| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
introduced after OTP_R13B03.
|
|
* maint:
Updated OTP version
Prepare release
|
|
|
|
|
|
* raimo/test-cuddling:
Parallel stress test strong_rand_bytes
Update OS version numbers
|
|
* maint:
crypto: Engine valgrind fix
crypto: Fix valgrind error in dh_generate/dh_compute
crypto: Fix valgrind errors in pkey_crypt_nif
crypto: Add some crypto:engine_unload in engine test suite
crypto: Fix valgrind errors in privkey_to_pubkey
crypto: Fix valgrind error for keys with passwords in Engines
|
|
Fixes memory leak when a command has wrong type.
|
|
|
|
|
|
Got valgrind errors for error tests otherwise
|
|
|
|
|
|
* maint:
crypto: Split function in otp_test_engine
crypto: Update test engine with fake rsa support
Correct typo in logger formatter docs
|
|
Safer with one function to fetch public key and another for private key.
|
|
We need to test the Engine interface not only for loading, key retrieval and hashing,
so it is complemented with a fake rsa method to check sign/verify also.
|
|
* maint:
public_key: Add Edward curves to the documentation
public_key: Add ed25519 and ed448 sign/verify
crypto: Add Edward curves to the documentation
crypto: Add eddsa test case (ed25519 and ed448)
crypto: Add ed25519 and ed448 sign/verify
|
|
|
|
|
|
|
|
|
|
* sverker/crypto/gcc-8-warning:
crypto: Fix gcc 8 warning
|
|
|
|
"division 'sizeof (...)' does not compute the number of array elements
[-Wsizeof-pointer-div]"
|
|
* maint:
crypto: Fix tests failing if more than one test engine available This could happen in an Valgrind run:
crypto: Disable engine tests on Darwin and Windows Does not work.
|
|
This could happen in an Valgrind run:
=== Reason: no case clause matching ["otp_test_engine.so",
"otp_test_engine.valgrind.so"]
in function crypto:check_otp_test_engine/1 (crypto.erl, line 2026)
in call from engine_SUITE:engine_load_all_methods/1 (engine_SUITE.erl, line 154)
|
|
Does not work.
|
|
* maint:
crypto: Update RSA tests after algorithms doc chapter
crypto: Update RSA options to match specs and different OpenSSL versions - Put rsa_pkcs1_oaep_padding in supports/0 - #ifdef updates - Refine PKCS1_OAEP defines
|
|
|
|
- Put rsa_pkcs1_oaep_padding in supports/0
- #ifdef updates
- Refine PKCS1_OAEP defines
|
|
|
|
|
|
* maint:
crypto: Fix accidental merge
|
|
Commit 8c47a7657d03777a03a6838c7ec937b6347d07f8 accidently
reverted the changes in lib/crypto/src/crypto.erl correctly
introduced in e8de0736005e91afd992e49f434e08c940eddfa0
This fix re-introduces the correct changes.
|
|
|
|
|
|
* maint:
crypto: Re-work the 'Description' section
crypto: Add warnings in RefMan and User's Guide for experimental RSA opts
|
|
Links and contents needs update.
|
|
OTP-14461 - New 'rand' algorithm: Xoroshiro928** also for 'crypto'
Implement a new 'rand' algorithm named 'exro928ss' and a new 'crypto' plugin for 'rand' named 'crypto_aes'.
Both are based on Xoroshiro928** which is derived from Xoroshiro1024** modified to use 58-bit words for performance reasons in the Erlang VM. Xoroshiro1024** has got the Xoroshiro1024 generator and the StarStar scrambler from the 2018 paper "Scrambled Linear Pseudorandom Number Generators" by David Blackman and Sebastiano Vigna.
This generator and scrambler combination shows no systematic weaknesses in standard statistical tests as TestU01(BigCrush) and PractRand, unlike the previously used * and + scramblers in the 'rand' module that exhibit statistical weaknesses for the lowest bits.
The 'crypto' plugin uses AES-256 as scrambler and the Xoroshiro928 as generator, which gives the same very long period and jump functions as for Xoroshiro928**, but a cryptographically secure scrambler gives absolutely no detectable statistical weaknesses regardless of how the generated numbers are used.
The speed of 'exro928ss' is only about 30-50% slower than the default fast 'rand' algorithm, but the state is roughly the double and it produces about 8 times the garbage per iteration.
The speed of 'crypto_aes' is about half (amortized) that of the default fast 'rand' algorithm which is fast and thanks to doing encryption in batches caching the result. Hence the state is much larger.
|
|
|
|
* maint:
crypto: Fix bad return/exception for unsupported cipher
crypto: Use aead functions for CHACHA20_POLY1305
|
|
Accidently f11391139c4165e8541a52d45cd1525343a83927 merged by
0a218353e4360e36bac304b6a4e0effe78d95615 changed the
return exception 'notsup' to 'badarg' for unsupported chipher names.
This changes that back.
|
|
This previously implemented cipher is a block cipher despite using chacha.
It also uses the EVP_CIPHER_CTX api which now unifies AES_GCM and AES_CCM
into one pair of encrypt and decrypt functions.
By integrating the existing chacha20_poly1305 code into aead_encrypt and
aead_decrypt we could remove two C-functions and simplify both the C-code
and the corresponding Erlang code in the CRYPTO application.
|
|
* maint:
crypto: Disable problematic RSA options in LibreSSL
|
|
|
|
* maint:
crypto: Disable bad tests They do not test what was intended.
|
|
They do not test what was intended.
|
|
* maint:
crypto: Fix no_aead test
crypto: Document AES_CCM and fix errors in User's Guide The sizes in the Algorithms chapter for aes_gcm was wrong or incomplete.
crypto: AES_CCM test case
crypto: All aes_ccm vectors (including unused) This directory contains all aes_ccm vectors. However, effort is needed to include them in the test suite so they are left for later.
crypto: Add AES_CCM crypto Will be increase interoperability of future SSL application versions.
crypto: Generalize aes_gcm_(de|en)crypt nifs
|
|
* hans/crypto/aes_ccm/OTP-15286:
crypto: Fix no_aead test
crypto: Document AES_CCM and fix errors in User's Guide The sizes in the Algorithms chapter for aes_gcm was wrong or incomplete.
crypto: AES_CCM test case
crypto: All aes_ccm vectors (including unused) This directory contains all aes_ccm vectors. However, effort is needed to include them in the test suite so they are left for later.
crypto: Add AES_CCM crypto Will be increase interoperability of future SSL application versions.
crypto: Generalize aes_gcm_(de|en)crypt nifs
|
