diff options
Diffstat (limited to 'lib/crypto')
| -rw-r--r-- | lib/crypto/c_src/crypto.c | 29 | ||||
| -rw-r--r-- | lib/crypto/doc/src/algorithm_details.xml | 94 | ||||
| -rw-r--r-- | lib/crypto/doc/src/engine_keys.xml | 2 | ||||
| -rw-r--r-- | lib/crypto/doc/src/engine_load.xml | 2 | ||||
| -rw-r--r-- | lib/crypto/doc/src/notes.xml | 111 | ||||
| -rw-r--r-- | lib/crypto/src/crypto.erl | 19 | ||||
| -rw-r--r-- | lib/crypto/test/crypto_SUITE.erl | 171 | ||||
| -rw-r--r-- | lib/crypto/vsn.mk | 2 |
8 files changed, 302 insertions, 128 deletions
diff --git a/lib/crypto/c_src/crypto.c b/lib/crypto/c_src/crypto.c index d40d285f86..b2d8123f00 100644 --- a/lib/crypto/c_src/crypto.c +++ b/lib/crypto/c_src/crypto.c @@ -189,6 +189,10 @@ # define HAVE_GCM # define HAVE_CCM # define HAVE_CMAC +# if defined(RSA_PKCS1_OAEP_PADDING) +# define HAVE_RSA_OAEP_PADDING +# endif +# define HAVE_RSA_MGF1_MD # if OPENSSL_VERSION_NUMBER < PACKED_OPENSSL_VERSION(1,0,1,'d') # define HAVE_GCM_EVP_DECRYPT_BUG # endif @@ -1340,7 +1344,7 @@ static ERL_NIF_TERM algo_mac[3]; /* increase when extending the list */ static int algo_curve_cnt, algo_curve_fips_cnt; static ERL_NIF_TERM algo_curve[87]; /* increase when extending the list */ static int algo_rsa_opts_cnt, algo_rsa_opts_fips_cnt; -static ERL_NIF_TERM algo_rsa_opts[10]; /* increase when extending the list */ +static ERL_NIF_TERM algo_rsa_opts[11]; /* increase when extending the list */ static void init_algorithms_types(ErlNifEnv* env) { @@ -1562,7 +1566,12 @@ static void init_algorithms_types(ErlNifEnv* env) algo_rsa_opts[algo_rsa_opts_cnt++] = enif_make_atom(env,"rsa_pkcs1_pss_padding"); algo_rsa_opts[algo_rsa_opts_cnt++] = enif_make_atom(env,"rsa_pss_saltlen"); # endif +# ifdef HAVE_RSA_MGF1_MD algo_rsa_opts[algo_rsa_opts_cnt++] = enif_make_atom(env,"rsa_mgf1_md"); +# endif +# ifdef HAVE_RSA_OAEP_PADDING + algo_rsa_opts[algo_rsa_opts_cnt++] = enif_make_atom(env,"rsa_pkcs1_oaep_padding"); +# endif # ifdef HAVE_RSA_OAEP_MD algo_rsa_opts[algo_rsa_opts_cnt++] = enif_make_atom(env,"rsa_oaep_label"); algo_rsa_opts[algo_rsa_opts_cnt++] = enif_make_atom(env,"rsa_oaep_md"); @@ -4693,16 +4702,16 @@ printf("\r\n"); if (argv[0] == atom_rsa) { if (EVP_PKEY_CTX_set_rsa_padding(ctx, sig_opt.rsa_padding) <= 0) goto badarg; -#ifdef HAVE_RSA_PKCS1_PSS_PADDING +# ifdef HAVE_RSA_PKCS1_PSS_PADDING if (sig_opt.rsa_padding == RSA_PKCS1_PSS_PADDING) { if (sig_opt.rsa_mgf1_md != NULL) { -#if OPENSSL_VERSION_NUMBER >= PACKED_OPENSSL_VERSION_PLAIN(1,0,1) +# ifdef HAVE_RSA_MGF1_MD if (EVP_PKEY_CTX_set_rsa_mgf1_md(ctx, sig_opt.rsa_mgf1_md) <= 0) goto badarg; -#else +# else EVP_PKEY_CTX_free(ctx); EVP_PKEY_free(pkey); return atom_notsup; -#endif +# endif } if (sig_opt.rsa_pss_saltlen > -2 && EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx, sig_opt.rsa_pss_saltlen) <= 0) @@ -4833,13 +4842,13 @@ static ERL_NIF_TERM pkey_verify_nif(ErlNifEnv *env, int argc, const ERL_NIF_TERM if (EVP_PKEY_CTX_set_rsa_padding(ctx, sig_opt.rsa_padding) <= 0) goto badarg; if (sig_opt.rsa_padding == RSA_PKCS1_PSS_PADDING) { if (sig_opt.rsa_mgf1_md != NULL) { -#if OPENSSL_VERSION_NUMBER >= PACKED_OPENSSL_VERSION_PLAIN(1,0,1) +# ifdef HAVE_RSA_MGF1_MD if (EVP_PKEY_CTX_set_rsa_mgf1_md(ctx, sig_opt.rsa_mgf1_md) <= 0) goto badarg; -#else +# else EVP_PKEY_CTX_free(ctx); EVP_PKEY_free(pkey); return atom_notsup; -#endif +# endif } if (sig_opt.rsa_pss_saltlen > -2 && EVP_PKEY_CTX_set_rsa_pss_saltlen(ctx, sig_opt.rsa_pss_saltlen) <= 0) @@ -4932,8 +4941,10 @@ static int get_pkey_crypt_options(ErlNifEnv *env, ERL_NIF_TERM algorithm, ERL_NI ) { if (tpl_terms[1] == atom_rsa_pkcs1_padding) { opt->rsa_padding = RSA_PKCS1_PADDING; +#ifdef HAVE_RSA_OAEP_PADDING } else if (tpl_terms[1] == atom_rsa_pkcs1_oaep_padding) { opt->rsa_padding = RSA_PKCS1_OAEP_PADDING; +#endif #ifdef HAVE_RSA_SSLV23_PADDING } else if (tpl_terms[1] == atom_rsa_sslv23_padding) { opt->rsa_padding = RSA_SSLV23_PADDING; @@ -4952,7 +4963,7 @@ static int get_pkey_crypt_options(ErlNifEnv *env, ERL_NIF_TERM algorithm, ERL_NI } opt->signature_md = opt_md; } else if (tpl_terms[0] == atom_rsa_mgf1_md && enif_is_atom(env, tpl_terms[1])) { -#ifndef HAVE_RSA_OAEP_MD +#ifndef HAVE_RSA_MGF1_MD if (tpl_terms[1] != atom_sha) return PKEY_NOTSUP; #endif diff --git a/lib/crypto/doc/src/algorithm_details.xml b/lib/crypto/doc/src/algorithm_details.xml index 19a19b1ece..4d58d26970 100644 --- a/lib/crypto/doc/src/algorithm_details.xml +++ b/lib/crypto/doc/src/algorithm_details.xml @@ -4,7 +4,7 @@ <chapter> <header> <copyright> - <year>2014</year><year>2017</year> + <year>2014</year><year>2018</year> <holder>Ericsson AB. All Rights Reserved.</holder> </copyright> <legalnotice> @@ -63,9 +63,9 @@ <row><cell><c>aes_ige256</c></cell><cell>16</cell><cell>32</cell><cell>16</cell></row> <row><cell><c>blowfish_cbc</c></cell> <cell>4-56</cell> <cell>8</cell> <cell>8</cell></row> - <row><cell><c>blowfish_cfb64</c></cell> <cell>1-</cell> <cell>8</cell> <cell>any</cell></row> - <row><cell><c>blowfish_ecb</c></cell><cell>1-</cell><cell> </cell><cell>8</cell></row> - <row><cell><c>blowfish_ofb64</c></cell><cell>1-</cell><cell>8</cell><cell>any</cell></row> + <row><cell><c>blowfish_cfb64</c></cell> <cell>≥1</cell> <cell>8</cell> <cell>any</cell></row> + <row><cell><c>blowfish_ecb</c></cell><cell>≥1</cell><cell> </cell><cell>8</cell></row> + <row><cell><c>blowfish_ofb64</c></cell><cell>≥1</cell><cell>8</cell><cell>any</cell></row> <row><cell><c>des3_cbc</c><br/><i>(=DES EDE3 CBC)</i></cell><cell>[8,8,8]</cell><cell>8</cell><cell>8</cell></row> <row><cell><c>des3_cfb</c><br/><i>(=DES EDE3 CFB)</i></cell><cell>[8,8,8]</cell><cell>8</cell><cell>any</cell></row> @@ -74,7 +74,7 @@ <row><cell><c>des_cfb</c></cell><cell>8</cell><cell>8</cell><cell>any</cell></row> <row><cell><c>des_ecb</c></cell><cell>8</cell><cell> </cell><cell>8</cell></row> <row><cell><c>des_ede3</c><br/><i>(=DES EDE3 CBC)</i></cell><cell>[8,8,8]</cell><cell>8</cell><cell>8</cell></row> - <row><cell><c>rc2_cbc</c></cell><cell>1-</cell><cell>8</cell><cell>8</cell></row> + <row><cell><c>rc2_cbc</c></cell><cell>≥1</cell><cell>8</cell><cell>8</cell></row> <tcaption>Block cipher key lengths</tcaption> </table> </section> @@ -90,9 +90,9 @@ </p> <table> <row><cell><strong>Cipher and Mode</strong></cell><cell><strong>Key length</strong><br/><strong>[bytes]</strong></cell><cell><strong>IV length</strong><br/><strong>[bytes]</strong></cell><cell><strong>AAD length</strong><br/><strong>[bytes]</strong></cell><cell><strong>Tag length</strong><br/><strong>[bytes]</strong></cell><cell><strong>Block size</strong><br/><strong>[bytes]</strong></cell><cell><strong>Supported with</strong><br/><strong>OpenSSL versions</strong></cell></row> - <row><cell><c>aes_ccm</c></cell> <cell>16,24,32</cell> <cell>7-13</cell> <cell>any</cell> <cell>even 4-16<br/>default: 12</cell> <cell>any</cell><cell>1.1.0 -</cell></row> - <row><cell><c>aes_gcm</c></cell> <cell>16,24,32</cell> <cell>1-</cell> <cell>any</cell> <cell>1-16<br/>default: 16</cell> <cell>any</cell><cell>1.1.0 -</cell></row> - <row><cell><c>chacha20_poly1305</c></cell><cell>32</cell> <cell>1-16</cell> <cell>any</cell> <cell>16</cell> <cell>any</cell><cell>1.1.0 -</cell></row> + <row><cell><c>aes_ccm</c></cell> <cell>16,24,32</cell> <cell>7-13</cell> <cell>any</cell> <cell>even 4-16<br/>default: 12</cell> <cell>any</cell><cell>≥1.1.0</cell></row> + <row><cell><c>aes_gcm</c></cell> <cell>16,24,32</cell> <cell>≥1</cell> <cell>any</cell> <cell>1-16<br/>default: 16</cell> <cell>any</cell><cell>≥1.1.0</cell></row> + <row><cell><c>chacha20_poly1305</c></cell><cell>32</cell> <cell>1-16</cell> <cell>any</cell> <cell>16</cell> <cell>any</cell><cell>≥1.1.0</cell></row> <tcaption>AEAD cipher key lengths</tcaption> </table> </section> @@ -108,8 +108,8 @@ </p> <table> <row><cell><strong>Cipher and Mode</strong></cell><cell><strong>Key length</strong><br/><strong>[bytes]</strong></cell><cell><strong>IV length</strong><br/><strong>[bytes]</strong></cell><cell><strong>Supported with</strong><br/><strong>OpenSSL versions</strong></cell></row> - <row><cell><c>aes_ctr</c></cell><cell>16, 24, 32</cell><cell>16</cell><cell>1.0.1 -</cell></row> - <row><cell><c>rc4</c></cell><cell>1-</cell><cell> </cell> <cell>all</cell></row> + <row><cell><c>aes_ctr</c></cell><cell>16, 24, 32</cell><cell>16</cell><cell>≥1.0.1</cell></row> + <row><cell><c>rc4</c></cell><cell>≥1</cell><cell> </cell> <cell>all</cell></row> <tcaption>Stream cipher key lengths</tcaption> </table> </section> @@ -141,9 +141,9 @@ <row><cell><c>aes_cfb8</c></cell> <cell>16</cell><cell>1</cell></row> <row><cell><c>blowfish_cbc</c></cell> <cell>4-56</cell> <cell>8</cell></row> - <row><cell><c>blowfish_cfb64</c></cell> <cell>1-</cell> <cell>1</cell></row> - <row><cell><c>blowfish_ecb</c></cell><cell>1-</cell> <cell>8</cell></row> - <row><cell><c>blowfish_ofb64</c></cell><cell>1-</cell> <cell>1</cell></row> + <row><cell><c>blowfish_cfb64</c></cell> <cell>≥1</cell> <cell>1</cell></row> + <row><cell><c>blowfish_ecb</c></cell><cell>≥1</cell> <cell>8</cell></row> + <row><cell><c>blowfish_ofb64</c></cell><cell>≥1</cell> <cell>1</cell></row> <row><cell><c>des3_cbc</c><br/><i>(=DES EDE3 CBC)</i></cell><cell>[8,8,8]</cell><cell>8</cell></row> <row><cell><c>des3_cfb</c><br/><i>(=DES EDE3 CFB)</i></cell><cell>[8,8,8]</cell><cell>1</cell></row> @@ -152,7 +152,7 @@ <row><cell><c>des_cfb</c></cell><cell>8</cell><cell>1</cell></row> <row><cell><c>des_ecb</c></cell><cell>8</cell><cell>1</cell></row> - <row><cell><c>rc2_cbc</c></cell><cell>1-</cell><cell>8</cell></row> + <row><cell><c>rc2_cbc</c></cell><cell>≥1</cell><cell>8</cell></row> <tcaption>CMAC cipher key lengths</tcaption> </table> </section> @@ -195,7 +195,7 @@ </row> <row><cell>SHA1</cell><cell>sha</cell><cell>all</cell></row> <row><cell>SHA2</cell><cell>sha224, sha256, sha384, sha512</cell><cell>all</cell></row> - <row><cell>SHA3</cell><cell>sha3_224, sha3_256, sha3_384, sha3_512</cell><cell>1.1.1 -</cell></row> + <row><cell>SHA3</cell><cell>sha3_224, sha3_256, sha3_384, sha3_512</cell><cell>≥1.1.1</cell></row> <row><cell>MD4</cell><cell>md4</cell><cell>all</cell></row> <row><cell>MD5</cell><cell>md5</cell><cell>all</cell></row> <row><cell>RIPEMD</cell><cell>ripemd160</cell><cell>all</cell></row> @@ -221,18 +221,62 @@ without prior notice.</p> </warning> <table> - <row><cell><strong>Option</strong></cell> <cell><strong>sign/verify</strong></cell> <cell><strong>encrypt/decrypt</strong></cell> <cell><strong>Supported with</strong><br/><strong>OpenSSL versions</strong></cell> </row> - <row><cell>{rsa_mgf1_md,atom()}</cell> <cell>x</cell> <cell>x</cell> <cell>1.0.1</cell></row> - <row><cell>{rsa_oaep_label, binary()}</cell> <cell> </cell> <cell>x</cell> <cell></cell></row> - <row><cell>{rsa_oaep_md, atom()}</cell> <cell> </cell> <cell>x</cell> <cell></cell></row> - <row><cell>{rsa_padding,rsa_pkcs1_pss_padding}</cell> <cell>x</cell> <cell> </cell> <cell>1.0.0</cell></row> - <row><cell>{rsa_pss_saltlen, -2..