aboutsummaryrefslogtreecommitdiffstats
path: root/lib/crypto/src/crypto.erl
AgeCommit message (Collapse)Author
2019-06-14crypto: Renaming, typing and some polishingHans Nilsson
2019-06-14crypto: Move functions around for better readabilityHans Nilsson
2019-06-14crypto: White space removed at line endsHans Nilsson
2019-06-14crypto: Implement NIFs for the new mac_init, mac_update and mac_finalHans Nilsson
Use them for old HMAC functions. Also simplify hmac and cmac on the Erlang level
2019-06-14crypto: Use new mac_nif for hmac, cmac and poly1305Hans Nilsson
2019-06-14crypto: MAC nif unifying HMAC, CMAC and POLY1305Hans Nilsson
into one nif using the EVP_DigestSign interface. This enables acceleration if available in lower layers, that is, in cryptolib and lower. However, for older cryptolibs the old HMAC and CMAC low-level interfaces are used, but moved from hmac.c and cmac.c into mac.c.
2019-06-14crypto: Adjust code for spec conflictHans Nilsson
2019-04-30crypto: Document supports/1Hans Nilsson
2019-04-17crypto: New function supports/1Hans Nilsson
Takes argument hashs, public_keys, ciphers, macs, curves or rsa_opts. Returns the algorithm names, but ONLY the openssl names. supports/0 still returns aliases and misspellings.
2019-04-11crypto: Rename 'crypto_(init|update)_dyn_iv' to 'crypto_dyn_iv_(init|update)'Hans Nilsson
2019-04-11crypto: Rename crypto_aead to crypto_one_time_aeadHans Nilsson
2019-04-10crypto: Obey compile flags for no DSA, BF, DES, DHHans Nilsson
2019-04-05crypto: Rename new api and rework the typingHans Nilsson
Split conceptually into an OLD and a NEW api with separate typing. The NEW api will in general not provide types for ciphers without key length like aes_ctr. Use aes_128_ctr etc. Later the C-code will not accept them either.
2019-03-22crypto: Use key length in alias/2Hans Nilsson
2019-03-22crypto: Restore 'error' as result of failed aead decryptionHans Nilsson
2019-03-22crypto: Update types of hash algorithmsHans Nilsson
2019-03-22crypto: Cuddle error types and documentation of themHans Nilsson
2019-03-22crypto: Update CipherModes for PR/2186Hans Nilsson
2019-03-22crypto: Declare *_info return map and other review-commentsHans Nilsson
2019-03-22crypto: Rename block_crypto_with/without to match stream_cipher namesHans Nilsson
2019-03-22crypto: New types (block_cipher)Hans Nilsson
2019-03-22Merge pull request #2186 from essen/improve-cipher-infoHans Nilsson
Make crypto:cipher_info work for all ciphers and aliases OTP-15655
2019-03-21Hardcode aes_ctr cipher infos to support older cryptolibsLoïc Hoguin
2019-03-19Make crypto:cipher_info work for all ciphers and aliasesLoïc Hoguin
2019-03-19crypto: Rename SSL special functionsHans Nilsson
to crypto_init_dyn_iv/3 and crypto_update_dyn_iv/3
2019-03-19crypto: New function for SSL appHans Nilsson
2019-03-19crypto: Remove compat specials from crypto_initHans Nilsson
2019-03-19crypto: Exceptions as error return in api_ngHans Nilsson
2019-03-19crypto: Relocate the new api code inside the crypto.erl fileHans Nilsson
2019-03-19crypto: Cleaning of comments + spec fixingHans Nilsson
2019-03-19crypto: Use/implement new funcs for stream-apiHans Nilsson
2019-03-19crypto: Implement crypto one-shotHans Nilsson
Also: Compatibility functions for aes_ctr in historic crypto libs
2019-03-19crypto: Remove condition of block sizeHans Nilsson
Unnecessary, because the underlying crypto libraries handles this case. Also: - Relax the condition of binary Key and IV -Fix bug for empty data on historic cryptolibs because tests fails for empty data on at least aes_cfb8 on OpenSSL 0.9.8h. It does not fail on OpenSSL 0.9.8zh.
2019-03-06Add crypto:cipher_info/1 and crypto:hash_info/1Loïc Hoguin
Also adds some more aliases that contain the key length in their name.
2019-02-25crypto: New experimental apiHans Nilsson
The new files api_ng.h and api_ng.c implements an api using EVP. The api is not by any mean new, except for the crypto application in Erlang/OTP. The aims at using the block api in a stream manor, that is 1) call crypto_init/4 2..N) call crypto_update/{2,3} The purpose is to simplify and hopefully optimize the SSL and SSH applications. By keeping the crypto state in C in an enif_resource the costful state copying in SSL and SSH is reduced with 1-2 per message sent or received. Changes in other files are for adaptation like FIPS etc since many functions uses the central get_cipher_type() function.
2019-02-04Add hash function BLAKE2 to crypto:hash/hmacHans Svensson
Adds two hash functions blake2b and blake2s (64 bit hash and 32 bit hash respectively). These are modern and standard hash functions used in blockchains and encrypted communication protocols (e.g. Noise - http://www.noiseprotocol.org/). The hash functions are available in OpenSSL since version 1.1.1. Also add test cases and mention in documentation.
