aboutsummaryrefslogtreecommitdiffstats
path: root/lib/crypto/doc/src
AgeCommit message (Collapse)Author
2018-09-25Merge branch 'maint'Henrik Nord
2018-09-24Prepare releaseErlang/OTP
2018-09-21Merge branch 'maint'Henrik Nord
2018-09-21Update copyright yearHenrik Nord
2018-09-19Merge branch 'maint'Hans Nilsson
* maint: crypto: Re-work the 'Description' section crypto: Add warnings in RefMan and User's Guide for experimental RSA opts
2018-09-19crypto: Re-work the 'Description' sectionHans Nilsson
Links and contents needs update.
2018-09-18Merge pull request #1857 from RaimoNiskanen/raimo/rand-crypto-xoroshiro928Raimo Niskanen
OTP-14461 - New 'rand' algorithm: Xoroshiro928** also for 'crypto' Implement a new 'rand' algorithm named 'exro928ss' and a new 'crypto' plugin for 'rand' named 'crypto_aes'. Both are based on Xoroshiro928** which is derived from Xoroshiro1024** modified to use 58-bit words for performance reasons in the Erlang VM. Xoroshiro1024** has got the Xoroshiro1024 generator and the StarStar scrambler from the 2018 paper "Scrambled Linear Pseudorandom Number Generators" by David Blackman and Sebastiano Vigna. This generator and scrambler combination shows no systematic weaknesses in standard statistical tests as TestU01(BigCrush) and PractRand, unlike the previously used * and + scramblers in the 'rand' module that exhibit statistical weaknesses for the lowest bits. The 'crypto' plugin uses AES-256 as scrambler and the Xoroshiro928 as generator, which gives the same very long period and jump functions as for Xoroshiro928**, but a cryptographically secure scrambler gives absolutely no detectable statistical weaknesses regardless of how the generated numbers are used. The speed of 'exro928ss' is only about 30-50% slower than the default fast 'rand' algorithm, but the state is roughly the double and it produces about 8 times the garbage per iteration. The speed of 'crypto_aes' is about half (amortized) that of the default fast 'rand' algorithm which is fast and thanks to doing encryption in batches caching the result. Hence the state is much larger.
2018-09-18crypto: Add warnings in RefMan and User's Guide for experimental RSA optsHans Nilsson
2018-09-17Merge branch 'maint'Hans Nilsson
* maint: crypto: Fix no_aead test crypto: Document AES_CCM and fix errors in User's Guide The sizes in the Algorithms chapter for aes_gcm was wrong or incomplete. crypto: AES_CCM test case crypto: All aes_ccm vectors (including unused) This directory contains all aes_ccm vectors. However, effort is needed to include them in the test suite so they are left for later. crypto: Add AES_CCM crypto Will be increase interoperability of future SSL application versions. crypto: Generalize aes_gcm_(de|en)crypt nifs
2018-09-17Merge branch 'hans/crypto/aes_ccm/OTP-15286' into maintHans Nilsson
* hans/crypto/aes_ccm/OTP-15286: crypto: Fix no_aead test crypto: Document AES_CCM and fix errors in User's Guide The sizes in the Algorithms chapter for aes_gcm was wrong or incomplete. crypto: AES_CCM test case crypto: All aes_ccm vectors (including unused) This directory contains all aes_ccm vectors. However, effort is needed to include them in the test suite so they are left for later. crypto: Add AES_CCM crypto Will be increase interoperability of future SSL application versions. crypto: Generalize aes_gcm_(de|en)crypt nifs
2018-09-17Merge branch 'maint'Hans Nilsson
* maint: crypto: Add forgotten #ifdef MAY prevent compilation errors if the symbol is configured to not be defined in an OpenSSL version where it exists by default. crypto: Change condition for RSA_PKCS1_PSS Trubble on a couple of cross-building machines crypto: RSA options list disclaimer in documentation for crypto:supports/0 The final appearence of the rs_opts entry is still not completly decided. crypto: Add 'rsa_opts' to crypto:supports/0 Needed in future versions of the SSL application.
2018-09-14crypto: Document AES_CCM and fix errors in User's GuideHans Nilsson
The sizes in the Algorithms chapter for aes_gcm was wrong or incomplete.
2018-09-14crypto: RSA options list disclaimer in documentation for crypto:supports/0Hans Nilsson
The final appearence of the rs_opts entry is still not completly decided.
