Fix type spec bug in crypto for crypto_init and crypto:one_time

Own Id: OTP-16658 Aux Id: OTP-15884, ERL-1257

The deprecation message for crypto:rand_uniform/2 indicated a non-existent function. The correct one (rand:uniform/1) is now suggested.

Own Id: OTP-16846 Aux Id: PR-2741

Implemented a workaround to allow fallback from using the EVP API for Diffie-Hellman key generation

Own Id: OTP-16771 Aux Id: ERIERL-509

The internal Diffie-Hellman high level API for key generation was slow in old and by OpenSSL now unsupported cryptolib versions (1.0.1 and earlier).

If such a cryptolib is used anyhow, the low-level API is used internally in the crypto application.

Own Id: OTP-16774

Crypto reported unsupported elliptic curves as supported on e.g Fedora distros.

Own Id: OTP-16579 Aux Id: ERL-825

Support for ed25519 and ed448 added to crypto:generate_key.

Own Id: OTP-15967 Aux Id: PR-2329

The new crypto functions api (crypto_init, crypto_update and crypto_one_time) has been updated.

There is now a function crypto_final/1 and a possibility to set options in crypto_init/3 and crypto_init/4. See the manual for details.

Own Id: OTP-16160

As announced in OTP 22.0, a New API was introduced in CRYPTO. See the New and Old API chapter in the CRYPTO User's Guide for more information and suggested replacement functions.

The Old API is now deprecated in OTP-23.0 and will be removed in OTP-24.0.

This deprecation includes cipher names. See the section Retired cipher names in the crypto User's Guide, chapter The Old API.

Own Id: OTP-16232

Fix C-compilation without deprecated OpenSSL cryptolib APIs

Own Id: OTP-16369 Aux Id: PR-2474

Refactored the internal handling of deprecated and removed functions.

Own Id: OTP-16469

Added missing 'eddh' to crypto:supports(public_keys).

Own Id: OTP-16583

Implemented a workaround to allow fallback from using the EVP API for Diffie-Hellman key generation

Own Id: OTP-16771 Aux Id: ERIERL-509

Fixed potential memory leaks involving calls to the crypto ng_api.

Own Id: OTP-16428 Aux Id: PR-2511

Constant time comparisons added.

Own Id: OTP-16376

The chipers aes_cfb8 and aes_cfb128 are now using the EVP interface. The supported key lengths are 128, 192 and 256 bits.

Own Id: OTP-16133 Aux Id: PR-2407

The chipers aes_cfb8 and aes_cfb128 are now available in FIPS enabled mode.

Own Id: OTP-16134 Aux Id: PR-2407

The AEAD tag was not previously checked on decrypt with chacha20_poly1305

Own Id: OTP-16242 Aux Id: ERL-1078

FIxed a bug if the erlang emulator was linked with a very old cryptolib version (1.0.1 or earlier).

The bug now fixed could have triggered a core dump if an unknown cipher name was used in crypto functions.

Own Id: OTP-16202

The implementation of crypto_one_time/4 is adjusted to match the type specification. The spec and the black-box behaviour of the function are unchanged.

Some details: Both the spec and the implementation were correct seen separately. But with both of them combined simultaneously with crypto_one_time/5 which was called by the implementation of crypto_one_time/4, an (obvious) error was detected by a Dialyzer with more thorough checking than usual.

Own Id: OTP-15884 Aux Id: ERL-974

When using crypto with FIPS mode enabled, the digests were not correctly handled.

Own Id: OTP-15911

A memory leak in error handling code in ng_crypto_init_nif is fixed.

Own Id: OTP-15924

Fixed the broken static build of the crypto nifs

Own Id: OTP-15928 Aux Id: PR-2296

The Message Authentication Codes (MAC) CMAC, HMAC and Poly1305 are unified into common functions in the New Crypto API. See the manual for CRYPTO.

Own Id: OTP-13872

The cipher aes-ctr was disabled by misstake in crypto:supports for cryptolibs before 1.0.1. It worked however in the encrypt and decrypt functions.

Own Id: OTP-15829

Fixed a bug in error return for crypto:poly1305/2. It returned the atom notsup instead of the exception notsup.

*** POTENTIAL INCOMPATIBILITY ***

Own Id: OTP-15677

The cipher chacha20 was introduced in OpenSSL 1.1.0. However, it could in a very odd situation, fail for versions less than OpenSSL 1.1.0d. It is therefore disabled for those versions.

