aboutsummaryrefslogtreecommitdiffstats
path: root/lib/crypto
AgeCommit message (Collapse)Author
2014-09-08crypto: Verify OpenSSL library major version at loadSverker Eriksson
to prevent strange memory corruption crashes due to mismatch between header and library versions.
2014-06-19Prepare releaseErlang/OTP
2014-06-19Merge branch 'sverk/crypto-ec-mem-leak/OTP-11999' into maintSverker Eriksson
* sverk/crypto-ec-mem-leak/OTP-11999: crypto: Fix memory leak of EC "keys" and "points" crypto: Fix crypto for debug and valgrind
2014-06-18crypto: Fix memory leak of EC "keys" and "points"Sverker Eriksson
2014-06-17crypto: Fix crypto for debug and valgrindSverker Eriksson
without relying on opt-version has been built. Removed ASSERT to make crypto_callback.debug.so work without dynamic linking to libcrypto.so.
2014-06-11Merge branch 'pguyot/fix_srp' into maintHenrik Nord
* pguyot/fix_srp: Fix bug in SRP implementation
2014-05-26crypto: Fix memory leak in some error casesSverker Eriksson
sign(dss,) and compute_key(dh,)
2014-05-26crypto: Fix memory leak in hmac stream functionsSverker Eriksson
The context was never deallocated.
2014-05-15Fix bug in SRP implementationPaul Guyot
SRP didn't work with smaller primes as user secret was improperly computed. Formula is: (B - (k * g^x)) ^ (a + (u * x)) % N Previously, the code computed a + (u * x) % N instead of a + (u * x). a typically is a 256 bits random number (RFC 5054 says it should be at least 256 bits), u and x are SHA1 signatures (160 bits). So a + (u * x) can differ from a + (u * x) % N for N primes smaller than 320 bits.
2014-04-29Add AES-CBF8 cypher to crypto moduleBernard Duggan
This adds the aes_cfb8 cypher type (and associated tests and documentation) to the crypto module.
2014-04-07Update release notesErlang/OTP
2014-03-20Introduce runtime_dependencies in .app filesRickard Green
Most dependencies introduced are exactly the dependencies to other applications found by xref. That is, there might be real dependencies missing. There might also be pure debug dependencies listed that probably should be removed. Each application has to be manually inspected in order to ensure that all real dependencies are listed. All dependencies introduced are to application versions used in OTP 17.0. This since the previously used version scheme wasn't designed for this, and in order to minimize the work of introducing the dependencies.
2014-03-20Bump versions and ensure that all are "normal" versionsRickard Green
Ensure all are "normal" versions according to the new version scheme introduced in OTP 17.0
2014-03-17Change encoding for XML files to utf-8Siri Hansen
These are some files that were erronously missed earlier: erts/doc/src/time_correction.xml lib/crypto/doc/src/crypto_app.xml lib/snmp/doc/src/snmpa_mib_data.xml lib/snmp/doc/src/snmpa_mib_storage.xml
2014-02-24Merge branch 'lukas/ose/master/OTP-11334'Lukas Larsson
* lukas/ose/master/OTP-11334: (71 commits) erts: Fix unix efile assert ose: Use -O2 when building ose: Expand OSE docs ose: Add dummy ttsl driver ose: Cleanup cleanup of mutex selection defines ose: Polish mmap configure checks ose: Add ose specific x-compile flags ose: Updating fd_driver and spawn_driver for OSE ose: Updating event and signal API for OSE ose: Cleanup of mutex selection defines win32: Compile erl_log.exe ose: Remove uneccesary define ose: Fix ssl configure test for osx erts: Fix sys_msg_dispatcher assert ose: Fix broken doc links ose: Thread priorities configurable from lmconf ose: Yielding the cpu is done "the OSE" way ose: Start using ppdata for tse key ose: Do not use spinlocks on OSE ose: Fix support for crypto ... Conflicts: lib/crypto/c_src/crypto.c
2014-02-24ose: Fix support for cryptoLukas Larsson
To enable it you have to modify the OSESSL variable in the ose xcomp file.
2014-02-24crypto: Add rand_seed functionLukas Larsson
This function is needed on OSs that do not automatically initialize the PRNG seed.
2014-02-24Added support for ENEA OSELukas Larsson
This port has support for both non-smp and smp. It contains a new way to do io checking in which erts_poll_wait receives the payload of the polled entity. This has implications for all linked-in drivers.
2014-02-24Merge branch 'schlagert/fix_basic_appups'Siri Hansen
* schlagert/fix_basic_appups: Dynamically configure typer_SUITE according to environment Disable hipe_SUITE when environment doesn't support it Make hipe non-upgradable by setting appup file empty Fix missing module on hipe app file template Add test suites performing app and appup file checks Introduce appup test utility Fix library application appup files Fix non-library appup files according to issue #240 OTP-11744
2014-02-24Add test suites performing app and appup file checksTobias Schlager
Add the mentioned test suites for *all* library and touched non-library applications.
2014-02-19Merge branch 'sverk/crypto/nomem-abort'Sverker Eriksson
OTP-11725 * sverk/crypto/nomem-abort: crypto: Abort VM if out of memory
2014-02-19Merge branch 'sverk/crypto/hmac-context-reuse-bug'Sverker Eriksson
OTP-11722 OTP-11724 * sverk/crypto/hmac-context-reuse-bug: crypto: Fix bug when using old hmac context erts: Fix NIF bug when load/upgrade fails after enif_open_resource_type Conflicts: erts/emulator/test/nif_SUITE.erl
2014-02-18Fix library application appup filesTobias Schlager
As discussed in issue #240 *all* OTP library applications use the '.*' wildcard as up and down version. This makes library applications always up- and downgradeable. Using the wildcard version obsoletes all maintenance tasks regarding library applications' appup files. Additionally, it prevents upgrade problems caused by automatically included application dependencies when using reltool to create releases. Missing copyright headers are now consistently present.
