aboutsummaryrefslogtreecommitdiffstats
path: root/lib/crypto/c_src
AgeCommit message (Collapse)Author
2018-09-18crypto: Fix bad return/exception for unsupported cipherHans Nilsson
Accidently f11391139c4165e8541a52d45cd1525343a83927 merged by 0a218353e4360e36bac304b6a4e0effe78d95615 changed the return exception 'notsup' to 'badarg' for unsupported chipher names. This changes that back.
2018-09-18crypto: Use aead functions for CHACHA20_POLY1305Hans Nilsson
This previously implemented cipher is a block cipher despite using chacha. It also uses the EVP_CIPHER_CTX api which now unifies AES_GCM and AES_CCM into one pair of encrypt and decrypt functions. By integrating the existing chacha20_poly1305 code into aead_encrypt and aead_decrypt we could remove two C-functions and simplify both the C-code and the corresponding Erlang code in the CRYPTO application.
2018-09-18crypto: Disable problematic RSA options in LibreSSLHans Nilsson
2018-09-17Merge branch 'hans/crypto/aes_ccm/OTP-15286' into maintHans Nilsson
* hans/crypto/aes_ccm/OTP-15286: crypto: Fix no_aead test crypto: Document AES_CCM and fix errors in User's Guide The sizes in the Algorithms chapter for aes_gcm was wrong or incomplete. crypto: AES_CCM test case crypto: All aes_ccm vectors (including unused) This directory contains all aes_ccm vectors. However, effort is needed to include them in the test suite so they are left for later. crypto: Add AES_CCM crypto Will be increase interoperability of future SSL application versions. crypto: Generalize aes_gcm_(de|en)crypt nifs
2018-09-14crypto: Add AES_CCM cryptoHans Nilsson
Will be increase interoperability of future SSL application versions.
2018-09-14crypto: Generalize aes_gcm_(de|en)crypt nifsHans Nilsson
The EVP_CIPHER_CTX interface aims at enabling using the same code for many ciphers. Since we are going to add aes_ccm which is similar to aes_gcm, this commit is a preparation. It creates the aead_(de|en)crypt nifs and removes the old ones.
2018-09-14crypto: Add forgotten #ifdefHans Nilsson
MAY prevent compilation errors if the symbol is configured to not be defined in an OpenSSL version where it exists by default.
2018-09-14crypto: Change condition for RSA_PKCS1_PSSHans Nilsson
Trubble on a couple of cross-building machines
2018-09-14crypto: Add 'rsa_opts' to crypto:supports/0Hans Nilsson
Needed in future versions of the SSL application.
2018-09-13Merge branch 'hans/crypto/SHA3/OTP-15153' into maintHans Nilsson
2018-09-12crypto: sha3_224 and sha3_256 errors fixedHans Nilsson
2018-09-12crypto: Fix valgrind errorHans Nilsson
2018-09-11Merge branch 'hans/crypto/x25519_x448/OTP-15240' into maintHans Nilsson
* hans/crypto/x25519_x448/OTP-15240: crypto: Remove 'experimental' comments for ecdh
2018-09-10crypto: Remove 'experimental' comments for ecdhHans Nilsson
2018-08-30crypto: Let otp_test_engine only add what is neededHans Nilsson
OpenSSL_add_all_algorithms hangs on some test machines
2018-08-23Merge branch 'hans/crypto/x25519_x448/OTP-15240' into maintHans Nilsson
* hans/crypto/x25519_x448/OTP-15240: crypto: doc x25519 & x448 crypto: Test vectors for ecdh x25519 and x448 crypto: Remove the term 'eddh' crypto: Enable EDDH all OpenSSL cryptolib over beta version 1.1.1-pre8
2018-08-23Merge branch 'hans/crypto/SHA3/OTP-15153' into maintHans Nilsson
* hans/crypto/SHA3/OTP-15153: crypto: Disable non-working SHA3_224 and SHA3_256 crypto: doc SHA3 (hash & hmac) crypto: Tests for SHA3 crypto: SHA3 hash on OpenSSL-1.1.1
2018-08-23crypto: Remove the term 'eddh'Hans Nilsson
2018-08-23crypto: Enable EDDH all OpenSSL cryptolib over beta version 1.1.1-pre8Hans Nilsson
2018-08-23crypto: Disable non-working SHA3_224 and SHA3_256Hans Nilsson
2018-08-23crypto: SHA3 hash on OpenSSL-1.1.1Hans Nilsson
crypto:hash/2, crypto:hash_init/1, crypto:hash_update/2, crypto:hash_final/1
2018-08-23crypto: chacha20 cipherHans Nilsson
2018-08-23crypto: Mac POLY1305 if >=OpenSSL 1.1.1-pre8Hans Nilsson
2018-08-23Merge branch 'maint-20' into maintLars Thorsen
* maint-20: Updated OTP version Prepare release Updated the engine load functionality Clean up bag index tables Conflicts: OTP_VERSION lib/crypto/c_src/crypto.c lib/crypto/doc/src/notes.xml lib/crypto/vsn.mk lib/mnesia/doc/src/notes.xml lib/mnesia/vsn.mk otp_versions.table
2018-08-21Updated the engine load functionalityLars Thorsen
- engine_load/3/4 can be called multiple times for same engine if it allows it (eg doesn't contain global data) - ensure_engine_loaded/2/3 is new functions that guarantees that the engine is just loaded once by adding it to OpenSSL internal engine list and check that before loading. - ensure_engine_unloaded/1/2 is new functions that is used to unload engines loaded with ensure_engine_loaded (remove it from OpenSSL internal engine list and then unload). - new utility functions engine_by_id/1, engine_add/1, engine_remove/1, engine_get_id/1 and engine_get_name/1
2018-08-16crypto: Put curve list in CHans Nilsson
2018-08-13Merge branch 'hans/crypto/rsa_opts/ERL-675/PR1899/OTP-15212' into maintHans Nilsson
* hans/crypto/rsa_opts/ERL-675/PR1899/OTP-15212: crypto: Added tests for rsa opts from PR838 Fixes ERL-675
2018-08-10Merge branch 'maint-20' into maintRickard Green
* maint-20: Updated OTP version Update release notes Update version numbers crypto: Fix crash in compute_key(ecdh, ...) on badarg Relax add_table_copy restriction Fixed #Ref ordering bug Test #Ref ordering in lists and ets Do NOT disc_load from ram_copies when master_node is set ssl: Make sure that a correct cipher suite is selected ssl: Correct handling of empty server SNI extension
2018-08-09crypto: Fix crash in compute_key(ecdh, ...) on badargJohn Högberg
When term2point was passed a non-binary argument, `my_ecpoint` would be left uninitialized and the cleanup code would free a garbage pointer.