*** POTENTIAL INCOMPATIBILITY ***

Own Id: OTP-15678

A new rand module algorithm, exro928ss (Xoroshiro928**), has been implemented. It has got a really long period and good statistical quality for all output bits, while still being only about 50% slower than the default algorithm.

The same generator is also used as a long period counter in a new crypto plugin for the rand module, algorithm crypto_aes. This plugin uses AES-256 to scramble the counter which buries any detectable statistical artifacts. Scrambling is done in chunks which are cached to get good amortized speed (about half of the default algorithm).

Own Id: OTP-14461 Aux Id: PR-1857

Crypto's single C-file is split into multiple files. The different coding styles in the different parts are unified into a single style.

Own Id: OTP-14732 Aux Id: PR-2068, PR-2095

Build configuration of the crypto application has been moved from the erts application into the crypto application.

Own Id: OTP-15129

Adds two hash functions blake2b and blake2s (64 bit hash and 32 bit hash respectively). These are modern and standard hash functions used in blockchains and encrypted communication protocols. The hash functions are available in OpenSSL since version 1.1.1.

Own Id: OTP-15564 Aux Id: PR-2129

A new API is implemented in crypto. See the CRYPTO user's guide, chapter New and Old API for more information.

The old api with the crypto:block_* and crypto:stream_* interfaces are kept for compatibility, but implemented with the new api. Please note that since the error checking is more thorough, there might be arguments with for example faulty lengths that are no longer accepted.

*** POTENTIAL INCOMPATIBILITY ***

Own Id: OTP-15644 Aux Id: OTP-14732 , OTP-15451, PR-1857 , PR-2068, PR-2095

The new hash_info/1 and cipher_info/1 functions returns maps with information about the hash or cipher in the argument.

Own Id: OTP-15655 Aux Id: PR-2173, ERL-864, PR-2186

Obey additional OpenSSL configure flags when compiling the C-part of the CRYPTO application: no-bf, no-blake2, no-chacha, no-cmac, no-dh, no-dsa, no-md4, no-poly1305, no-rc2, no-rc4 and no-rmd160.

Own Id: OTP-15683

A new function crypto:supports/1 is introduced. The single argument takes an atom as argument: hashes, public_keys, ciphers, macs, curves or rsa_opts. The return value is a list of supported algorithms.

The difference with the existing crypto:supports/0 is, apart from the argument and the return value, that the old function reports what is supported by the old api, and the new function reports algorithms in the new api.

Own Id: OTP-15771

Constant time comparisons added.

Own Id: OTP-16376

The chipers aes_cfb8 and aes_cfb128 are now using the EVP interface. The supported key lengths are 128, 192 and 256 bits.

Own Id: OTP-16133 Aux Id: PR-2407

The chipers aes_cfb8 and aes_cfb128 are now available in FIPS enabled mode.

Own Id: OTP-16134 Aux Id: PR-2407

Fixed build link error on Windows. Unresolved symbol 'bcmp'.

Own Id: OTP-15750 Aux Id: ERL-905

Fixes a bug that caused crypto:sign and crypto:verify to return the error message badarg instead of notsup in one case. That case was when signing or verifying with eddsa keys (that is, ed15519 or ed448), but only when FIPS was supported and enabled.

Own Id: OTP-15634

Added a crypto benchmark test suite.

Own Id: OTP-15447

Updated the RSA options part in the crypto application's C-code, documentation and tests.

Own Id: OTP-15302

Added ed25519 and ed448 sign/verify.

Requires OpenSSL 1.1.1 or higher as cryptolib under the OTP application crypto.

Own Id: OTP-15419 Aux Id: OTP-15094

Fixed valgrind warnings.

Own Id: OTP-15467

The RSA options rsa_mgf1_md, rsa_oaep_md, and rsa_oaep_label were always disabled. They will now be enabled when a suitable cryptolib is used.

They are still experimental and may change without prior notice.

Own Id: OTP-15212 Aux Id: ERL-675, PR1899, PR838

The ciphers aes_ige256 and blowfish_cbc had naming issues in crypto:next_iv/2.

Own Id: OTP-15283

the RSA_SSLV23_PADDING is disabled if LibreSSL is used as cryptlib. This is due to compilation problems.

This will be investigated further in the future.

Own Id: OTP-15303

The supported named elliptic curves are now reported in crypto:supports/0 in a new entry tagged by 'curves'.

