Age | Commit message (Collapse) | Author |
|
|
|
to prevent strange memory corruption crashes due to
mismatch between header and library versions.
|
|
|
|
|
|
|
|
* sverk/crypto-ec-mem-leak/OTP-11999:
crypto: Fix memory leak of EC "keys" and "points"
crypto: Fix crypto for debug and valgrind
|
|
|
|
without relying on opt-version has been built.
Removed ASSERT to make crypto_callback.debug.so work without
dynamic linking to libcrypto.so.
|
|
* pguyot/fix_srp:
Fix bug in SRP implementation
|
|
sign(dss,) and compute_key(dh,)
|
|
The context was never deallocated.
|
|
SRP didn't work with smaller primes as user secret was improperly
computed.
Formula is: (B - (k * g^x)) ^ (a + (u * x)) % N
Previously, the code computed a + (u * x) % N instead of a + (u * x).
a typically is a 256 bits random number (RFC 5054 says it should be at
least 256 bits), u and x are SHA1 signatures (160 bits). So a + (u * x)
can differ from a + (u * x) % N for N primes smaller than 320 bits.
|
|
This adds the aes_cfb8 cypher type (and associated tests and
documentation) to the crypto module.
|
|
|
|
Most dependencies introduced are exactly the dependencies to other
applications found by xref. That is, there might be real dependencies
missing. There might also be pure debug dependencies listed that
probably should be removed. Each application has to be manually
inspected in order to ensure that all real dependencies are listed.
All dependencies introduced are to application versions used in
OTP 17.0. This since the previously used version scheme wasn't
designed for this, and in order to minimize the work of introducing
the dependencies.
|
|
Ensure all are "normal" versions according to the new version scheme
introduced in OTP 17.0
|
|
These are some files that were erronously missed earlier:
erts/doc/src/time_correction.xml
lib/crypto/doc/src/crypto_app.xml
lib/snmp/doc/src/snmpa_mib_data.xml
lib/snmp/doc/src/snmpa_mib_storage.xml
|
|
* lukas/ose/master/OTP-11334: (71 commits)
erts: Fix unix efile assert
ose: Use -O2 when building
ose: Expand OSE docs
ose: Add dummy ttsl driver
ose: Cleanup cleanup of mutex selection defines
ose: Polish mmap configure checks
ose: Add ose specific x-compile flags
ose: Updating fd_driver and spawn_driver for OSE
ose: Updating event and signal API for OSE
ose: Cleanup of mutex selection defines
win32: Compile erl_log.exe
ose: Remove uneccesary define
ose: Fix ssl configure test for osx
erts: Fix sys_msg_dispatcher assert
ose: Fix broken doc links
ose: Thread priorities configurable from lmconf
ose: Yielding the cpu is done "the OSE" way
ose: Start using ppdata for tse key
ose: Do not use spinlocks on OSE
ose: Fix support for crypto
...
Conflicts:
lib/crypto/c_src/crypto.c
|
|
To enable it you have to modify the OSESSL variable in the
ose xcomp file.
|
|
This function is needed on OSs that do not automatically
initialize the PRNG seed.
|
|
This port has support for both non-smp and smp.
It contains a new way to do io checking in which erts_poll_wait
receives the payload of the polled entity. This has implications
for all linked-in drivers.
|
|
* schlagert/fix_basic_appups:
Dynamically configure typer_SUITE according to environment
Disable hipe_SUITE when environment doesn't support it
Make hipe non-upgradable by setting appup file empty
Fix missing module on hipe app file template
Add test suites performing app and appup file checks
Introduce appup test utility
Fix library application appup files
Fix non-library appup files according to issue #240
OTP-11744
|
|
Add the mentioned test suites for *all* library and touched
non-library applications.
|
|
OTP-11725
* sverk/crypto/nomem-abort:
crypto: Abort VM if out of memory
|
|
OTP-11722
OTP-11724
* sverk/crypto/hmac-context-reuse-bug:
crypto: Fix bug when using old hmac context
erts: Fix NIF bug when load/upgrade fails after enif_open_resource_type
Conflicts:
erts/emulator/test/nif_SUITE.erl
|
|
As discussed in issue #240 *all* OTP library applications use the '.*'
wildcard as up and down version. This makes library applications
always up- and downgradeable. Using the wildcard version obsoletes
all maintenance tasks regarding library applications' appup files.
Additionally, it prevents upgrade problems caused by automatically
included application dependencies when using reltool to create
releases. Missing copyright headers are now consistently present.
|
|
Symptom: Using an old context (that had already been passed as argument to either
hmac_upgrade or hmac_final) could cause VM crash or worse.
Reason: Only a shallow copy (memcpy) of the context was made causing
a new context to partly mutate its parent context into an inconsistent
state.
Problem: Only OpenSSL v1.0 supports deep copy of hmac context. It is thus
not possible to implement a functional interface for older OpenSSL
versions (0.9.8) which still have wide spread use.
Solution: Change hmac contexts into a mutable state using NIF resources.
Document reuse of old contexts as undefined.
Future: If a need for reusing old context variables arise, a new hmac_copy
function could be introduced that is only supported for OpenSSL v1.0.
|
|
Nice crash instead of segv or worse.
|
|
OTP-11619
* sverk/crypto-process-slaughter:
crypto: Remove all processes from application crypto
|
|
* andrewtj/atj-crypto-chiphertext-typo:
crypto: Fix 'ChipherText' typo in doc
OTP-11609
|
|
and make it into a pure library application.
The processes where a legacy from the time when crypto was
implemented with a driver.
|
|
Newer OpenSSL versions allow to selectively disable GF2m elliptic curves.
Selectively enable GF2m curves is support for them is available.
|
|
|
|
RFC-5649, Section 1, documents the advantages that these curves
might have over others (ANSI, SEC1/2)
|
|
Decouple eliptic curve definition from OpenSSL and define them in
Erlang.
|
|
Vectors have been taken from NIST's CRYPTOGRAPHIC ALGORITHM VALIDATION
PROGRAM (CAVP) (http://csrc.nist.gov/groups/STM/cavp/)
|
|
in mod_pow, mod_exp and generate_key(srp,...)
|
|
The R16B03 release
Conflicts:
lib/sasl/vsn.mk
|
|
|
|
strrchr used on non null-terminated string.
|
|
* sverk/yb/aes_ige_crypt:
crypto: Update supports/0 for des3_cbf and aes_ige256
crypto: Throw notsup for AES IGE if openssl older than 0.9.8c
crypto: Add IGE mode for AES
OTP-11522
|
|
|
|
* sverk/crypto-no_answer_from_tc_supervisor:
crypto: Add more lazy_eval to avoid no_answer_from_tc_supervisor
|
|
|
|
* nox/crypto-uninitialized-vars:
Fix some uninitialized pointers in crypto
OTP-11510
|
|
Amendment to f1ebf482e1460d6146d55aa6cab00ab3e11f1741
|
|
|
|
|
|
|
|
|