aboutsummaryrefslogtreecommitdiffstats
path: root/lib/crypto/c_src
AgeCommit message (Collapse)Author
2014-09-08crypto: Verify OpenSSL library major version at loadSverker Eriksson
to prevent strange memory corruption crashes due to mismatch between header and library versions.
2014-06-19Merge branch 'sverk/crypto-ec-mem-leak/OTP-11999' into maintSverker Eriksson
* sverk/crypto-ec-mem-leak/OTP-11999: crypto: Fix memory leak of EC "keys" and "points" crypto: Fix crypto for debug and valgrind
2014-06-18crypto: Fix memory leak of EC "keys" and "points"Sverker Eriksson
2014-06-17crypto: Fix crypto for debug and valgrindSverker Eriksson
without relying on opt-version has been built. Removed ASSERT to make crypto_callback.debug.so work without dynamic linking to libcrypto.so.
2014-06-11Merge branch 'pguyot/fix_srp' into maintHenrik Nord
* pguyot/fix_srp: Fix bug in SRP implementation
2014-05-26crypto: Fix memory leak in some error casesSverker Eriksson
sign(dss,) and compute_key(dh,)
2014-05-26crypto: Fix memory leak in hmac stream functionsSverker Eriksson
The context was never deallocated.
2014-05-15Fix bug in SRP implementationPaul Guyot
SRP didn't work with smaller primes as user secret was improperly computed. Formula is: (B - (k * g^x)) ^ (a + (u * x)) % N Previously, the code computed a + (u * x) % N instead of a + (u * x). a typically is a 256 bits random number (RFC 5054 says it should be at least 256 bits), u and x are SHA1 signatures (160 bits). So a + (u * x) can differ from a + (u * x) % N for N primes smaller than 320 bits.
2014-04-29Add AES-CBF8 cypher to crypto moduleBernard Duggan
This adds the aes_cfb8 cypher type (and associated tests and documentation) to the crypto module.
2014-02-24Merge branch 'lukas/ose/master/OTP-11334'Lukas Larsson
* lukas/ose/master/OTP-11334: (71 commits) erts: Fix unix efile assert ose: Use -O2 when building ose: Expand OSE docs ose: Add dummy ttsl driver ose: Cleanup cleanup of mutex selection defines ose: Polish mmap configure checks ose: Add ose specific x-compile flags ose: Updating fd_driver and spawn_driver for OSE ose: Updating event and signal API for OSE ose: Cleanup of mutex selection defines win32: Compile erl_log.exe ose: Remove uneccesary define ose: Fix ssl configure test for osx erts: Fix sys_msg_dispatcher assert ose: Fix broken doc links ose: Thread priorities configurable from lmconf ose: Yielding the cpu is done "the OSE" way ose: Start using ppdata for tse key ose: Do not use spinlocks on OSE ose: Fix support for crypto ... Conflicts: lib/crypto/c_src/crypto.c
2014-02-24ose: Fix support for cryptoLukas Larsson
To enable it you have to modify the OSESSL variable in the ose xcomp file.
2014-02-24crypto: Add rand_seed functionLukas Larsson
This function is needed on OSs that do not automatically initialize the PRNG seed.
2014-02-24Added support for ENEA OSELukas Larsson
This port has support for both non-smp and smp. It contains a new way to do io checking in which erts_poll_wait receives the payload of the polled entity. This has implications for all linked-in drivers.
2014-02-19Merge branch 'sverk/crypto/nomem-abort'Sverker Eriksson
OTP-11725 * sverk/crypto/nomem-abort: crypto: Abort VM if out of memory
2014-02-12crypto: Fix bug when using old hmac contextSverker Eriksson
Symptom: Using an old context (that had already been passed as argument to either hmac_upgrade or hmac_final) could cause VM crash or worse. Reason: Only a shallow copy (memcpy) of the context was made causing a new context to partly mutate its parent context into an inconsistent state. Problem: Only OpenSSL v1.0 supports deep copy of hmac context. It is thus not possible to implement a functional interface for older OpenSSL versions (0.9.8) which still have wide spread use. Solution: Change hmac contexts into a mutable state using NIF resources. Document reuse of old contexts as undefined. Future: If a need for reusing old context variables arise, a new hmac_copy function could be introduced that is only supported for OpenSSL v1.0.
2014-02-05crypto: Abort VM if out of memorySverker Eriksson
Nice crash instead of segv or worse.
2014-01-13crypto: selective support for GF2m curvesAndreas Schultz
Newer OpenSSL versions allow to selectively disable GF2m elliptic curves. Selectively enable GF2m curves is support for them is available.
