Age | Commit message (Collapse) | Author | |
---|---|---|---|
2017-03-29 | Demonstrate the bug with AES CFB 128 encryption | Kelly McLaughlin | |
Demonstrate a bug with AES CFB 128 for certain key sizes introduced with the Erlang 19.0 release. The code in the block_crypt_nif function in the crypto.c source file incorrectly calls aes_cfb_8_crypt when the specified cipher is aes_cfb8 or aes_cfb128 and the key size is 24 or 32. The aes_cfb_8_crypt function calls the AES_cfb8_encrypt function from the openssl interface, but this is incorrect when the cipher is aes_cfb128. Unfortunately the test cases in the crypto test suite are insufficient to detect an issue like this because it exercises the encryption and decryption roundtrip using the same incorrect underlying function. The problem was observed when trying to update an application to Erlang 19 that attempted to decrypt data that was encrypted using aes_cfb128 by another source. In this commit I altered the crypto test suite to provide a demonstration of this problem. | |||
2017-03-10 | Update copyright year | Rickard Green | |
2017-01-27 | crypto: Added optional length to paramlist in generate_key | Hans Nilsson | |
2017-01-17 | Add a missing aes_gcm -spec clause to crypto:block_encrypt/4 | Leo Liu | |
Fix https://bugs.erlang.org/browse/ERL-336. | |||
2016-09-02 | Add '_cfb' alias for misspelled '_cbf' cipher | Raimo Niskanen | |
2016-04-25 | crypto: Deprecate rand_bytes/1 | Ingela Anderton Andin | |
OpenSSL has deprecated the function RAND_pseudo_bytes used by crypto:rand_bytes/1, so this function is now deprecated in OTP too. rand_bytes/3 also used this function, but was not documented so we can remove it right away. This commit also removes the fallback in generate_key to use rand_bytes/1 if strong_rand_bytes/1 throws low entropy. This is a potential incompatibility but we think it is desirable as crypto should provide cryptographically secure functions. | |||
2016-04-18 | Merge branch 'mururu/crypto/aes-gcm-tag-len.PR-998.OTP-13483' | Sverker Eriksson | |
2016-03-26 | crypto: Enable AES-GCM tag length to change | Yuki Ito | |
This commit enables AES-GCM encryption/decryption to change its tag length between 1 to 16 bytes. | |||
2016-03-15 | update copyright-year | Henrik Nord | |
2015-12-11 | crypto: Support 192-bit keys for AES CBC | Sverker Eriksson | |
and deprecate aes_cbc128 and aes_cbc256 in favor of aes_cbc. This commit is pr 832 squashed, rebased and made work on master https://github.com/erlang/otp/pull/832/commits | |||
2015-11-17 | crypto: Refactor nif code to use EVP interface | Sverker Eriksson | |
Using the generic EVP_* API makes it possible to unify algorithm-specific nif functions to a single generic function. Effectively the same change that took place on the Erlang API in R16B01 is now applied to the C code. The old implementation using the low-level API is kept for compiling against old OpenSSL, as parts of the EVP API were introduced in OpenSSL 1.0.0. There are various minor improvements as well: - supported algorithms are now provided by the nif code (not a mix of the C and Erlang code) - remove unnecessary variables and macro definitions Most of the changes in this commit comes from Dániel Szoboszlay https://github.com/dszoboszlay/otp/commit/07f7056f955b324df4ace which is part of his 'fips' branch. Now also rebased on master branch. | |||
2015-06-18 | Change license text to APLv2 | Bruce Yinhe | |
2015-02-11 | crypto: Fix dialyzer error for aes_ecb_crypt/3 | Sverker Eriksson | |
by removing the spec. It's an internal function. | |||
2015-01-14 | Merge branch 'andreaTP/added-aes-ecb-to-crypto/OTP-12403' | Marcus Arendt | |
* andreaTP/added-aes-ecb-to-crypto/OTP-12403: aligned implementation following last specs finally fixed docs fixed incorrect tag proposal of documentation fixes and tests add aes ecb to crypto library | |||
2015-01-09 | aligned implementation following last specs | andreaP | |
