aboutsummaryrefslogtreecommitdiffstats
path: root/lib/crypto
AgeCommit message (Collapse)Author
2017-05-03crypto: replace AES CMAC test vectors with NIST CAVP suiteAndreas Schultz
2017-05-03crypto: replace AES test vectors with NIST CAVP test dataAndreas Schultz
NIST's Cryptographic Algorithm Validation Program provides validation testing of FIPS-approved and NIST-recommended cryptographic algorithms. Instead of hard coding a limited set of test vectors, use their comprehensive validation set to test AES cipher modes.
2017-04-21Merge branch 'raimo/rand-dev/OTP-14295'Raimo Niskanen
* raimo/rand-dev/OTP-14295: Implement Xoroshiro116+ and improve statisticals
2017-04-21Implement Xoroshiro116+ and improve statisticalsRaimo Niskanen
Implement Xoroshiro116+ as 'exrop' with fixes. Deprecate all old algorithms but reincarnate 'exs1024' as 'exs1024s' and 'exsplus' as 'exsp' with fixes. Fixes: * Avoid skew for uniform integers caused by using a simple 'rem' operation for range confinement. Correctness requires retry with new random value for an unfortunate first value. * Implement a correct algorithm that collects enough random bits for ranges larger than the generator's precision. * Fix uniform density for floats by acquiring 53 bits then multiplying with 2.0^(-53) which produces floats on the form N * 2.0^(-53).
2017-04-12Merge branch 'ingela/openssl-version'Ingela Anderton Andin
* ingela/openssl-version: crypto: Update documentation to reflect new version policy erts: Update configure check for OpenSSL
2017-04-12crypto: Increase prime to pass with FIPS-enabled cryptolibHans Nilsson
Fix for problem introduced with OTP-14140
2017-04-07crypto: Update documentation to reflect new version policyIngela Anderton Andin
2017-04-04Merge branch 'maint'Ingela Anderton Andin
Conflicts: OTP_VERSION erts/vsn.mk lib/crypto/c_src/crypto.c lib/crypto/src/crypto.erl lib/ssh/src/ssh.erl
2017-04-04Merge branch 'g-andrade/strong-random-numbers/PR-1367/OTP-14317'Raimo Niskanen
* g-andrade/strong-random-numbers/PR-1367/OTP-14317: Clean up documentation and test cases Attempt faster approach to strong random floats Allow for crypto upgrades when using rand plugin fixup! Support cryptographically strong rand plugin fixup! Support cryptographically strong rand plugin fixup! Support cryptographically strong rand plugin fixup! Support cryptographically strong rand plugin No longer expose strong_rand_(range|float) Support cryptographically strong rand plugin Restyle crypto strong numeric generators for usage in rand Support generation of strong random numbers
2017-04-04Clean up documentation and test casesRaimo Niskanen
2017-03-31Update release notesErlang/OTP
2017-03-31Update version numbersErlang/OTP
2017-03-29Fix bug with AES CFB 128Kelly McLaughlin
Fix a bug with the use of the aes_cfb128 cipher by calling the correct underlying openssl interface function when the cipher is specified.
2017-03-29Demonstrate the bug with AES CFB 128 encryptionKelly McLaughlin
Demonstrate a bug with AES CFB 128 for certain key sizes introduced with the Erlang 19.0 release. The code in the block_crypt_nif function in the crypto.c source file incorrectly calls aes_cfb_8_crypt when the specified cipher is aes_cfb8 or aes_cfb128 and the key size is 24 or 32. The aes_cfb_8_crypt function calls the AES_cfb8_encrypt function from the openssl interface, but this is incorrect when the cipher is aes_cfb128. Unfortunately the test cases in the crypto test suite are insufficient to detect an issue like this because it exercises the encryption and decryption roundtrip using the same incorrect underlying function. The problem was observed when trying to update an application to Erlang 19 that attempted to decrypt data that was encrypted using aes_cfb128 by another source. In this commit I altered the crypto test suite to provide a demonstration of this problem.
2017-03-27Add a no_native option wherever there is an on_loadKostis Sagonas
This is a poor man's solution that allows to build and test the system with all files compiled to native code simply by setting the ERL_COMPILER_OPTS environment variable. Better solutions, like automatically setting the no_native option whenever the compiler sees an on_load attribute, obviously exist but require more time to implement.
