aboutsummaryrefslogtreecommitdiffstats
path: root/lib/crypto
AgeCommit message (Collapse)Author
2016-09-28Update test suites with FIPS mode supportDániel Szoboszlay
Every algorithm is now tested in both FIPS and non-FIPS modes (when crypto is compiled with FIPS support). In FIPS mode non-FIPS algorithms are disabled and the tests verify that they crash with notsup error as expected. In FIPS mode RSA and EC algorithms don't work if the key sizes are below a minimum required value - which happened to be the case with most keys used in the tests. These tests were changed to use longer keys (even in non-FIPS mode for simplicity). Conflicts: lib/crypto/test/crypto_SUITE.erl
2016-09-28Support using OpenSSL in FIPS modeDániel Szoboszlay
FIPS mode support needs to be enabled at compile time, by configuring Erlang/OTP with --enable-fips option. In FIPS mode the non-FIPS algorithms are disabled and raise error notsup. The supported protocols list is properly updated in FIPS mode to advertise only the enabled protocols. FIPS mode is off by default even if Erlang/OTP was built with FIPS support. It needs to be turned on at runtime. The official approach is to set the fips_mode application environment parameter of the crypto application to true. This would turn FIPS mode on when the NIF is loaded and would prevent loading the module on error. Another method is provided via the crypto:enable_fips_mode/1 function, but it is not recommended to be used in production, as it won't prevent the use of the crypto module in case of an error, and would risk OpenSSL crashing the emulator. It is very useful for test suites however that need to check both validated and non-validated functionality. This commit is based on commit 00b3a04d17a653b4abddeebd6dd8a2c38df532d0.
2016-09-28Fix erlang:error/2 calls in crypto.erlMagnus Henoch
Make all calls to erlang:error/2 specify the actual argument list of the function. This ensures that the stacktrace contains the correct arity of the function where the error occurred.
2016-09-22Merge branch 'sverker/include-erl_nif/PR-1171'Sverker Eriksson
* sverker/include-erl_nif/PR-1171: Use more correct delimiters for erl_nif.h include
2016-09-21Merge tag 'OTP-19.1'Henrik Nord
=== OTP-19.1 === Changed Applications: - asn1-4.0.4 - common_test-1.12.3 - compiler-7.0.2 - crypto-3.7.1 - debugger-4.2.1 - dialyzer-3.0.2 - diameter-1.12.1 - edoc-0.8 - erl_docgen-0.6 - erl_interface-3.9.1 - erts-8.1 - eunit-2.3.1 - gs-1.6.2 - hipe-3.15.2 - ic-4.4.2 - inets-6.3.3 - jinterface-1.7.1 - kernel-5.1 - mnesia-4.14.1 - observer-2.2.2 - odbc-2.11.3 - parsetools-2.1.3 - reltool-0.7.2 - runtime_tools-1.10.1 - sasl-3.0.1 - snmp-5.2.4 - ssh-4.3.2 - ssl-8.0.2 - stdlib-3.1 - syntax_tools-2.1 - tools-2.8.6 - wx-1.7.1 - xmerl-1.3.12 Unchanged Applications: - cosEvent-2.2.1 - cosEventDomain-1.2.1 - cosFileTransfer-1.2.1 - cosNotification-1.2.2 - cosProperty-1.2.1 - cosTime-1.2.2 - cosTransactions-1.3.2 - eldap-1.2.2 - et-1.6 - megaco-3.18.1 - orber-3.8.2 - os_mon-2.4.1 - otp_mibs-1.1.1 - percept-0.9 - public_key-1.2 - typer-0.9.11 Conflicts: OTP_VERSION lib/gs/doc/src/notes.xml lib/gs/vsn.mk
2016-09-20Prepare releaseErlang/OTP
2016-09-19Use more correct delimiters for erl_nif.h includeTuncer Ayaz
Anywhere but the beam sources we shouldn't #include "erl_nif.h", because what "erl_nif.h" does is: (1) fail to find it outside of -I dirs, (2) then treat it as if it was written like <erl_nif.h>. Using <erl_nif.h> skips (1). More information can be found in 6.10.2 of the C standard. Because the examples use "erl_nif.h", NIF projects in the Erlang ecosystem copy this verbatim and make the same mistake.
