Age | Commit message (Collapse) | Author |
|
OTP-13205
* sverk/crypto/evp-aes-gcm:
crypto: Fix potential memory leak in error case for block cipher
crypto: Optimize AES-GCM cipher to not use dynamic allocation
Use EVP for AES-GCM
|
|
=== OTP-18.2 ===
Changed Applications:
- asn1-4.0.1
- common_test-1.11.1
- compiler-6.0.2
- crypto-3.6.2
- dialyzer-2.8.2
- diameter-1.11.1
- erl_docgen-0.4.1
- erl_interface-3.8.1
- erts-7.2
- eunit-2.2.12
- hipe-3.14
- inets-6.1
- jinterface-1.6.1
- kernel-4.1.1
- observer-2.1.1
- parsetools-2.1.1
- public_key-1.1
- runtime_tools-1.9.2
- sasl-2.6.1
- snmp-5.2.1
- ssh-4.2
- ssl-7.2
- stdlib-2.7
- test_server-3.9.1
- tools-2.8.2
- typer-0.9.10
- wx-1.6
- xmerl-1.3.9
Unchanged Applications:
- cosEvent-2.2
- cosEventDomain-1.2
- cosFileTransfer-1.2
- cosNotification-1.2
- cosProperty-1.2
- cosTime-1.2
- cosTransactions-1.3
- debugger-4.1.1
- edoc-0.7.17
- eldap-1.2
- et-1.5.1
- gs-1.6
- ic-4.4
- megaco-3.18
- mnesia-4.13.2
- odbc-2.11.1
- orber-3.8
- os_mon-2.4
- ose-1.1
- otp_mibs-1.1
- percept-0.8.11
- reltool-0.7
- syntax_tools-1.7
- webtool-0.9
Conflicts:
OTP_VERSION
erts/vsn.mk
|
|
|
|
|
|
|
|
for the EVP_CIPHER_CTX.
|
|
This enables the use of hardware acceleration on newer Intel CPUs (AES-NI).
|
|
OTP-12217
* sverk/crypto-evp-master:
crypto: Avoid bug in OpenSSL-0.9.8 for ECB ciphers
Fix EVP_aes_???_ctr to demand OpenSSL 1.0.1 or later.
Fix bug for aes_cfb_128_encrypt with empty binary
crypto: Refactor nif code to use EVP interface
|
|
that make EVP_CIPHER_iv_length() return non-zero value.
Seems to be fixed in 0.9.8m.
|
|
|
|
* riverrun/maint:
Recommend against using crypto:rand_bytes
|
|
* maint:
[crypto] Correct documentation
[compiler] Correct documentation
[ssh] Correct documentation
[snmp] Correct documentation
[eunit] Correct documentation
|
|
Fix mistakes found by 'xmllint'.
|
|
|
|
causing OpenSSL 0.9.8h to crash with
evp_enc.c(282): OpenSSL internal error, assertion failed: inl > 0
|
|
Using the generic EVP_* API makes it possible to unify
algorithm-specific nif functions to a single generic
function. Effectively the same change that took place on the Erlang
API in R16B01 is now applied to the C code.
The old implementation using the low-level API is kept
for compiling against old OpenSSL,
as parts of the EVP API were introduced in OpenSSL 1.0.0.
There are various minor improvements as well:
- supported algorithms are now provided by the nif code (not a mix of
the C and Erlang code)
- remove unnecessary variables and macro definitions
Most of the changes in this commit comes from Dániel Szoboszlay
https://github.com/dszoboszlay/otp/commit/07f7056f955b324df4ace
which is part of his 'fips' branch.
Now also rebased on master branch.
|
|
|
|
|
|
s/stong_rand_bytes/strong_rand_bytes/, s/bts/bits/
|
|
=== OTP-18.1 ===
Changed Applications:
- compiler-6.0.1
- crypto-3.6.1
- debugger-4.1.1
- dialyzer-2.8.1
- diameter-1.11
- erts-7.1
- eunit-2.2.11
- hipe-3.13
- inets-6.0.1
- kernel-4.1
- mnesia-4.13.1
- odbc-2.11.1
- public_key-1.0.1
- sasl-2.6
- ssh-4.1
- ssl-7.1
- stdlib-2.6
- tools-2.8.1
- wx-1.5
Unchanged Applications:
- asn1-4.0
- common_test-1.11
- cosEvent-2.2
- cosEventDomain-1.2
- cosFileTransfer-1.2
- cosNotification-1.2
- cosProperty-1.2
- cosTime-1.2
- cosTransactions-1.3
- edoc-0.7.17
- eldap-1.2
- erl_docgen-0.4
- erl_interface-3.8
- et-1.5.1
- gs-1.6
- ic-4.4
- jinterface-1.6
- megaco-3.18
- observer-2.1
- orber-3.8
- os_mon-2.4
- ose-1.1
- otp_mibs-1.1
- parsetools-2.1
- percept-0.8.11
- reltool-0.7
- runtime_tools-1.9.1
- snmp-5.2
- syntax_tools-1.7
- test_server-3.9
- typer-0.9.9
- webtool-0.9
- xmerl-1.3.8
Conflicts:
OTP_VERSION
erts/vsn.mk
|
|
|
|
|
|
|
|
The OSE port is no longer supported and this commit removed it
and any changes related to it. The things that were general
improvements have been left in the code.
