Age | Commit message (Collapse) | Author |
|
Avoid hardcoding EC curve names in tests where it basically doesn't
matter which curve is used. Take one of the supported curbes instead.
Also, when testing ECDH key generation, skip unsupported curves.
These changes are to simplify dealing with exotic libcrypto builds
that don't support certain curves (for example RHEL disallows < 256
bit curves). The crypto application is only able to detect the
supported curves on a very coarse level (ECC support in general and
GF2m curves), so it may be necessary to edit the list of curves in the
crypto_ec_curves modules. But that should be the only necessary
modification to make the crypto tests pass.
|
|
|
|
|
|
To not fail on openssl built with #define OPENSSL_NO_EC2M
(Why does the test not verify all supported curve types?)
|
|
|
|
Despite the confusion caused by the name, aes_cfb_8_crypt and
aes_cfb_128_crypt can use key lengths of 128, 192, or 256. The integer
in the function name refers to the block size for CFB mode. Change
the aes_cfb_8_crypt and aes_cfb_128_crypt functions to accept and use
keys of length 128, 192, or 256. Also augment the existing testing for
these functions using the NIST test vectors for the additional key
lengths to ensure the changes function properly.
|
|
* andreaTP/added-aes-ecb-to-crypto/OTP-12403:
aligned implementation following last specs
finally fixed docs
fixed incorrect tag
proposal of documentation
fixes and tests
add aes ecb to crypto library
|
|
|
|
|
|
enhance generate_key to calculate ECC public keys from private keys
|
|
|
|
|
|
SRP didn't work with smaller primes as user secret was improperly
computed.
Formula is: (B - (k * g^x)) ^ (a + (u * x)) % N
Previously, the code computed a + (u * x) % N instead of a + (u * x).
a typically is a 256 bits random number (RFC 5054 says it should be at
least 256 bits), u and x are SHA1 signatures (160 bits). So a + (u * x)
can differ from a + (u * x) % N for N primes smaller than 320 bits.
|
|
This adds the aes_cfb8 cypher type (and associated tests and
documentation) to the crypto module.
|
|
* lukas/ose/master/OTP-11334: (71 commits)
erts: Fix unix efile assert
ose: Use -O2 when building
ose: Expand OSE docs
ose: Add dummy ttsl driver
ose: Cleanup cleanup of mutex selection defines
ose: Polish mmap configure checks
ose: Add ose specific x-compile flags
ose: Updating fd_driver and spawn_driver for OSE
ose: Updating event and signal API for OSE
ose: Cleanup of mutex selection defines
win32: Compile erl_log.exe
ose: Remove uneccesary define
ose: Fix ssl configure test for osx
erts: Fix sys_msg_dispatcher assert
ose: Fix broken doc links
ose: Thread priorities configurable from lmconf
ose: Yielding the cpu is done "the OSE" way
ose: Start using ppdata for tse key
ose: Do not use spinlocks on OSE
ose: Fix support for crypto
...
Conflicts:
lib/crypto/c_src/crypto.c
|
|
To enable it you have to modify the OSESSL variable in the
ose xcomp file.
|
|
Add the mentioned test suites for *all* library and touched
non-library applications.
|
|
RFC-5649, Section 1, documents the advantages that these curves
might have over others (ANSI, SEC1/2)
|
|
Vectors have been taken from NIST's CRYPTOGRAPHIC ALGORITHM VALIDATION
PROGRAM (CAVP) (http://csrc.nist.gov/groups/STM/cavp/)
|
|
* sverk/yb/aes_ige_crypt:
crypto: Update supports/0 for des3_cbf and aes_ige256
crypto: Throw notsup for AES IGE if openssl older than 0.9.8c
crypto: Add IGE mode for AES
OTP-11522
|
|
Amendment to f1ebf482e1460d6146d55aa6cab00ab3e11f1741
|
|
|
|
|
|
|
|
|
|
Also fix bugs found by new tests
|
|
to conform with the return value of the other types.
|
|
|
|
|
|
|
|
|
|
|
|
and remove corresponding specific functions for srp and ecdh
but leave dh_ functions for backward compatibility.
|
|
and remove curve from the returned tuple.
|
|
|
|
as well as mpint's for backward compatibility.
|
|
for rsa, dss, and new ecdsa.
No mpint's accepted.
|
|
|
|
Conflicts:
lib/crypto/src/crypto.erl
|
|
Adjust API to better fit in with similar funtions in crypto
|
|
algorithms
add algorithms/0 function that returns a list off compiled in crypto algorithms
and make tests suites with SHA226, SHA256, SHA384 and SHA512 conditional based
on that
|
|
|
|
|
|
* sverk/crypto-hmac-enhancements/OTP-10640:
crypto: Add RFC-4231 test vectors for output truncation
crypto: Add test cases for the generic hmac interface in the RFC-4231 tests
crypto: Add RFC-2202 test vectors for HMAC-MD5 and HMAC-SHA1
crypto: Provide a generic interface for HMAC generation
crypto: Document all types currently available for hmac_init
|
|
this updates the previous patch adding tests for the ripemd160 functions
to use the hash and hash_init family instead of calling directly.
|
|
add ripemd160 message digest support to the crypto app,
includes some test cases.
|
|
|
|
|
|
|
|
|