aboutsummaryrefslogtreecommitdiffstats
path: root/lib/crypto/src
AgeCommit message (Collapse)Author
2017-03-29Demonstrate the bug with AES CFB 128 encryptionKelly McLaughlin
Demonstrate a bug with AES CFB 128 for certain key sizes introduced with the Erlang 19.0 release. The code in the block_crypt_nif function in the crypto.c source file incorrectly calls aes_cfb_8_crypt when the specified cipher is aes_cfb8 or aes_cfb128 and the key size is 24 or 32. The aes_cfb_8_crypt function calls the AES_cfb8_encrypt function from the openssl interface, but this is incorrect when the cipher is aes_cfb128. Unfortunately the test cases in the crypto test suite are insufficient to detect an issue like this because it exercises the encryption and decryption roundtrip using the same incorrect underlying function. The problem was observed when trying to update an application to Erlang 19 that attempted to decrypt data that was encrypted using aes_cfb128 by another source. In this commit I altered the crypto test suite to provide a demonstration of this problem.
2017-03-10Update copyright yearRickard Green
2017-01-27crypto: Added optional length to paramlist in generate_keyHans Nilsson
2017-01-17Add a missing aes_gcm -spec clause to crypto:block_encrypt/4Leo Liu
Fix https://bugs.erlang.org/browse/ERL-336.
2016-09-02Add '_cfb' alias for misspelled '_cbf' cipherRaimo Niskanen
2016-04-25crypto: Deprecate rand_bytes/1Ingela Anderton Andin
OpenSSL has deprecated the function RAND_pseudo_bytes used by crypto:rand_bytes/1, so this function is now deprecated in OTP too. rand_bytes/3 also used this function, but was not documented so we can remove it right away. This commit also removes the fallback in generate_key to use rand_bytes/1 if strong_rand_bytes/1 throws low entropy. This is a potential incompatibility but we think it is desirable as crypto should provide cryptographically secure functions.
2016-04-18Merge branch 'mururu/crypto/aes-gcm-tag-len.PR-998.OTP-13483'Sverker Eriksson
2016-03-26crypto: Enable AES-GCM tag length to changeYuki Ito
This commit enables AES-GCM encryption/decryption to change its tag length between 1 to 16 bytes.
2016-03-15update copyright-yearHenrik Nord
2015-12-11crypto: Support 192-bit keys for AES CBCSverker Eriksson
and deprecate aes_cbc128 and aes_cbc256 in favor of aes_cbc. This commit is pr 832 squashed, rebased and made work on master https://github.com/erlang/otp/pull/832/commits
2015-11-17crypto: Refactor nif code to use EVP interfaceSverker Eriksson
Using the generic EVP_* API makes it possible to unify algorithm-specific nif functions to a single generic function. Effectively the same change that took place on the Erlang API in R16B01 is now applied to the C code. The old implementation using the low-level API is kept for compiling against old OpenSSL, as parts of the EVP API were introduced in OpenSSL 1.0.0. There are various minor improvements as well: - supported algorithms are now provided by the nif code (not a mix of the C and Erlang code) - remove unnecessary variables and macro definitions Most of the changes in this commit comes from Dániel Szoboszlay https://github.com/dszoboszlay/otp/commit/07f7056f955b324df4ace which is part of his 'fips' branch. Now also rebased on master branch.
2015-08-19crypto: Make ec_curves/0 return empty list if not supportedSverker Eriksson
2015-06-18Change license text to APLv2Bruce Yinhe
2015-02-11crypto: Fix dialyzer error for aes_ecb_crypt/3Sverker Eriksson
by removing the spec. It's an internal function.
2015-01-14Merge branch 'andreaTP/added-aes-ecb-to-crypto/OTP-12403'Marcus Arendt
* andreaTP/added-aes-ecb-to-crypto/OTP-12403: aligned implementation following last specs finally fixed docs fixed incorrect tag proposal of documentation fixes and tests add aes ecb to crypto library
2015-01-09aligned implementation following last specsandreaP
2015-01-09fixes and testsandreaP
2015-01-09add aes ecb to crypto libraryandreaP
2014-11-17[crypto] enhance generate_key for ECC keysAndreas Schultz
enhance generate_key to calculate ECC public keys from private keys
2014-09-03crypto: add support for ChaCha20/Policy1305 AEAD cipherAndreas Schultz
2014-09-03crypto: add AES128-GCM cipher supportAndreas Schultz
2014-04-29Add AES-CBF8 cypher to crypto moduleBernard Duggan
This adds the aes_cfb8 cypher type (and associated tests and documentation) to the crypto module.
2014-03-20Introduce runtime_dependencies in .app filesRickard Green
Most dependencies introduced are exactly the dependencies to other applications found by xref. That is, there might be real dependencies missing. There might also be pure debug dependencies listed that probably should be removed. Each application has to be manually inspected in order to ensure that all real dependencies are listed. All dependencies introduced are to application versions used in OTP 17.0. This since the previously used version scheme wasn't designed for this, and in order to minimize the work of introducing the dependencies.