|
|
|
|
|
|
|
|
To not fail on openssl built with #define OPENSSL_NO_EC2M
(Why does the test not verify all supported curve types?)
|
|
that could cause VM crash on faulty input.
|
|
Use a stack allocated context and EVP_CIPHER_CTX_init/cleanup
instead of dynamic EVP_CIPHER_CTX_new/free that does not exist in older
0.9.8 versions.
|
|
=== OTP-17.5 ===
Changed Applications:
- asn1-3.0.4
- common_test-1.10
- compiler-5.0.4
- crypto-3.5
- debugger-4.0.3
- dialyzer-2.7.4
- diameter-1.9
- eldap-1.1.1
- erts-6.4
- hipe-3.11.3
- inets-5.10.6
- kernel-3.2
- mnesia-4.12.5
- observer-2.0.4
- os_mon-2.3.1
- public_key-0.23
- runtime_tools-1.8.16
- ssh-3.2
- ssl-6.0
- stdlib-2.4
- syntax_tools-1.6.18
- test_server-3.8
- tools-2.7.2
- wx-1.3.3
Unchanged Applications:
- cosEvent-2.1.15
- cosEventDomain-1.1.14
- cosFileTransfer-1.1.16
- cosNotification-1.1.21
- cosProperty-1.1.17
- cosTime-1.1.14
- cosTransactions-1.2.14
- edoc-0.7.16
- erl_docgen-0.3.7
- erl_interface-3.7.20
- et-1.5
- eunit-2.2.9
- gs-1.5.16
- ic-4.3.6
- jinterface-1.5.12
- megaco-3.17.3
- odbc-2.10.22
- orber-3.7.1
- ose-1.0.2
- otp_mibs-1.0.10
- parsetools-2.0.12
- percept-0.8.10
- reltool-0.6.6
- sasl-2.4.1
- snmp-5.1.1
- typer-0.9.8
- webtool-0.8.10
- xmerl-1.3.7
Conflicts:
OTP_VERSION
erts/vsn.mk
lib/ssl/vsn.mk
|
|
|
|
|
|
by removing the spec. It's an internal function.
|
|
Despite the confusion caused by the name, aes_cfb_8_crypt and
aes_cfb_128_crypt can use key lengths of 128, 192, or 256. The integer
in the function name refers to the block size for CFB mode. Change
the aes_cfb_8_crypt and aes_cfb_128_crypt functions to accept and use
keys of length 128, 192, or 256. Also augment the existing testing for
these functions using the NIST test vectors for the additional key
lengths to ensure the changes function properly.
|
|
* andreaTP/added-aes-ecb-to-crypto/OTP-12403:
aligned implementation following last specs
finally fixed docs
fixed incorrect tag
proposal of documentation
fixes and tests
add aes ecb to crypto library
|
|
OTP-12394
* RoadRunnr/crypto-ecc-gen-key:
[crypto] enhance generate_key for ECC keys
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* arekinath/aes-evp/OTP-12380:
crypto: use EVP for AES-CBC
|
|
=== OTP-17.4 ===
Changed Applications:
- asn1-3.0.3
- common_test-1.9
- compiler-5.0.3
- crypto-3.4.2
- debugger-4.0.2
- dialyzer-2.7.3
- diameter-1.8
- edoc-0.7.16
- eldap-1.1
- erl_docgen-0.3.7
- erl_interface-3.7.20
- erts-6.3
- eunit-2.2.9
- hipe-3.11.2
- inets-5.10.4
- jinterface-1.5.12
- kernel-3.1
- megaco-3.17.3
- mnesia-4.12.4
- observer-2.0.3
- odbc-2.10.22
- otp_mibs-1.0.10
- parsetools-2.0.12
- percept-0.8.10
- runtime_tools-1.8.15
- snmp-5.1.1
- ssh-3.1
- ssl-5.3.8
- stdlib-2.3
- syntax_tools-1.6.17
- test_server-3.7.2
- tools-2.7.1
- wx-1.3.2
Unchanged Applications:
- cosEvent-2.1.15
- cosEventDomain-1.1.14
- cosFileTransfer-1.1.16
- cosNotification-1.1.21
- cosProperty-1.1.17
- cosTime-1.1.14
- cosTransactions-1.2.14
- et-1.5
- gs-1.5.16
- ic-4.3.6
- orber-3.7.1
- os_mon-2.3
- ose-1.0.2
- public_key-0.22.1
- reltool-0.6.6
- sasl-2.4.1
- typer-0.9.8
- webtool-0.8.10
- xmerl-1.3.7
Conflicts:
OTP_VERSION
erts/vsn.mk
|
|
|
|
This enables the use of hardware acceleration for AES crypto
on newer Intel CPUs (AES-NI), among other platforms.
|
|
enhance generate_key to calculate ECC public keys from private keys
|
|
|
|
Thanks to @ino_murko from Twitter
|