Age | Commit message (Collapse) | Author |
|
|
|
As a preparation for the new mod_exp_prime and in the quest to reduce
to use of the old mpint format.
|
|
|
|
|
|
|
|
|
|
* nox/enable-silent-rules/OTP-10726:
Implement ./otp_build configure --enable-silent-rules
|
|
With silent rules, the output of make is less verbose and compilation
warnings are easier to spot. Silent rules are disabled by default and
can be disabled or enabled at will by make V=0 and make V=1.
|
|
* sverk/crypto-hmac-enhancements/OTP-10640:
crypto: Add RFC-4231 test vectors for output truncation
crypto: Add test cases for the generic hmac interface in the RFC-4231 tests
crypto: Add RFC-2202 test vectors for HMAC-MD5 and HMAC-SHA1
crypto: Provide a generic interface for HMAC generation
crypto: Document all types currently available for hmac_init
|
|
this updates the previous patch adding tests for the ripemd160 functions
to use the hash and hash_init family instead of calling directly.
|
|
this patch removes the exports for ripemd160 from the previous patches
and incorporates those functions into the hash_init family. documentation
is also added.
|
|
A couple of #defines were missed in my previous patch.
|
|
add ripemd160 message digest support to the crypto app,
includes some test cases.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Also added test code to check the consistency of crypto:info().
|
|
|
|
|
|
An attempt to enable the use of openssl 0.9.7
|
|
* sverk/crypto-unloading:
crypto: Link crypto_callback statically
crypto: Add debug print macros
crypto: Enable runtime upgrade of crypto
crypto: Make unloading of crypto safer
OTP-10596
|
|
|
|
if static linking of openssl is used.
|
|
|
|
|
|
Facts:
crypto nif-lib registers callback functions that openssl uses
for memory management and thread synchronization. The callback
functions can only be set once, openssl does not allow changing the
callback functions.
Problem:
If openssl is dynamicly linked to crypto, you might get s scenario
where the crypto lib is unloaded while leaving openssl loaded
with its old pointers to the unloaded crypto code intact.
If crypto is then reloaded (by init:restart() for example), the crypto
nif-lib might get relocated at a different address. crypto calls
openssl which in turn calls the old invalid callback functions...kaboom.
Solution:
Break apart the callback functions into a separate dynamic lib that
crypto loads with dlopen. When crypto is unloaded the callback lib is
left in place to be reused if/when crypto is loaded again.
|
|
|
|
|
|
* sverk/crypto-test-fix:
crypto: Skip some tests if openssl lib < 0.9.8
OTP-10249 Not related to this branch
|
|
|
|
OpenSSL 0.9.7 does not support sha224,384,256,512
|
|
* ia/ssl/tls1.1and1.2: (46 commits)
ssl: Clean up of code thanks to dialyzer
ssl: Test suite adjustments
ssl & public_key: Prepare for release
ssl: Use crypto:strong_rand_bytes if possible
ssl & public_key: Add use of more "sha-rsa oids"
ssl: Fix inet header option to behave as in inet
ssl: TLS 1.2: fix hash and signature handling
ssl: TLS 1.2: fix Certificate Request list of Accepted Signatur/Hash combinations
ssl: Add Signature Algorithms hello extension from TLS 1.2
ssl: Fix rizzo tests to run as intended
ssl: TLS-1.1 and TLS-1.2 support should not be default until R16
ssl: Signture type bug
ssl: Add crypto support check (TLS 1.2 require sha256 support)
ssl: Dialyzer fixes
ssl: IDEA cipher is deprecated by TLS 1.2
ssl: Run relevant tests for all SSL/TLS versions
ssl: Add TLS version switches to openssl tests
ssl: Enable TLS 1.2
ssl: Enable mac_hash for TLS 1.2
ssl: Implement TLS 1.2 signature support
...
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Replace _hash functions with {digest,_} argument
to existing sign/verify functions.
|
|
|
|
Remove the need for padding up to 16-byte multiple.
|
|
OTP-10106
OTP-10107
|
|
Included them by "mistake".
|
|
by using extra redundant information as part of the key
that will speed things up for OpenSSL.
Affects rsa_sign, rsa_private_encrypt and rsa_private_decrypt.
|