From dc4c62ca5220cfc8def7ec5275036c7fb7dc370d Mon Sep 17 00:00:00 2001 From: Hans Nilsson Date: Tue, 9 Apr 2019 12:10:31 +0200 Subject: crypto: Rename crypto_aead to crypto_one_time_aead --- lib/crypto/doc/src/crypto.xml | 4 ++-- lib/crypto/doc/src/new_api.xml | 6 +++--- lib/crypto/src/crypto.erl | 18 +++++++++--------- lib/crypto/test/crypto_SUITE.erl | 2 +- 4 files changed, 15 insertions(+), 15 deletions(-) diff --git a/lib/crypto/doc/src/crypto.xml b/lib/crypto/doc/src/crypto.xml index db53eed738..d607679ff5 100644 --- a/lib/crypto/doc/src/crypto.xml +++ b/lib/crypto/doc/src/crypto.xml @@ -754,8 +754,8 @@ - - + + Do a complete encrypt or decrypt with an AEAD cipher of the full text

Part of the new API. diff --git a/lib/crypto/doc/src/new_api.xml b/lib/crypto/doc/src/new_api.xml index e5e108d973..7b062310f2 100644 --- a/lib/crypto/doc/src/new_api.xml +++ b/lib/crypto/doc/src/new_api.xml @@ -71,14 +71,14 @@ crypto_one_time/4 crypto_one_time/5 - crypto_aead/6 - crypto_aead/7 + crypto_one_time_aead/6 + crypto_one_time_aead/7

In those functions the internal crypto state is first created and initialized with the cipher type, the key and possibly other data. Then the data is encrypted or decrypted, the crypto state is de-allocated and the result of the crypto operation is returned.

-

The crypto_aead functions are for the ciphers of mode ccm or +

The crypto_one_time_aead functions are for the ciphers of mode ccm or gcm, and for the cipher chacha20-poly1305.

