aboutsummaryrefslogtreecommitdiffstats
path: root/lib/crypto/c_src/crypto.c
AgeCommit message (Collapse)Author
2016-05-26crypto: Workaround buggy GCM via EVPSverker Eriksson
2016-04-25crypto: Deprecate rand_bytes/1Ingela Anderton Andin
OpenSSL has deprecated the function RAND_pseudo_bytes used by crypto:rand_bytes/1, so this function is now deprecated in OTP too. rand_bytes/3 also used this function, but was not documented so we can remove it right away. This commit also removes the fallback in generate_key to use rand_bytes/1 if strong_rand_bytes/1 throws low entropy. This is a potential incompatibility but we think it is desirable as crypto should provide cryptographically secure functions.
2016-04-18Merge branch 'mururu/crypto/aes-gcm-tag-len.PR-998.OTP-13483'Sverker Eriksson
2016-04-13Merge branch 'henrik/update-copyrightyear'Henrik Nord
* henrik/update-copyrightyear: update copyright-year
2016-03-29crypto: Optimize digest/cipher lookupsSverker Eriksson
by not repeating calls to get static EVP_MD and EVP_CIPHER objects. Also compressed the structs with unions for better caching during search.
2016-03-29crypto: Raise 'notsup' if lacking 'characteristic_two_field'Sverker Eriksson
and not badarg.
2016-03-26crypto: Enable AES-GCM tag length to changeYuki Ito
This commit enables AES-GCM encryption/decryption to change its tag length between 1 to 16 bytes.
2016-03-15update copyright-yearHenrik Nord
2016-02-08Merge branch 'maint'Sverker Eriksson
2016-01-27Check the result of EC_GROUP_new_curve_* callsDániel Szoboszlay
The FIPS-enabled OpenSSL on RHEL disallows the use of < 256 bit prime fields (like secp128r1 or secp160k1), and the EC_GROUP_new_cuve_GFp call would return a NULL pointer for such fields. Not checking for this failure could result in a segfault in the NIF code.
2016-01-14crypto: Fix bug for multiple blocks for AES-ECBAndrew Bennett
2015-12-17Merge branch 'sverk/crypto/aes-ecb-192-bit'Sverker Eriksson
OTP-13207 * sverk/crypto/aes-ecb-192-bit: crypto: Support 192-bit keys for AES ECB
2015-12-17crypto: Support 192-bit keys for AES ECBAndrew Bennett
2015-12-17Merge branch 'sverk/crypto/aes-cbc-192-bit'Sverker Eriksson
OTP-13206 * sverk/crypto/aes-cbc-192-bit: crypto: Support 192-bit keys for AES CBC
2015-12-11crypto: Support 192-bit keys for AES CBCSverker Eriksson
and deprecate aes_cbc128 and aes_cbc256 in favor of aes_cbc. This commit is pr 832 squashed, rebased and made work on master https://github.com/erlang/otp/pull/832/commits
2015-12-11crypto: Fix potential memory leak in error case for block cipherSverker Eriksson
2015-12-11crypto: Optimize AES-GCM cipher to not use dynamic allocationSverker Eriksson
for the EVP_CIPHER_CTX.
2015-12-11Use EVP for AES-GCMYuki Ito
This enables the use of hardware acceleration on newer Intel CPUs (AES-NI).
2015-12-01crypto: Avoid bug in OpenSSL-0.9.8 for ECB ciphersSverker Eriksson
that make EVP_CIPHER_iv_length() return non-zero value. Seems to be fixed in 0.9.8m.
2015-11-17Fix EVP_aes_???_ctr to demand OpenSSL 1.0.1 or later.Sverker Eriksson
2015-11-17Fix bug for aes_cfb_128_encrypt with empty binarySverker Eriksson
causing OpenSSL 0.9.8h to crash with evp_enc.c(282): OpenSSL internal error, assertion failed: inl > 0
2015-11-17crypto: Refactor nif code to use EVP interfaceSverker Eriksson
Using the generic EVP_* API makes it possible to unify algorithm-specific nif functions to a single generic function. Effectively the same change that took place on the Erlang API in R16B01 is now applied to the C code. The old implementation using the low-level API is kept for compiling against old OpenSSL, as parts of the EVP API were introduced in OpenSSL 1.0.0. There are various minor improvements as well: - supported algorithms are now provided by the nif code (not a mix of the C and Erlang code) - remove unnecessary variables and macro definitions Most of the changes in this commit comes from Dániel Szoboszlay https://github.com/dszoboszlay/otp/commit/07f7056f955b324df4ace which is part of his 'fips' branch. Now also rebased on master branch.
2015-07-10ose: Remove all code related to the OSE portLukas Larsson
The OSE port is no longer supported and this commit removed it and any changes related to it. The things that were general improvements have been left in the code.
2015-06-18Change license text to APLv2Bruce Yinhe
2015-05-11crypto: Fix bug in generate_key(ecdh,...)Sverker Eriksson
that could cause VM crash on faulty input.
2015-04-09crypto: Fix undefined symbol EVP_CIPHER_CTX_newSverker Eriksson
Use a stack allocated context and EVP_CIPHER_CTX_init/cleanup instead of dynamic EVP_CIPHER_CTX_new/free that does not exist in older 0.9.8 versions.