2018-08-01Fixes ERL-675Stevie Graham
RSA options rsa_mgf1_md, rsa_oaep_md, and rsa_oaep_label do not work. PR #838, which reimplemented various parts of the crypto application to use OpenSSL EVP APIs was merged manually. During the manual merge the macro define for HAVE_RSA_OAEP_MD was lost. The result being that setting rsa_mgf1_md and rsa_oaep_md for any other value than sha causes the nif to return not_sup. Support for configurable MGF1 digests and OAEP labels is available in OpenSSL version 1.1.0, a cursory look at libressl does not seem to reveal support, so it is not added in this PR. The defective functionality has been returned by defining HAVE_RSA_OAEP_MD alongside HAVE_CHACHA20_POLY1305, i.e. OpenSSL >= 1.1.0 and NOT libressl.
2018-06-18Update copyright yearHenrik Nord
2018-06-14crypto: Remove EVP_PKEY from dh_compute_key_nifHans Nilsson
According to valgrind, there is a memory leak. When fixing that there is a core-dump instead. Since generate_key is the part that is important for the quality of the key we keep the old compute_key part to avoid memory leakage.
2018-06-14crypto: Try fix valgrind errorsHans Nilsson
Re-structure dh_compute_key_nif and dh_generate_key_nif to see variable scoping and alloc/dealloc pairs better
2018-06-12crypto: Remove commentsHans Nilsson
2018-06-11crypto: Add experimental x25519 and x448Hans Nilsson
Not to be used. Uses not yet released functions in OpenSSL 1.1.1-pre8-dev
2018-06-11crypto: Extend crypto:supports with 'curves'Hans Nilsson
"curves" in crypto:supports returns list of actually supported ec_curves
2018-06-04crypto: Valgrind suggestionsHans Nilsson
2018-05-18Merge branch 'sverker/crypto-upgrade-bug/OTP-15088'Sverker Eriksson
* sverker/crypto-upgrade-bug/OTP-15088: crypto: Robustify the do-once-initialization crypto: Fix upgrade bug when engine support is missing
2018-05-17crypto: Robustify the do-once-initializationSverker Eriksson
Introduce boolean 'library_initialized' that is set once and never cleared as that is how initialization must be done. Kept 'library_refc' as it may be interesting for debugging. Moved the three init_*_types() functions last as those must only be called once and there were error cases bailing out after them.
2018-05-17crypto: Fix upgrade bug when engine support is missingSverker Eriksson
library_refc was not checked causing crash when init_digest_types() was called a second time.
2018-05-08Merge branch 'maint'Hans Nilsson
* maint: Updated OTP version Prepare release ssh: Renegotiation -> renegotiate ssh: Fix DH group exchange server bug for PuTTY and others following draft-draft-00 from 2001 and not the rfc4419 crypto: get_engine_load_cmd_list excluded if no engine support crypto: Fix compilation for LibreSSL 2.7.x crypto: Disable test_engine if engine is disabled crypto: disable engine if OPENSSL_NO_EC* is set If that flag is set, and openssl/engine.h is included, there will be an erro further down in files included by engine.h Conflicts: OTP_VERSION
2018-05-07Merge branch 'hans/crypto/OPENSSL_NO_EC/OTP-15073' into maint-20Erlang/OTP
* hans/crypto/OPENSSL_NO_EC/OTP-15073: crypto: Disable test_engine if engine is disabled crypto: disable engine if OPENSSL_NO_EC* is set If that flag is set, and openssl/engine.h is included, there will be an erro further down in files included by engine.h
2018-05-04crypto: get_engine_load_cmd_list excluded if no engine supportHans Nilsson
2018-05-04crypto: Fix compilation for LibreSSL 2.7.xHans Nilsson
2018-05-04crypto: Disable test_engine if engine is disabledHans Nilsson
2018-05-04crypto: disable engine if OPENSSL_NO_EC* is setHans Nilsson
If that flag is set, and openssl/engine.h is included, there will be an erro further down in files included by engine.h
2018-04-26crypto: Use EVP-api in dh_compute_key_nif and dh_generate_key_nifHans Nilsson
2018-03-09crypto: Remove undocumented, unused and erroneous functionsHans Nilsson
crypto:dh_generate_parameters and crypto:dh_check
2018-01-12crypto: Disable RSA sslv23 padding for LibreSSL >= 2.6.1Hans Nilsson
Not supported in newer LibreSSL.
2017-12-04[crypto] Add engine_ctrl_cmd_string() to APILars Thorsen