aboutsummaryrefslogtreecommitdiffstats
path: root/lib/crypto/src/crypto.erl
AgeCommit message (Collapse)Author
2018-06-18Update copyright yearHenrik Nord
2018-06-11crypto: Add experimental x25519 and x448Hans Nilsson
Not to be used. Uses not yet released functions in OpenSSL 1.1.1-pre8-dev
2018-06-11crypto: Make 'curve' entry in crypto:supports() appear iff Curves is non-emptyHans Nilsson
2018-06-11crypto: Extend crypto:supports with 'curves'Hans Nilsson
"curves" in crypto:supports returns list of actually supported ec_curves
2018-03-22crypto: Improve load error messageSverker Eriksson
to only suggest missing OpenSSL if dlopen fails (load_failed).
2018-03-09crypto: Remove undocumented, unused and erroneous functionsHans Nilsson
crypto:dh_generate_parameters and crypto:dh_check
2017-12-04Merge branch 'maint'Lars Thorsen
2017-12-04[crypto] Add engine_ctrl_cmd_string() to APILars Thorsen
2017-12-01Merge branch 'maint'Hans Nilsson
* maint: crypto: engine_SUITE update crypto: fix pubkey_to_privkey
2017-12-01crypto: fix pubkey_to_privkeyHans Nilsson
2017-11-22Merge branch 'maint'Hans Nilsson
2017-11-21crypto: Fixes to make privkey_to_pubkey behave similar to other functionsHans Nilsson
2017-11-10Merge branch 'maint'Hans Nilsson
2017-11-10crypto: Add privkey_to_pubkey/2 to get the public key from a priv key in an ↵Hans Nilsson
Engine Only RSA and DSA so far.
2017-11-10Merge branch 'maint'Hans Nilsson
2017-11-10crypto: Define and export some types for engineHans Nilsson
2017-11-10crypto: Enable using pub/priv PKCS8 keys stored in an EngineHans Nilsson
2017-11-10Merge branch 'maint'Lars Thorsen
2017-11-10[crypto] Add support for loading an alternative EngineLars Thorsen
Add support to plug in alternative implementations for some or all of the cryptographic operations supported by the OpenSSL Engine API. When configured appropriately, OpenSSL calls the engine's implementation of these operations instead of its own.
2017-10-05Merge pull request #1573 from RaimoNiskanen/raimo/crypto/rand-cachedRaimo Niskanen
Rand plugin for cached strong crypto bytes OTP-13370
2017-10-04crypto: Added pkey_crypt_nif from PR838Hans Nilsson
Testcases for ECDSA and DSA encrypt/decrypt and some other adaptions
2017-10-02Future proof cache word sizeRaimo Niskanen
2017-09-28Make cache size configurableRaimo Niskanen
2017-09-06Implement crypto rand cacheRaimo Niskanen
2017-07-07crypto: tests for rsa sign/verify from PR838Hans Nilsson
2017-07-07crypto: pk verify with new function from PR838Hans Nilsson
Same comment as previous commit applies.
2017-07-07crypto: pk sign with new function from PR838Hans Nilsson
The function pkey_verify_nif handles pk signing with a general approach that is enabled by EVP api in OpenSSL 1.0.0 The rejected PR838 introduced that function and lots of other stuff so far neglected. It also made some different rsa padding methods possible (included). Since the crypto code base has changed significantly, it was an overhelming work to try a git merge. Therefore this commit is a manual move of the source code from the PR into current maint. This commit concentrates to use the new function compatible with the old functions. This includes some #if:s for different versions, compatibility code for 0.9.8. Lacking: test cases, exporting the more general erlang api, documentation...
2017-07-07crypto: added a 'macs' entry to proplist in crypto:supports/0Hans Nilsson
2017-05-04Update copyright yearRaimo Niskanen
2017-04-21Implement Xoroshiro116+ and improve statisticalsRaimo Niskanen
Implement Xoroshiro116+ as 'exrop' with fixes. Deprecate all old algorithms but reincarnate 'exs1024' as 'exs1024s' and 'exsplus' as 'exsp' with fixes. Fixes: * Avoid skew for uniform integers caused by using a simple 'rem' operation for range confinement. Correctness requires retry with new random value for an unfortunate first value. * Implement a correct algorithm that collects enough random bits for ranges larger than the generator's precision. * Fix uniform density for floats by acquiring 53 bits then multiplying with 2.0^(-53) which produces floats on the form N * 2.0^(-53).