2015-02-27Merge branch 'maint'Henrik Nord
2015-02-04Accept all valid key sizes in aes_cfb functionsKelly McLaughlin
Despite the confusion caused by the name, aes_cfb_8_crypt and aes_cfb_128_crypt can use key lengths of 128, 192, or 256. The integer in the function name refers to the block size for CFB mode. Change the aes_cfb_8_crypt and aes_cfb_128_crypt functions to accept and use keys of length 128, 192, or 256. Also augment the existing testing for these functions using the NIST test vectors for the additional key lengths to ensure the changes function properly.
2015-01-14Merge branch 'andreaTP/added-aes-ecb-to-crypto/OTP-12403'Marcus Arendt
* andreaTP/added-aes-ecb-to-crypto/OTP-12403: aligned implementation following last specs finally fixed docs fixed incorrect tag proposal of documentation fixes and tests add aes ecb to crypto library
2015-01-12Merge branch 'RoadRunnr/crypto-ecc-gen-key'Bruce Yinhe
OTP-12394 * RoadRunnr/crypto-ecc-gen-key: [crypto] enhance generate_key for ECC keys
2015-01-09add aes ecb to crypto libraryandreaP
2014-11-28crypto: use EVP for AES-CBCAlex Wilson
This enables the use of hardware acceleration for AES crypto on newer Intel CPUs (AES-NI), among other platforms.
2014-11-17[crypto] enhance generate_key for ECC keysAndreas Schultz
enhance generate_key to calculate ECC public keys from private keys
2014-09-09Merge branch 'maint'Sverker Eriksson
2014-09-08crypto: Verify OpenSSL library major version at loadSverker Eriksson
to prevent strange memory corruption crashes due to mismatch between header and library versions.
2014-09-03crypto: add support for ChaCha20/Policy1305 AEAD cipherAndreas Schultz
2014-09-03crypto: add AES128-GCM cipher supportAndreas Schultz
2014-06-19Merge branch 'sverk/crypto-ec-mem-leak/OTP-11999' into maintSverker Eriksson
* sverk/crypto-ec-mem-leak/OTP-11999: crypto: Fix memory leak of EC "keys" and "points" crypto: Fix crypto for debug and valgrind
2014-06-18crypto: Fix memory leak of EC "keys" and "points"Sverker Eriksson
2014-06-17crypto: Fix crypto for debug and valgrindSverker Eriksson
without relying on opt-version has been built. Removed ASSERT to make crypto_callback.debug.so work without dynamic linking to libcrypto.so.
2014-06-11Merge branch 'pguyot/fix_srp' into maintHenrik Nord
* pguyot/fix_srp: Fix bug in SRP implementation
2014-05-26crypto: Fix memory leak in some error casesSverker Eriksson
sign(dss,) and compute_key(dh,)
2014-05-26crypto: Fix memory leak in hmac stream functionsSverker Eriksson
The context was never deallocated.
2014-05-15Fix bug in SRP implementationPaul Guyot
SRP didn't work with smaller primes as user secret was improperly computed. Formula is: (B - (k * g^x)) ^ (a + (u * x)) % N Previously, the code computed a + (u * x) % N instead of a + (u * x). a typically is a 256 bits random number (RFC 5054 says it should be at least 256 bits), u and x are SHA1 signatures (160 bits). So a + (u * x) can differ from a + (u * x) % N for N primes smaller than 320 bits.
2014-04-29Add AES-CBF8 cypher to crypto moduleBernard Duggan
This adds the aes_cfb8 cypher type (and associated tests and documentation) to the crypto module.
2014-02-24Merge branch 'lukas/ose/master/OTP-11334'Lukas Larsson
* lukas/ose/master/OTP-11334: (71 commits) erts: Fix unix efile assert ose: Use -O2 when building ose: Expand OSE docs ose: Add dummy ttsl driver ose: Cleanup cleanup of mutex selection defines ose: Polish mmap configure checks ose: Add ose specific x-compile flags ose: Updating fd_driver and spawn_driver for OSE ose: Updating event and signal API for OSE ose: Cleanup of mutex selection defines win32: Compile erl_log.exe ose: Remove uneccesary define ose: Fix ssl configure test for osx erts: Fix sys_msg_dispatcher assert ose: Fix broken doc links ose: Thread priorities configurable from lmconf ose: Yielding the cpu is done "the OSE" way ose: Start using ppdata for tse key ose: Do not use spinlocks on OSE ose: Fix support for crypto ... Conflicts: lib/crypto/c_src/crypto.c
2014-02-24ose: Fix support for cryptoLukas Larsson
To enable it you have to modify the OSESSL variable in the ose xcomp file.
2014-02-24crypto: Add rand_seed functionLukas Larsson
This function is needed on OSs that do not automatically initialize the PRNG seed.
2014-02-12crypto: Fix bug when using old hmac contextSverker Eriksson
Symptom: Using an old context (that had already been passed as argument to either hmac_upgrade or hmac_final) could cause VM crash or worse. Reason: Only a shallow copy (memcpy) of the context was made causing a new context to partly mutate its parent context into an inconsistent state. Problem: Only OpenSSL v1.0 supports deep copy of hmac context. It is thus not possible to implement a functional interface for older OpenSSL versions (0.9.8) which still have wide spread use. Solution: Change hmac contexts into a mutable state using NIF resources. Document reuse of old contexts as undefined. Future: If a need for reusing old context variables arise, a new hmac_copy function could be introduced that is only supported for OpenSSL v1.0.
2014-01-13crypto: selective support for GF2m curvesAndreas Schultz
Newer OpenSSL versions allow to selectively disable GF2m elliptic curves. Selectively enable GF2m curves is support for them is available.