aboutsummaryrefslogtreecommitdiffstats
path: root/lib/crypto/test
AgeCommit message (Collapse)Author
2017-03-29Demonstrate the bug with AES CFB 128 encryptionKelly McLaughlin
Demonstrate a bug with AES CFB 128 for certain key sizes introduced with the Erlang 19.0 release. The code in the block_crypt_nif function in the crypto.c source file incorrectly calls aes_cfb_8_crypt when the specified cipher is aes_cfb8 or aes_cfb128 and the key size is 24 or 32. The aes_cfb_8_crypt function calls the AES_cfb8_encrypt function from the openssl interface, but this is incorrect when the cipher is aes_cfb128. Unfortunately the test cases in the crypto test suite are insufficient to detect an issue like this because it exercises the encryption and decryption roundtrip using the same incorrect underlying function. The problem was observed when trying to update an application to Erlang 19 that attempted to decrypt data that was encrypted using aes_cfb128 by another source. In this commit I altered the crypto test suite to provide a demonstration of this problem.
2016-10-04Merge branch 'RoadRunnr/crypto/no-rc4/PR-1169/OTP-13896' into maintRaimo Niskanen
* RoadRunnr/crypto/no-rc4/PR-1169/OTP-13896: disable RC4 in SSL when crypto doesn't support it Fix compilation when OpenSSL doesn't support RC4 Conflicts: lib/crypto/c_src/crypto.c
2016-09-22Fix compilation when OpenSSL doesn't support RC4Andreas Schultz
When OpenSSL has been configured with the "no-rc4" option, the header file rc4.h doesn't exist, and neither does the rc4 functions. Let's handle those by checking whether OPENSSL_NO_RC4 is defined.
2016-09-14Fix compilation when OpenSSL doesn't support RC2Magnus Henoch
When OpenSSL has been configured with the "no-rc2" option, the header file rc2.h doesn't exist, and neither does the function EVP_rc2_cbc. Let's handle those by checking whether OPENSSL_NO_RC2 is defined. Also update pbe_SUITE, which uses RC2-CBC in one of the tests.
2016-09-02Add '_cfb' alias for misspelled '_cbf' cipherRaimo Niskanen
2016-09-02Fix badarg -> notsup and test casesRaimo Niskanen
Also correct algo_cipher[] size since it was one to small.
2016-04-25crypto: Deprecate rand_bytes/1Ingela Anderton Andin
OpenSSL has deprecated the function RAND_pseudo_bytes used by crypto:rand_bytes/1, so this function is now deprecated in OTP too. rand_bytes/3 also used this function, but was not documented so we can remove it right away. This commit also removes the fallback in generate_key to use rand_bytes/1 if strong_rand_bytes/1 throws low entropy. This is a potential incompatibility but we think it is desirable as crypto should provide cryptographically secure functions.
2016-04-18Merge branch 'mururu/crypto/aes-gcm-tag-len.PR-998.OTP-13483'Sverker Eriksson
2016-04-13Merge branch 'henrik/update-copyrightyear'Henrik Nord
* henrik/update-copyrightyear: update copyright-year
2016-04-06crypto: Skip link_test if no 'ldd' availableSverker Eriksson
2016-04-05crypto: Add test for AES-GCMYuki Ito
2016-03-15update copyright-yearHenrik Nord
2016-02-17Makefiles: Remove test_server from include path and code pathBjörn Gustavsson
Since no test suites includede test_server.hrl, there is no need to have test_server in the include path or code path.
2016-02-17Eliminate use of test_server.hrl and test_server_line.hrlBjörn Gustavsson
As a first step to removing the test_server application as as its own separate application, change the inclusion of test_server.hrl to an inclusion of ct.hrl and remove the inclusion of test_server_line.hrl.
2016-02-08Merge branch 'maint'Sverker Eriksson
2016-01-28Only use supported EC curves in crypto testsDániel Szoboszlay
Avoid hardcoding EC curve names in tests where it basically doesn't matter which curve is used. Take one of the supported curbes instead. Also, when testing ECDH key generation, skip unsupported curves. These changes are to simplify dealing with exotic libcrypto builds that don't support certain curves (for example RHEL disallows < 256 bit curves). The crypto application is only able to detect the supported curves on a very coarse level (ECC support in general and GF2m curves), so it may be necessary to edit the list of curves in the crypto_ec_curves modules. But that should be the only necessary modification to make the crypto tests pass.
2016-01-14crypto: Fix bug for multiple blocks for AES-ECBAndrew Bennett
2015-12-17Merge branch 'sverk/crypto/aes-ecb-192-bit'Sverker Eriksson
OTP-13207 * sverk/crypto/aes-ecb-192-bit: crypto: Support 192-bit keys for AES ECB
2015-12-17crypto: Support 192-bit keys for AES ECBAndrew Bennett
2015-12-11crypto: Support 192-bit keys for AES CBCSverker Eriksson
and deprecate aes_cbc128 and aes_cbc256 in favor of aes_cbc. This commit is pr 832 squashed, rebased and made work on master https://github.com/erlang/otp/pull/832/commits
2015-07-10ose: Remove all code related to the OSE portLukas Larsson
The OSE port is no longer supported and this commit removed it and any changes related to it. The things that were general improvements have been left in the code.