The function crypto:ec_curves/0 is kept for compatibility.

Own Id: OTP-14717 Aux Id: OTP-15244

The typing in the CRYPTO and PUBLIC_KEY applications are reworked and a few mistakes are corrected.

The documentation is now generated from the typing and some clarifications are made.

A new chapter on Algorithm Details such as key sizes and availability is added to the CRYPTO User's Guide.

Own Id: OTP-15134

Support for SHA3 both as a separate hash and in HMAC is now available if OpenSSL 1.1.1 or higher is used as cryptolib.

Available lengths are reported in the 'hashs' entry in crypto:supports/0 as sha3_*.

Own Id: OTP-15153

The mac algorithm poly1305 and the cipher algorithm chacha20 are now supported if OpenSSL 1.1.1 or higher is used as cryptolib.

Own Id: OTP-15164 Aux Id: OTP-15209

The key exchange Edward curves x25519 and x448 are now supported if OpenSSL 1.1.1 or higher is used as cryptolib.

Own Id: OTP-15240 Aux Id: OTP-15133

The supported RSA options for sign/verify and encrypt/decrypt are now reported in crypto:supports/0 in a new entry tagged by 'rsa_opts'.

The exakt set is still experimental and may change without prior notice.

Own Id: OTP-15260

The cipher aes_ccm is added.

Own Id: OTP-15286

Update the crypto engine functions to handle multiple loads of an engine.

engine_load/3/4 is updated so it doesn't add the engine ID to OpenSSLs internal list of engines which makes it possible to run the engine_load more than once if it doesn't contain global data.

Added ensure_engine_loaded/2/3 which guarantees that the engine just is loaded once and the following calls just returns a reference to it. This is done by add the ID to the internal OpenSSL list and check if it is already registered when the function is called.

Added ensure_engine_unloaded/1/2 to unload engines loaded with ensure_engine_loaded.

Then some more utility functions are added.

engine_add/1, adds the engine to OpenSSL internal list

engine_remove/1, remove the engine from OpenSSL internal list

engine_get_id/1, fetch the engines id

engine_get_name/1, fetch the engine name

Own Id: OTP-15233

Fixed a node crash in crypto:compute_key(ecdh, ...) when passing a wrongly typed Others argument.

Own Id: OTP-15194 Aux Id: ERL-673

Removed two undocumented and erroneous functions (crypto:dh_generate_parameters/2 and crypto:dh_check/1).

Own Id: OTP-14956 Aux Id: ERL-579

Fixed bug causing VM crash if doing runtime upgrade of a crypto module built against OpenSSL older than 0.9.8h. Bug exists since OTP-20.2.

Own Id: OTP-15088

A new rand plugin algorithm has been implemented in crypto, that is: crypto_cache. It uses strong random bytes as randomness source and caches them to get good speed. See crypto:rand_seed_alg/1.

Own Id: OTP-13370 Aux Id: PR-1573

Diffie-Hellman key functions are re-written with the EVP_PKEY api.

Own Id: OTP-14864

Constant time comparisons added.

Own Id: OTP-16376

The chipers aes_cfb8 and aes_cfb128 are now using the EVP interface. The supported key lengths are 128, 192 and 256 bits.

Own Id: OTP-16133 Aux Id: PR-2407

Fixed a node crash in crypto:compute_key(ecdh, ...) when passing a wrongly typed Others argument.

Own Id: OTP-15194 Aux Id: ERL-673

If OPENSSL_NO_EC was set, the compilation of the crypto nifs failed.

Own Id: OTP-15073

C-compile errors for LibreSSL 2.7.0 - 2.7.2 fixed

Own Id: OTP-15074 Aux Id: ERL-618

Fix build error caused by removed RSA padding functions in LibreSSL >= 2.6.1

Own Id: OTP-14873

The compatibility function void HMAC_CTX_free in crypto.c erroneously tried to return a value.

Own Id: OTP-14720

Rewrite public and private key encode/decode with EVP api. New RSA padding options added. This is a modified half of PR-838.

Own Id: OTP-14446

The crypto API is extended to use private/public keys stored in an Engine for sign/verify or encrypt/decrypt operations.

The ssl application provides an API to use this new engine concept in TLS.

Own Id: OTP-14448

Add support to plug in alternative implementations for some or all of the cryptographic operations supported by the OpenSSL Engine API. When configured appropriately, OpenSSL calls the engine's implementation of these operations instead of its own.

