aboutsummaryrefslogtreecommitdiffstats
path: root/lib/crypto
AgeCommit message (Collapse)Author
2018-09-25Merge branch 'maint'Henrik Nord
2018-09-24Prepare releaseErlang/OTP
2018-09-21Merge branch 'maint'Hans Nilsson
* maint: crypto: Fix accidental merge
2018-09-21crypto: Fix accidental mergeHans Nilsson
Commit 8c47a7657d03777a03a6838c7ec937b6347d07f8 accidently reverted the changes in lib/crypto/src/crypto.erl correctly introduced in e8de0736005e91afd992e49f434e08c940eddfa0 This fix re-introduces the correct changes.
2018-09-21Merge branch 'maint'Henrik Nord
2018-09-21Update copyright yearHenrik Nord
2018-09-19Merge branch 'maint'Hans Nilsson
* maint: crypto: Re-work the 'Description' section crypto: Add warnings in RefMan and User's Guide for experimental RSA opts
2018-09-19crypto: Re-work the 'Description' sectionHans Nilsson
Links and contents needs update.
2018-09-18Merge pull request #1857 from RaimoNiskanen/raimo/rand-crypto-xoroshiro928Raimo Niskanen
OTP-14461 - New 'rand' algorithm: Xoroshiro928** also for 'crypto' Implement a new 'rand' algorithm named 'exro928ss' and a new 'crypto' plugin for 'rand' named 'crypto_aes'. Both are based on Xoroshiro928** which is derived from Xoroshiro1024** modified to use 58-bit words for performance reasons in the Erlang VM. Xoroshiro1024** has got the Xoroshiro1024 generator and the StarStar scrambler from the 2018 paper "Scrambled Linear Pseudorandom Number Generators" by David Blackman and Sebastiano Vigna. This generator and scrambler combination shows no systematic weaknesses in standard statistical tests as TestU01(BigCrush) and PractRand, unlike the previously used * and + scramblers in the 'rand' module that exhibit statistical weaknesses for the lowest bits. The 'crypto' plugin uses AES-256 as scrambler and the Xoroshiro928 as generator, which gives the same very long period and jump functions as for Xoroshiro928**, but a cryptographically secure scrambler gives absolutely no detectable statistical weaknesses regardless of how the generated numbers are used. The speed of 'exro928ss' is only about 30-50% slower than the default fast 'rand' algorithm, but the state is roughly the double and it produces about 8 times the garbage per iteration. The speed of 'crypto_aes' is about half (amortized) that of the default fast 'rand' algorithm which is fast and thanks to doing encryption in batches caching the result. Hence the state is much larger.
2018-09-18crypto: Add warnings in RefMan and User's Guide for experimental RSA optsHans Nilsson
2018-09-18Merge branch 'maint'Hans Nilsson
* maint: crypto: Fix bad return/exception for unsupported cipher crypto: Use aead functions for CHACHA20_POLY1305
2018-09-18crypto: Fix bad return/exception for unsupported cipherHans Nilsson
Accidently f11391139c4165e8541a52d45cd1525343a83927 merged by 0a218353e4360e36bac304b6a4e0effe78d95615 changed the return exception 'notsup' to 'badarg' for unsupported chipher names. This changes that back.
2018-09-18crypto: Use aead functions for CHACHA20_POLY1305Hans Nilsson
This previously implemented cipher is a block cipher despite using chacha. It also uses the EVP_CIPHER_CTX api which now unifies AES_GCM and AES_CCM into one pair of encrypt and decrypt functions. By integrating the existing chacha20_poly1305 code into aead_encrypt and aead_decrypt we could remove two C-functions and simplify both the C-code and the corresponding Erlang code in the CRYPTO application.
2018-09-18Merge branch 'maint'Hans Nilsson
* maint: crypto: Disable problematic RSA options in LibreSSL
2018-09-18crypto: Disable problematic RSA options in LibreSSLHans Nilsson
2018-09-18Merge branch 'maint'Hans Nilsson
* maint: crypto: Disable bad tests They do not test what was intended.
2018-09-18crypto: Disable bad testsHans Nilsson
They do not test what was intended.
2018-09-17Merge branch 'maint'Hans Nilsson
* maint: crypto: Fix no_aead test crypto: Document AES_CCM and fix errors in User's Guide The sizes in the Algorithms chapter for aes_gcm was wrong or incomplete. crypto: AES_CCM test case crypto: All aes_ccm vectors (including unused) This directory contains all aes_ccm vectors. However, effort is needed to include them in the test suite so they are left for later. crypto: Add AES_CCM crypto Will be increase interoperability of future SSL application versions. crypto: Generalize aes_gcm_(de|en)crypt nifs
2018-09-17Merge branch 'hans/crypto/aes_ccm/OTP-15286' into maintHans Nilsson
* hans/crypto/aes_ccm/OTP-15286: crypto: Fix no_aead test crypto: Document AES_CCM and fix errors in User's Guide The sizes in the Algorithms chapter for aes_gcm was wrong or incomplete. crypto: AES_CCM test case crypto: All aes_ccm vectors (including unused) This directory contains all aes_ccm vectors. However, effort is needed to include them in the test suite so they are left for later. crypto: Add AES_CCM crypto Will be increase interoperability of future SSL application versions. crypto: Generalize aes_gcm_(de|en)crypt nifs
2018-09-17Merge branch 'maint'Hans Nilsson
* maint: crypto: Add forgotten #ifdef MAY prevent compilation errors if the symbol is configured to not be defined in an OpenSSL version where it exists by default. crypto: Change condition for RSA_PKCS1_PSS Trubble on a couple of cross-building machines crypto: RSA options list disclaimer in documentation for crypto:supports/0 The final appearence of the rs_opts entry is still not completly decided. crypto: Add 'rsa_opts' to crypto:supports/0 Needed in future versions of the SSL application.