2015-06-18Change license text to APLv2Bruce Yinhe
2015-05-22crypto: Change eliptic curve test from 'sect113r2' to 'secp112r2'Sverker Eriksson
To not fail on openssl built with #define OPENSSL_NO_EC2M (Why does the test not verify all supported curve types?)
2015-02-27Merge branch 'maint'Henrik Nord
2015-02-04Accept all valid key sizes in aes_cfb functionsKelly McLaughlin
Despite the confusion caused by the name, aes_cfb_8_crypt and aes_cfb_128_crypt can use key lengths of 128, 192, or 256. The integer in the function name refers to the block size for CFB mode. Change the aes_cfb_8_crypt and aes_cfb_128_crypt functions to accept and use keys of length 128, 192, or 256. Also augment the existing testing for these functions using the NIST test vectors for the additional key lengths to ensure the changes function properly.
2015-01-14Merge branch 'andreaTP/added-aes-ecb-to-crypto/OTP-12403'Marcus Arendt
* andreaTP/added-aes-ecb-to-crypto/OTP-12403: aligned implementation following last specs finally fixed docs fixed incorrect tag proposal of documentation fixes and tests add aes ecb to crypto library
2015-01-09aligned implementation following last specsandreaP
2015-01-09fixes and testsandreaP
2014-11-17[crypto] enhance generate_key for ECC keysAndreas Schultz
enhance generate_key to calculate ECC public keys from private keys
2014-09-03crypto: add support for ChaCha20/Policy1305 AEAD cipherAndreas Schultz
2014-09-03crypto: add AES128-GCM cipher supportAndreas Schultz
2014-05-15Fix bug in SRP implementationPaul Guyot
SRP didn't work with smaller primes as user secret was improperly computed. Formula is: (B - (k * g^x)) ^ (a + (u * x)) % N Previously, the code computed a + (u * x) % N instead of a + (u * x). a typically is a 256 bits random number (RFC 5054 says it should be at least 256 bits), u and x are SHA1 signatures (160 bits). So a + (u * x) can differ from a + (u * x) % N for N primes smaller than 320 bits.
2014-04-29Add AES-CBF8 cypher to crypto moduleBernard Duggan
This adds the aes_cfb8 cypher type (and associated tests and documentation) to the crypto module.
2014-02-24Merge branch 'lukas/ose/master/OTP-11334'Lukas Larsson
* lukas/ose/master/OTP-11334: (71 commits) erts: Fix unix efile assert ose: Use -O2 when building ose: Expand OSE docs ose: Add dummy ttsl driver ose: Cleanup cleanup of mutex selection defines ose: Polish mmap configure checks ose: Add ose specific x-compile flags ose: Updating fd_driver and spawn_driver for OSE ose: Updating event and signal API for OSE ose: Cleanup of mutex selection defines win32: Compile erl_log.exe ose: Remove uneccesary define ose: Fix ssl configure test for osx erts: Fix sys_msg_dispatcher assert ose: Fix broken doc links ose: Thread priorities configurable from lmconf ose: Yielding the cpu is done "the OSE" way ose: Start using ppdata for tse key ose: Do not use spinlocks on OSE ose: Fix support for crypto ... Conflicts: lib/crypto/c_src/crypto.c
2014-02-24ose: Fix support for cryptoLukas Larsson
To enable it you have to modify the OSESSL variable in the ose xcomp file.
2014-02-24Add test suites performing app and appup file checksTobias Schlager
Add the mentioned test suites for *all* library and touched non-library applications.
2014-01-13crypto: add brainpool (RFC 5639) curvesAndreas Schultz
RFC-5649, Section 1, documents the advantages that these curves might have over others (ANSI, SEC1/2)
2014-01-13crypto: add ECDH test vectors for more curvesAndreas Schultz
Vectors have been taken from NIST's CRYPTOGRAPHIC ALGORITHM VALIDATION PROGRAM (CAVP) (http://csrc.nist.gov/groups/STM/cavp/)
2013-12-03Merge branch 'sverk/yb/aes_ige_crypt'Sverker Eriksson
* sverk/yb/aes_ige_crypt: crypto: Update supports/0 for des3_cbf and aes_ige256 crypto: Throw notsup for AES IGE if openssl older than 0.9.8c crypto: Add IGE mode for AES OTP-11522
2013-12-02crypto: Add more lazy_eval to avoid no_answer_from_tc_supervisorSverker Eriksson
Amendment to f1ebf482e1460d6146d55aa6cab00ab3e11f1741
2013-11-22crypto: Avoid test_server crash 'no_answer_from_tc_supervisor'Sverker Eriksson
2013-09-30crypto: Add IGE mode for AESYura Beznos
2013-06-04crypto: Add large test dataIngela Anderton Andin
2013-06-03crypto: Test suite completenessIngela Anderton Andin
2013-05-27crypto: Ctify tests and test new APIIngela Anderton Andin
Also fix bugs found by new tests
2013-05-20crypto,public_key,ssl: Change return value of crypto:generate_key(ecdh,..)Sverker Eriksson
to conform with the return value of the other types.
2013-05-20ssl, public_key, crypto: crypto:algorithms/0 -> crypto:supports/0Ingela Anderton Andin
2013-05-08ssl & crypto: Generalize the remaining crypto APIIngela Anderton Andin
2013-05-08crypto: New API for ciphersIngela Anderton Andin
2013-05-08crypto: Deprecate functions, update doc and specsIngela Anderton Andin