2014-01-13crypto: move elitic curve definitions from OpenSSL built-ins to ErlangAndreas Schultz
Decouple eliptic curve definition from OpenSSL and define them in Erlang.
2013-12-16crypto: Fix memory leaks and invalid deallocationsSverker Eriksson
in mod_pow, mod_exp and generate_key(srp,...)
2013-12-03crypto: Fix bug in change_basenameSverker Eriksson
strrchr used on non null-terminated string.
2013-12-03Merge branch 'sverk/yb/aes_ige_crypt'Sverker Eriksson
* sverk/yb/aes_ige_crypt: crypto: Update supports/0 for des3_cbf and aes_ige256 crypto: Throw notsup for AES IGE if openssl older than 0.9.8c crypto: Add IGE mode for AES OTP-11522
2013-12-02Merge branch 'maint'Henrik Nord
2013-11-27crypto: Update supports/0 for des3_cbf and aes_ige256Sverker Eriksson
2013-11-27crypto: Throw notsup for AES IGE if openssl older than 0.9.8cSverker Eriksson
2013-11-21Fix some uninitialized pointers in cryptoAnthony Ramine
crypto.c:2748:9: warning: variable 'bn_prime' is used uninitialized whenever '||' condition is true [-Wsometimes-uninitialized] if (!get_bn_from_bin(env, argv[0], &bn_verifier) ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ crypto.c:2758:6: note: uninitialized use occurs here if (bn_prime) BN_free(bn_prime); ^~~~~~~~ crypto.c:2748:9: note: remove the '||' if its condition is always false if (!get_bn_from_bin(env, argv[0], &bn_verifier) ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
2013-09-30crypto: Add IGE mode for AESYura Beznos
2013-09-19erts, crypto: Support NIF library with unicode filename on windowsSverker Eriksson
2013-08-21erts: Add option to include nifs staticallyLukas Larsson
Both crypto and asn1 are supported.
2013-06-12crypto: Supress some false positives from valgrindSverker Eriksson
2013-06-12crypto: Refactor remove resource for EC_KEYSverker Eriksson
The resource was not needed as it was never kept between external crypto calls.
2013-06-12crypto: Fix some compiler warningsSverker Eriksson
2013-06-11crypto: Fix bug with takover of EC resource typeSverker Eriksson
enif_open_resource_type() must be called even during repeated loading of same library. Otherwise the resource type will be deallocated when the old module instance is purged.
2013-06-07Teach crypto.c not to call enif_compute_timeslice with 0Patrik Nyblom
2013-06-05Add enif_consume_timeslice to appropriate crypto NIFsPatrik Nyblom
2013-06-04crypto: Avoid big binaries in nifsIngela Anderton Andin
2013-05-24crypto, public_key & ssl: Make more functions accept integer keysSverker Eriksson
2013-05-08crypto: Remove debug printoutsSverker Eriksson
2013-05-08ssl & crypto: Generalize the remaining crypto APIIngela Anderton Andin
2013-05-08crypto: Add generic functions generate_key and compute_keySverker Eriksson
and remove corresponding specific functions for srp and ecdh but leave dh_ functions for backward compatibility.
2013-05-08crypto: Fix ec_key resource to be upgradeableIngela Anderton Andin
2013-05-08crypto: Combine ec_key_new into ecdh_generate_keySverker Eriksson
and remove curve from the returned tuple.
2013-05-08crypto, public_key: Switch places of ecdh_compute_key argumentsSverker Eriksson
2013-05-08crypto, public_key & ssl: Change API to hide resource format for EC KEYSverker Eriksson
2013-05-08crypto: Allow integer keys for rsa_private/public_en/decryptSverker Eriksson
as well as mpint's for backward compatibility.
2013-05-08crypto: Introduce generic sign() and verify() functionsSverker Eriksson
for rsa, dss, and new ecdsa. No mpint's accepted.
2013-05-08crypto: Replaced all mpint's with normal binariesSverker Eriksson
2013-05-08CRYPTO: add support for Elliptic Curves to crypto appAndreas Schultz
Conflicts: lib/crypto/src/crypto.erl
2013-04-03crypto: New SRP APIIngela Anderton Andin
Adjust API to better fit in with similar funtions in crypto
2013-04-03CRYPTO: add algorithms/0 function that returns a list off compiled in crypto ↵Andreas Schultz
algorithms add algorithms/0 function that returns a list off compiled in crypto algorithms and make tests suites with SHA226, SHA256, SHA384 and SHA512 conditional based on that
2013-03-28CRYPTO: add support for RFC-2945 SRP-3 and RFC-5054 SRP-6a authenticationAndreas Schultz