For repeated encryption or decryption of a text divided in parts, where the internal diff --git a/lib/crypto/src/crypto.erl b/lib/crypto/src/crypto.erl index a99ab2faea..133636c0af 100644 --- a/lib/crypto/src/crypto.erl +++ b/lib/crypto/src/crypto.erl @@ -59,7 +59,7 @@ -export([crypto_init/4, crypto_init/3, crypto_update/2, crypto_one_time/4, crypto_one_time/5, - crypto_aead/6, crypto_aead/7, + crypto_one_time_aead/6, crypto_one_time_aead/7, crypto_init_dyn_iv/3, crypto_update_dyn_iv/3 ]). @@ -733,9 +733,9 @@ block_encrypt(Type, Key0, Ivec, Data) -> ?COMPAT( case Data of {AAD, PlainText} -> - crypto_aead(alias(Type,Key), Key, Ivec, PlainText, AAD, true); + crypto_one_time_aead(alias(Type,Key), Key, Ivec, PlainText, AAD, true); {AAD, PlainText, TagLength} -> - crypto_aead(alias(Type,Key), Key, Ivec, PlainText, AAD, TagLength, true); + crypto_one_time_aead(alias(Type,Key), Key, Ivec, PlainText, AAD, TagLength, true); PlainText -> crypto_one_time(alias(Type,Key), Key, Ivec, PlainText, true) end). @@ -764,7 +764,7 @@ block_decrypt(Type, Key0, Ivec, Data) -> ?COMPAT( case Data of {AAD, CryptoText, Tag} -> - crypto_aead(alias(Type,Key), Key, Ivec, CryptoText, AAD, Tag, false); + crypto_one_time_aead(alias(Type,Key), Key, Ivec, CryptoText, AAD, Tag, false); CryptoText -> crypto_one_time(alias(Type,Key), Key, Ivec, CryptoText, false) end). @@ -982,7 +982,7 @@ crypto_one_time(Cipher, Key, IV, Data0, EncryptFlag) -> end. --spec crypto_aead(Cipher, Key, IV, InText, AAD, EncFlag::true) -> +-spec crypto_one_time_aead(Cipher, Key, IV, InText, AAD, EncFlag::true) -> Result | descriptive_error() when Cipher :: cipher_aead(), Key :: iodata(), @@ -994,11 +994,11 @@ crypto_one_time(Cipher, Key, IV, Data0, EncryptFlag) -> OutCryptoText :: binary(), OutTag :: binary(). -crypto_aead(Cipher, Key, IV, PlainText, AAD, true) -> - crypto_aead(Cipher, Key, IV, PlainText, AAD, aead_tag_len(Cipher), true). +crypto_one_time_aead(Cipher, Key, IV, PlainText, AAD, true) -> + crypto_one_time_aead(Cipher, Key, IV, PlainText, AAD, aead_tag_len(Cipher), true). --spec crypto_aead(Cipher, Key, IV, InText, AAD, TagOrTagLength, EncFlag) -> +-spec crypto_one_time_aead(Cipher, Key, IV, InText, AAD, TagOrTagLength, EncFlag) -> Result | descriptive_error() when Cipher :: cipher_aead(), Key :: iodata(), @@ -1016,7 +1016,7 @@ crypto_aead(Cipher, Key, IV, PlainText, AAD, true) -> OutTag :: binary(), OutPlainText :: binary(). -crypto_aead(Cipher, Key, IV, TextIn, AAD, TagOrTagLength, EncFlg) -> +crypto_one_time_aead(Cipher, Key, IV, TextIn, AAD, TagOrTagLength, EncFlg) -> aead_cipher(Cipher, Key, IV, TextIn, AAD, TagOrTagLength, EncFlg). diff --git a/lib/crypto/test/crypto_SUITE.erl b/lib/crypto/test/crypto_SUITE.erl index 6a2727a622..b7d6d0805f 100644 --- a/lib/crypto/test/crypto_SUITE.erl +++ b/lib/crypto/test/crypto_SUITE.erl @@ -1183,7 +1183,7 @@ aead_cipher({Type, Key, PlainText, IV, AAD, CipherText, CipherTag, TagLen, Info} catch error:E -> ct:log("~p",[{Type, Key, PlainText, IV, AAD, CipherText, CipherTag, TagLen, Info}]), - try crypto:crypto_aead(Type, Key, IV, PlainText, AAD, TagLen, true) + try crypto:crypto_one_time_aead(Type, Key, IV, PlainText, AAD, TagLen, true) of RR -> ct:log("Works: ~p",[RR]) -- cgit v1.2.3 From bd8abd7b5cfb55bcc7becc2bf2344ec5f9a0185f Mon Sep 17 00:00:00 2001 From: Hans Nilsson Date: Tue, 9 Apr 2019 12:16:28 +0200 Subject: crypto: Rename 'crypto_(init|update)_dyn_iv' to 'crypto_dyn_iv_(init|update)' --- lib/crypto/doc/src/crypto.xml | 8 ++++---- lib/crypto/doc/src/new_api.xml | 4 ++-- lib/crypto/src/crypto.erl | 12 ++++++------ lib/crypto/test/crypto_SUITE.erl | 12 ++++++------ 4 files changed, 18 insertions(+), 18 deletions(-) diff --git a/lib/crypto/doc/src/crypto.xml b/lib/crypto/doc/src/crypto.xml index d607679ff5..641738247e 100644 --- a/lib/crypto/doc/src/crypto.xml +++ b/lib/crypto/doc/src/crypto.xml @@ -702,13 +702,13 @@ - + Initializes a series of encryptions or decryptions where the IV is provided later

Part of the new API. Initializes a series of encryptions or decryptions where the IV is provided later. The actual encryption or decryption is done by - crypto_update_dyn_iv/3. + crypto_dyn_iv_update/3.

For encryption, set the EncryptFlag to true. For decryption, set it to false.

@@ -718,13 +718,13 @@ - + Do an actual crypto operation on a part of the full text and the IV is supplied for each part

Part of the new API. Do an actual crypto operation on a part of the full text and the IV is supplied for each part. The State should be created with - crypto_init_dyn_iv/3. + crypto_dyn_iv_init/3.