2019-01-28crypto: Fix type spec rsa_sign_verify_opt()Péter Dimitrov
Add missing type {rsa_mgf1_md, sha2} to rsa_sign_verify_opt. This commit fixes dialyzer warnings when crypto users configured explicit MGF1 hash function for RSA PSS signatures. Change-Id: Ie11b1c73fc0d111303e256a578a2fd7b0d09b18a
2018-12-03Merge branch 'maint'Hans Nilsson
* maint: crypto: Engine valgrind fix crypto: Fix valgrind error in dh_generate/dh_compute crypto: Fix valgrind errors in pkey_crypt_nif crypto: Add some crypto:engine_unload in engine test suite crypto: Fix valgrind errors in privkey_to_pubkey crypto: Fix valgrind error for keys with passwords in Engines
2018-12-03crypto: Engine valgrind fixHans Nilsson
Fixes memory leak when a command has wrong type.
2018-11-19Merge branch 'maint'Hans Nilsson
* maint: public_key: Add Edward curves to the documentation public_key: Add ed25519 and ed448 sign/verify crypto: Add Edward curves to the documentation crypto: Add eddsa test case (ed25519 and ed448) crypto: Add ed25519 and ed448 sign/verify
2018-11-19crypto: Add ed25519 and ed448 sign/verifyHans Nilsson
2018-10-24Merge branch 'maint'Hans Nilsson
* maint: crypto: Fix tests failing if more than one test engine available This could happen in an Valgrind run: crypto: Disable engine tests on Darwin and Windows Does not work.
2018-10-24crypto: Fix tests failing if more than one test engine availableHans Nilsson
This could happen in an Valgrind run: === Reason: no case clause matching ["otp_test_engine.so", "otp_test_engine.valgrind.so"] in function crypto:check_otp_test_engine/1 (crypto.erl, line 2026) in call from engine_SUITE:engine_load_all_methods/1 (engine_SUITE.erl, line 154)
2018-09-21Merge branch 'maint'Hans Nilsson
* maint: crypto: Fix accidental merge
2018-09-21crypto: Fix accidental mergeHans Nilsson
Commit 8c47a7657d03777a03a6838c7ec937b6347d07f8 accidently reverted the changes in lib/crypto/src/crypto.erl correctly introduced in e8de0736005e91afd992e49f434e08c940eddfa0 This fix re-introduces the correct changes.
2018-09-19Merge branch 'maint'Hans Nilsson
* maint: crypto: Re-work the 'Description' section crypto: Add warnings in RefMan and User's Guide for experimental RSA opts
2018-09-18Merge pull request #1857 from RaimoNiskanen/raimo/rand-crypto-xoroshiro928Raimo Niskanen
OTP-14461 - New 'rand' algorithm: Xoroshiro928** also for 'crypto' Implement a new 'rand' algorithm named 'exro928ss' and a new 'crypto' plugin for 'rand' named 'crypto_aes'. Both are based on Xoroshiro928** which is derived from Xoroshiro1024** modified to use 58-bit words for performance reasons in the Erlang VM. Xoroshiro1024** has got the Xoroshiro1024 generator and the StarStar scrambler from the 2018 paper "Scrambled Linear Pseudorandom Number Generators" by David Blackman and Sebastiano Vigna. This generator and scrambler combination shows no systematic weaknesses in standard statistical tests as TestU01(BigCrush) and PractRand, unlike the previously used * and + scramblers in the 'rand' module that exhibit statistical weaknesses for the lowest bits. The 'crypto' plugin uses AES-256 as scrambler and the Xoroshiro928 as generator, which gives the same very long period and jump functions as for Xoroshiro928**, but a cryptographically secure scrambler gives absolutely no detectable statistical weaknesses regardless of how the generated numbers are used. The speed of 'exro928ss' is only about 30-50% slower than the default fast 'rand' algorithm, but the state is roughly the double and it produces about 8 times the garbage per iteration. The speed of 'crypto_aes' is about half (amortized) that of the default fast 'rand' algorithm which is fast and thanks to doing encryption in batches caching the result. Hence the state is much larger.
2018-09-18crypto: Add warnings in RefMan and User's Guide for experimental RSA optsHans Nilsson
2018-09-18crypto: Use aead functions for CHACHA20_POLY1305Hans Nilsson
This previously implemented cipher is a block cipher despite using chacha. It also uses the EVP_CIPHER_CTX api which now unifies AES_GCM and AES_CCM into one pair of encrypt and decrypt functions. By integrating the existing chacha20_poly1305 code into aead_encrypt and aead_decrypt we could remove two C-functions and simplify both the C-code and the corresponding Erlang code in the CRYPTO application.
2018-09-17Merge branch 'hans/crypto/aes_ccm/OTP-15286' into maintHans Nilsson
* hans/crypto/aes_ccm/OTP-15286: crypto: Fix no_aead test crypto: Document AES_CCM and fix errors in User's Guide The sizes in the Algorithms chapter for aes_gcm was wrong or incomplete. crypto: AES_CCM test case crypto: All aes_ccm vectors (including unused) This directory contains all aes_ccm vectors. However, effort is needed to include them in the test suite so they are left for later. crypto: Add AES_CCM crypto Will be increase interoperability of future SSL application versions. crypto: Generalize aes_gcm_(de|en)crypt nifs