2018-09-13Use long period counter for crypto_aesRaimo Niskanen
Conflicts: lib/crypto/doc/src/crypto.xml lib/crypto/src/crypto.erl
2018-09-13Merge branch 'maint'Hans Nilsson
* maint: ssh: Use exported crypto types public_key: Generate refman from types and specs public_key: Rework -type and -spec Check existing specs with code and documentation and adjust. Prepare for doc generation public_key: Setup for doc generation public_key: Remove special type signature for one test crypto: Add missing documentation for enable_fips_mode/1 crypto: Generate refman from types and specs and fix links in engine chapter for generated crypto module refman crypto: Rework -type and -spec Check code and documentation and write -type/-spec or adjust existing. Prepare for doc generation crypto: Setup for doc generation crypto: A user's guide chapter on algorithm details Such as keylengths, blocksizes and IV lengths are hard to find otherwise
2018-09-13crypto: Add missing documentation for enable_fips_mode/1Hans Nilsson
2018-09-13crypto: Generate refman from types and specsHans Nilsson
and fix links in engine chapter for generated crypto module refman
2018-09-13crypto: Setup for doc generationHans Nilsson
2018-09-13crypto: A user's guide chapter on algorithm detailsHans Nilsson
Such as keylengths, blocksizes and IV lengths are hard to find otherwise Conflicts: lib/crypto/doc/src/crypto.xml
2018-08-24Merge branch 'maint'Lars Thorsen
* maint: Updated OTP version Prepare release Updated the engine load functionality inets: Prepare for release inets: Use status code 501 when no mod_* handles the request ssl: Prepare for release ssl: Make sure that a correct cipher suite is selected ssl: Make sure that a correct cipher suite is selected
2018-08-24Merge branch 'maint-21' into maintLars Thorsen
* maint-21: Updated OTP version Prepare release Updated the engine load functionality inets: Prepare for release inets: Use status code 501 when no mod_* handles the request ssl: Prepare for release ssl: Make sure that a correct cipher suite is selected ssl: Make sure that a correct cipher suite is selected
2018-08-23Prepare releaseErlang/OTP
2018-08-23Merge branch 'maint'Hans Nilsson
* maint: crypto: doc x25519 & x448 crypto: Test vectors for ecdh x25519 and x448 crypto: Remove the term 'eddh' crypto: Enable EDDH all OpenSSL cryptolib over beta version 1.1.1-pre8 ssh: Doc updates ssh: spec curve25519 & curve448 ssh: Fix non-conforming key generation in kex for x25519 and x448 ssh: Enable curve448-sha512 and curve25519-sha256 ssh: Remove the term 'eddh' crypto: Disable non-working SHA3_224 and SHA3_256 crypto: doc SHA3 (hash & hmac) crypto: Tests for SHA3 crypto: SHA3 hash on OpenSSL-1.1.1
2018-08-23Merge branch 'hans/crypto/x25519_x448/OTP-15240' into maintHans Nilsson
* hans/crypto/x25519_x448/OTP-15240: crypto: doc x25519 & x448 crypto: Test vectors for ecdh x25519 and x448 crypto: Remove the term 'eddh' crypto: Enable EDDH all OpenSSL cryptolib over beta version 1.1.1-pre8
2018-08-23Merge branch 'hans/crypto/SHA3/OTP-15153' into maintHans Nilsson
* hans/crypto/SHA3/OTP-15153: crypto: Disable non-working SHA3_224 and SHA3_256 crypto: doc SHA3 (hash & hmac) crypto: Tests for SHA3 crypto: SHA3 hash on OpenSSL-1.1.1
2018-08-23Merge branch 'maint'Hans Nilsson
* maint: ssh: Doc updates ssh: some benchmarking of [email protected] ssh: -spec ssh: Add [email protected] cipher crypto: doc poly1305 crypto: doc chacha20 crypto: Error in test case crypto: chacha20 test case crypto: poly1305 test case crypto: -spec crypto: chacha20 cipher crypto: Mac POLY1305 if >=OpenSSL 1.1.1-pre8
2018-08-23crypto: doc x25519 & x448Hans Nilsson
2018-08-23crypto: doc SHA3 (hash & hmac)Hans Nilsson
2018-08-23crypto: doc poly1305Hans Nilsson
2018-08-23crypto: doc chacha20Hans Nilsson
2018-08-23Merge branch 'maint'Lars Thorsen
* maint: Updated OTP version Prepare release Updated the engine load functionality Clean up bag index tables
2018-08-23Merge branch 'maint-20' into maintLars Thorsen
