From 9f2cdf704fa0732817b4c49067cd561dd13ff730 Mon Sep 17 00:00:00 2001 From: Yura Beznos Date: Tue, 13 Aug 2013 19:00:00 +0400 Subject: crypto: Add IGE mode for AES --- lib/crypto/src/crypto.erl | 44 ++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 40 insertions(+), 4 deletions(-) (limited to 'lib/crypto/src/crypto.erl') diff --git a/lib/crypto/src/crypto.erl b/lib/crypto/src/crypto.erl index 8e8370f3b0..0e8b80c1f9 100644 --- a/lib/crypto/src/crypto.erl +++ b/lib/crypto/src/crypto.erl @@ -215,7 +215,7 @@ supports()-> [{hashs, Algs -- [ec]}, {ciphers, [des_cbc, des_cfb, des3_cbc, des3_cbf, des_ede3, blowfish_cbc, blowfish_cfb64, blowfish_ofb64, blowfish_ecb, aes_cbc128, aes_cfb128, - aes_cbc256, rc2_cbc, aes_ctr, rc4 + aes_cbc256, aes_ige256, rc2_cbc, aes_ctr, rc4 ]}, PubKeyAlgs ]. @@ -309,13 +309,16 @@ block_encrypt(aes_cbc128, Key, Ivec, Data) -> aes_cbc_128_encrypt(Key, Ivec, Data); block_encrypt(aes_cbc256, Key, Ivec, Data) -> aes_cbc_256_encrypt(Key, Ivec, Data); +block_encrypt(aes_ige256, Key, Ivec, Data) -> + aes_ige_256_encrypt(Key, Ivec, Data); block_encrypt(aes_cfb128, Key, Ivec, Data) -> aes_cfb_128_encrypt(Key, Ivec, Data); block_encrypt(rc2_cbc, Key, Ivec, Data) -> rc2_cbc_encrypt(Key, Ivec, Data). -spec block_decrypt(des_cbc | des_cfb | des3_cbc | des3_cbf | des_ede3 | blowfish_cbc | - blowfish_cfb64 | blowfish_ofb64 | aes_cbc128 | aes_cbc256 | aes_cfb128 | rc2_cbc, + blowfish_cfb64 | blowfish_ofb64 | aes_cbc128 | aes_cbc256 | aes_ige256 | + aes_cfb128 | rc2_cbc, Key::iodata(), Ivec::binary(), Data::iodata()) -> binary(). block_decrypt(des_cbc, Key, Ivec, Data) -> @@ -338,6 +341,8 @@ block_decrypt(aes_cbc128, Key, Ivec, Data) -> aes_cbc_128_decrypt(Key, Ivec, Data); block_decrypt(aes_cbc256, Key, Ivec, Data) -> aes_cbc_256_decrypt(Key, Ivec, Data); +block_decrypt(aes_ige256, Key, Ivec, Data) -> + aes_ige_256_decrypt(Key, Ivec, Data); block_decrypt(aes_cfb128, Key, Ivec, Data) -> aes_cfb_128_decrypt(Key, Ivec, Data); block_decrypt(rc2_cbc, Key, Ivec, Data) -> @@ -357,14 +362,16 @@ block_decrypt(des_ecb, Key, Data) -> block_decrypt(blowfish_ecb, Key, Data) -> blowfish_ecb_decrypt(Key, Data). --spec next_iv(des_cbc | des3_cbc | aes_cbc, Data::iodata()) -> binary(). +-spec next_iv(des_cbc | des3_cbc | aes_cbc | aes_ige, Data::iodata()) -> binary(). next_iv(des_cbc, Data) -> des_cbc_ivec(Data); next_iv(des3_cbc, Data) -> des_cbc_ivec(Data); next_iv(aes_cbc, Data) -> - aes_cbc_ivec(Data). + aes_cbc_ivec(Data); +next_iv(aes_ige, Data) -> + aes_ige_ivec(Data). -spec next_iv(des_cfb, Data::iodata(), Ivec::binary()) -> binary(). @@ -1255,6 +1262,35 @@ aes_cbc_ivec(Data) when is_list(Data) -> aes_cbc_ivec(list_to_binary(Data)). +%% +%% AES - with 256 bit key in infinite garble extension mode (IGE) +%% + +-spec