aboutsummaryrefslogtreecommitdiffstats
path: root/lib/crypto
diff options
context:
space:
mode:
Diffstat (limited to 'lib/crypto')
-rw-r--r--lib/crypto/c_src/crypto.c21
-rw-r--r--lib/crypto/c_src/crypto_callback.c2
-rw-r--r--lib/crypto/doc/src/notes.xml36
-rw-r--r--lib/crypto/test/crypto_SUITE.erl28
-rw-r--r--lib/crypto/vsn.mk2
5 files changed, 81 insertions, 8 deletions
diff --git a/lib/crypto/c_src/crypto.c b/lib/crypto/c_src/crypto.c
index 948093d69c..e55a03d26a 100644
--- a/lib/crypto/c_src/crypto.c
+++ b/lib/crypto/c_src/crypto.c
@@ -507,6 +507,15 @@ static int init_ose_crypto() {
#endif
#ifdef HAVE_DYNAMIC_CRYPTO_LIB
+
+# if defined(DEBUG)
+static char crypto_callback_name[] = "crypto_callback.debug";
+# elif defined(VALGRIND)
+static char crypto_callback_name[] = "crypto_callback.valgrind";
+# else
+static char crypto_callback_name[] = "crypto_callback";
+# endif
+
static int change_basename(ErlNifBinary* bin, char* buf, int bufsz, const char* newfile)
{
int i;
@@ -613,7 +622,7 @@ static int init(ErlNifEnv* env, ERL_NIF_TERM load_info)
#ifdef HAVE_DYNAMIC_CRYPTO_LIB
{
void* handle;
- if (!change_basename(&lib_bin, lib_buf, sizeof(lib_buf), "crypto_callback")) {
+ if (!change_basename(&lib_bin, lib_buf, sizeof(lib_buf), crypto_callback_name)) {
return 0;
}
if (!(handle = enif_dlopen(lib_buf, &error_handler, NULL))) {
@@ -2897,8 +2906,8 @@ static ERL_NIF_TERM srp_user_secret_nif(ErlNifEnv* env, int argc, const ERL_NIF_
/* a + (u * x) */
bn_exp2 = BN_new();
- BN_mod_mul(bn_result, bn_u, bn_exponent, bn_prime, bn_ctx);
- BN_mod_add(bn_exp2, bn_a, bn_result, bn_prime, bn_ctx);
+ BN_mul(bn_result, bn_u, bn_exponent, bn_ctx);
+ BN_add(bn_exp2, bn_a, bn_result);
/* (B - (k * g^x)) ^ (a + (u * x)) % N */
BN_mod_exp(bn_result, bn_base, bn_exp2, bn_prime, bn_ctx);
@@ -3244,6 +3253,7 @@ out:
if (bn_order) BN_free(bn_order);
if (cofactor) BN_free(cofactor);
if (group) EC_GROUP_free(group);
+ if (point) EC_POINT_free(point);
return key;
}
@@ -3406,8 +3416,11 @@ static ERL_NIF_TERM ec_key_generate(ErlNifEnv* env, int argc, const ERL_NIF_TERM
EC_KEY_free(key);
return enif_make_tuple2(env, pub_key, priv_key);
}
- else
+ else {
+ if (key)
+ EC_KEY_free(key);
return enif_make_badarg(env);
+ }
#else
return atom_notsup;
#endif
diff --git a/lib/crypto/c_src/crypto_callback.c b/lib/crypto/c_src/crypto_callback.c
index a08dcec463..b4c175ae43 100644
--- a/lib/crypto/c_src/crypto_callback.c
+++ b/lib/crypto/c_src/crypto_callback.c
@@ -107,8 +107,6 @@ static INLINE void locking(int mode, ErlNifRWLock* lock)
static void locking_function(int mode, int n, const char *file, int line)
{
- ASSERT(n>=0 && n<CRYPTO_num_locks());
-
locking(mode, lock_vec[n]);
}
diff --git a/lib/crypto/doc/src/notes.xml b/lib/crypto/doc/src/notes.xml
index 34f2e3c469..1bd2034b93 100644
--- a/lib/crypto/doc/src/notes.xml
+++ b/lib/crypto/doc/src/notes.xml
@@ -30,6 +30,42 @@
</header>
<p>This document describes the changes made to the Crypto application.</p>
+<section><title>Crypto 3.4</title>
+
+ <section><title>Fixed Bugs and Malfunctions</title>