Own Id: OTP-14567

Replaced a call of the OpenSSL deprecated function DH_generate_parameters in crypto.c.

Own Id: OTP-14639

Documentation added about how to use keys stored in an Engine.

Own Id: OTP-14735 Aux Id: OTP-14448

Add engine_ ctrl_cmd_string/3,4 the OpenSSL Engine support in crypto.

Own Id: OTP-14801

On macOS, crypto would crash if observer had been started before crypto. On the beta for macOS 10.13 (High Sierra), crypto would crash. Both of those bugs have been fixed.

Own Id: OTP-14499 Aux Id: ERL-251 ERL-439

Extend crypto:sign, crypto:verify, public_key:sign and public_key:verify with:

* support for RSASSA-PS padding for signatures and for saltlength setting
* X9.31 RSA padding.
* sha, sha224, sha256, sha384, and sha512 for dss signatures as mentioned in NIST SP 800-57 Part 1.
* ripemd160 to be used for rsa signatures.

This is a manual merge of half of the pull request 838 by potatosalad from Sept 2015.

Own Id: OTP-13704 Aux Id: PR838

A new tuple in crypto:supports/0 reports supported MAC algorithms.

Own Id: OTP-14504

LibreSSL can now be used by the modernized crypto app.

Own Id: OTP-14247

Add compile option -compile(no_native) in modules with on_load directive which is not yet supported by HiPE.

Own Id: OTP-14316 Aux Id: PR-1390

Fix a bug in aes cfb128 function introduced by the bug fix in GitHub pull request #1393.

Own Id: OTP-14435 Aux Id: PR-1462, PR-1393, OTP-14313

Add basic support for CMAC

Own Id: OTP-13779 Aux Id: ERL-82 PR-1138

Removed functions deprecated in crypto-3.0 first released in OTP-R16B01

*** POTENTIAL INCOMPATIBILITY ***

Own Id: OTP-13873

The crypto application now supports OpenSSL 1.1.

Own Id: OTP-13900

Allow Erlang/OTP to use OpenSSL in FIPS-140 mode, in order to satisfy specific security requirements (mostly by different parts of the US federal government).

See the new crypto users guide "FIPS mode" chapter about building and using the FIPS support which is disabled by default.

(Thanks to dszoboszlay and legoscia)

Own Id: OTP-13921 Aux Id: PR-1180

Crypto chacha20-poly1305 as in RFC 7539 enabled for OpenSSL >= 1.1.

Thanks to mururu.

Own Id: OTP-14092 Aux Id: PR-1291

RSA key generation added to crypto:generate_key/2. Thanks to wiml.

An interface is also added to public_key:generate_key/1.

Own Id: OTP-14140 Aux Id: ERL-165, PR-1299

Raised minimum requirement for OpenSSL version to OpenSSL-0.9.8.c although we recommend a much higher version, that is a version that is still maintained officially by the OpenSSL project. Note that using such an old version may restrict the crypto algorithms supported.

*** POTENTIAL INCOMPATIBILITY ***

Own Id: OTP-14171

Deprecate crypto:rand_uniform/2 as it is not cryptographically strong

Own Id: OTP-14274

The Crypto application now supports generation of cryptographically strong random numbers (floats < 1.0 and integer arbitrary ranges) as a plugin to the 'rand' module.

Own Id: OTP-14317 Aux Id: PR-1372

This replaces the hard coded test values for AES, CMAC and GCM ciphers with the full validation set from NIST's CAVP program.

Own Id: OTP-14436 Aux Id: PR-1396

Fix a bug with AES CFB 128 for 192 and 256 bit keys. Thanks to kellymclaughlin !

Own Id: OTP-14313 Aux Id: PR-1393

The implementation of the key exchange algorithms diffie-hellman-group-exchange-sha* are optimized, up to a factor of 11 for the slowest ( = biggest and safest) group size.

Own Id: OTP-14169 Aux Id: seq-13261

The crypto application has been fixed to not use RC2 against OpenSSL built with RC2 disabled.

Own Id: OTP-13895 Aux Id: PR-1163

The crypto application has been fixed to not use RC4 against OpenSSL built with RC4 disabled.

Own Id: OTP-13896 Aux Id: PR-1169

To ease troubleshooting, erlang:load_nif/2 now includes the return value from a failed call to load/reload/upgrade in the text part of the error tuple. The crypto NIF makes use of this feature by returning the source line where/if the initialization fails.