aes_ige_256_decrypt(iodata(), binary(), iodata()) -> + binary(). + +aes_ige_256_encrypt(Key, IVec, Data) -> + aes_ige_crypt(Key, IVec, Data, true). + +aes_ige_256_decrypt(Key, IVec, Data) -> + aes_ige_crypt(Key, IVec, Data, false). + +aes_ige_crypt(_Key, _IVec, _Data, _IsEncrypt) -> ?nif_stub. + +%% +%% aes_ige_ivec(Data) -> binary() +%% +%% Returns the IVec to be used in the next iteration of +%% aes_ige_*_[encrypt|decrypt]. +%% IVec size: 32 bytes +%% +aes_ige_ivec(Data) when is_binary(Data) -> + {_, IVec} = split_binary(Data, size(Data) - 32), + IVec; +aes_ige_ivec(Data) when is_list(Data) -> + aes_ige_ivec(list_to_binary(Data)). + + %% Stream ciphers -------------------------------------------------------------------- stream_crypt(Fun, State, Data, Size, MaxByts, []) when Size =< MaxByts -> -- cgit v1.2.3 From 998d043865059dcf7f5055a62586cc1420c221b9 Mon Sep 17 00:00:00 2001 From: Sverker Eriksson Date: Wed, 27 Nov 2013 18:00:30 +0100 Subject: crypto: Throw notsup for AES IGE if openssl older than 0.9.8c --- lib/crypto/src/crypto.erl | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) (limited to 'lib/crypto/src/crypto.erl') diff --git a/lib/crypto/src/crypto.erl b/lib/crypto/src/crypto.erl index 0e8b80c1f9..41fe968558 100644 --- a/lib/crypto/src/crypto.erl +++ b/lib/crypto/src/crypto.erl @@ -1275,7 +1275,13 @@ aes_ige_256_encrypt(Key, IVec, Data) -> aes_ige_256_decrypt(Key, IVec, Data) -> aes_ige_crypt(Key, IVec, Data, false). -aes_ige_crypt(_Key, _IVec, _Data, _IsEncrypt) -> ?nif_stub. +aes_ige_crypt(Key, IVec, Data, IsEncrypt) -> + case aes_ige_crypt_nif(Key,IVec,Data,IsEncrypt) of + notsup -> erlang:error(notsup); + Bin -> Bin + end. + +aes_ige_crypt_nif(_Key, _IVec, _Data, _IsEncrypt) -> ?nif_stub. %% %% aes_ige_ivec(Data) -> binary() -- cgit v1.2.3 From c95c2078a88d120f17dbd3120ac9036746fd3a41 Mon Sep 17 00:00:00 2001 From: Sverker Eriksson Date: Wed, 27 Nov 2013 18:05:52 +0100 Subject: crypto: Update supports/0 for des3_cbf and aes_ige256 --- lib/crypto/src/crypto.erl | 19 ++++++------------- 1 file changed, 6 insertions(+), 13 deletions(-) (limited to 'lib/crypto/src/crypto.erl') diff --git a/lib/crypto/src/crypto.erl b/lib/crypto/src/crypto.erl index 41fe968558..b4962fc488 100644 --- a/lib/crypto/src/crypto.erl +++ b/lib/crypto/src/crypto.erl @@ -204,20 +204,13 @@ stop() -> application:stop(crypto). supports()-> - Algs = algorithms(), - PubKeyAlgs = - case lists:member(ec, Algs) of - true -> - {public_keys, [rsa, dss, ecdsa, dh, srp, ecdh]}; - false -> - {public_keys, [rsa, dss, dh, srp]} - end, - [{hashs, Algs -- [ec]}, - {ciphers, [des_cbc, des_cfb, des3_cbc, des3_cbf, des_ede3, blowfish_cbc, + {Hashs, PubKeys, Ciphers} = algorithms(), + + [{hashs, Hashs}, + {ciphers, [des_cbc, des_cfb, des3_cbc, des_ede3, blowfish_cbc, blowfish_cfb64, blowfish_ofb64, blowfish_ecb, aes_cbc128, aes_cfb128, - aes_cbc256, aes_ige256, rc2_cbc, aes_ctr, rc4 - ]}, - PubKeyAlgs + aes_cbc256, rc2_cbc, aes_ctr, rc4] ++ Ciphers}, + {public_keys, [rsa, dss, dh, srp] ++ PubKeys} ]. info_lib() -> ?nif_stub. -- cgit v1.2.3