Age | Commit message (Collapse) | Author |
|
|
|
Adapted to the "New API" introduced in 22.0
|
|
|
|
|
|
|
|
|
|
|
|
* maint:
Updated OTP version
Prepare release
# Conflicts:
# OTP_VERSION
# make/otp_version_tickets_in_merge
|
|
|
|
|
|
|
|
This reverts commit c207d2438017d15e32f47f5ff7168759b3d123fc.
|
|
|
|
This reverts commit 0118046f9bda8dcf3594184fa439b79267db8017.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Conflicts:
lib/crypto/doc/src/crypto.xml
|
|
|
|
|
|
|
|
* maint:
Updated OTP version
Prepare release
|
|
|
|
This reverts commit df130102cdeca8d35fec95a0c926fd1cfec54eab.
|
|
|
|
The new files api_ng.h and api_ng.c implements an api using EVP.
The api is not by any mean new, except for the crypto application
in Erlang/OTP.
The aims at using the block api in a stream manor, that is
1) call crypto_init/4
2..N) call crypto_update/{2,3}
The purpose is to simplify and hopefully optimize the SSL and SSH
applications.
By keeping the crypto state in C in an enif_resource the costful state
copying in SSL and SSH is reduced with 1-2 per message sent or received.
Changes in other files are for adaptation like FIPS etc since many
functions uses the central get_cipher_type() function.
|
|
Add hash function BLAKE2 to crypto:hash/hmac
OTP-15564
|
|
|
|
Conflicts:
lib/ssl/doc/src/ssl.xml
lib/ssl/src/ssl.erl
lib/ssl/src/ssl_cipher_format.erl
lib/ssl/src/tls_handshake.erl
|
|
|
|
Adds two hash functions blake2b and blake2s (64 bit hash and 32 bit hash
respectively). These are modern and standard hash functions used in
blockchains and encrypted communication protocols (e.g. Noise -
http://www.noiseprotocol.org/). The hash functions are available in
OpenSSL since version 1.1.1.
Also add test cases and mention in documentation.
|
|
|
|
|
|
introduced after OTP_R13B03.
|
|
* maint:
Updated OTP version
Prepare release
|
|
|
|
* maint:
public_key: Add Edward curves to the documentation
public_key: Add ed25519 and ed448 sign/verify
crypto: Add Edward curves to the documentation
crypto: Add eddsa test case (ed25519 and ed448)
crypto: Add ed25519 and ed448 sign/verify
|
|
|
|
* maint:
crypto: Update RSA tests after algorithms doc chapter
crypto: Update RSA options to match specs and different OpenSSL versions - Put rsa_pkcs1_oaep_padding in supports/0 - #ifdef updates - Refine PKCS1_OAEP defines
|
|
- Put rsa_pkcs1_oaep_padding in supports/0
- #ifdef updates
- Refine PKCS1_OAEP defines
|
|
|
|
|
|
|
|
|
|
* maint:
crypto: Re-work the 'Description' section
crypto: Add warnings in RefMan and User's Guide for experimental RSA opts
|
|
Links and contents needs update.
|
|
OTP-14461 - New 'rand' algorithm: Xoroshiro928** also for 'crypto'
Implement a new 'rand' algorithm named 'exro928ss' and a new 'crypto' plugin for 'rand' named 'crypto_aes'.
Both are based on Xoroshiro928** which is derived from Xoroshiro1024** modified to use 58-bit words for performance reasons in the Erlang VM. Xoroshiro1024** has got the Xoroshiro1024 generator and the StarStar scrambler from the 2018 paper "Scrambled Linear Pseudorandom Number Generators" by David Blackman and Sebastiano Vigna.
This generator and scrambler combination shows no systematic weaknesses in standard statistical tests as TestU01(BigCrush) and PractRand, unlike the previously used * and + scramblers in the 'rand' module that exhibit statistical weaknesses for the lowest bits.
The 'crypto' plugin uses AES-256 as scrambler and the Xoroshiro928 as generator, which gives the same very long period and jump functions as for Xoroshiro928**, but a cryptographically secure scrambler gives absolutely no detectable statistical weaknesses regardless of how the generated numbers are used.
The speed of 'exro928ss' is only about 30-50% slower than the default fast 'rand' algorithm, but the state is roughly the double and it produces about 8 times the garbage per iteration.
The speed of 'crypto_aes' is about half (amortized) that of the default fast 'rand' algorithm which is fast and thanks to doing encryption in batches caching the result. Hence the state is much larger.
|