aboutsummaryrefslogtreecommitdiffstats
path: root/lib
diff options
context:
space:
mode:
Diffstat (limited to 'lib')
-rw-r--r--lib/crypto/c_src/api_ng.c63
-rw-r--r--lib/crypto/c_src/cipher.h1
-rw-r--r--lib/crypto/c_src/crypto.c1
-rw-r--r--lib/crypto/src/crypto.erl3
4 files changed, 61 insertions, 7 deletions
diff --git a/lib/crypto/c_src/api_ng.c b/lib/crypto/c_src/api_ng.c
index 46522914b0..d970f45f94 100644
--- a/lib/crypto/c_src/api_ng.c
+++ b/lib/crypto/c_src/api_ng.c
@@ -120,7 +120,7 @@ static int get_init_args(ErlNifEnv* env,
#endif
ivec_len = GET_IV_LEN(*cipherp);
- if (ivec_len) {
+ if (ivec_len && (ivec_arg != atom_undefined)) {
if (!enif_inspect_iolist_as_binary(env, ivec_arg, &ivec_bin))
{
*return_term = EXCP_BADARG(env, "Bad iv type");
@@ -134,6 +134,8 @@ static int get_init_args(ErlNifEnv* env,
}
}
+ ctx_res -> iv_len = ivec_len;
+
if (!((*cipherp)->cipher.p))
{
#if !defined(HAVE_EVP_AES_CTR)
@@ -195,11 +197,18 @@ static int get_init_args(ErlNifEnv* env,
}
}
- if (!EVP_CipherInit_ex(ctx_res->ctx, NULL, NULL, key_bin.data, ivec_bin.data, -1)) {
- *return_term = EXCP_ERROR(env, "Can't initialize key and/or iv");
+ if (!EVP_CipherInit_ex(ctx_res->ctx, NULL, NULL, key_bin.data, NULL, -1)) {
+ *return_term = EXCP_ERROR(env, "Can't initialize key");
goto err;
}
+ if (ivec_arg != atom_undefined) {
+ if (!EVP_CipherInit_ex(ctx_res->ctx, NULL, NULL, NULL, ivec_bin.data, -1)) {
+ *return_term = EXCP_ERROR(env, "Can't initialize iv");
+ goto err;
+ }
+ }
+
EVP_CIPHER_CTX_set_padding(ctx_res->ctx, 0);
*return_term = atom_ok;
@@ -348,21 +357,63 @@ ERL_NIF_TERM ng_crypto_init_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM arg
ERL_NIF_TERM ng_crypto_update(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
-{/* (Context, Data) */
+{/* (Context, Data [, IV]) */
struct evp_cipher_ctx *ctx_res;
ERL_NIF_TERM ret;
if (!enif_get_resource(env, argv[0], evp_cipher_ctx_rtype, (void**)&ctx_res))
return EXCP_BADARG(env, "Bad 1:st arg");
- get_update_args(env, ctx_res, argv[1], &ret);
+ if (argc == 3) {
+ struct evp_cipher_ctx ctx_res_copy;
+ ErlNifBinary ivec_bin;
+ memcpy(&ctx_res_copy, ctx_res, sizeof(ctx_res_copy));
+ ctx_res = &ctx_res_copy;
+ if (!enif_inspect_iolist_as_binary(env, argv[2], &ivec_bin))
+ {
+ ret = EXCP_BADARG(env, "Bad iv type");
+ goto err;
+ }
+
+ if (ctx_res_copy.iv_len != ivec_bin.size)
+ {
+ ret = EXCP_BADARG(env, "Bad iv size");
+ printf("Expect %d\r\n", ctx_res_copy.iv_len);
+ goto err;
+ }
+
+#if !defined(HAVE_EVP_AES_CTR)
+ // enif_fprintf(stdout, "%s:%u state = %T\r\n", __FILE__, __LINE__, ctx_res->state);
+ if ((ctx_res_copy.state != atom_undefined) ) {
+ /* replace the iv in state with argv[2] */
+ ERL_NIF_TERM state0;
+ const ERL_NIF_TERM *tuple_argv;
+ int tuple_argc;
+ state0 = enif_make_copy(env, ctx_res_copy.state);
+ if (enif_get_tuple(env, state0, &tuple_argc, &tuple_argv) && (tuple_argc == 4)) {
+ /* A compatibility state term */
+ ctx_res_copy.state = enif_make_tuple4(env, tuple_argv[0], argv[2], tuple_argv[2], tuple_argv[3]);
+ }
+ } else
+#endif
+ if (!EVP_CipherInit_ex(ctx_res_copy.ctx, NULL, NULL, NULL, ivec_bin.data, -1))
+ {
+ ret = EXCP_ERROR(env, "Can't set iv");
+ goto err;
+ }
+
+ get_update_args(env, &ctx_res_copy, argv[1], &ret);
+ } else
+ get_update_args(env, ctx_res, argv[1], &ret);
+
+ err:
return ret; /* Both success and error */
}
ERL_NIF_TERM ng_crypto_update_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
-{/* (Context, Data) */
+{/* (Context, Data [, IV]) */
ErlNifBinary data_bin;
ASSERT(argc <= 3);
diff --git a/lib/crypto/c_src/cipher.h b/lib/crypto/c_src/cipher.h
index f7b1a09f21..b94873940f 100644
--- a/lib/crypto/c_src/cipher.h
+++ b/lib/crypto/c_src/cipher.h
@@ -59,6 +59,7 @@ struct cipher_type_t {
extern ErlNifResourceType* evp_cipher_ctx_rtype;
struct evp_cipher_ctx {
EVP_CIPHER_CTX* ctx;
+ int iv_len;
#if !defined(HAVE_EVP_AES_CTR)
ErlNifEnv* env;
ERL_NIF_TERM state;
diff --git a/lib/crypto/c_src/crypto.c b/lib/crypto/c_src/crypto.c
index 501c1ffb42..4aed06a489 100644
--- a/lib/crypto/c_src/crypto.c
+++ b/lib/crypto/c_src/crypto.c
@@ -80,6 +80,7 @@ static ErlNifFunc nif_funcs[] = {
{"aes_ige_crypt_nif", 4, aes_ige_crypt_nif, 0},
{"ng_crypto_init_nif", 4, ng_crypto_init_nif, 0},
{"ng_crypto_update_nif", 2, ng_crypto_update_nif, 0},
+ {"ng_crypto_update_nif", 3, ng_crypto_update_nif, 0},
{"ng_crypto_one_shot_nif", 5, ng_crypto_one_shot_nif, 0},
{"strong_rand_bytes_nif", 1, strong_rand_bytes_nif, 0},
{"strong_rand_range_nif", 1, strong_rand_range_nif, 0},
diff --git a/lib/crypto/src/crypto.erl b/lib/crypto/src/crypto.erl
index b53d83b851..4bceeb7510 100644
--- a/lib/crypto/src/crypto.erl
+++ b/lib/crypto/src/crypto.erl
@@ -56,7 +56,7 @@
]).
%% New interface
--export([crypto_init/4,
+-export([crypto_init/4, crypto_init/3, crypto_init/2,
crypto_update/2, crypto_update/3,
crypto_one_shot/5
]).
@@ -774,6 +774,7 @@ crypto_update(State, Data0, IV) ->
ng_crypto_update_nif(State, Data, iolist_to_binary(IV))
end.
+
%%%----------------------------------------------------------------
%%%
%%% Encrypt/decrypt one set bytes.