2014-02-12crypto: Fix bug when using old hmac contextSverker Eriksson
Symptom: Using an old context (that had already been passed as argument to either hmac_upgrade or hmac_final) could cause VM crash or worse. Reason: Only a shallow copy (memcpy) of the context was made causing a new context to partly mutate its parent context into an inconsistent state. Problem: Only OpenSSL v1.0 supports deep copy of hmac context. It is thus not possible to implement a functional interface for older OpenSSL versions (0.9.8) which still have wide spread use. Solution: Change hmac contexts into a mutable state using NIF resources. Document reuse of old contexts as undefined. Future: If a need for reusing old context variables arise, a new hmac_copy function could be introduced that is only supported for OpenSSL v1.0.
2014-02-05crypto: Abort VM if out of memorySverker Eriksson
Nice crash instead of segv or worse.
2014-01-27Merge branch 'sverk/crypto-process-slaughter'Sverker Eriksson
OTP-11619 * sverk/crypto-process-slaughter: crypto: Remove all processes from application crypto
2014-01-24Merge branch 'andrewtj/atj-crypto-chiphertext-typo'Henrik Nord
* andrewtj/atj-crypto-chiphertext-typo: crypto: Fix 'ChipherText' typo in doc OTP-11609
2014-01-17crypto: Remove all processes from application cryptoSverker Eriksson
and make it into a pure library application. The processes where a legacy from the time when crypto was implemented with a driver.
2014-01-13crypto: selective support for GF2m curvesAndreas Schultz
Newer OpenSSL versions allow to selectively disable GF2m elliptic curves. Selectively enable GF2m curves is support for them is available.
2014-01-13crypto: document ec_curves/0 and ec_curve/1Andreas Schultz
2014-01-13crypto: add brainpool (RFC 5639) curvesAndreas Schultz
RFC-5649, Section 1, documents the advantages that these curves might have over others (ANSI, SEC1/2)
2014-01-13crypto: move elitic curve definitions from OpenSSL built-ins to ErlangAndreas Schultz
Decouple eliptic curve definition from OpenSSL and define them in Erlang.
2014-01-13crypto: add ECDH test vectors for more curvesAndreas Schultz
Vectors have been taken from NIST's CRYPTOGRAPHIC ALGORITHM VALIDATION PROGRAM (CAVP) (http://csrc.nist.gov/groups/STM/cavp/)
2013-12-16crypto: Fix memory leaks and invalid deallocationsSverker Eriksson
in mod_pow, mod_exp and generate_key(srp,...)
2013-12-10Merge tag 'OTP_R16B03'Magnus Lidén
The R16B03 release Conflicts: lib/sasl/vsn.mk
2013-12-09Prepare releaseOTP_R16B03Erlang/OTP
2013-12-03crypto: Fix bug in change_basenameSverker Eriksson
strrchr used on non null-terminated string.
2013-12-03Merge branch 'sverk/yb/aes_ige_crypt'Sverker Eriksson
* sverk/yb/aes_ige_crypt: crypto: Update supports/0 for des3_cbf and aes_ige256 crypto: Throw notsup for AES IGE if openssl older than 0.9.8c crypto: Add IGE mode for AES OTP-11522
2013-12-03Merge branch 'maint'Sverker Eriksson
2013-12-03Merge branch 'sverk/crypto-no_answer_from_tc_supervisor' into maintSverker Eriksson
* sverk/crypto-no_answer_from_tc_supervisor: crypto: Add more lazy_eval to avoid no_answer_from_tc_supervisor
2013-12-02Merge branch 'maint'Henrik Nord
2013-12-02Merge branch 'nox/crypto-uninitialized-vars' into maintHenrik Nord
* nox/crypto-uninitialized-vars: Fix some uninitialized pointers in crypto OTP-11510
2013-12-02crypto: Add more lazy_eval to avoid no_answer_from_tc_supervisorSverker Eriksson
Amendment to f1ebf482e1460d6146d55aa6cab00ab3e11f1741
2013-11-27Merge branch 'maint'Sverker Eriksson
2013-11-27crypto: Update supports/0 for des3_cbf and aes_ige256Sverker Eriksson
2013-11-27crypto: Throw notsup for AES IGE if openssl older than 0.9.8cSverker Eriksson
2013-11-22crypto: Avoid test_server crash 'no_answer_from_tc_supervisor'Sverker Eriksson
2013-11-21Fix some uninitialized pointers in cryptoAnthony Ramine
crypto.c:2748:9: warning: variable 'bn_prime' is used uninitialized whenever '||' condition is true [-Wsometimes-uninitialized] if (!get_bn_from_bin(env, argv[0], &bn_verifier) ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ crypto.c:2758:6: note: uninitialized use occurs here if (bn_prime) BN_free(bn_prime); ^~~~~~~~ crypto.c:2748:9: note: remove the '||' if its condition is always false if (!get_bn_from_bin(env, argv[0], &bn_verifier) ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
2013-11-16crypto: Fix 'ChipherText' typo in docAndrew Tunnell-Jones
2013-10-16Merge branch 'sverk/load-nif-unicode'Sverker Eriksson
OTP-11408 * sverk/load-nif-unicode: erts: Fix bug in atom to filename conversions Fix open_ddll for win erts, crypto: Support NIF library with unicode filename on windows erts: Factor out erts_convert_filename_to_wchar() erts: Fix compiler warning erts: Fix loading of NIF library with unicode in path erts: Remove unused constant DRIVER_TAB_SIZE