2017-04-04Merge branch 'g-andrade/strong-random-numbers/PR-1367/OTP-14317'Raimo Niskanen
* g-andrade/strong-random-numbers/PR-1367/OTP-14317: Clean up documentation and test cases Attempt faster approach to strong random floats Allow for crypto upgrades when using rand plugin fixup! Support cryptographically strong rand plugin fixup! Support cryptographically strong rand plugin fixup! Support cryptographically strong rand plugin fixup! Support cryptographically strong rand plugin No longer expose strong_rand_(range|float) Support cryptographically strong rand plugin Restyle crypto strong numeric generators for usage in rand Support generation of strong random numbers
2017-03-27Add a no_native option wherever there is an on_loadKostis Sagonas
This is a poor man's solution that allows to build and test the system with all files compiled to native code simply by setting the ERL_COMPILER_OPTS environment variable. Better solutions, like automatically setting the no_native option whenever the compiler sees an on_load attribute, obviously exist but require more time to implement.
2017-03-22Attempt faster approach to strong random floatsGuilherme Andrade
2017-03-22Allow for crypto upgrades when using rand pluginGuilherme Andrade
2017-03-20crypto: Deprecate crypto:rand_uniform/2 as it is not cryptographically strongIngela Anderton Andin
rand module should be used if not cryptographically strong is required. If cryptographically strong is required, new cryptographically strong functions should be added to crypto.
2017-03-18No longer expose strong_rand_(range|float)Guilherme Andrade
2017-03-18Support cryptographically strong rand pluginGuilherme Andrade
2017-03-18Restyle crypto strong numeric generatorsGuilherme Andrade
for usage in rand
2017-03-14Support generation of strong random numbersGuilherme Andrade
2017-03-13Merge branch 'wiml/crypto/rsa-generate-key/ERL-165/PR-1299/OTP-14140'Hans Nilsson
2017-03-09crypto: removed error function from PR and added error handling in crypto.erlHans Nilsson
2017-01-31Merge branch 'maint'Hans Nilsson
Conflicts: lib/crypto/c_src/crypto.c lib/crypto/src/crypto.erl
2017-01-27crypto: Added optional length to paramlist in generate_keyHans Nilsson
2017-01-18Merge branch 'maint'Hans Nilsson
2017-01-17Add a missing aes_gcm -spec clause to crypto:block_encrypt/4Leo Liu
Fix https://bugs.erlang.org/browse/ERL-336.
2017-01-08Add RSA key generationWim Lewis
Support RSA key generation using generate_key(rsa, {bits, e}). This depends on the currently-experimental "dirty scheduler" support because key generation is a potentially lengthy process.
2016-11-04[crypto] Remove depricated functionsLars Thorsen
2016-09-28Support using OpenSSL in FIPS modeDániel Szoboszlay
FIPS mode support needs to be enabled at compile time, by configuring Erlang/OTP with --enable-fips option. In FIPS mode the non-FIPS algorithms are disabled and raise error notsup. The supported protocols list is properly updated in FIPS mode to advertise only the enabled protocols. FIPS mode is off by default even if Erlang/OTP was built with FIPS support. It needs to be turned on at runtime. The official approach is to set the fips_mode application environment parameter of the crypto application to true. This would turn FIPS mode on when the NIF is loaded and would prevent loading the module on error. Another method is provided via the crypto:enable_fips_mode/1 function, but it is not recommended to be used in production, as it won't prevent the use of the crypto module in case of an error, and would risk OpenSSL crashing the emulator. It is very useful for test suites however that need to check both validated and non-validated functionality. This commit is based on commit 00b3a04d17a653b4abddeebd6dd8a2c38df532d0.
2016-09-28Fix erlang:error/2 calls in crypto.erlMagnus Henoch
Make all calls to erlang:error/2 specify the actual argument list of the function. This ensures that the stacktrace contains the correct arity of the function where the error occurred.
2016-09-07Merge branch 'maint'Raimo Niskanen