) when size(Key)==32 -> aes_256_cbc;
-alias(aes_cbc, Key) when size(Key)==128 -> aes_128_cbc;
-alias(aes_cbc, Key) when size(Key)==192 -> aes_192_cbc;
-alias(aes_cbc, Key) when size(Key)==256 -> aes_256_cbc;
+alias2(aes_cfb8, Key) when size(Key)==16 -> aes_128_cfb8;
+alias2(aes_cfb8, Key) when size(Key)==24 -> aes_192_cfb8;
+alias2(aes_cfb8, Key) when size(Key)==32 -> aes_256_cfb8;
-alias(aes_cfb8, Key) when size(Key)==128 -> aes_128_cfb8;
-alias(aes_cfb8, Key) when size(Key)==192 -> aes_192_cfb8;
-alias(aes_cfb8, Key) when size(Key)==256 -> aes_256_cfb8;
+alias2(aes_cfb128, Key) when size(Key)==16 -> aes_128_cfb128;
+alias2(aes_cfb128, Key) when size(Key)==24 -> aes_192_cfb128;
+alias2(aes_cfb128, Key) when size(Key)==32 -> aes_256_cfb128;
-alias(aes_cfb128, Key) when size(Key)==128 -> aes_128_cfb128;
-alias(aes_cfb128, Key) when size(Key)==192 -> aes_192_cfb128;
-alias(aes_cfb128, Key) when size(Key)==256 -> aes_256_cfb128;
+alias2(aes_ctr, Key) when size(Key)==16 -> aes_128_ctr;
+alias2(aes_ctr, Key) when size(Key)==24 -> aes_192_ctr;
+alias2(aes_ctr, Key) when size(Key)==32 -> aes_256_ctr;
-alias(aes_ctr, Key) when size(Key)==128 -> aes_128_ctr;
-alias(aes_ctr, Key) when size(Key)==192 -> aes_192_ctr;
-alias(aes_ctr, Key) when size(Key)==256 -> aes_256_ctr;
+alias2(aes_ecb, Key) when size(Key)==16 -> aes_128_ecb;
+alias2(aes_ecb, Key) when size(Key)==24 -> aes_192_ecb;
+alias2(aes_ecb, Key) when size(Key)==32 -> aes_256_ecb;
-alias(aes_gcm, Key) when size(Key)==128 -> aes_128_gcm;
-alias(aes_gcm, Key) when size(Key)==192 -> aes_192_gcm;
-alias(aes_gcm, Key) when size(Key)==256 -> aes_256_gcm;
+alias2(aes_gcm, Key) when size(Key)==16 -> aes_128_gcm;
+alias2(aes_gcm, Key) when size(Key)==24 -> aes_192_gcm;
+alias2(aes_gcm, Key) when size(Key)==32 -> aes_256_gcm;
-alias(aes_ccm, Key) when size(Key)==128 -> aes_128_ccm;
-alias(aes_ccm, Key) when size(Key)==192 -> aes_192_ccm;
-alias(aes_ccm, Key) when size(Key)==256 -> aes_256_ccm;
+alias2(aes_ccm, Key) when size(Key)==16 -> aes_128_ccm;
+alias2(aes_ccm, Key) when size(Key)==24 -> aes_192_ccm;
+alias2(aes_ccm, Key) when size(Key)==32 -> aes_256_ccm;
-alias(Alg, _) -> Alg.
+alias2(Alg, _) -> Alg.
%%%================================================================
%%%
@@ -2387,7 +2431,13 @@ exor(Data1, Data2, _Size, MaxByts, Acc) ->
do_exor(_A, _B) -> ?nif_stub.
-algorithms() -> ?nif_stub.
+hash_algorithms() -> ?nif_stub.
+pubkey_algorithms() -> ?nif_stub.
+cipher_algorithms() -> ?nif_stub.
+mac_algorithms() -> ?nif_stub.
+curve_algorithms() -> ?nif_stub.
+rsa_opts_algorithms() -> ?nif_stub.
+
int_to_bin(X) when X < 0 -> int_to_bin_neg(X, []);
int_to_bin(X) -> int_to_bin_pos(X, []).