2016-09-13Merge branch 'maint'Raimo Niskanen
2016-09-13Silence warnings in cryptoRaimo Niskanen
2016-09-07Merge branch 'maint'Raimo Niskanen
2016-09-07Merge branch 'michaesc/crypto/honour-OPENSSL_NO_DES/ERL-203/OTP-13783' into ↵Raimo Niskanen
maint * michaesc/crypto/honour-OPENSSL_NO_DES/ERL-203/OTP-13783: Add '_cfb' alias for misspelled '_cbf' cipher Fix badarg -> notsup and test cases Honour OPENSSL_NO_DES Conflicts: lib/crypto/c_src/crypto.c
2016-09-02Add '_cfb' alias for misspelled '_cbf' cipherRaimo Niskanen
2016-09-02Fix badarg -> notsup and test casesRaimo Niskanen
Also correct algo_cipher[] size since it was one to small.
2016-09-02Honour OPENSSL_NO_DESRaimo Niskanen
Patch suggestion by Michae in ERL-203 at bugs.erlang.org.
2016-09-02Merge branch 'maint'Hans Bolinder
* maint: doc: Correct errors introduced by Editorial changes
2016-09-01doc: Correct errors introduced by Editorial changesHans Bolinder
Fix some older errors as well.
2016-08-31Merge branch 'gotthardp/crypto/add-cmac/ERL-82/PR-1138/OTP-13779'Raimo Niskanen
* gotthardp/crypto/add-cmac/ERL-82/PR-1138/OTP-13779: Skip the cmac test cases on older OpenSSL Added a reference to cmac RFC in the description part of the man page Fix building crypto/cmac_nif on 64-bit machines. crypto:cmac calculating the Cipher-based Message Authentication Code
2016-08-12Skip the cmac test cases on older OpenSSLPetr Gotthard
2016-08-12Added a reference to cmac RFC in the description part of the man pagePetr Gotthard
2016-08-03Fix segfault in crypto by increasing algo_cipher arrayDuncaen
2016-07-30Fix building crypto/cmac_nif on 64-bit machines.Petr Gotthard
2016-07-30crypto:cmac calculating the Cipher-based Message Authentication CodePetr Gotthard
The ERL-82 issue requests a way to calculate a CMAC in Erlang. The AES128 CMAC is standartized in RFC 4493 and used e.g. for message authentication in the LoRaWAN networks. The CMAC is implemented by OpenSSL since v1.0.1, but as @IngelaAndin stated in response to the ERL-82, the current crypto implementation does not include functions that call those OpenSSL cryptolib functions. This commit introduces a new function `crypto:cmac` that calls the corresponding OpenSSL functions and calculates the CMAC. Only the cmac_nif is implemented. The incremental functions (init, update, final) are not provided because the current OpenSSL does not allow custom memory allocators like `enif_alloc_resource`. The Erlang user guide states that at least OpenSSL 0.9.8 is required, so I added few #ifdefs so the code is compatible with all versions. However, the OpenSSL pages say that the pre-1.0.1 versions (0.9.8 and 1.0.0) are no longer maintained. Even the 1.0.1 will be retired by Dec 2016. Hence I believe that adding a 1.0.1-only function like CMAC should be OK.
2016-06-21Prepare releaseErlang/OTP
2016-06-02Revert "Prepare release"Erlang/OTP
This reverts commit e020f75c10410a6943cd055bfa072a2641eab7da.
2016-06-02Prepare releaseErlang/OTP
2016-05-26crypto: Add OpenSSL_version macrosSverker Eriksson
to make it easier to read and construct version checks.
2016-05-26crypto: Allow any AES-GCM tag length for non-EVP implSverker Eriksson
Same fix as was done for EVP in f4f588683dce36c447017.
2016-05-26crypto: Workaround buggy GCM via EVPSverker Eriksson
2016-05-12Revert "Prepare release"Erlang/OTP
This reverts commit bd64ad8e15d66e48b36dbe3584315dd5cfc8b59a.
2016-05-11Prepare releaseErlang/OTP
2016-04-25crypto: Deprecate rand_bytes/1Ingela Anderton Andin
OpenSSL has deprecated the function RAND_pseudo_bytes used by crypto:rand_bytes/1, so this function is now deprecated in OTP too. rand_bytes/3 also used this function, but was not documented so we can remove it right away. This commit also removes the fallback in generate_key to use rand_bytes/1 if strong_rand_bytes/1 throws low entropy. This is a potential incompatibility but we think it is desirable as crypto should provide cryptographically secure functions.
