aboutsummaryrefslogtreecommitdiffstats
path: root/lib/crypto
AgeCommit message (Collapse)Author
2017-06-02Merge pull request #1473 from SalikhovDinislam/static_codeLukas Larsson
Make some C code static
2017-05-31Revert "Prepare release"Hans Nilsson
This reverts commit eaf8ca41dfa4850437ad270d3897399c9358ced0.
2017-05-30Prepare releaseErlang/OTP
2017-05-29Merge pull request #1396 from RoadRunnr/crypto/cavpHans Nilsson
crypto: replace AES test vectors with validation data from NIST CAVP program OTP-14436
2017-05-29Merge pull request #1462 from Vagabond/adt-fix-aes-cfb128Hans Nilsson
Fix backwards equality check in aes cfb128 function OTP-14435
2017-05-21crypto: Make internal arrays staticSalikhov Dinislam
2017-05-15Fix backwards equality check in aes cfb128 functionAndrew Thompson
2017-05-09Remove duplicate aes_gcm from a list of ciphersDaniil Fedotov
2017-05-05Revert "Prepare release"Raimo Niskanen
This reverts commit dc57404252c47520f352834ad9be45ad684f96c9.
2017-05-04Prepare releaseErlang/OTP
2017-05-04Update copyright yearRaimo Niskanen
2017-05-03crypto: use lazy evaluation for test cases read from CAVP filesAndreas Schultz
It turns out that the excessive memory usage is cause by the test framework printing all the test vectors into the log output. A similar proplem was already diagnosed for long_msg/0. The root cause was not mentioned in the SUITE, but the same fix applies to the CAPV test vector data. Switch all CAPV data to lazy evaluation and have the test itself read the data.
2017-05-03crypto: replace AES GCM test vectors with NIST CAVP suiteAndreas Schultz
2017-05-03crypto: replace AES CMAC test vectors with NIST CAVP suiteAndreas Schultz
2017-05-03crypto: replace AES test vectors with NIST CAVP test dataAndreas Schultz
NIST's Cryptographic Algorithm Validation Program provides validation testing of FIPS-approved and NIST-recommended cryptographic algorithms. Instead of hard coding a limited set of test vectors, use their comprehensive validation set to test AES cipher modes.
2017-04-21Merge branch 'raimo/rand-dev/OTP-14295'Raimo Niskanen
* raimo/rand-dev/OTP-14295: Implement Xoroshiro116+ and improve statisticals
2017-04-21Implement Xoroshiro116+ and improve statisticalsRaimo Niskanen
Implement Xoroshiro116+ as 'exrop' with fixes. Deprecate all old algorithms but reincarnate 'exs1024' as 'exs1024s' and 'exsplus' as 'exsp' with fixes. Fixes: * Avoid skew for uniform integers caused by using a simple 'rem' operation for range confinement. Correctness requires retry with new random value for an unfortunate first value. * Implement a correct algorithm that collects enough random bits for ranges larger than the generator's precision. * Fix uniform density for floats by acquiring 53 bits then multiplying with 2.0^(-53) which produces floats on the form N * 2.0^(-53).
2017-04-12Merge branch 'ingela/openssl-version'Ingela Anderton Andin
* ingela/openssl-version: crypto: Update documentation to reflect new version policy erts: Update configure check for OpenSSL
2017-04-12crypto: Increase prime to pass with FIPS-enabled cryptolibHans Nilsson
Fix for problem introduced with OTP-14140
2017-04-07crypto: Update documentation to reflect new version policyIngela Anderton Andin
2017-04-04Merge branch 'maint'Ingela Anderton Andin
Conflicts: OTP_VERSION erts/vsn.mk lib/crypto/c_src/crypto.c lib/crypto/src/crypto.erl lib/ssh/src/ssh.erl
2017-04-04Merge branch 'g-andrade/strong-random-numbers/PR-1367/OTP-14317'Raimo Niskanen
* g-andrade/strong-random-numbers/PR-1367/OTP-14317: Clean up documentation and test cases Attempt faster approach to strong random floats Allow for crypto upgrades when using rand plugin fixup! Support cryptographically strong rand plugin fixup! Support cryptographically strong rand plugin fixup! Support cryptographically strong rand plugin fixup! Support cryptographically strong rand plugin No longer expose strong_rand_(range|float) Support cryptographically strong rand plugin Restyle crypto strong numeric generators for usage in rand Support generation of strong random numbers
2017-04-04Clean up documentation and test casesRaimo Niskanen
2017-03-31Update release notesErlang/OTP
2017-03-31Update version numbersErlang/OTP
2017-03-29Fix bug with AES CFB 128Kelly McLaughlin
Fix a bug with the use of the aes_cfb128 cipher by calling the correct underlying openssl interface function when the cipher is specified.
