Age | Commit message (Collapse) | Author |
|
|
|
|
|
Facts:
crypto nif-lib registers callback functions that openssl uses
for memory management and thread synchronization. The callback
functions can only be set once, openssl does not allow changing the
callback functions.
Problem:
If openssl is dynamicly linked to crypto, you might get s scenario
where the crypto lib is unloaded while leaving openssl loaded
with its old pointers to the unloaded crypto code intact.
If crypto is then reloaded (by init:restart() for example), the crypto
nif-lib might get relocated at a different address. crypto calls
openssl which in turn calls the old invalid callback functions...kaboom.
Solution:
Break apart the callback functions into a separate dynamic lib that
crypto loads with dlopen. When crypto is unloaded the callback lib is
left in place to be reused if/when crypto is loaded again.
|
|
|
|
|
|
* sverk/crypto-test-fix:
crypto: Skip some tests if openssl lib < 0.9.8
OTP-10249 Not related to this branch
|
|
|
|
OpenSSL 0.9.7 does not support sha224,384,256,512
|
|
* ia/ssl/tls1.1and1.2: (46 commits)
ssl: Clean up of code thanks to dialyzer
ssl: Test suite adjustments
ssl & public_key: Prepare for release
ssl: Use crypto:strong_rand_bytes if possible
ssl & public_key: Add use of more "sha-rsa oids"
ssl: Fix inet header option to behave as in inet
ssl: TLS 1.2: fix hash and signature handling
ssl: TLS 1.2: fix Certificate Request list of Accepted Signatur/Hash combinations
ssl: Add Signature Algorithms hello extension from TLS 1.2
ssl: Fix rizzo tests to run as intended
ssl: TLS-1.1 and TLS-1.2 support should not be default until R16
ssl: Signture type bug
ssl: Add crypto support check (TLS 1.2 require sha256 support)
ssl: Dialyzer fixes
ssl: IDEA cipher is deprecated by TLS 1.2
ssl: Run relevant tests for all SSL/TLS versions
ssl: Add TLS version switches to openssl tests
ssl: Enable TLS 1.2
ssl: Enable mac_hash for TLS 1.2
ssl: Implement TLS 1.2 signature support
...
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Replace _hash functions with {digest,_} argument
to existing sign/verify functions.
|
|
|
|
Remove the need for padding up to 16-byte multiple.
|
|
OTP-10106
OTP-10107
|
|
Included them by "mistake".
|
|
by using extra redundant information as part of the key
that will speed things up for OpenSSL.
Affects rsa_sign, rsa_private_encrypt and rsa_private_decrypt.
|
|
crypto only uses libcrypto.
Superfluous dependency introduced in R14B04 by 52230a417ad0057.
|
|
|
|
|
|
* sverk/crypto-sha256:
crypto: Add sha256,384,512 in documentation for rsa_verify
crypto: Add sha{256,384,512} to rsa_verify
crypto: Add sha256 and sha512
OTP-9778
|
|
|
|
When crypto_SUITE was migrated to the common_test format in commit
f6b19ef8603b46c64f3722ede3915dd1ac67bae8, some things were lost
in translation. Reinstate the previous behaviour:
1) Run the info/1 test case. This test case will cause a skip if
the test is run on a non-commercial platform and the entire
crypto application is missing. If the crypto application exists,
but does not work properly, the test case will fail.
2) If info/1 is skipped or fails, don't run any other test cases
in crypto_SUITE. (That is, if there is a basic problem, ONE
failed test case is sufficient indication.)
|
|
|
|
No test and doc
|
|
This reverts commit e21ff9b0b69219ab3853be7e80813156113152b7.
|
|
|
|
|
|
These dependency files was once used when building the documentation,
but are no longer needed.
|
|
* pg/des-cfb-functions:
[crypto] Remove swedish characters from test code
[crypto] Add DES and Triple DES cipher feedback (CFB) mode functions
OTP-9640
|
|
|
|
|
|
|
|
|
|
|
|
* sverker/revert-md2-With-RSA-Encryption:
Revert "Prepare for release"
Revert "Support md2WithRSAEncryption certificates in public_key"
Revert "Support 'md2' hash in crypto:rsa_sign/3 and crypto:rsa_verify/4"
|
|
Conflicts:
lib/inets/doc/src/notes.xml
lib/inets/src/inets_app/inets.appup.src
lib/inets/test/httpc_cookie_SUITE.erl
lib/inets/vsn.mk
|
|
Only used for commercial builds
|
|
This reverts commit 82897cc8f399fab832148711b586215c9a3f7af1.
|
|
Conflicts:
erts/aclocal.m4
erts/include/internal/ethread_header_config.h.in
|
|
* cr/md2-With-RSA-Encryption:
Document crypto:sha_mac_96/2 to compute an SHA MAC, not MD5
Support md2WithRSAEncryption certificates in public_key
Support 'md2' hash in crypto:rsa_sign/3 and crypto:rsa_verify/4
OTP-9554
|
|
|
|
* sverker/crypto-rand_uniform-negative/OTP-9526:
[crypto] Fix rand_uniform for negative values
|
|
|
|
Also let it throw badarg if 'Hi' is not larger than 'Lo'.
|