* maint-20: Updated OTP version Prepare release Updated the engine load functionality Clean up bag index tables Conflicts: OTP_VERSION lib/crypto/c_src/crypto.c lib/crypto/doc/src/notes.xml lib/crypto/vsn.mk lib/mnesia/doc/src/notes.xml lib/mnesia/vsn.mk otp_versions.table
2018-08-23Prepare releaseErlang/OTP
2018-08-23Updated the engine load functionalityLars Thorsen
- engine_load/3/4 can be called multiple times for same engine if it allows it (eg doesn't contain global data) - ensure_engine_loaded/2/3 is new functions that guarantees that the engine is just loaded once by adding it to OpenSSL internal engine list and check that before loading. - ensure_engine_unloaded/1/2 is new functions that is used to unload engines loaded with ensure_engine_loaded (remove it from OpenSSL internal engine list and then unload). - new utility functions engine_by_id/1, engine_add/1, engine_remove/1, engine_get_id/1 and engine_get_name/1 Conflicts: lib/crypto/c_src/crypto.c
2018-08-21Updated the engine load functionalityLars Thorsen
- engine_load/3/4 can be called multiple times for same engine if it allows it (eg doesn't contain global data) - ensure_engine_loaded/2/3 is new functions that guarantees that the engine is just loaded once by adding it to OpenSSL internal engine list and check that before loading. - ensure_engine_unloaded/1/2 is new functions that is used to unload engines loaded with ensure_engine_loaded (remove it from OpenSSL internal engine list and then unload). - new utility functions engine_by_id/1, engine_add/1, engine_remove/1, engine_get_id/1 and engine_get_name/1
2018-08-14Merge pull request #1924 from omh/doc/typo-fixesLukas Larsson
Documentation typo fixes, Thoose -> Those.
2018-08-13Doc typo fixes, Thoose -> Those.Ole Morten Halvorsen
2018-08-11Merge branch 'maint'Rickard Green
* maint: Updated OTP version Update release notes Update version numbers
2018-08-11Merge branch 'maint-21' into maintRickard Green
* maint-21: Updated OTP version Update release notes Update version numbers
2018-08-10Update release notesErlang/OTP
2018-08-10Merge branch 'maint'Rickard Green
* maint: Updated OTP version Update release notes Update version numbers crypto: Fix crash in compute_key(ecdh, ...) on badarg Relax add_table_copy restriction Fixed #Ref ordering bug Test #Ref ordering in lists and ets Do NOT disc_load from ram_copies when master_node is set ssl: Make sure that a correct cipher suite is selected ssl: Correct handling of empty server SNI extension
2018-08-10Merge branch 'maint-20' into maintRickard Green
* maint-20: Updated OTP version Update release notes Update version numbers crypto: Fix crash in compute_key(ecdh, ...) on badarg Relax add_table_copy restriction Fixed #Ref ordering bug Test #Ref ordering in lists and ets Do NOT disc_load from ram_copies when master_node is set ssl: Make sure that a correct cipher suite is selected ssl: Correct handling of empty server SNI extension
2018-08-09Update release notesErlang/OTP
2018-07-27Change "can not" into "cannot"Raimo Niskanen
I did not find any legitimate use of "can not", however skipped changing e.g RFCs archived in the source tree.
2018-07-13docs: make clean all XMLDIRLukas Larsson
2018-06-19Prepare releaseErlang/OTP
2018-06-18Update copyright yearHenrik Nord
2018-05-29Revert "Prepare release"Henrik
This reverts commit fd8e49b5bddceaae803670121b603b5eee8c5c08.
2018-05-25Prepare releaseErlang/OTP
2018-05-08Merge branch 'maint'Hans Nilsson
* maint: Updated OTP version Prepare release ssh: Renegotiation -> renegotiate ssh: Fix DH group exchange server bug for PuTTY and others following draft-draft-00 from 2001 and not the rfc4419 crypto: get_engine_load_cmd_list excluded if no engine support crypto: Fix compilation for LibreSSL 2.7.x crypto: Disable test_engine if engine is disabled crypto: disable engine if OPENSSL_NO_EC* is set If that flag is set, and openssl/engine.h is included, there will be an erro further down in files included by engine.h Conflicts: OTP_VERSION