2016-04-18Merge branch 'mururu/crypto/aes-gcm-tag-len.PR-998.OTP-13483'Sverker Eriksson
2016-04-13Merge branch 'henrik/update-copyrightyear'Henrik Nord
* henrik/update-copyrightyear: update copyright-year
2016-04-12Merge branch 'sverker/crypto/skip-link_test-without-ldd'Sverker Eriksson
2016-04-06crypto: Skip link_test if no 'ldd' availableSverker Eriksson
2016-04-05crypto: Add test for AES-GCMYuki Ito
2016-03-29crypto: Optimize digest/cipher lookupsSverker Eriksson
by not repeating calls to get static EVP_MD and EVP_CIPHER objects. Also compressed the structs with unions for better caching during search.
2016-03-29crypto: Raise 'notsup' if lacking 'characteristic_two_field'Sverker Eriksson
and not badarg.
2016-03-26crypto: Enable AES-GCM tag length to changeYuki Ito
This commit enables AES-GCM encryption/decryption to change its tag length between 1 to 16 bytes.
2016-03-15update copyright-yearHenrik Nord
2016-03-15Merge tag 'OTP-18.3'Lars Thorsen
=== OTP-18.3 === Changed Applications: - asn1-4.0.2 - common_test-1.12 - compiler-6.0.3 - cosNotification-1.2.1 - cosTime-1.2.1 - cosTransactions-1.3.1 - crypto-3.6.3 - debugger-4.1.2 - dialyzer-2.9 - diameter-1.11.2 - edoc-0.7.18 - eldap-1.2.1 - erl_docgen-0.4.2 - erl_interface-3.8.2 - erts-7.3 - eunit-2.2.13 - hipe-3.15 - inets-6.2 - kernel-4.2 - mnesia-4.13.3 - observer-2.1.2 - orber-3.8.1 - public_key-1.1.1 - runtime_tools-1.9.3 - sasl-2.7 - snmp-5.2.2 - ssh-4.2.2 - ssl-7.3 - stdlib-2.8 - test_server-3.10 - tools-2.8.3 - webtool-0.9.1 - wx-1.6.1 - xmerl-1.3.10 Unchanged Applications: - cosEvent-2.2 - cosEventDomain-1.2 - cosFileTransfer-1.2 - cosProperty-1.2 - et-1.5.1 - gs-1.6 - ic-4.4 - jinterface-1.6.1 - megaco-3.18 - odbc-2.11.1 - os_mon-2.4 - ose-1.1 - otp_mibs-1.1 - parsetools-2.1.1 - percept-0.8.11 - reltool-0.7 - syntax_tools-1.7 - typer-0.9.10 Conflicts: OTP_VERSION erts/vsn.mk lib/test_server/doc/src/notes.xml lib/test_server/vsn.mk lib/webtool/doc/src/notes.xml lib/webtool/vsn.mk
2016-03-14Prepare releaseErlang/OTP
2016-02-17Makefiles: Remove test_server from include path and code pathBjörn Gustavsson
Since no test suites includede test_server.hrl, there is no need to have test_server in the include path or code path.
2016-02-17Eliminate use of test_server.hrl and test_server_line.hrlBjörn Gustavsson
As a first step to removing the test_server application as as its own separate application, change the inclusion of test_server.hrl to an inclusion of ct.hrl and remove the inclusion of test_server_line.hrl.
2016-02-08Merge branch 'maint'Sverker Eriksson
2016-01-28Only use supported EC curves in crypto testsDániel Szoboszlay
Avoid hardcoding EC curve names in tests where it basically doesn't matter which curve is used. Take one of the supported curbes instead. Also, when testing ECDH key generation, skip unsupported curves. These changes are to simplify dealing with exotic libcrypto builds that don't support certain curves (for example RHEL disallows < 256 bit curves). The crypto application is only able to detect the supported curves on a very coarse level (ECC support in general and GF2m curves), so it may be necessary to edit the list of curves in the crypto_ec_curves modules. But that should be the only necessary modification to make the crypto tests pass.
2016-01-27Check the result of EC_GROUP_new_curve_* callsDániel Szoboszlay
The FIPS-enabled OpenSSL on RHEL disallows the use of < 256 bit prime fields (like secp128r1 or secp160k1), and the EC_GROUP_new_cuve_GFp call would return a NULL pointer for such fields. Not checking for this failure could result in a segfault in the NIF code.
2016-01-14crypto: Fix bug for multiple blocks for AES-ECBAndrew Bennett
2016-01-08erts: Allow -fvisibility=hidden for NIFs and driversSverker Eriksson
as is strongly recommended by gcc man page. We use __attribute__ ((visibility("default"))) to make sure the init functions are properly exported.
2015-12-17Merge branch 'sverk/crypto/aes-ecb-192-bit'Sverker Eriksson
OTP-13207 * sverk/crypto/aes-ecb-192-bit: crypto: Support 192-bit keys for AES ECB