}</cell> <cell>x</cell> <cell> </cell> <cell>1.0.0</cell></row> - <row><cell>{rsa_padding,rsa_no_padding}</cell> <cell>x</cell> <cell>x</cell> <cell></cell></row> - <row><cell>{rsa_padding,rsa_pkcs1_padding}</cell> <cell>x</cell> <cell>x</cell> <cell></cell></row> - <row><cell>{rsa_padding,rsa_sslv23_padding}</cell> <cell> </cell> <cell>x</cell> <cell></cell></row> - <row><cell>{rsa_padding,rsa_x931_padding}</cell> <cell>x</cell> <cell> </cell> <cell></cell></row> + <row><cell><strong>Option</strong></cell> + <cell><strong>sign/verify</strong></cell> + <cell><strong>public encrypt</strong><br/><strong>private decrypt</strong></cell> + <cell><strong>private encrypt</strong><br/><strong>public decrypt</strong></cell> + </row> + <row><cell>{rsa_padding,rsa_x931_padding}</cell> + <cell>x</cell> + <cell></cell> + <cell>x</cell> + </row> + <row><cell>{rsa_padding,rsa_pkcs1_padding}</cell> + <cell>x</cell> + <cell>x</cell> + <cell>x</cell> + </row> + <row><cell>{rsa_padding,rsa_pkcs1_pss_padding}<br/> + {rsa_pss_saltlen, -2..}<br/> + {rsa_mgf1_md, atom()} + </cell> + <cell>x (2)<br/> + x (2)<br/> + x (2)</cell> + <cell></cell> + <cell></cell> + </row> + <row><cell>{rsa_padding,rsa_pkcs1_oaep_padding}<br/> + {rsa_mgf1_md, atom()}<br/> + {rsa_oaep_label, binary()}}<br/> + {rsa_oaep_md, atom()} + </cell> + <cell></cell> + <cell>x (2)<br/> + x (2)<br/> + x (3)<br/> + x (3) + </cell> + <cell></cell> + </row> + <row><cell>{rsa_padding,rsa_no_padding}</cell> + <cell>x (1)</cell> + <cell></cell> + <cell></cell> + </row> + <!-- row><cell>{rsa_padding,rsa_sslv23_padding}</cell> + <cell></cell> + <cell></cell> + <cell></cell> + </row --> <tcaption></tcaption> </table> + <p>Notes:</p> + <list type="ordered"> + <item>(1) OpenSSL ≤ 1.0.0</item> + <item>(2) OpenSSL ≥ 1.0.1</item> + <item>(3) OpenSSL ≥ 1.1.0</item> + </list> </section> <section> diff --git a/lib/crypto/doc/src/engine_keys.xml b/lib/crypto/doc/src/engine_keys.xml index 4f7b0243fb..feeb353d1e 100644 --- a/lib/crypto/doc/src/engine_keys.xml +++ b/lib/crypto/doc/src/engine_keys.xml @@ -4,7 +4,7 @@ <chapter> <header> <copyright> - <year>2017</year><year>2017</year> + <year>2017</year><year>2018</year> <holder>Ericsson AB. All Rights Reserved.</holder> </copyright> <legalnotice> diff --git a/lib/crypto/doc/src/engine_load.xml b/lib/crypto/doc/src/engine_load.xml index 3d0aa0c32a..5f7ccc784b 100644 --- a/lib/crypto/doc/src/engine_load.xml +++ b/lib/crypto/doc/src/engine_load.xml @@ -4,7 +4,7 @@ <chapter> <header> <copyright> - <year>2017</year><year>2017</year> + <year>2017</year><year>2018</year> <holder>Ericsson AB. All Rights Reserved.</holder> </copyright> <legalnotice> diff --git a/lib/crypto/doc/src/notes.xml b/lib/crypto/doc/src/notes.xml index 9207d09821..d81a8ddd87 100644 --- a/lib/crypto/doc/src/notes.xml +++ b/lib/crypto/doc/src/notes.xml @@ -31,6 +31,117 @@ </header> <p>This document describes the changes made to the Crypto application.</p> +<section><title>Crypto 4.3.3</title> + + <section><title>Fixed Bugs and Malfunctions</title> + <list> + <item> + <p> + The RSA options <c>rsa_mgf1_md</c>, <c>rsa_oaep_md</c>, + and <c>rsa_oaep_label</c> were always disabled. They will + now be enabled when a suitable cryptolib is used.</p> + <p> + They are still experimental and may change without prior + notice.