aboutsummaryrefslogtreecommitdiffstats
path: root/lib/crypto/c_src/Makefile.in
AgeCommit message (Collapse)Author
2019-03-19crypto: Remove chacha20.c,h and rc4.c,hHans Nilsson
Replaced by api_ng.c
2019-03-19crypto: Remove block.c and block.hHans Nilsson
Replaced by api_ng.c
2019-02-25crypto: New experimental apiHans Nilsson
The new files api_ng.h and api_ng.c implements an api using EVP. The api is not by any mean new, except for the crypto application in Erlang/OTP. The aims at using the block api in a stream manor, that is 1) call crypto_init/4 2..N) call crypto_update/{2,3} The purpose is to simplify and hopefully optimize the SSL and SSH applications. By keeping the crypto state in C in an enif_resource the costful state copying in SSL and SSH is reduced with 1-2 per message sent or received. Changes in other files are for adaptation like FIPS etc since many functions uses the central get_cipher_type() function.
2019-01-02crypto: Fix 'make clean'Hans Nilsson
2018-12-20Move algorithms to a new fileDoug Hogan
crypto.c is now only responsible for declaring NIFs and setup/tear down.
2018-12-20Move most FIPS functionality to a new fileDoug Hogan
2018-12-20Move public/private key functionality to a new fileDoug Hogan
2018-12-20Move EVP functionality to a new fileDoug Hogan
2018-12-20Move ECDH functionality to a new fileDoug Hogan
2018-12-20Move EC functionality to a new fileDoug Hogan
2018-12-20Move xor functionality to a new fileDoug Hogan
2018-12-20Move block crypt functionality to a new fileDoug Hogan
2018-12-20Move AEAD functionality to a new fileDoug Hogan
2018-12-20Move info functionality to a new fileDoug Hogan
2018-12-20Move AES functionality to a new fileDoug Hogan
2018-12-20Move DSS functionality to a new fileDoug Hogan
2018-12-20Move poly1305 functionality to a new fileDoug Hogan
2018-12-20Move chacha20 functionality to a new fileDoug Hogan
2018-12-20Move random functionality to a new fileDoug Hogan
2018-12-20Move SRP functionality to a new fileDoug Hogan
2018-12-20Move EDDSA functionality to a new fileDoug Hogan
2018-12-20Move DH functionality to a new fileDoug Hogan
2018-12-20Move RC4 functionality to a new fileDoug Hogan
Also, move a FIPS check macro to the common openssl_config.h.
2018-12-20Move CMAC functionality to a new fileDoug Hogan
2018-12-20Move hash utility functions to a new fileDoug Hogan
2018-12-20Move cipher utility functions to a new fileDoug Hogan
2018-12-20Move HMAC to new filesDoug Hogan
2018-12-20Move digest types to a new fileDoug Hogan
2018-12-20Move BN and RSA utility functions to new filesDoug Hogan
2018-12-20Move most engine code to a separate fileDoug Hogan
2018-12-20Move all atoms to a new file and add common headerDoug Hogan
2018-08-21Move configuration of crypto to crypto application from ertsRickard Green
In order to be able to handle runtime library path in crypto also DED parts was broken out into a macro.
2017-11-10[crypto] Add support for loading an alternative EngineLars Thorsen
Add support to plug in alternative implementations for some or all of the cryptographic operations supported by the OpenSSL Engine API. When configured appropriately, OpenSSL calls the engine's implementation of these operations instead of its own.
2016-09-28Rename SSL_DEFINE to SSL_FLAGSMagnus Henoch
For consistency with other applications.
2016-09-28Support using OpenSSL in FIPS modeDániel Szoboszlay
FIPS mode support needs to be enabled at compile time, by configuring Erlang/OTP with --enable-fips option. In FIPS mode the non-FIPS algorithms are disabled and raise error notsup. The supported protocols list is properly updated in FIPS mode to advertise only the enabled protocols. FIPS mode is off by default even if Erlang/OTP was built with FIPS support. It needs to be turned on at runtime. The official approach is to set the fips_mode application environment parameter of the crypto application to true. This would turn FIPS mode on when the NIF is loaded and would prevent loading the module on error. Another method is provided via the crypto:enable_fips_mode/1 function, but it is not recommended to be used in production, as it won't prevent the use of the crypto module in case of an error, and would risk OpenSSL crashing the emulator. It is very useful for test suites however that need to check both validated and non-validated functionality. This commit is based on commit 00b3a04d17a653b4abddeebd6dd8a2c38df532d0.
2016-03-15update copyright-yearHenrik Nord
2015-07-10ose: Remove all code related to the OSE portLukas Larsson
The OSE port is no longer supported and this commit removed it and any changes related to it. The things that were general improvements have been left in the code.
2015-06-18Change license text to APLv2Bruce Yinhe
2014-02-24Added support for ENEA OSELukas Larsson
This port has support for both non-smp and smp. It contains a new way to do io checking in which erts_poll_wait receives the payload of the polled entity. This has implications for all linked-in drivers.
2013-08-21erts: Add option to include nifs staticallyLukas Larsson
Both crypto and asn1 are supported.
2013-01-15Implement ./otp_build configure --enable-silent-rulesAnthony Ramine
With silent rules, the output of make is less verbose and compilation warnings are easier to spot. Silent rules are disabled by default and can be disabled or enabled at will by make V=0 and make V=1.
2012-10-22crypto: Link crypto_callback staticallySverker Eriksson
if static linking of openssl is used.
2012-10-09crypto: Make unloading of crypto saferSverker Eriksson
Facts: crypto nif-lib registers callback functions that openssl uses for memory management and thread synchronization. The callback functions can only be set once, openssl does not allow changing the callback functions. Problem: If openssl is dynamicly linked to crypto, you might get s scenario where the crypto lib is unloaded while leaving openssl loaded with its old pointers to the unloaded crypto code intact. If crypto is then reloaded (by init:restart() for example), the crypto nif-lib might get relocated at a different address. crypto calls openssl which in turn calls the old invalid callback functions...kaboom. Solution: Break apart the callback functions into a separate dynamic lib that crypto loads with dlopen. When crypto is unloaded the callback lib is left in place to be reused if/when crypto is loaded again.
2012-08-31Update copyright yearsBjörn-Egil Dahlberg
2012-06-05Update to work with whitespace in exec pathLukas Larsson
OTP-10106 OTP-10107
2012-04-11crypto: Remove unnecessary dependency to libsslSverker Eriksson
crypto only uses libcrypto. Superfluous dependency introduced in R14B04 by 52230a417ad0057.
2011-09-08Merge branch 'dev' into majorHenrik Nord
2011-08-11Fix win32 OpenSSL static linking broken in 20c9d6eDave Cottlehuber
2011-08-08*/c_src/Makefile*: Support parallel makeBjörn Gustavsson
Create directories first, not within implicit rules. If two 'install' instances runs at the same time attempting to create a directory, one of them may fail with an "File exists" error. I tried to use order-only prerequisites to create the directories, but run into two problems: First, order-only prerequisites are only implemented in Make 3.80 and later. Second, on a computer running Solaris/Intel 2.8 (with Make 3.80), order-only prerequisites seemed to work like ordinary prerequisites, causing targets to be re-built if the timestamp for the directory changed. Therefore, using a shell command to run mkdir seems to be the more portable solution.
2011-05-20Update copyright yearsBjörn-Egil Dahlberg