diff --git a/lib/crypto/test/crypto_SUITE.erl b/lib/crypto/test/crypto_SUITE.erl
index 880fd7ab0b..1ba49558c8 100644
--- a/lib/crypto/test/crypto_SUITE.erl
+++ b/lib/crypto/test/crypto_SUITE.erl
@@ -116,8 +116,6 @@ groups() ->
{group, blowfish_ecb},
{group, blowfish_ofb64},
- {group, aes_cfb128},
- {group, aes_cfb8},
{group, aes_ige256},
{group, des_cbc},
{group, des_cfb},
@@ -125,7 +123,15 @@ groups() ->
{group, rc4},
?NEW_CIPHER_TYPE_SCHEMA,
- ?RETIRED_TYPE_ALIASES
+ {group, aes_128_cfb128},
+ {group, aes_192_cfb128},
+ {group, aes_256_cfb128},
+ {group, aes_128_cfb8},
+ {group, aes_192_cfb8},
+ {group, aes_256_cfb8},
+ ?RETIRED_TYPE_ALIASES,
+ {group, aes_cfb128},
+ {group, aes_cfb8}
]},
{fips, [], [
{group, no_blake2b},
@@ -210,9 +216,15 @@ groups() ->
{des_ede3_cbc, [], [block, api_ng, api_ng_one_shot, api_ng_tls]},
{des_ede3_cfb, [], [block, api_ng, api_ng_one_shot, api_ng_tls]},
{rc2_cbc, [], [block, api_ng, api_ng_one_shot, api_ng_tls]},
- {aes_cfb8, [], [block, api_ng, api_ng_one_shot, api_ng_tls]},
+ {aes_cfb8, [], [block]},
+ {aes_128_cfb8, [], [block, api_ng, api_ng_one_shot, api_ng_tls]},
+ {aes_192_cfb8, [], [block, api_ng, api_ng_one_shot, api_ng_tls]},
+ {aes_256_cfb8, [], [block, api_ng, api_ng_one_shot, api_ng_tls]},
{no_aes_cfb8, [], [no_support, no_block]},
- {aes_cfb128, [], [block, api_ng, api_ng_one_shot, api_ng_tls]},
+ {aes_cfb128, [], [block]},
+ {aes_128_cfb128, [], [block, api_ng, api_ng_one_shot, api_ng_tls]},
+ {aes_192_cfb128, [], [block, api_ng, api_ng_one_shot, api_ng_tls]},
+ {aes_256_cfb128, [], [block, api_ng, api_ng_one_shot, api_ng_tls]},
{no_aes_cfb128, [], [no_support, no_block]},
{aes_ige256, [], [block]},
{no_aes_ige256, [], [no_support, no_block]},
@@ -889,8 +901,24 @@ cipher_info(Config) when is_list(Config) ->
#{type := _,key_length := _,iv_length := _,
block_size := _,mode := _} = crypto:cipher_info(aes_128_cbc),
{'EXIT',_} = (catch crypto:cipher_info(not_a_cipher)),
- lists:foreach(fun(C) -> crypto:cipher_info(C) end,
- proplists:get_value(ciphers, crypto:supports())).
+ case lists:foldl(fun(C,Ok) ->
+ try crypto:cipher_info(C)
+ of
+ _ -> Ok
+ catch Cls:Exc ->
+ ct:pal("~p:~p ~p",[Cls,Exc,C]),
+ false
+ end
+ end,
+ true,
+crypto:supports(ciphers)) of
+%% proplists:get_value(ciphers, crypto:supports())) of
+ true ->
+ ok;
+ false ->
+ ct:fail('Cipher unsupported',[])
+ end.
+
%%--------------------------------------------------------------------
hash_info() ->
@@ -2591,6 +2619,22 @@ aes_cfb8(Config) ->
"CFB8VarTxt256.rsp", "CFB8VarKey256.rsp", "CFB8GFSbox256.rsp", "CFB8KeySbox256.rsp",
"CFB8MMT128.rsp", "CFB8MMT192.rsp", "CFB8MMT256.rsp"]).
+aes_128_cfb8(Config) ->
+ read_rsp(Config, aes_128_cfb8,
+ ["CFB8VarTxt128.rsp", "CFB8VarKey128.rsp", "CFB8GFSbox128.rsp", "CFB8KeySbox128.rsp",
+ "CFB8MMT128.rsp"]).
+
+aes_192_cfb8(Config) ->
+ read_rsp(Config, aes_192_cfb8,
+ ["CFB8VarTxt192.rsp", "CFB8VarKey192.rsp", "CFB8GFSbox192.rsp", "CFB8KeySbox192.rsp",
+ "CFB8MMT192.rsp"]).
+
+aes_256_cfb8(Config) ->
+ read_rsp(Config, aes_256_cfb8,
+ ["CFB8VarTxt256.rsp", "CFB8VarKey256.rsp", "CFB8GFSbox256.rsp", "CFB8KeySbox256.rsp",
+ "CFB8MMT256.rsp"]).
+
+
aes_cfb128(Config) ->
read_rsp(Config, aes_cfb128,
["CFB128VarTxt128.rsp", "CFB128VarKey128.rsp", "CFB128GFSbox128.rsp", "CFB128KeySbox128.rsp",
@@ -2598,6 +2642,22 @@ aes_cfb128(Config) ->
"CFB128VarTxt256.rsp", "CFB128VarKey256.rsp", "CFB128GFSbox256.rsp", "CFB128KeySbox256.rsp",
"CFB128MMT128.rsp", "CFB128MMT192.rsp", "CFB128MMT256.rsp"]).
+aes_128_cfb128(Config) ->
+ read_rsp(Config, aes_128_cfb128,
+ ["CFB128VarTxt128.rsp", "CFB128VarKey128.rsp", "CFB128GFSbox128.rsp", "CFB128KeySbox128.rsp",
+ "CFB128MMT128.rsp"]).
+
+aes_192_cfb128(Config) ->
+ read_rsp(Config, aes_192_cfb128,
+ ["CFB128VarTxt192.rsp", "CFB128VarKey192.rsp", "CFB128GFSbox192.rsp", "CFB128KeySbox192.rsp",
+ "CFB128MMT192.rsp"]).
+
+aes_256_cfb128(Config) ->
+ read_rsp(Config, aes_256_cfb128,
+ ["CFB128VarTxt256.rsp", "CFB128VarKey256.rsp", "CFB128GFSbox256.rsp", "CFB128KeySbox256.rsp",
+ "CFB128MMT256.rsp"]).
+
+
blowfish_cbc(_) ->
[{blowfish_cbc,
hexstr2bin("0123456789ABCDEFF0E1D2C3B4A59687"),