Own Id: OTP-13951

Crypto has been fixed to work against OpenSSL versions with disabled DES ciphers. Correct spelling of cipher algorithm 'des3_cfb' has been introduced; the previous misspeling still works.

Own Id: OTP-13783 Aux Id: ERL-203

The size of an internal array in crypto has been fixed to not segfault when having all possible ciphers. Bug fix by Duncan Overbruck.

Own Id: OTP-13789 Aux Id: PR-1140

Refactor crypto to use the EVP interface of OpenSSL, which is the recommended interface that also enables access to hardware acceleration for some operations.

Own Id: OTP-12217

Add support for 192-bit keys for the aes_cbc cipher.

Own Id: OTP-13206 Aux Id: pr 832

Add support for 192-bit keys for aes_ecb.

Own Id: OTP-13207 Aux Id: pr829

Deprecate the function crypto:rand_bytes and make sure that crypto:strong_rand_bytes is used in all places that are cryptographically significant.

Own Id: OTP-13214

Enable AES-GCM encryption/decryption to change the tag length between 1 to 16 bytes.

Own Id: OTP-13483 Aux Id: PR-998

Fix bug for aes_ecb block crypto when data is larger than 16 bytes.

Own Id: OTP-13249

Improve portability of ECC tests in Crypto and SSL for "exotic" OpenSSL versions.

Own Id: OTP-13311

Small documentation fixes

Own Id: OTP-13017

Make crypto:ec_curves/0 return empty list if elliptic curve is not supported at all.

Own Id: OTP-12944

Enhance crypto:generate_key to calculate ECC public keys from private key.

Own Id: OTP-12394

Fix bug in crypto:generate_key for ecdh that could cause VM crash for faulty input.

Own Id: OTP-12733

Use the EVP API for AES-CBC crypto to enables the use of hardware acceleration for AES-CBC crypto on newer Intel CPUs (AES-NI), among other platforms.

Own Id: OTP-12380

Add AES ECB block encryption.

Own Id: OTP-12403

Extend block_encrypt/decrypt for aes_cfb8 and aes_cfb128 to accept keys of length 128, 192 and 256 bits. Before only 128 bit keys were accepted.

Own Id: OTP-12467

Add configure option --with-ssl-incl=PATH to support OpenSSL installations with headers and libraries at different places.

Own Id: OTP-12215 Aux Id: seq12700

Add configure option --with-ssl-rpath to control which runtime library path to use for dynamic linkage toward OpenSSL.

Own Id: OTP-12316 Aux Id: seq12753

Make crypto verify major version number of OpenSSL header files and runtime library. Loading of crypto will fail if there is a version mismatch.

Own Id: OTP-12146 Aux Id: seq12700

Fix memory leak in crypto:hmac_init/upgrade/final functions for all data and in crypto:hmac/3/4 for data larger than 20000 bytes. Bug exists since OTP 17.0.

Own Id: OTP-11953

Fix memory leak in crypto for elliptic curve.

Own Id: OTP-11999

Add aes_cfb8 cypher to crypto:block_encrypt and block_decrypt.

Own Id: OTP-11911

Fix memory leaks and invalid deallocations in mod_pow, mod_exp and generate_key(srp,...) when bad arguments are passed. (Thanks to Florian Zumbiehi)

Own Id: OTP-11550

Correction of the word 'ChipherText' throughout the documentation (Thanks to Andrew Tunnell-Jones)

Own Id: OTP-11609

Fix fatal bug when using a hmac context variable in more than one call to hmac_update or hmac_final. The reuse of hmac contexts has never worked as the underlying OpenSSL implementation does not support it. It is now documented as having undefined behaviour, but it does not crash or corrupt the VM anymore.

Own Id: OTP-11724

Crypto handles out-of-memory with a controlled abort instead of crash/corruption. (Thanks to Florian Zumbiehi)

Own Id: OTP-11725

Application upgrade (appup) files are corrected for the following applications:

asn1, common_test, compiler, crypto, debugger, dialyzer, edoc, eldap, erl_docgen, et, eunit, gs, hipe, inets, observer, odbc, os_mon, otp_mibs, parsetools, percept, public_key, reltool, runtime_tools, ssh, syntax_tools, test_server, tools, typer, webtool, wx, xmerl

A new test utility for testing appup files is added to test_server. This is now used by most applications in OTP.

