From 21f07ba4f63c9e2df74f23b17088cd32de5c50f6 Mon Sep 17 00:00:00 2001 From: Hans Nilsson Date: Mon, 1 Oct 2018 12:22:01 +0200 Subject: crypto: Update RSA options to match specs and different OpenSSL versions - Put rsa_pkcs1_oaep_padding in supports/0 - #ifdef updates - Refine PKCS1_OAEP defines --- lib/crypto/doc/src/algorithm_details.xml | 92 +++++++++++++++++++++++--------- 1 file changed, 68 insertions(+), 24 deletions(-) (limited to 'lib/crypto/doc') diff --git a/lib/crypto/doc/src/algorithm_details.xml b/lib/crypto/doc/src/algorithm_details.xml index 68ad264df7..4d58d26970 100644 --- a/lib/crypto/doc/src/algorithm_details.xml +++ b/lib/crypto/doc/src/algorithm_details.xml @@ -63,9 +63,9 @@ aes_ige256163216 blowfish_cbc 4-56 8 8 - blowfish_cfb64 1- 8 any - blowfish_ecb1- 8 - blowfish_ofb641-8any + blowfish_cfb64 ≥1 8 any + blowfish_ecb≥1 8 + blowfish_ofb64≥18any des3_cbc
(=DES EDE3 CBC)[8,8,8]88 des3_cfb
(=DES EDE3 CFB)[8,8,8]8any @@ -74,7 +74,7 @@ des_cfb88any des_ecb8 8 des_ede3
(=DES EDE3 CBC)[8,8,8]88 - rc2_cbc1-88 + rc2_cbc≥188 Block cipher key lengths @@ -90,9 +90,9 @@

Cipher and ModeKey length
[bytes]IV length
[bytes]AAD length
[bytes]Tag length
[bytes]Block size
[bytes]Supported with
OpenSSL versions - aes_ccm 16,24,32 7-13 any even 4-16
default: 12 any1.1.0 - - aes_gcm 16,24,32 1- any 1-16
default: 16 any1.1.0 - - chacha20_poly130532 1-16 any 16 any1.1.0 - + aes_ccm 16,24,32 7-13 any even 4-16
default: 12 any≥1.1.0 + aes_gcm 16,24,32 ≥1 any 1-16
default: 16 any≥1.1.0 + chacha20_poly130532 1-16 any 16 any≥1.1.0AEAD cipher key lengths
@@ -108,8 +108,8 @@

Cipher and ModeKey length
[bytes]IV length
[bytes]Supported with
OpenSSL versions - aes_ctr16, 24, 32161.0.1 - - rc41- all + aes_ctr16, 24, 3216≥1.0.1 + rc4≥1 allStream cipher key lengths
@@ -141,9 +141,9 @@ aes_cfb8 161 blowfish_cbc 4-56 8 - blowfish_cfb64 1- 1 - blowfish_ecb1- 8 - blowfish_ofb641- 1 + blowfish_cfb64 ≥1 1 + blowfish_ecb≥1 8 + blowfish_ofb64≥1 1 des3_cbc
(=DES EDE3 CBC)[8,8,8]8 des3_cfb
(=DES EDE3 CFB)[8,8,8]1 @@ -152,7 +152,7 @@ des_cfb81 des_ecb81 - rc2_cbc1-8 + rc2_cbc≥18 CMAC cipher key lengths @@ -195,7 +195,7 @@ SHA1shaall SHA2sha224, sha256, sha384, sha512all - SHA3sha3_224, sha3_256, sha3_384, sha3_5121.1.1 - + SHA3sha3_224, sha3_256, sha3_384, sha3_512≥1.1.1 MD4md4all MD5md5all RIPEMDripemd160all @@ -221,18 +221,62 @@ without prior notice.

- Option sign/verify encrypt/decrypt Supported with
OpenSSL versions - {rsa_mgf1_md,atom()} x x 1.0.1 - {rsa_oaep_label, binary()} x - {rsa_oaep_md, atom()} x - {rsa_padding,rsa_pkcs1_pss_padding} x 1.0.0 - {rsa_pss_saltlen, -2..} x 1.0.0 - {rsa_padding,rsa_no_padding} x x - {rsa_padding,rsa_pkcs1_padding} x x - {rsa_padding,rsa_sslv23_padding} x - {rsa_padding,rsa_x931_padding} x + Option + sign/verify + public encrypt
private decrypt + private encrypt
public decrypt + + {rsa_padding,rsa_x931_padding} + x + + x + + {rsa_padding,rsa_pkcs1_padding} + x + x + x + + {rsa_padding,rsa_pkcs1_pss_padding}
+ {rsa_pss_saltlen, -2..}
+ {rsa_mgf1_md, atom()} + + x (2)
+ x (2)
+ x (2) + + + + {rsa_padding,rsa_pkcs1_oaep_padding}
+ {rsa_mgf1_md, atom()}
+ {rsa_oaep_label, binary()}}
+ {rsa_oaep_md, atom()} + + + x (2)
+ x (2)
+ x (3)
+ x (3) + + + + {rsa_padding,rsa_no_padding} + x (1) + + + +
+

Notes:

+ + (1) OpenSSL ≤ 1.0.0 + (2) OpenSSL ≥ 1.0.1 + (3) OpenSSL ≥ 1.1.0 +
-- cgit v1.2.3