2017-03-29Demonstrate the bug with AES CFB 128 encryptionKelly McLaughlin
Demonstrate a bug with AES CFB 128 for certain key sizes introduced with the Erlang 19.0 release. The code in the block_crypt_nif function in the crypto.c source file incorrectly calls aes_cfb_8_crypt when the specified cipher is aes_cfb8 or aes_cfb128 and the key size is 24 or 32. The aes_cfb_8_crypt function calls the AES_cfb8_encrypt function from the openssl interface, but this is incorrect when the cipher is aes_cfb128. Unfortunately the test cases in the crypto test suite are insufficient to detect an issue like this because it exercises the encryption and decryption roundtrip using the same incorrect underlying function. The problem was observed when trying to update an application to Erlang 19 that attempted to decrypt data that was encrypted using aes_cfb128 by another source. In this commit I altered the crypto test suite to provide a demonstration of this problem.
2017-03-27Add a no_native option wherever there is an on_loadKostis Sagonas
This is a poor man's solution that allows to build and test the system with all files compiled to native code simply by setting the ERL_COMPILER_OPTS environment variable. Better solutions, like automatically setting the no_native option whenever the compiler sees an on_load attribute, obviously exist but require more time to implement.
2017-03-22Attempt faster approach to strong random floatsGuilherme Andrade
2017-03-22Allow for crypto upgrades when using rand pluginGuilherme Andrade
2017-03-22fixup! Support cryptographically strong rand pluginGuilherme Andrade
Fix documented range (interval is half-open.)
2017-03-22fixup! Support cryptographically strong rand pluginGuilherme Andrade
Be friendlier to Dialyzer
2017-03-20crypto: Deprecate crypto:rand_uniform/2 as it is not cryptographically strongIngela Anderton Andin
rand module should be used if not cryptographically strong is required. If cryptographically strong is required, new cryptographically strong functions should be added to crypto.
2017-03-18No longer expose strong_rand_(range|float)Guilherme Andrade
2017-03-18Support cryptographically strong rand pluginGuilherme Andrade
2017-03-18Restyle crypto strong numeric generatorsGuilherme Andrade
for usage in rand
2017-03-14Support generation of strong random numbersGuilherme Andrade
2017-03-14Merge branch 'maint'Rickard Green
* maint: Updated OTP version Prepare release Conflicts: OTP_VERSION lib/typer/doc/src/notes.xml lib/typer/vsn.mk
2017-03-14Prepare releaseErlang/OTP
2017-03-13Merge branch 'wiml/crypto/rsa-generate-key/ERL-165/PR-1299/OTP-14140'Hans Nilsson
2017-03-10Update copyright yearRickard Green
2017-03-09crypto: Document exceptions thrown in crypto:generate_keyHans Nilsson
2017-03-09crypto: Uppdate crypto.app.src for dirty_scheduler dependency in ERTSHans Nilsson
2017-03-09crypto: removed error function from PR and added error handling in crypto.erlHans Nilsson
2017-03-02crypto: Enable usage of LibreSSLHans Nilsson
2017-02-03Merge branch 'maint'Hans Nilsson
2017-02-03Merge branch 'maint'Björn-Egil Dahlberg
2017-02-03Fix merge commitBjörn-Egil Dahlberg
This fixes commit f0867aa2ccbbf5677e0577bba08f8b7bc53ec0ed
2017-02-03erge branch 'maint'Hans Nilsson
Conflicts: OTP_VERSION
2017-02-03Merge branch 'maint-18' into maintHans Nilsson
Conflicts: OTP_VERSION erts/doc/src/notes.xml erts/emulator/sys/unix/erl_unix_sys.h erts/emulator/sys/unix/sys.c erts/vsn.mk lib/crypto/c_src/crypto.c lib/crypto/doc/src/notes.xml lib/crypto/vsn.mk lib/inets/doc/src/notes.xml lib/inets/vsn.mk lib/ssh/doc/src/notes.xml lib/ssh/src/ssh.app.src lib/ssh/src/ssh_connection_handler.erl lib/ssh/vsn.mk otp_versions.table