2017-03-22Attempt faster approach to strong random floatsGuilherme Andrade
2017-03-22Allow for crypto upgrades when using rand pluginGuilherme Andrade
2017-03-22fixup! Support cryptographically strong rand pluginGuilherme Andrade
Fix documented range (interval is half-open.)
2017-03-22fixup! Support cryptographically strong rand pluginGuilherme Andrade
Be friendlier to Dialyzer
2017-03-20crypto: Deprecate crypto:rand_uniform/2 as it is not cryptographically strongIngela Anderton Andin
rand module should be used if not cryptographically strong is required. If cryptographically strong is required, new cryptographically strong functions should be added to crypto.
2017-03-18No longer expose strong_rand_(range|float)Guilherme Andrade
2017-03-18Support cryptographically strong rand pluginGuilherme Andrade
2017-03-18Restyle crypto strong numeric generatorsGuilherme Andrade
for usage in rand
2017-03-14Support generation of strong random numbersGuilherme Andrade
2017-03-14Merge branch 'maint'Rickard Green
* maint: Updated OTP version Prepare release Conflicts: OTP_VERSION lib/typer/doc/src/notes.xml lib/typer/vsn.mk
2017-03-14Prepare releaseErlang/OTP
2017-03-13Merge branch 'wiml/crypto/rsa-generate-key/ERL-165/PR-1299/OTP-14140'Hans Nilsson
2017-03-10Update copyright yearRickard Green
2017-03-09crypto: Document exceptions thrown in crypto:generate_keyHans Nilsson
2017-03-09crypto: Uppdate crypto.app.src for dirty_scheduler dependency in ERTSHans Nilsson
2017-03-09crypto: removed error function from PR and added error handling in crypto.erlHans Nilsson
2017-03-02crypto: Enable usage of LibreSSLHans Nilsson
2017-02-03Merge branch 'maint'Hans Nilsson
2017-02-03Merge branch 'maint'Björn-Egil Dahlberg
2017-02-03Fix merge commitBjörn-Egil Dahlberg
This fixes commit f0867aa2ccbbf5677e0577bba08f8b7bc53ec0ed
2017-02-03erge branch 'maint'Hans Nilsson
Conflicts: OTP_VERSION
2017-02-03Merge branch 'maint-18' into maintHans Nilsson
Conflicts: OTP_VERSION erts/doc/src/notes.xml erts/emulator/sys/unix/erl_unix_sys.h erts/emulator/sys/unix/sys.c erts/vsn.mk lib/crypto/c_src/crypto.c lib/crypto/doc/src/notes.xml lib/crypto/vsn.mk lib/inets/doc/src/notes.xml lib/inets/vsn.mk lib/ssh/doc/src/notes.xml lib/ssh/src/ssh.app.src lib/ssh/src/ssh_connection_handler.erl lib/ssh/vsn.mk otp_versions.table
2017-02-02ssh: document crypto:genarate_key(dh, [P,G,L])Hans Nilsson
2017-02-01Prepare releaseErlang/OTP
2017-01-31crypto: Added optional length to paramlist in generate_keyHans Nilsson
Conflicts: lib/crypto/c_src/crypto.c
2017-01-31ssh,crypto: prepare for releaseHans Nilsson
2017-01-31Merge branch 'maint'Hans Nilsson
Conflicts: lib/crypto/c_src/crypto.c lib/crypto/src/crypto.erl
2017-01-27crypto: Added optional length to paramlist in generate_keyHans Nilsson
2017-01-18Minor punctuation fixes in the crypto documentation.Wim Lewis
2017-01-18Update the documentation for RSA key generationWim Lewis
to reflect that dirty schedulers are no longer considered "experimental", per a comment from sverker.
2017-01-18Merge branch 'maint'Hans Nilsson
2017-01-17Remove the RSA-1024 test case.Wim Lewis
If the underlying library is in FIPS mode, it'll refuse to generate keys shorter than 2048 bits.
2017-01-17Add a missing aes_gcm -spec clause to crypto:block_encrypt/4Leo Liu
Fix https://bugs.erlang.org/browse/ERL-336.
2017-01-08Add RSA key generationWim Lewis
Support RSA key generation using generate_key(rsa, {bits, e}). This depends on the currently-experimental "dirty scheduler" support because key generation is a potentially lengthy process.
2016-12-29crypto: algo_ciper was too small after cipher additionsHans Nilsson