2014-02-24Merge branch 'lukas/ose/master/OTP-11334'Lukas Larsson
* lukas/ose/master/OTP-11334: (71 commits) erts: Fix unix efile assert ose: Use -O2 when building ose: Expand OSE docs ose: Add dummy ttsl driver ose: Cleanup cleanup of mutex selection defines ose: Polish mmap configure checks ose: Add ose specific x-compile flags ose: Updating fd_driver and spawn_driver for OSE ose: Updating event and signal API for OSE ose: Cleanup of mutex selection defines win32: Compile erl_log.exe ose: Remove uneccesary define ose: Fix ssl configure test for osx erts: Fix sys_msg_dispatcher assert ose: Fix broken doc links ose: Thread priorities configurable from lmconf ose: Yielding the cpu is done "the OSE" way ose: Start using ppdata for tse key ose: Do not use spinlocks on OSE ose: Fix support for crypto ... Conflicts: lib/crypto/c_src/crypto.c
2014-02-24ose: Fix support for cryptoLukas Larsson
To enable it you have to modify the OSESSL variable in the ose xcomp file.
2014-02-18Fix library application appup filesTobias Schlager
As discussed in issue #240 *all* OTP library applications use the '.*' wildcard as up and down version. This makes library applications always up- and downgradeable. Using the wildcard version obsoletes all maintenance tasks regarding library applications' appup files. Additionally, it prevents upgrade problems caused by automatically included application dependencies when using reltool to create releases. Missing copyright headers are now consistently present.
2014-01-17crypto: Remove all processes from application cryptoSverker Eriksson
and make it into a pure library application. The processes where a legacy from the time when crypto was implemented with a driver.
2014-01-13crypto: selective support for GF2m curvesAndreas Schultz
Newer OpenSSL versions allow to selectively disable GF2m elliptic curves. Selectively enable GF2m curves is support for them is available.
2014-01-13crypto: add brainpool (RFC 5639) curvesAndreas Schultz
RFC-5649, Section 1, documents the advantages that these curves might have over others (ANSI, SEC1/2)
2014-01-13crypto: move elitic curve definitions from OpenSSL built-ins to ErlangAndreas Schultz
Decouple eliptic curve definition from OpenSSL and define them in Erlang.
2013-12-03Merge branch 'sverk/yb/aes_ige_crypt'Sverker Eriksson
* sverk/yb/aes_ige_crypt: crypto: Update supports/0 for des3_cbf and aes_ige256 crypto: Throw notsup for AES IGE if openssl older than 0.9.8c crypto: Add IGE mode for AES OTP-11522
2013-11-27crypto: Update supports/0 for des3_cbf and aes_ige256Sverker Eriksson
2013-11-27crypto: Throw notsup for AES IGE if openssl older than 0.9.8cSverker Eriksson
2013-09-30crypto: Add IGE mode for AESYura Beznos
2013-09-19erts, crypto: Support NIF library with unicode filename on windowsSverker Eriksson
2013-06-12crypto: Refactor remove resource for EC_KEYSverker Eriksson
The resource was not needed as it was never kept between external crypto calls.
2013-06-10Merge branch 'ia/public_key/crypto/prepare-for-release' into maintIngela Anderton Andin
* ia/public_key/crypto/prepare-for-release: public_key & ssl: Add ASN-1 dependency crypto & public_key: prepare for release
2013-06-05crypto & public_key: prepare for releaseIngela Anderton Andin
2013-06-05Add enif_consume_timeslice to appropriate crypto NIFsPatrik Nyblom
2013-06-04crypto: Avoid big binaries in nifsIngela Anderton Andin
2013-06-04Crypto: Structure codeIngela Anderton Andin
2013-05-27crypto: Ctify tests and test new APIIngela Anderton Andin
Also fix bugs found by new tests
2013-05-24crypto: Allow integer as srp_private arguments according to docsSverker Eriksson
2013-05-24crypto, public_key & ssl: Make more functions accept integer keysSverker Eriksson
2013-05-24snmp: Remove use of deprecated crypto functionsIngela Anderton Andin
2013-05-22crypto,ssh, netconf, inets: binary_to_integer -> bytes_to_integerIngela Anderton Andin
2013-05-20crypto: Change argument order of crypto:next_iv/3Sverker Eriksson
to harmonize with next_iv/2
2013-05-20crypto,public_key,ssl: Change return value of crypto:generate_key(ecdh,..)Sverker Eriksson
to conform with the return value of the other types.
2013-05-20ssl, public_key, crypto: crypto:algorithms/0 -> crypto:supports/0Ingela Anderton Andin
2013-05-20ssh & crypto: Remove use of deprecated crypto functions from sshIngela Anderton Andin