Age | Commit message (Collapse) | Author |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Replace _hash functions with {digest,_} argument
to existing sign/verify functions.
|
|
|
|
OTP-10106
OTP-10107
|
|
Included them by "mistake".
|
|
by using extra redundant information as part of the key
that will speed things up for OpenSSL.
Affects rsa_sign, rsa_private_encrypt and rsa_private_decrypt.
|
|
crypto only uses libcrypto.
Superfluous dependency introduced in R14B04 by 52230a417ad0057.
|
|
|
|
|
|
* sverk/crypto-sha256:
crypto: Add sha256,384,512 in documentation for rsa_verify
crypto: Add sha{256,384,512} to rsa_verify
crypto: Add sha256 and sha512
OTP-9778
|
|
|
|
When crypto_SUITE was migrated to the common_test format in commit
f6b19ef8603b46c64f3722ede3915dd1ac67bae8, some things were lost
in translation. Reinstate the previous behaviour:
1) Run the info/1 test case. This test case will cause a skip if
the test is run on a non-commercial platform and the entire
crypto application is missing. If the crypto application exists,
but does not work properly, the test case will fail.
2) If info/1 is skipped or fails, don't run any other test cases
in crypto_SUITE. (That is, if there is a basic problem, ONE
failed test case is sufficient indication.)
|
|
|
|
No test and doc
|
|
This reverts commit e21ff9b0b69219ab3853be7e80813156113152b7.
|
|
|
|
|
|
These dependency files was once used when building the documentation,
but are no longer needed.
|
|
* pg/des-cfb-functions:
[crypto] Remove swedish characters from test code
[crypto] Add DES and Triple DES cipher feedback (CFB) mode functions
OTP-9640
|
|
|
|
|
|
|
|
|
|
|
|
* sverker/revert-md2-With-RSA-Encryption:
Revert "Prepare for release"
Revert "Support md2WithRSAEncryption certificates in public_key"
Revert "Support 'md2' hash in crypto:rsa_sign/3 and crypto:rsa_verify/4"
|
|
Conflicts:
lib/inets/doc/src/notes.xml
lib/inets/src/inets_app/inets.appup.src
lib/inets/test/httpc_cookie_SUITE.erl
lib/inets/vsn.mk
|
|
Only used for commercial builds
|
|
This reverts commit 82897cc8f399fab832148711b586215c9a3f7af1.
|
|
Conflicts:
erts/aclocal.m4
erts/include/internal/ethread_header_config.h.in
|
|
* cr/md2-With-RSA-Encryption:
Document crypto:sha_mac_96/2 to compute an SHA MAC, not MD5
Support md2WithRSAEncryption certificates in public_key
Support 'md2' hash in crypto:rsa_sign/3 and crypto:rsa_verify/4
OTP-9554
|
|
|
|
* sverker/crypto-rand_uniform-negative/OTP-9526:
[crypto] Fix rand_uniform for negative values
|
|
|
|
Also let it throw badarg if 'Hi' is not larger than 'Lo'.
|
|
|
|
|
|
|
|
Create directories first, not within implicit rules. If two
'install' instances runs at the same time attempting to create
a directory, one of them may fail with an "File exists" error.
I tried to use order-only prerequisites to create the directories,
but run into two problems: First, order-only prerequisites are
only implemented in Make 3.80 and later. Second, on a computer
running Solaris/Intel 2.8 (with Make 3.80), order-only prerequisites
seemed to work like ordinary prerequisites, causing targets to
be re-built if the timestamp for the directory changed.
Therefore, using a shell command to run mkdir seems to be the
more portable solution.
|
|
|
|
|
|
* sverker/crypto-aes-ctr-stream/OTP-9275:
Stepping vsn for R14B03
Add true streaming AES (CTR) encryption and streaming HMAC operations
|
|
|
|
The current crypto module implementations require all of the data
being encrypted or authenticated to be in memory at one time. When
trying to encrypt or authenticate a large file (on order of GBs),
this is problematic.
The implementation of AES CTR uses the same underlying implementation
as aes_ctr_[en|de]crypt, but hands the state back to the client
after every operation.
The HMAC implementation differs from the previous implementations of
sha_mac and md5_mac. The old implementations did not utilize the
OpenSSL HMAC implementation. In order to ensure that I didn't
implement something incorrectly, I chose to use the OpenSSL HMAC
implementation directly, since it handles streaming as well. This
has the added side benefit of allowing other hash functions to be
used as desired (for instances, I added support for ripemd160
hashing).
While I haven't done this, it seems like the existing md5_mac and
sha_mac functions could either be depricated or redefined in terms
of the new hmac_ functions.
Update AES CTR and HMAC streaming with code review input
Ensure that memcpy operations in hmac operations are being size
checked properly. Rename aes_ctr_XXX_with_state to
aes_ctr_stream_XXX. Remove redundant hmac_init_[sha|md5|ripemd160]
functions. Fix documentation for hmac_final_n.
Fix possible error using negative value as a marker on an unsigned int
Now, use a separate marker and add a unit test to test specifically for
a case where HashLen is larger than the underlying resultant hash.
Revert "Fix possible error using negative value as a marker on an unsigned int"
This reverts commit 59cb177aa96444c0fd3ace6d01f7b8a70dd69cc9.
Resolve buffer overflow posibility on an unsigned int.
Change handling the marker for HashLen to use the fact that a second
parameter that has to be the the HashLen was passed. Also, ensure
that HashLen parameter is positive.
|
|
|