(Thanks to Tobias Schlager)

Own Id: OTP-11744

By giving --enable-static-{nifs,drivers} to configure it is now possible to statically linking of nifs and drivers to the main Erlang VM binary. At the moment only the asn1 and crypto nifs of the Erlang/OTP nifs and drivers have been prepared to be statically linked. For more details see the Installation Guide in the System documentation.

Own Id: OTP-11258

Add IGE mode for AES cipher in crypto (Thanks to Yura Beznos).

Own Id: OTP-11522

Moved elliptic curve definition from the crypto NIF/OpenSSL into Erlang code, adds the RFC-5639 brainpool curves and makes TLS use them (RFC-7027).

Thanks to Andreas Schultz

Own Id: OTP-11578

Remove all obsolete application processes from crypto and make it into a pure library application.

Own Id: OTP-11619

Fix uninitialized pointers in crypto (Thanks to Anthony Ramine)

Own Id: OTP-11510

Refactor ecdsa cipher to simplify code and improve performance.

Own Id: OTP-11320

Integrate elliptic curve contribution from Andreas Schultz

In order to be able to support elliptic curve cipher suites in SSL/TLS, additions to handle elliptic curve infrastructure has been added to public_key and crypto.

This also has resulted in a rewrite of the crypto API to gain consistency and remove unnecessary overhead. All OTP applications using crypto has been updated to use the new API.

Impact: Elliptic curve cryptography (ECC) offers equivalent security with smaller key sizes than other public key algorithms. Smaller key sizes result in savings for power, memory, bandwidth, and computational cost that make ECC especially attractive for constrained environments.

Own Id: OTP-11009

Fixed a spelling mistake in crypto docs. Thanks to Klaus Trainer

Own Id: OTP-11058

Make the crypto functions interruptible by chunking input when it is very large and bumping reductions in the nifs.

Not yet implemented for block_encrypt|decrypt/4

Impact: Individual calls to crypto functions may take longer time but over all system performance should improve as crypto calls will not become throughput bottlenecks.

Own Id: OTP-11142

Enable runtime upgrade of crypto including the OpenSSL library used by crypto.

Own Id: OTP-10596

Improve documentation and tests for hmac functions in crypto. Thanks to Daniel White

Own Id: OTP-10640

Added ripemd160 support to crypto. Thanks to Michael Loftis

Own Id: OTP-10667

Remove unnecessary dependency to libssl from crypto NIF library. This dependency was introduced by accident in R14B04.

Own Id: OTP-10064

Add crypto and public_key support for the hash functions SHA224, SHA256, SHA384 and SHA512 and also hmac and rsa_sign/verify support using these hash functions. Thanks to Andreas Schultz for making a prototype.

Own Id: OTP-9908

Optimize RSA private key handling in crypto and public_key.

Own Id: OTP-10065

Make crypto:aes_cfb_128_encrypt and crypto:aes_cfb_128_decrypt handle data and cipher with arbitrary length. (Thanks to Stefan Zegenhagen)

Own Id: OTP-10136

public_key, ssl and crypto now supports PKCS-8

Own Id: OTP-9312

Erlang/OTP can now be built using parallel make if you limit the number of jobs, for instance using 'make -j6' or 'make -j10'. 'make -j' does not work at the moment because of some missing dependencies.

Own Id: OTP-9451

Add DES and Triple DES cipher feedback (CFB) mode functions to crypto. (Thanks to Paul Guyot)

Own Id: OTP-9640

Add sha256, sha384 and sha512 support for crypto:rsa_verify.

Own Id: OTP-9778

crypto:rand_uniform works correctly for negative integers. Fails with badarg exception for invalid ranges (when Hi =< Lo) instead of returning incorrect output.

Own Id: OTP-9526

Fix win32 OpenSSL static linking (Thanks to Dave Cottlehuber)

Own Id: OTP-9532

Various small documentation fixes (Thanks to Bernard Duggan)

Own Id: OTP-9172

New crypto support for streaming of AES CTR and HMAC. (Thanks to Travis Jensen)

Own Id: OTP-9275

Due to standard library DLL mismatches between versions of OpenSSL and Erlang/OTP, OpenSSL is now linked statically to the crypto driver on Windows. This fixes problems starting crypto when running Erlang as a service on all Windows versions.