See examples in the User's Guide.

diff --git a/lib/crypto/doc/src/new_api.xml b/lib/crypto/doc/src/new_api.xml index 7b062310f2..79096b55e8 100644 --- a/lib/crypto/doc/src/new_api.xml +++ b/lib/crypto/doc/src/new_api.xml @@ -99,8 +99,8 @@ for each part, the functions are:

- crypto_init_dyn_iv/3 - crypto_update_dyn_iv/3 + crypto_dyn_iv_init/3 + crypto_dyn_iv_update/3

An example of where those functions are needed, is when handling the TLS protocol.

diff --git a/lib/crypto/src/crypto.erl b/lib/crypto/src/crypto.erl index 133636c0af..3b431cceba 100644 --- a/lib/crypto/src/crypto.erl +++ b/lib/crypto/src/crypto.erl @@ -60,8 +60,8 @@ crypto_update/2, crypto_one_time/4, crypto_one_time/5, crypto_one_time_aead/6, crypto_one_time_aead/7, - crypto_init_dyn_iv/3, - crypto_update_dyn_iv/3 + crypto_dyn_iv_init/3, + crypto_dyn_iv_update/3 ]). @@ -901,12 +901,12 @@ crypto_init(Cipher, Key, IV, EncryptFlag) -> %%%---------------------------------------------------------------- --spec crypto_init_dyn_iv(Cipher, Key, EncryptFlag) -> State | descriptive_error() +-spec crypto_dyn_iv_init(Cipher, Key, EncryptFlag) -> State | descriptive_error() when Cipher :: cipher_iv(), Key :: iodata(), EncryptFlag :: boolean(), State :: crypto_state() . -crypto_init_dyn_iv(Cipher, Key, EncryptFlag) -> +crypto_dyn_iv_init(Cipher, Key, EncryptFlag) -> %% The IV is supposed to be supplied by calling crypto_update/3 ng_crypto_init_nif(Cipher, iolist_to_binary(Key), undefined, EncryptFlag). @@ -931,12 +931,12 @@ crypto_update(State, Data0) -> %%%---------------------------------------------------------------- --spec crypto_update_dyn_iv(State, Data, IV) -> Result | descriptive_error() +-spec crypto_dyn_iv_update(State, Data, IV) -> Result | descriptive_error() when State :: crypto_state(), Data :: iodata(), IV :: iodata(), Result :: binary() . -crypto_update_dyn_iv(State, Data0, IV) -> +crypto_dyn_iv_update(State, Data0, IV) -> %% When State is from State = crypto_init(Cipher, Key, undefined, EncryptFlag) case iolist_to_binary(Data0) of <<>> -> diff --git a/lib/crypto/test/crypto_SUITE.erl b/lib/crypto/test/crypto_SUITE.erl index b7d6d0805f..880fd7ab0b 100644 --- a/lib/crypto/test/crypto_SUITE.erl +++ b/lib/crypto/test/crypto_SUITE.erl @@ -621,15 +621,15 @@ do_api_ng_tls({Type, Key, IV, PlainTexts}=_X) -> do_api_ng_tls({Type, Key, IV, PlainText0, ExpectedEncText}=_X) -> ct:log("~p",[_X]), PlainText = iolist_to_binary(lazy_eval(PlainText0)), - Renc = crypto:crypto_init_dyn_iv(Type, Key, true), - Rdec = crypto:crypto_init_dyn_iv(Type, Key, false), - EncTxt = crypto:crypto_update_dyn_iv(Renc, PlainText, IV), + Renc = crypto:crypto_dyn_iv_init(Type, Key, true), + Rdec = crypto:crypto_dyn_iv_init(Type, Key, false), + EncTxt = crypto:crypto_dyn_iv_update(Renc, PlainText, IV), case ExpectedEncText of undefined -> ok; EncTxt -> %% Now check that the state is NOT updated: - case crypto:crypto_update_dyn_iv(Renc, PlainText, IV) of + case crypto:crypto_dyn_iv_update(Renc, PlainText, IV) of EncTxt -> ok; EncTxt2 -> @@ -640,10 +640,10 @@ do_api_ng_tls({Type, Key, IV, PlainText0, ExpectedEncText}=_X) -> ct:log("1st encode~nIn: ~p~nExpected: ~p~nEnc: ~p~n", [{Type,Key,IV,PlainText}, ExpectedEncText, OtherEnc]), ct:fail("api_ng_tls (encode)",[]) end, - case crypto:crypto_update_dyn_iv(Rdec, EncTxt, IV) of + case crypto:crypto_dyn_iv_update(Rdec, EncTxt, IV) of PlainText -> %% Now check that the state is NOT updated: - case crypto:crypto_update_dyn_iv(Rdec, EncTxt, IV) of + case crypto:crypto_dyn_iv_update(Rdec, EncTxt, IV) of PlainText -> ok; PlainText2 -> -- cgit v1.2.3