2015-01-09 | fixes and tests | andreaP | |
2015-01-09 | add aes ecb to crypto library | andreaP | |
2014-11-17 | [crypto] enhance generate_key for ECC keys | Andreas Schultz | |
enhance generate_key to calculate ECC public keys from private keys | |||
2014-09-03 | crypto: add support for ChaCha20/Policy1305 AEAD cipher | Andreas Schultz | |
2014-09-03 | crypto: add AES128-GCM cipher support | Andreas Schultz | |
2014-04-29 | Add AES-CBF8 cypher to crypto module | Bernard Duggan | |
This adds the aes_cfb8 cypher type (and associated tests and documentation) to the crypto module. | |||
2014-02-24 | ose: Fix support for crypto | Lukas Larsson | |
To enable it you have to modify the OSESSL variable in the ose xcomp file. | |||
2014-01-13 | crypto: move elitic curve definitions from OpenSSL built-ins to Erlang | Andreas Schultz | |
Decouple eliptic curve definition from OpenSSL and define them in Erlang. | |||
2013-12-03 | Merge branch 'sverk/yb/aes_ige_crypt' | Sverker Eriksson | |
* sverk/yb/aes_ige_crypt: crypto: Update supports/0 for des3_cbf and aes_ige256 crypto: Throw notsup for AES IGE if openssl older than 0.9.8c crypto: Add IGE mode for AES OTP-11522 | |||
2013-11-27 | crypto: Update supports/0 for des3_cbf and aes_ige256 | Sverker Eriksson | |
2013-11-27 | crypto: Throw notsup for AES IGE if openssl older than 0.9.8c | Sverker Eriksson | |
2013-09-30 | crypto: Add IGE mode for AES | Yura Beznos | |
2013-09-19 | erts, crypto: Support NIF library with unicode filename on windows | Sverker Eriksson | |
2013-06-12 | crypto: Refactor remove resource for EC_KEY | Sverker Eriksson | |
The resource was not needed as it was never kept between external crypto calls. | |||
2013-06-05 | Add enif_consume_timeslice to appropriate crypto NIFs | Patrik Nyblom | |
2013-06-04 | crypto: Avoid big binaries in nifs | Ingela Anderton Andin | |
2013-06-04 | Crypto: Structure code | Ingela Anderton Andin | |
2013-05-27 | crypto: Ctify tests and test new API | Ingela Anderton Andin | |
Also fix bugs found by new tests | |||
2013-05-24 | crypto: Allow integer as srp_private arguments according to docs | Sverker Eriksson | |
2013-05-24 | crypto, public_key & ssl: Make more functions accept integer keys | Sverker Eriksson | |
2013-05-24 | snmp: Remove use of deprecated crypto functions | Ingela Anderton Andin | |
2013-05-22 | crypto,ssh, netconf, inets: binary_to_integer -> bytes_to_integer | Ingela Anderton Andin | |
2013-05-20 | crypto: Change argument order of crypto:next_iv/3 | Sverker Eriksson | |
to harmonize with next_iv/2 | |||
2013-05-20 | crypto,public_key,ssl: Change return value of crypto:generate_key(ecdh,..) | Sverker Eriksson | |
to conform with the return value of the other types. | |||
2013-05-20 | ssl, public_key, crypto: crypto:algorithms/0 -> crypto:supports/0 | Ingela Anderton Andin | |
2013-05-20 | ssh & crypto: Remove use of deprecated crypto functions from ssh | Ingela Anderton Andin | |
2013-05-08 | ssl & crypto: Generalize the remaining crypto API | Ingela Anderton Andin | |
2013-05-08 | crypto: New API for ciphers | Ingela Anderton Andin | |
2013-05-08 | crypto: Deprecate functions, update doc and specs | Ingela Anderton Andin | |
2013-05-08 | ssl, crypto: Eliminate remaining mpint and EC resource key from API | Ingela Anderton Andin | |
2013-05-08 | ssl, public_key, crypto: General generate_key and compute_key functions | Ingela Anderton Andin | |
2013-05-08 | crypto: Add generic functions generate_key and compute_key | Sverker Eriksson | |
and remove corresponding specific functions for srp and ecdh but leave dh_ functions for backward compatibility. | |||
2013-05-08 | crypto: Change ecdh_compute_key to have 3 arguments | Sverker Eriksson | |
2013-05-08 | crypto: Combine ec_key_new into ecdh_generate_key | Sverker Eriksson | |
and remove curve from the returned tuple. | |||
2013-05-08 | crypto, public_key: Switch places of ecdh_compute_key arguments | Sverker Eriksson | |