aboutsummaryrefslogtreecommitdiffstats
path: root/lib/crypto/c_src
AgeCommit message (Collapse)Author
2018-06-12crypto: Remove commentsHans Nilsson
2018-06-11crypto: Add experimental x25519 and x448Hans Nilsson
Not to be used. Uses not yet released functions in OpenSSL 1.1.1-pre8-dev
2018-06-11crypto: Extend crypto:supports with 'curves'Hans Nilsson
"curves" in crypto:supports returns list of actually supported ec_curves
2018-06-04crypto: Valgrind suggestionsHans Nilsson
2018-05-18Merge branch 'sverker/crypto-upgrade-bug/OTP-15088'Sverker Eriksson
* sverker/crypto-upgrade-bug/OTP-15088: crypto: Robustify the do-once-initialization crypto: Fix upgrade bug when engine support is missing
2018-05-17crypto: Robustify the do-once-initializationSverker Eriksson
Introduce boolean 'library_initialized' that is set once and never cleared as that is how initialization must be done. Kept 'library_refc' as it may be interesting for debugging. Moved the three init_*_types() functions last as those must only be called once and there were error cases bailing out after them.
2018-05-17crypto: Fix upgrade bug when engine support is missingSverker Eriksson
library_refc was not checked causing crash when init_digest_types() was called a second time.
2018-05-08Merge branch 'maint'Hans Nilsson
* maint: Updated OTP version Prepare release ssh: Renegotiation -> renegotiate ssh: Fix DH group exchange server bug for PuTTY and others following draft-draft-00 from 2001 and not the rfc4419 crypto: get_engine_load_cmd_list excluded if no engine support crypto: Fix compilation for LibreSSL 2.7.x crypto: Disable test_engine if engine is disabled crypto: disable engine if OPENSSL_NO_EC* is set If that flag is set, and openssl/engine.h is included, there will be an erro further down in files included by engine.h Conflicts: OTP_VERSION
2018-05-07Merge branch 'hans/crypto/OPENSSL_NO_EC/OTP-15073' into maint-20Erlang/OTP
* hans/crypto/OPENSSL_NO_EC/OTP-15073: crypto: Disable test_engine if engine is disabled crypto: disable engine if OPENSSL_NO_EC* is set If that flag is set, and openssl/engine.h is included, there will be an erro further down in files included by engine.h
2018-05-04crypto: get_engine_load_cmd_list excluded if no engine supportHans Nilsson
2018-05-04crypto: Fix compilation for LibreSSL 2.7.xHans Nilsson
2018-05-04crypto: Disable test_engine if engine is disabledHans Nilsson
2018-05-04crypto: disable engine if OPENSSL_NO_EC* is setHans Nilsson
If that flag is set, and openssl/engine.h is included, there will be an erro further down in files included by engine.h
2018-04-26crypto: Use EVP-api in dh_compute_key_nif and dh_generate_key_nifHans Nilsson
2018-03-09crypto: Remove undocumented, unused and erroneous functionsHans Nilsson
crypto:dh_generate_parameters and crypto:dh_check
2018-01-12crypto: Disable RSA sslv23 padding for LibreSSL >= 2.6.1Hans Nilsson
Not supported in newer LibreSSL.
2017-12-04[crypto] Add engine_ctrl_cmd_string() to APILars Thorsen
2017-12-01crypto: fix pubkey_to_privkeyHans Nilsson
2017-12-01[crypto] Fix memory leakLars Thorsen
Fix memory leak in engine load code found by valgrind.
2017-11-22Merge branch 'hans/crypto/cuddle_tests' into maintHans Nilsson
2017-11-21Merge branch 'sverker/crypto/fix-valgrind-assert' into maintSverker Eriksson
2017-11-20Remove core dump risk in crypto.cHans Nilsson
2017-11-20crypto: Printout polishingHans Nilsson
2017-11-10crypto: Remove faulty valgrind assertionSverker Eriksson
2017-11-10crypto: Add privkey_to_pubkey/2 to get the public key from a priv key in an ↵Hans Nilsson
Engine Only RSA and DSA so far.
