aboutsummaryrefslogtreecommitdiffstats
path: root/lib/crypto
AgeCommit message (Collapse)Author
2017-10-10Merge branch 'lars/doc-cleanup/OTP-14475' into maintLars Thorsen
* lars/doc-cleanup/OTP-14475: [edoc] Remove unused module otpsgml_layout.erl Remove unused files from the documentation build
2017-10-04crypto: ifdef of EVP for old cryptolibs (< 1.0.0)Hans Nilsson
2017-10-04crypto: disable tests of non-working assymetric ciphersHans Nilsson
ECDSA and DSA (DSS) public/private encryption/decryption does not work
2017-10-04crypto: Added pkey_crypt_nif from PR838Hans Nilsson
Testcases for ECDSA and DSA encrypt/decrypt and some other adaptions
2017-09-28Remove unused files from the documentation buildLars Thorsen
2017-09-22Update release notesErlang/OTP
2017-09-22Update version numbersErlang/OTP
2017-07-12crypto: Fix compile errors for make target 'valgrind'Sverker Eriksson
introduced in 03f3ec41f5468413235e3923a542a11cfd631089
2017-07-07crypto: test case for sign/verify ecdsa with sha256 etcHans Nilsson
2017-07-07crypto: test case for sign/verify dss with sha256 etcHans Nilsson
In OpenSSL version >= 1.0.1 the hash algos sha, sha224, sha256, sha384 and sha512 are supported. In 1.0.0 sha, sha224 and sha256 are supported In 0.9.8 sha is supported
2017-07-07crypto: doc sign/5 and verify/6Hans Nilsson
2017-07-07crypto: tests for rsa sign/verify from PR838Hans Nilsson
2017-07-07crypto: Fix compatibility problems with openssl 1.0.0 cryptolibHans Nilsson
2017-07-07crypto: introduced preproc symbol HAS_EVP_PKEY_CTXHans Nilsson
2017-07-07crypto: pk verify with new function from PR838Hans Nilsson
Same comment as previous commit applies.
2017-07-07crypto: pk sign with new function from PR838Hans Nilsson
The function pkey_verify_nif handles pk signing with a general approach that is enabled by EVP api in OpenSSL 1.0.0 The rejected PR838 introduced that function and lots of other stuff so far neglected. It also made some different rsa padding methods possible (included). Since the crypto code base has changed significantly, it was an overhelming work to try a git merge. Therefore this commit is a manual move of the source code from the PR into current maint. This commit concentrates to use the new function compatible with the old functions. This includes some #if:s for different versions, compatibility code for 0.9.8. Lacking: test cases, exporting the more general erlang api, documentation...
2017-07-07crypto: Made {rsa,dss,ecdsa}_{sign,verify}_nif similar and all with evp apiHans Nilsson
2017-07-07Merge branch 'hans/crypto/supports_macs/OTP-14504' into maintHans Nilsson
2017-07-07crypto: test suites report openssl version, supports etcHans Nilsson
2017-07-07crypto: added a 'macs' entry to proplist in crypto:supports/0Hans Nilsson
2017-06-21Prepare releaseErlang/OTP
2017-06-12crypto: add test for rsa keygen 1024/3Hans Nilsson
2017-06-12crypto: filter out small mod in test suite for rsa keygen in FIPS modeHans Nilsson
2017-06-02Merge pull request #1473 from SalikhovDinislam/static_codeLukas Larsson
Make some C code static
2017-05-31Revert "Prepare release"Hans Nilsson
This reverts commit eaf8ca41dfa4850437ad270d3897399c9358ced0.
2017-05-30Prepare releaseErlang/OTP
2017-05-29Merge pull request #1396 from RoadRunnr/crypto/cavpHans Nilsson
crypto: replace AES test vectors with validation data from NIST CAVP program OTP-14436
2017-05-29Merge pull request #1462 from Vagabond/adt-fix-aes-cfb128Hans Nilsson
Fix backwards equality check in aes cfb128 function OTP-14435
2017-05-21crypto: Make internal arrays staticSalikhov Dinislam
2017-05-15Fix backwards equality check in aes cfb128 functionAndrew Thompson
2017-05-09Remove duplicate aes_gcm from a list of ciphersDaniil Fedotov
2017-05-05Revert "Prepare release"Raimo Niskanen
This reverts commit dc57404252c47520f352834ad9be45ad684f96c9.