2018-09-14crypto: Fix no_aead testHans Nilsson
2018-09-14crypto: Document AES_CCM and fix errors in User's GuideHans Nilsson
The sizes in the Algorithms chapter for aes_gcm was wrong or incomplete.
2018-09-14crypto: AES_CCM test caseHans Nilsson
2018-09-14crypto: All aes_ccm vectors (including unused)Hans Nilsson
This directory contains all aes_ccm vectors. However, effort is needed to include them in the test suite so they are left for later. The aes_ccm cipher is already covered by the vectors in crypt_SUITE_data Source: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program
2018-09-14crypto: Add AES_CCM cryptoHans Nilsson
Will be increase interoperability of future SSL application versions.
2018-09-14crypto: Generalize aes_gcm_(de|en)crypt nifsHans Nilsson
The EVP_CIPHER_CTX interface aims at enabling using the same code for many ciphers. Since we are going to add aes_ccm which is similar to aes_gcm, this commit is a preparation. It creates the aead_(de|en)crypt nifs and removes the old ones.
2018-09-14crypto: Add forgotten #ifdefHans Nilsson
MAY prevent compilation errors if the symbol is configured to not be defined in an OpenSSL version where it exists by default.
2018-09-14crypto: Change condition for RSA_PKCS1_PSSHans Nilsson
Trubble on a couple of cross-building machines
2018-09-14crypto: RSA options list disclaimer in documentation for crypto:supports/0Hans Nilsson
The final appearence of the rs_opts entry is still not completly decided.
2018-09-14crypto: Add 'rsa_opts' to crypto:supports/0Hans Nilsson
Needed in future versions of the SSL application.
2018-09-13Use long period counter for crypto_aesRaimo Niskanen
Conflicts: lib/crypto/doc/src/crypto.xml lib/crypto/src/crypto.erl
2018-09-13Prototype crypto_aes PRNGRaimo Niskanen
Conflicts: lib/crypto/src/crypto.erl
2018-09-13Merge branch 'maint'Hans Nilsson
* maint: crypto: sha3_224 and sha3_256 errors fixed
2018-09-13Merge branch 'hans/crypto/SHA3/OTP-15153' into maintHans Nilsson
2018-09-13Merge branch 'maint'Hans Nilsson
* maint: ssh: Use exported crypto types public_key: Generate refman from types and specs public_key: Rework -type and -spec Check existing specs with code and documentation and adjust. Prepare for doc generation public_key: Setup for doc generation public_key: Remove special type signature for one test crypto: Add missing documentation for enable_fips_mode/1 crypto: Generate refman from types and specs and fix links in engine chapter for generated crypto module refman crypto: Rework -type and -spec Check code and documentation and write -type/-spec or adjust existing. Prepare for doc generation crypto: Setup for doc generation crypto: A user's guide chapter on algorithm details Such as keylengths, blocksizes and IV lengths are hard to find otherwise
2018-09-13crypto: Add missing documentation for enable_fips_mode/1Hans Nilsson
2018-09-13crypto: Generate refman from types and specsHans Nilsson
and fix links in engine chapter for generated crypto module refman
2018-09-13crypto: Rework -type and -specHans Nilsson
Check code and documentation and write -type/-spec or adjust existing. Prepare for doc generation
2018-09-13crypto: Setup for doc generationHans Nilsson
2018-09-13crypto: A user's guide chapter on algorithm detailsHans Nilsson
Such as keylengths, blocksizes and IV lengths are hard to find otherwise Conflicts: lib/crypto/doc/src/crypto.xml
2018-09-12crypto: sha3_224 and sha3_256 errors fixedHans Nilsson
2018-09-12Merge branch 'maint'Hans Nilsson
* maint: crypto: Fix valgrind error
2018-09-12crypto: Fix valgrind errorHans Nilsson
2018-09-11Merge branch 'maint'Hans Nilsson
* maint: crypto: Remove 'experimental' comments for ecdh
2018-09-11Merge branch 'hans/crypto/x25519_x448/OTP-15240' into maintHans Nilsson
* hans/crypto/x25519_x448/OTP-15240: crypto: Remove 'experimental' comments for ecdh
2018-09-10crypto: Remove 'experimental' comments for ecdhHans Nilsson
2018-09-07Merge branch 'maint'Hans Nilsson
* maint: crypto: Bug fix - crypto:next_iv regarding aes_ige256 crypto: Bug fix - blowfish_cbc allowed in crypto:next_iv
2018-09-07crypto: Bug fix - crypto:next_iv regarding aes_ige256Hans Nilsson
2018-09-07crypto: Bug fix - blowfish_cbc allowed in crypto:next_ivHans Nilsson
2018-08-31Merge branch 'maint'Hans Nilsson
* maint: crypto: Let otp_test_engine only add what is needed OpenSSL_add_all_algorithms hangs on some test machines