2017-11-10crypto: Remove unused 'atom_bad_engine'Hans Nilsson
2017-11-10crypto: Update the OTP test engine with pub/priv key storageHans Nilsson
2017-11-10crypto: Enable using pub/priv PKCS8 keys stored in an EngineHans Nilsson
2017-11-10[crypto] Add support for loading an alternative EngineLars Thorsen
Add support to plug in alternative implementations for some or all of the cryptographic operations supported by the OpenSSL Engine API. When configured appropriately, OpenSSL calls the engine's implementation of these operations instead of its own.
2017-11-01Merge branch 'hans/crypto/DH_generate_parameters_deprecated/OTP-14639' into ↵Hans Nilsson
maint
2017-11-01crypto: replaced deprecated DH_generate_parametersHans Nilsson
2017-11-01crypto: Remove returnvalue from void C-fnHans Nilsson
2017-10-04crypto: ifdef of EVP for old cryptolibs (< 1.0.0)Hans Nilsson
2017-10-04crypto: Added pkey_crypt_nif from PR838Hans Nilsson
Testcases for ECDSA and DSA encrypt/decrypt and some other adaptions
2017-07-12crypto: Fix compile errors for make target 'valgrind'Sverker Eriksson
introduced in 03f3ec41f5468413235e3923a542a11cfd631089
2017-07-07crypto: Fix compatibility problems with openssl 1.0.0 cryptolibHans Nilsson
2017-07-07crypto: introduced preproc symbol HAS_EVP_PKEY_CTXHans Nilsson
2017-07-07crypto: pk verify with new function from PR838Hans Nilsson
Same comment as previous commit applies.
2017-07-07crypto: pk sign with new function from PR838Hans Nilsson
The function pkey_verify_nif handles pk signing with a general approach that is enabled by EVP api in OpenSSL 1.0.0 The rejected PR838 introduced that function and lots of other stuff so far neglected. It also made some different rsa padding methods possible (included). Since the crypto code base has changed significantly, it was an overhelming work to try a git merge. Therefore this commit is a manual move of the source code from the PR into current maint. This commit concentrates to use the new function compatible with the old functions. This includes some #if:s for different versions, compatibility code for 0.9.8. Lacking: test cases, exporting the more general erlang api, documentation...
2017-07-07crypto: Made {rsa,dss,ecdsa}_{sign,verify}_nif similar and all with evp apiHans Nilsson
2017-07-07crypto: added a 'macs' entry to proplist in crypto:supports/0Hans Nilsson
2017-06-02Merge pull request #1473 from SalikhovDinislam/static_codeLukas Larsson
Make some C code static
2017-05-29Merge pull request #1462 from Vagabond/adt-fix-aes-cfb128Hans Nilsson
Fix backwards equality check in aes cfb128 function OTP-14435
2017-05-21crypto: Make internal arrays staticSalikhov Dinislam
2017-05-15Fix backwards equality check in aes cfb128 functionAndrew Thompson
2017-05-09Remove duplicate aes_gcm from a list of ciphersDaniil Fedotov
2017-05-04Update copyright yearRaimo Niskanen
2017-04-04Merge branch 'maint'Ingela Anderton Andin
Conflicts: OTP_VERSION erts/vsn.mk lib/crypto/c_src/crypto.c lib/crypto/src/crypto.erl lib/ssh/src/ssh.erl
2017-03-29Fix bug with AES CFB 128Kelly McLaughlin
Fix a bug with the use of the aes_cfb128 cipher by calling the correct underlying openssl interface function when the cipher is specified.
2017-03-29Demonstrate the bug with AES CFB 128 encryptionKelly McLaughlin
Demonstrate a bug with AES CFB 128 for certain key sizes introduced with the Erlang 19.0 release. The code in the block_crypt_nif function in the crypto.c source file incorrectly calls aes_cfb_8_crypt when the specified cipher is aes_cfb8 or aes_cfb128 and the key size is 24 or 32. The aes_cfb_8_crypt function calls the AES_cfb8_encrypt function from the openssl interface, but this is incorrect when the cipher is aes_cfb128. Unfortunately the test cases in the crypto test suite are insufficient to detect an issue like this because it exercises the encryption and decryption roundtrip using the same incorrect underlying function. The problem was observed when trying to update an application to Erlang 19 that attempted to decrypt data that was encrypted using aes_cfb128 by another source. In this commit I altered the crypto test suite to provide a demonstration of this problem.