aboutsummaryrefslogtreecommitdiffstats
path: root/lib/crypto/src
AgeCommit message (Collapse)Author
2011-09-07[crypto] Fix rand_uniform for negative valuesSverker Eriksson
Also let it throw badarg if 'Hi' is not larger than 'Lo'.
2011-05-18Add true streaming AES (CTR) encryption and streaming HMAC operationsTravis Jensen
The current crypto module implementations require all of the data being encrypted or authenticated to be in memory at one time. When trying to encrypt or authenticate a large file (on order of GBs), this is problematic. The implementation of AES CTR uses the same underlying implementation as aes_ctr_[en|de]crypt, but hands the state back to the client after every operation. The HMAC implementation differs from the previous implementations of sha_mac and md5_mac. The old implementations did not utilize the OpenSSL HMAC implementation. In order to ensure that I didn't implement something incorrectly, I chose to use the OpenSSL HMAC implementation directly, since it handles streaming as well. This has the added side benefit of allowing other hash functions to be used as desired (for instances, I added support for ripemd160 hashing). While I haven't done this, it seems like the existing md5_mac and sha_mac functions could either be depricated or redefined in terms of the new hmac_ functions. Update AES CTR and HMAC streaming with code review input Ensure that memcpy operations in hmac operations are being size checked properly. Rename aes_ctr_XXX_with_state to aes_ctr_stream_XXX. Remove redundant hmac_init_[sha|md5|ripemd160] functions. Fix documentation for hmac_final_n. Fix possible error using negative value as a marker on an unsigned int Now, use a separate marker and add a unit test to test specifically for a case where HashLen is larger than the underlying resultant hash. Revert "Fix possible error using negative value as a marker on an unsigned int" This reverts commit 59cb177aa96444c0fd3ace6d01f7b8a70dd69cc9. Resolve buffer overflow posibility on an unsigned int. Change handling the marker for HashLen to use the fact that a second parameter that has to be the the HashLen was passed. Also, ensure that HashLen parameter is positive.
2011-04-19Renamed the function strong_rand_uniform to strong_rand_mpint.Niclas Eklund
Added some checks in crypto.erl and crypto.c. Changed ssh_bits to use strong_rand_mpint.
2011-04-18Fixed SSH appup, copyright headers SSH vsn and SSH release note.Niclas Eklund
2011-04-15Adds NIFs for cryptographically strong random number generation.Niclas Eklund
Also adds documentation and unit tests. Thanks to Geoff Cant.
2010-11-17crypto CTR supportSverker Eriksson
2010-09-02Build opt, debug and valgrind libraries as separate librariesRickard Green
The NIF library for crypto can now be built for valgrind and/or debug as separate NIF libraries that will be automatically loaded if the runtime system has been built with a matching build type.
2010-07-08Fix type spec error in cryptoSverker Eriksson
Changed return types from "binary" to "binary()" for md5_mac, md5_mac_96, sha_mac and sha_mac_96.
2010-06-09OTP-8700 crypto:dss_sign and dss_verify with pre-hashed digest.Sverker Eriksson
New variants of crypto:dss_sign and crypto:dss_verify with an extra argument to control how the digest is calculated.
2010-05-31crypto: Add type specs for all documented functionsBjörn Gustavsson
2010-05-31crypto: Use erlang:nif_error/1 to squelch false Dialyzer warningsBjörn Gustavsson
2010-04-28OTP-8333 Crypto using NIF'sSverker Eriksson
crypto application changed to use NIFs instead of driver.
2010-04-01Merge branch 'au/crypto' into devErlang/OTP
* au/crypto: Add missing docs for crypto:md4/1 Add des_ecb_encrypt/2 and des_ecb_decrypt/2 to crypto module OTP-8551 au/crypto des_ecb_encrypt/2 and des_ecb_decrypt/2 has been added to the crypto module. The crypto:md4/1 function has been documented.
2010-03-01Add des_ecb_encrypt/2 and des_ecb_decrypt/2 to crypto moduleAlexander Uvarov
2009-12-11Add Blowfish ECB, CBC and OFB modesPaul Oliver
My previous patch added CFB mode. This patch adds all remaining Blowfish modes. According to the man page http://www.fifi.org/cgi-bin/man2html/usr/share/man/man3/blowfish.3ssl.gz these are available in all versions of OpenSSL. [ Squashed in elimination of signed/unsigned compiler warnings. /bg ]
2009-11-20The R13B03 release.OTP_R13B03Erlang/OTP