+ <list>
+ <item>
+ <p>
+ Fix memory leak in <c>crypto:hmac_init/upgrade/final</c>
+ functions for all data and in <c>crypto:hmac/3/4</c> for
+ data larger than 20000 bytes. Bug exists since OTP 17.0.</p>
+ <p>
+ Own Id: OTP-11953</p>
+ </item>
+ <item>
+ <p>
+ Fix memory leak in <c>crypto</c> for elliptic curve.</p>
+ <p>
+ Own Id: OTP-11999</p>
+ </item>
+ </list>
+ </section>
+
+
+ <section><title>Improvements and New Features</title>
+ <list>
+ <item>
+ <p>
+ Add <c>aes_cfb8</c> cypher to <c>crypto:block_encrypt</c>
+ and <c>block_decrypt</c>.</p>
+ <p>
+ Own Id: OTP-11911</p>
+ </item>
+ </list>
+ </section>
+
+</section>
+
<section><title>Crypto 3.3</title>
<section><title>Fixed Bugs and Malfunctions</title>
diff --git a/lib/crypto/test/crypto_SUITE.erl b/lib/crypto/test/crypto_SUITE.erl
index 479c947029..03aa3964a5 100644
--- a/lib/crypto/test/crypto_SUITE.erl
+++ b/lib/crypto/test/crypto_SUITE.erl
@@ -690,7 +690,7 @@ group_config(ecdsa = Type, Config) ->
SignVerify = [{Type, sha, Public, Private, Msg}],
[{sign_verify, SignVerify} | Config];
group_config(srp, Config) ->
- GenerateCompute = [srp3(), srp6(), srp6a()],
+ GenerateCompute = [srp3(), srp6(), srp6a(), srp6a_smaller_prime()],
[{generate_compute, GenerateCompute} | Config];
group_config(ecdh, Config) ->
Compute = ecdh(),
@@ -1496,6 +1496,32 @@ srp6() ->
ClientPublic = crypto:mod_pow(Generator, ClientPrivate, Prime),
srp(ClientPrivate, Generator, Prime, Version, Verifier, ServerPublic, ServerPrivate, UserPassHash, Scrambler, SessionKey).
+
+srp6a_smaller_prime() ->
+ Username = <<"alice">>,
+ Password = <<"password123">>,
+ Salt = <<"mystrongsalt">>,
+ Prime = hexstr2bin("894B645E89E1535BBDAD5B8B290650530801B18EBFBF5E8FAB3C82872A3E9BB7"),
+ Generator = <<7>>,
+ Version = '6a',
+ Scrambler = hexstr2bin("18DE4A002AD05EF464B19AE2B6929F9B1319C7AA"),
+ Verifier = hexstr2bin("867401D5DE10964768184EAF246B322760C847604075FA66A4423907"
+ "8428BCA5"),
+ ClientPrivate = hexstr2bin("C49F832EE8D67ECF9E7F2785EB0622D8B3FE2344C00F96E1AEF4103C"
+ "A44D51F9"),
+ ServerPrivate = hexstr2bin("6C78CCEAAEC15E69068A87795B2A20ED7B45CFC5A254EBE2F17F144A"
+ "4D99DB18"),
+ ClientPublic = hexstr2bin("2452A57166BBBF690DB77539BAF9C57CD1ED99D5AA15ED925AD9B5C3"
+ "64BBEDFF"),
+ ServerPublic = hexstr2bin("2C0464DE84B91E4963A3546CAC0EFE55F31F49208C3F0AD7EE55F444"
+ "8F38BA7F"),
+
+ SessionKey = hexstr2bin("65581B2302580BD26F522A5A421CF969B9CCBCE4051196B034A2A9D22065D848"),
+ UserPassHash = crypto:hash(sha, [Salt, crypto:hash(sha, [Username, <<$:>>, Password])]),
+ Verifier = crypto:mod_pow(Generator, UserPassHash, Prime),
+ ClientPublic = crypto:mod_pow(Generator, ClientPrivate, Prime),
+ srp(ClientPrivate, Generator, Prime, Version, Verifier, ServerPublic, ServerPrivate, UserPassHash, Scrambler, SessionKey).
+
srp6a() ->
Username = <<"alice">>,
Password = <<"password123">>,
diff --git a/lib/crypto/vsn.mk b/lib/crypto/vsn.mk
index a2bd6f851a..b2bb1d7dfb 100644
--- a/lib/crypto/vsn.mk
+++ b/lib/crypto/vsn.mk
@@ -1 +1 @@
-CRYPTO_VSN = 3.3
+CRYPTO_VSN = 3.4