</p> + <p> + Own Id: OTP-15212 Aux Id: ERL-675, PR1899, PR838 </p> + </item> + <item> + <p> + The ciphers <c>aes_ige256</c> and <c>blowfish_cbc</c> had + naming issues in <c>crypto:next_iv/2</c>.</p> + <p> + Own Id: OTP-15283</p> + </item> + <item> + <p> + the <c>RSA_SSLV23_PADDING</c> is disabled if LibreSSL is + used as cryptlib. This is due to compilation problems.</p> + <p> + This will be investigated further in the future.</p> + <p> + Own Id: OTP-15303</p> + </item> + </list> + </section> + + + <section><title>Improvements and New Features</title> + <list> + <item> + <p> + The supported named elliptic curves are now reported in + <c>crypto:supports/0</c> in a new entry tagged by + <c>'curves'</c>.</p> + <p> + The function <c>crypto:ec_curves/0</c> is kept for + compatibility.</p> + <p> + Own Id: OTP-14717 Aux Id: OTP-15244 </p> + </item> + <item> + <p> + The typing in the CRYPTO and PUBLIC_KEY applications are + reworked and a few mistakes are corrected.</p> + <p> + The documentation is now generated from the typing and + some clarifications are made.</p> + <p> + A new chapter on Algorithm Details such as key sizes and + availability is added to the CRYPTO User's Guide.</p> + <p> + Own Id: OTP-15134</p> + </item> + <item> + <p> + Support for SHA3 both as a separate hash and in HMAC is + now available if OpenSSL 1.1.1 or higher is used as + cryptolib.</p> + <p> + Available lengths are reported in the <c>'hashs'</c> + entry in <c>crypto:supports/0</c> as <c>sha3_*</c>.</p> + <p> + Own Id: OTP-15153</p> + </item> + <item> + <p> + The mac algorithm <c>poly1305</c> and the cipher + algorithm <c>chacha20</c> are now supported if OpenSSL + 1.1.1 or higher is used as cryptolib.</p> + <p> + Own Id: OTP-15164 Aux Id: OTP-15209 </p> + </item> + <item> + <p> + The key exchange Edward curves <c>x25519</c> and + <c>x448</c> are now supported if OpenSSL 1.1.1 or higher + is used as cryptolib.</p> + <p> + Own Id: OTP-15240 Aux Id: OTP-15133 </p> + </item> + <item> + <p> + The supported RSA options for sign/verify and + encrypt/decrypt are now reported in + <c>crypto:supports/0</c> in a new entry tagged by + '<c>rsa_opts</c>'.</p> + <p> + The exakt set is still experimental and may change + without prior notice.</p> + <p> + Own Id: OTP-15260</p> + </item> + <item> + <p> + The cipher <c>aes_ccm</c> is added.</p> + <p> + Own Id: OTP-15286</p> + </item> + </list> + </section> + +</section> + <section><title>Crypto 4.3.2</title> <section><title>Fixed Bugs and Malfunctions</title> diff --git a/lib/crypto/src/crypto.erl b/lib/crypto/src/crypto.erl index 960fe46c09..2db73c4af0 100644 --- a/lib/crypto/src/crypto.erl +++ b/lib/crypto/src/crypto.erl @@ -526,8 +526,9 @@ block_encrypt(Type, Key, Ivec, {AAD, PlainText}) when Type =:= aes_gcm; block_encrypt(Type, Key, Ivec, {AAD, PlainText, TagLength}) when Type =:= aes_gcm; Type =:= aes_ccm -> aead_encrypt(Type, Key, Ivec, AAD, PlainText, TagLength); -block_encrypt(chacha20_poly1305, Key, Ivec, {AAD, PlainText}) -> - chacha20_poly1305_encrypt(Key, Ivec, AAD, PlainText). +block_encrypt(chacha20_poly1305=Type, Key, Ivec, {AAD, PlainText}) -> + aead_encrypt(Type, Key, Ivec, AAD, PlainText, 16). + -spec block_decrypt(Type::block_cipher_with_iv(), Key::key()|des3_key(), Ivec::binary(), Data::iodata()) -> binary(); (Type::aead_cipher(), Key::iodata(), Ivec::binary(), @@ -557,11 +558,9 @@ block_decrypt(des3_cfb, Key0, Ivec, Data) -> block_decrypt(aes_ige256, Key, Ivec, Data) -> notsup_to_error(aes_ige_crypt_nif(Key, Ivec, Data, false)); block_decrypt(Type, Key, Ivec, {AAD, Data, Tag}) when Type =:= aes_gcm; - Type =:= aes_ccm -> - aead_decrypt(Type, Key, Ivec, AAD, Data, Tag); -block_decrypt(chacha20_poly1305, Key, Ivec, {AAD, Data, Tag}) -> - chacha20_poly1305_decrypt(Key, Ivec, AAD, Data, Tag). - + Type =:= aes_ccm; + Type =:= chacha20_poly1305 -> + aead_decrypt(Type, Key, Ivec, AAD, Data, Tag). -spec block_encrypt(Type::block_cipher_without_iv(), Key::key(), PlainText::iodata()) -> binary(). @@ -1617,12 +1616,6 @@ aead_encrypt(_Type, _Key, _Ivec, _AAD, _In, _TagLength) -> ?nif_stub. aead_decrypt(_Type, _Key, _Ivec, _AAD, _In, _Tag) -> ?nif_stub. %% -%% Chacha20/Ppoly1305 -%% -chacha20_poly1305_encrypt(_Key, _Ivec, _AAD, _In) -> ?nif_stub. -chacha20_poly1305_decrypt(_Key, _Ivec, _AAD, _In, _Tag) -> ?nif_stub. - -%% %% AES - with 256 bit key in infinite garble extension mode (IGE) %% diff --git a/lib/crypto/test/crypto_SUITE.erl b/lib/crypto/test/crypto_SUITE.erl index 495c2adb55..025c46aab0 100644 --- a/lib/crypto/test/crypto_SUITE.erl +++ b/lib/crypto/test/crypto_SUITE.erl @@ -495,14 +495,14 @@ sign_verify(Config) when is_list(Config) -> public_encrypt() -> [{doc, "Test public_encrypt/decrypt "}]. public_encrypt(Config) when is_list(Config) -> - Params = proplists:get_value(pub_priv_encrypt, Config), + Params = proplists:get_value(pub_pub_encrypt, Config, []), lists:foreach(fun do_public_encrypt/1, Params). %%-------------------------------------------------------------------- private_encrypt() -> [{doc, "Test private_encrypt/decrypt functions. "}]. private_encrypt(Config) when is_list(Config) -> - Params = proplists:get_value(pub_priv_encrypt, Config), + Params = proplists:get_value(pub_priv_encrypt, Config, []), lists:foreach(fun do_private_encrypt/1, Params). %%-------------------------------------------------------------------- @@ -943,30 +943,6 @@ negative_verify(Type, Hash, Msg, Signature, Public, Options) -> ok end. --define(PUB_PRIV_ENC_DEC_CATCH(Type,Padding), - CC:EE -> - ct:log("~p:~p in ~p:~p/~p, line ~p.~n" - "Type = ~p~nPadding = ~p", - [CC,EE,?MODULE,?FUNCTION_NAME,?FUNCTION_ARITY,?LINE,(Type),(Padding)]), - MaybeUnsupported = - case crypto:info_lib() of - [{<<"OpenSSL">>,_,_}] -> - is_list(Padding) andalso - lists:any(fun(P) -> lists:member(P,(Padding)) end, - [{rsa_padding, rsa_pkcs1_oaep_padding}, - {rsa_padding, rsa_sslv23_padding}, - {rsa_padding, rsa_x931_padding}]); - _ -> - false - end, - case CC of - error when MaybeUnsupported -> - ct:comment("Padding unsupported?",[]); - _ -> - ct:fail({?FUNCTION_NAME,CC,EE,(Type),(Padding)}) - end - ). - do_public_encrypt({Type, Public, Private, Msg, Padding}) -> try crypto:public_encrypt(Type, Msg, Public, Padding) @@ -980,10 +956,12 @@ do_public_encrypt({Type, Public, Private, Msg, Padding}) -> Other -> ct:fail({{crypto, private_decrypt, [Type, PublicEcn, Private, Padding]}, {expected, Msg}, {got, Other}}) catch - ?PUB_PRIV_ENC_DEC_CATCH(Type, Padding) + CC:EE -> + ct:fail({{crypto, private_decrypt, [Type, PublicEcn, Private, Padding]}, {expected, Msg}, {got, {CC,EE}}}) end catch - ?PUB_PRIV_ENC_DEC_CATCH(Type, Padding) + CC:EE -> + ct:fail({{crypto, public_encrypt, [Type, Msg, Public, Padding]}, {got, {CC,EE}}}) end. @@ -1000,10 +978,12 @@ do_private_encrypt({Type, Public, Private, Msg, Padding}) -> Other -> ct:fail({{crypto, public_decrypt, [Type, PrivEcn, Public, Padding]}, {expected, Msg}, {got, Other}}) catch - ?PUB_PRIV_ENC_DEC_CATCH(Type, Padding) + CC:EE -> + ct:fail({{crypto, public_decrypt, [Type, PrivEcn, Public, Padding]}, {expected, Msg}, {got, {CC,EE}}}) end catch - ?PUB_PRIV_ENC_DEC_CATCH(Type, Padding) + CC:EE -> + ct:fail({{crypto, private_encrypt, [Type, Msg, Private, Padding]}, {got, {CC,EE}}}) end. do_generate_compute({srp = Type, UserPrivate, UserGenParams, UserComParams, @@ -1395,36 +1375,42 @@ group_config(sha3_384 = Type, Config) -> group_config(sha3_512 = Type, Config) -> {Msgs,Digests} = sha3_test_vectors(Type), [{hash, {Type, Msgs, Digests}}, {hmac, hmac_sha3(Type)} | Config]; -group_config(rsa = Type, Config) -> +group_config(rsa, Config) -> Msg = rsa_plain(), Public = rsa_public(), Private = rsa_private(), PublicS = rsa_public_stronger(), PrivateS = rsa_private_stronger(), - SignVerify = - case ?config(fips, Config) of - true -> - %% Use only the strong keys in FIPS mode - sign_verify_tests(Type, Msg, - PublicS, PrivateS, - PublicS, PrivateS); - false -> - sign_verify_tests(Type, Msg, - Public, Private, - PublicS, PrivateS) - end, MsgPubEnc = <<"7896345786348 Asldi">>, - PubPrivEnc = [{rsa, PublicS, PrivateS, MsgPubEnc, rsa_pkcs1_padding}, - {rsa, PublicS, PrivateS, MsgPubEnc, [{rsa_padding, rsa_pkcs1_padding}]}, - {rsa, PublicS, PrivateS, MsgPubEnc, [{rsa_padding, rsa_sslv23_padding}]}, - {rsa, PublicS, PrivateS, MsgPubEnc, [{rsa_padding, rsa_x931_padding}]}, - rsa_oaep(), - %% rsa_oaep_label(), - %% rsa_oaep256(), - no_padding() + SignVerify_OptsToTry = [[{rsa_padding, rsa_x931_padding}], + [{rsa_padding, rsa_pkcs1_padding}], + [{rsa_padding, rsa_pkcs1_pss_padding}], + [{rsa_padding, rsa_pkcs1_pss_padding}, {rsa_pss_saltlen, -2}], + [{rsa_padding, rsa_pkcs1_pss_padding}, {rsa_pss_saltlen, 5}], + [{rsa_padding, rsa_pkcs1_pss_padding}, {rsa_mgf1_md,sha}], + [{rsa_padding, rsa_pkcs1_pss_padding}, {rsa_mgf1_md,sha}, {rsa_pss_saltlen, 5}] + ], + PrivEnc_OptsToTry = [rsa_pkcs1_padding, % Compatibility + [{rsa_pad, rsa_pkcs1_padding}], % Compatibility + [{rsa_padding, rsa_pkcs1_padding}], + [{rsa_padding,rsa_x931_padding}] + ], + PubEnc_OptsToTry = [rsa_pkcs1_padding, % Compatibility + [{rsa_pad, rsa_pkcs1_padding}], % Compatibility + [{rsa_padding, rsa_pkcs1_padding}], + [{rsa_padding,rsa_pkcs1_oaep_padding}], + [{rsa_padding,rsa_pkcs1_oaep_padding}, {rsa_oaep_label, <<"Hej hopp">>}], + [{rsa_padding,rsa_pkcs1_oaep_padding}, {rsa_oaep_md,sha}], + [{rsa_padding,rsa_pkcs1_oaep_padding}, {rsa_oaep_md,sha}, {rsa_oaep_label, <<"Hej hopp">>}], + [{rsa_padding,rsa_pkcs1_oaep_padding}, {rsa_mgf1_md,sha}], + [{rsa_padding,rsa_pkcs1_oaep_padding}, {rsa_mgf1_md,sha}, {rsa_oaep_label, <<"Hej hopp">>}], + [{rsa_padding,rsa_pkcs1_oaep_padding}, {rsa_mgf1_md,sha}, {rsa_oaep_md,sha}, {rsa_oaep_label, <<"Hej hopp">>}] ], - Generate = [{rsa, 1024, 3}, {rsa, 2048, 17}, {rsa, 3072, 65537}], - [{sign_verify, SignVerify}, {pub_priv_encrypt, PubPrivEnc}, {generate, Generate} | Config]; + [{sign_verify, rsa_sign_verify_tests(Config, Msg, Public, Private, PublicS, PrivateS, SignVerify_OptsToTry)}, + {pub_priv_encrypt, gen_rsa_pub_priv_tests(PublicS, PrivateS, MsgPubEnc, PrivEnc_OptsToTry)}, + {pub_pub_encrypt, gen_rsa_pub_priv_tests(PublicS, PrivateS, MsgPubEnc, PubEnc_OptsToTry)}, + {generate, [{rsa, 1024, 3}, {rsa, 2048, 17}, {rsa, 3072, 65537}]} + | Config]; group_config(dss = Type, Config) -> Msg = dss_plain(), Public = dss_params() ++ [dss_public()], @@ -1553,40 +1539,74 @@ group_config(aes_cbc, Config) -> group_config(_, Config) -> Config. -sign_verify_tests(Type, Msg, Public, Private, PublicS, PrivateS) -> - gen_sign_verify_tests(Type, [md5, ripemd160, sha, sha224, sha256], Msg, Public, Private, - [undefined, - [{rsa_padding, rsa_pkcs1_pss_padding}], - [{rsa_padding, rsa_pkcs1_pss_padding}, {rsa_pss_saltlen, 0}], - [{rsa_padding, rsa_x931_padding}] - ]) ++ - gen_sign_verify_tests(Type, [sha384, sha512], Msg, PublicS, PrivateS, - [undefined, - [{rsa_padding, rsa_pkcs1_pss_padding}], - [{rsa_padding, rsa_pkcs1_pss_padding}, {rsa_pss_saltlen, 0}], - [{rsa_padding, rsa_x931_padding}] - ]). - -gen_sign_verify_tests(Type, Hashs, Msg, Public, Private, Opts) -> +rsa_sign_verify_tests(Config, Msg, Public, Private, PublicS, PrivateS, OptsToTry) -> + case ?config(fips, Config) of + true -> + %% Use only the strong keys in FIPS mode + rsa_sign_verify_tests(Msg, + PublicS, PrivateS, + PublicS, PrivateS, + OptsToTry); + false -> + rsa_sign_verify_tests(Msg, + Public, Private, + PublicS, PrivateS, + OptsToTry) + end. + +rsa_sign_verify_tests(Msg, Public, Private, PublicS, PrivateS, OptsToTry) -> + gen_rsa_sign_verify_tests([md5, ripemd160, sha, sha224, sha256], Msg, Public, Private, + [undefined | OptsToTry]) ++ + gen_rsa_sign_verify_tests([sha384, sha512], Msg, PublicS, PrivateS, + [undefined | OptsToTry]). + +gen_rsa_sign_verify_tests(Hashs, Msg, Public, Private, Opts) -> + SupOpts = proplists:get_value(rsa_opts, crypto:supports(), []), lists:foldr(fun(Hash, Acc0) -> case is_supported(Hash) of true -> lists:foldr(fun (undefined, Acc1) -> - [{Type, Hash, Public, Private, Msg} | Acc1]; + [{rsa, Hash, Public, Private, Msg} | Acc1]; ([{rsa_padding, rsa_x931_padding} | _], Acc1) when Hash =:= md5 orelse Hash =:= ripemd160 orelse Hash =:= sha224 -> Acc1; (Opt, Acc1) -> - [{Type, Hash, Public, Private, Msg, Opt} | Acc1] + case rsa_opt_is_supported(Opt, SupOpts) of + true -> + [{rsa, Hash, Public, Private, Msg, Opt} | Acc1]; + false -> + Acc1 + end end, Acc0, Opts); false -> Acc0 end end, [], Hashs). + +gen_rsa_pub_priv_tests(Public, Private, Msg, OptsToTry) -> + SupOpts = proplists:get_value(rsa_opts, crypto:supports(), []), + lists:foldr(fun(Opt, Acc) -> + case rsa_opt_is_supported(Opt, SupOpts) of + true -> + [{rsa, Public, Private, Msg, Opt} | Acc]; + false -> + Acc + end + end, [], OptsToTry). + + +rsa_opt_is_supported([_|_]=Opt, Sup) -> + lists:all(fun(O) -> rsa_opt_is_supported(O,Sup) end, Opt); +rsa_opt_is_supported({A,B}, Sup) -> + rsa_opt_is_supported(A,Sup) orelse rsa_opt_is_supported(B,Sup); +rsa_opt_is_supported(Opt, Sup) -> + lists:member(Opt, Sup). + + rfc_1321_msgs() -> [<<"">>, <<"a">>, @@ -2803,6 +2823,8 @@ ecdh() -> dh() -> {dh, 90970053988169282502023478715631717259407236400413906591937635666709823903223997309250405131675572047545403771567755831138144089197560332757755059848492919215391041119286178688014693040542889497092308638580104031455627238700168892909539193174537248629499995652186913900511641708112112482297874449292467498403, 2}. + + rsa_oaep() -> %% ftp://ftp.rsa.com/pub/rsalabs/tmp/pkcs1v15crypt-vectors.txt Public = [hexstr2bin("010001"), @@ -2877,13 +2899,6 @@ cmac_nist(Config, aes_cbc256 = Type) -> read_rsp(Config, Type, ["CMACGenAES256.rsp", "CMACVerAES256.rsp"]). -no_padding() -> - Public = [_, Mod] = rsa_public_stronger(), - Private = rsa_private_stronger(), - MsgLen = erlang:byte_size(int_to_bin(Mod)), - Msg = list_to_binary(lists:duplicate(MsgLen, $X)), - {rsa, Public, Private, Msg, rsa_no_padding}. - int_to_bin(X) when X < 0 -> int_to_bin_neg(X, []); int_to_bin(X) -> int_to_bin_pos(X, []). @@ -3063,7 +3078,7 @@ parse_rsp(Type, file := File, alen := Alen, plen := Plen, - nlen := Nlen, + nlen := _Nlen, tlen := Tlen, key := Key, nonce := IV, diff --git a/lib/crypto/vsn.mk b/lib/crypto/vsn.mk index d262492668..64d593f64a 100644 --- a/lib/crypto/vsn.mk +++ b/lib/crypto/vsn.mk @@ -1 +1 @@ -CRYPTO_VSN = 4.3.2 +CRYPTO_VSN = 4.3.3 |