2017-05-04Prepare releaseErlang/OTP
2017-05-04Update copyright yearRaimo Niskanen
2017-05-03crypto: use lazy evaluation for test cases read from CAVP filesAndreas Schultz
It turns out that the excessive memory usage is cause by the test framework printing all the test vectors into the log output. A similar proplem was already diagnosed for long_msg/0. The root cause was not mentioned in the SUITE, but the same fix applies to the CAPV test vector data. Switch all CAPV data to lazy evaluation and have the test itself read the data.
2017-05-03crypto: replace AES GCM test vectors with NIST CAVP suiteAndreas Schultz
2017-05-03crypto: replace AES CMAC test vectors with NIST CAVP suiteAndreas Schultz
2017-05-03crypto: replace AES test vectors with NIST CAVP test dataAndreas Schultz
NIST's Cryptographic Algorithm Validation Program provides validation testing of FIPS-approved and NIST-recommended cryptographic algorithms. Instead of hard coding a limited set of test vectors, use their comprehensive validation set to test AES cipher modes.
2017-04-21Merge branch 'raimo/rand-dev/OTP-14295'Raimo Niskanen
* raimo/rand-dev/OTP-14295: Implement Xoroshiro116+ and improve statisticals
2017-04-21Implement Xoroshiro116+ and improve statisticalsRaimo Niskanen
Implement Xoroshiro116+ as 'exrop' with fixes. Deprecate all old algorithms but reincarnate 'exs1024' as 'exs1024s' and 'exsplus' as 'exsp' with fixes. Fixes: * Avoid skew for uniform integers caused by using a simple 'rem' operation for range confinement. Correctness requires retry with new random value for an unfortunate first value. * Implement a correct algorithm that collects enough random bits for ranges larger than the generator's precision. * Fix uniform density for floats by acquiring 53 bits then multiplying with 2.0^(-53) which produces floats on the form N * 2.0^(-53).
2017-04-12Merge branch 'ingela/openssl-version'Ingela Anderton Andin
* ingela/openssl-version: crypto: Update documentation to reflect new version policy erts: Update configure check for OpenSSL
2017-04-12crypto: Increase prime to pass with FIPS-enabled cryptolibHans Nilsson
Fix for problem introduced with OTP-14140
2017-04-07crypto: Update documentation to reflect new version policyIngela Anderton Andin
2017-04-04Merge branch 'maint'Ingela Anderton Andin
Conflicts: OTP_VERSION erts/vsn.mk lib/crypto/c_src/crypto.c lib/crypto/src/crypto.erl lib/ssh/src/ssh.erl
2017-04-04Merge branch 'g-andrade/strong-random-numbers/PR-1367/OTP-14317'Raimo Niskanen
* g-andrade/strong-random-numbers/PR-1367/OTP-14317: Clean up documentation and test cases Attempt faster approach to strong random floats Allow for crypto upgrades when using rand plugin fixup! Support cryptographically strong rand plugin fixup! Support cryptographically strong rand plugin fixup! Support cryptographically strong rand plugin fixup! Support cryptographically strong rand plugin No longer expose strong_rand_(range|float) Support cryptographically strong rand plugin Restyle crypto strong numeric generators for usage in rand Support generation of strong random numbers
2017-04-04Clean up documentation and test casesRaimo Niskanen
2017-03-31Update release notesErlang/OTP
2017-03-31Update version numbersErlang/OTP
2017-03-29Fix bug with AES CFB 128Kelly McLaughlin
Fix a bug with the use of the aes_cfb128 cipher by calling the correct underlying openssl interface function when the cipher is specified.
2017-03-29Demonstrate the bug with AES CFB 128 encryptionKelly McLaughlin
Demonstrate a bug with AES CFB 128 for certain key sizes introduced with the Erlang 19.0 release. The code in the block_crypt_nif function in the crypto.c source file incorrectly calls aes_cfb_8_crypt when the specified cipher is aes_cfb8 or aes_cfb128 and the key size is 24 or 32. The aes_cfb_8_crypt function calls the AES_cfb8_encrypt function from the openssl interface, but this is incorrect when the cipher is aes_cfb128. Unfortunately the test cases in the crypto test suite are insufficient to detect an issue like this because it exercises the encryption and decryption roundtrip using the same incorrect underlying function. The problem was observed when trying to update an application to Erlang 19 that attempted to decrypt data that was encrypted using aes_cfb128 by another source. In this commit I altered the crypto test suite to provide a demonstration of this problem.