| Age | Commit message (Collapse) | Author |
|---|
|
SRP didn't work with smaller primes as user secret was improperly
computed.
Formula is: (B - (k * g^x)) ^ (a + (u * x)) % N
Previously, the code computed a + (u * x) % N instead of a + (u * x).
a typically is a 256 bits random number (RFC 5054 says it should be at
least 256 bits), u and x are SHA1 signatures (160 bits). So a + (u * x)
can differ from a + (u * x) % N for N primes smaller than 320 bits.
|
|
This adds the aes_cfb8 cypher type (and associated tests and
documentation) to the crypto module.
|
|
* lukas/ose/master/OTP-11334: (71 commits)
erts: Fix unix efile assert
ose: Use -O2 when building
ose: Expand OSE docs
ose: Add dummy ttsl driver
ose: Cleanup cleanup of mutex selection defines
ose: Polish mmap configure checks
ose: Add ose specific x-compile flags
ose: Updating fd_driver and spawn_driver for OSE
ose: Updating event and signal API for OSE
ose: Cleanup of mutex selection defines
win32: Compile erl_log.exe
ose: Remove uneccesary define
ose: Fix ssl configure test for osx
erts: Fix sys_msg_dispatcher assert
ose: Fix broken doc links
ose: Thread priorities configurable from lmconf
ose: Yielding the cpu is done "the OSE" way
ose: Start using ppdata for tse key
ose: Do not use spinlocks on OSE
ose: Fix support for crypto
...
Conflicts:
lib/crypto/c_src/crypto.c
|
|
To enable it you have to modify the OSESSL variable in the
ose xcomp file.
|
|
Add the mentioned test suites for *all* library and touched
non-library applications.
|
|
RFC-5649, Section 1, documents the advantages that these curves
might have over others (ANSI, SEC1/2)
|
|
Vectors have been taken from NIST's CRYPTOGRAPHIC ALGORITHM VALIDATION
PROGRAM (CAVP) (http://csrc.nist.gov/groups/STM/cavp/)
|
|
* sverk/yb/aes_ige_crypt:
crypto: Update supports/0 for des3_cbf and aes_ige256
crypto: Throw notsup for AES IGE if openssl older than 0.9.8c
crypto: Add IGE mode for AES
OTP-11522
|
|
Amendment to f1ebf482e1460d6146d55aa6cab00ab3e11f1741
|
|
|
|
|
|
|
|
|
|
Also fix bugs found by new tests
|
|
to conform with the return value of the other types.
|
|
|
|
|
|
|
|
|
|
|
|
and remove corresponding specific functions for srp and ecdh
but leave dh_ functions for backward compatibility.
|
|
and remove curve from the returned tuple.
|
|
|
|
as well as mpint's for backward compatibility.
|
|
for rsa, dss, and new ecdsa.
No mpint's accepted.
|
|
|
|
Conflicts:
lib/crypto/src/crypto.erl
|
|
Adjust API to better fit in with similar funtions in crypto
|
|
algorithms
add algorithms/0 function that returns a list off compiled in crypto algorithms
and make tests suites with SHA226, SHA256, SHA384 and SHA512 conditional based
on that
|
|
|
|
|
|
* sverk/crypto-hmac-enhancements/OTP-10640:
crypto: Add RFC-4231 test vectors for output truncation
crypto: Add test cases for the generic hmac interface in the RFC-4231 tests
crypto: Add RFC-2202 test vectors for HMAC-MD5 and HMAC-SHA1
crypto: Provide a generic interface for HMAC generation
crypto: Document all types currently available for hmac_init
|
|
this updates the previous patch adding tests for the ripemd160 functions
to use the hash and hash_init family instead of calling directly.
|
|
add ripemd160 message digest support to the crypto app,
includes some test cases.
|
|
|
|
|
|
|
|
|
|
|
|
Also added test code to check the consistency of crypto:info().
|
|
|
|
An attempt to enable the use of openssl 0.9.7
|
|
OpenSSL 0.9.7 does not support sha224,384,256,512
|
|
* ia/ssl/tls1.1and1.2: (46 commits)
ssl: Clean up of code thanks to dialyzer
ssl: Test suite adjustments
ssl & public_key: Prepare for release
ssl: Use crypto:strong_rand_bytes if possible
ssl & public_key: Add use of more "sha-rsa oids"
ssl: Fix inet header option to behave as in inet
ssl: TLS 1.2: fix hash and signature handling
ssl: TLS 1.2: fix Certificate Request list of Accepted Signatur/Hash combinations
ssl: Add Signature Algorithms hello extension from TLS 1.2
ssl: Fix rizzo tests to run as intended
ssl: TLS-1.1 and TLS-1.2 support should not be default until R16
ssl: Signture type bug
ssl: Add crypto support check (TLS 1.2 require sha256 support)
ssl: Dialyzer fixes
ssl: IDEA cipher is deprecated by TLS 1.2
ssl: Run relevant tests for all SSL/TLS versions
ssl: Add TLS version switches to openssl tests
ssl: Enable TLS 1.2
ssl: Enable mac_hash for TLS 1.2
ssl: Implement TLS 1.2 signature support
...
|
|
|
|
|
|
|
|
Replace _hash functions with {digest,_} argument
to existing sign/verify functions.
|
|
|
|
Remove the need for padding up to 16-byte multiple.
|