Own Id: OTP-9280

Strengthened random number generation. (Thanks to Geoff Cant)

Own Id: OTP-9225

Misc. Updates.

Own Id: OTP-9132

AES CTR encryption support in crypto.

Own Id: OTP-8752 Aux Id: seq11642

Crypto dialyzer type error in md5_mac and sha_mac.

Own Id: OTP-8718

RC4 stream cipher didn't work. This since the new NIF implementation of crypto:rc4_encrypt_with_state/2 introduced in crypto-2.0 didn't return an updated state. (Thanks to Paul Guyot)

Own Id: OTP-8781

A number of memory leaks in the crypto NIF library have been fixed.

Own Id: OTP-8810

Added erlang:system_info(build_type) which makes it easier to chose drivers, NIF libraries, etc based on build type of the runtime system.

The NIF library for crypto can now be built for valgrind and/or debug as separate NIF libraries that will be automatically loaded if the runtime system has been built with a matching build type.

Own Id: OTP-8760

crypto application changed to use NIFs instead of driver.

Own Id: OTP-8333

des_ecb_encrypt/2 and des_ecb_decrypt/2 has been added to the crypto module. The crypto:md4/1 function has been documented.

Own Id: OTP-8551

The undocumented, unsupport, and deprecated function lists:flat_length/1 has been removed.

Own Id: OTP-8584

New variants of crypto:dss_sign and crypto:dss_verify with an extra argument to control how the digest is calculated.

Own Id: OTP-8700

Cross compilation improvements and other build system improvements.

Most notable:

(Thanks to Henrik Riomar for suggestions and testing)

(Thanks to Winston Smith for the AVR32-Linux cross configuration and testing)

*** POTENTIAL INCOMPATIBILITY ***

Own Id: OTP-8323

The crypto module now supports Blowfish in ECB, CBC and OFB modes. (Thanks to Paul Oliver.)

Own Id: OTP-8331

The documentation is now possible to build in an open source environment after a number of bugs are fixed and some features are added in the documentation build process.

- The arity calculation is updated.

- The module prefix used in the function names for bif's are removed in the generated links so the links will look like "http://www.erlang.org/doc/man/erlang.html#append_element-2" instead of "http://www.erlang.org/doc/man/erlang.html#erlang:append_element-2".

- Enhanced the menu positioning in the html documentation when a new page is loaded.

- A number of corrections in the generation of man pages (thanks to Sergei Golovan)

- The legal notice is taken from the xml book file so OTP's build process can be used for non OTP applications.

Own Id: OTP-8343

Suppressed false valgrind errors caused by libcrypto using uninitialized data as entropy.

Own Id: OTP-8200

The documentation is now built with open source tools (xsltproc and fop) that exists on most platforms. One visible change is that the frames are removed.

Own Id: OTP-8201

When the crypto application failed to load the OpenSSL/LibEAY shared object, error indication was sparse. Now a more specific error message is sent to the error logger.

Own Id: OTP-8281

Fixed emulator crash caused by crypto using an old openssl version that did not cope with large file descriptors.

Own Id: OTP-8261 Aux Id: seq11434

Makefile.in has been updated to use the LDFLAGS environment variable (if set). (Thanks to Davide Pesavento.)

Own Id: OTP-8157

Support for Blowfish cfb64 added to crypto.

Own Id: OTP-8096

New function crypto:aes_cbc_ivec

Own Id: OTP-8141

The dh_compute_key sometimes returned a SharedSecret of incorrect size.

Own Id: OTP-7674

Optimization for drivers by creating small binaries direct on process heap.

Own Id: OTP-7762

Added new functions: dss_verify/3, rsa_verify/3, rsa_verify/4, dss_sign/2, rsa_sign/2, rsa_sign/3, rsa_public_encrypt, rsa_private_decrypt/3, rsa_private_encrypt/3, rsa_public_decrypt/3, dh_generate_key/1, dh_generate_key/2, dh_compute_key/3.

Own Id: OTP-7545

Minor performance optimization.

Own Id: OTP-7521

./configure has been improved to find 64-bit OpenSSL libraries.

Own Id: OTP-7270

crypto and zlib drivers improved to allow concurent smp access.

Own Id: OTP-7262

The linked in driver for the crypto application is now linked statically against the OpenSSL libraries, to avoid installation and runtime problems in connection to the OpenSSL library locations.

Own Id: OTP-6680

Minor Makefile changes.

Own Id: OTP-6689

It is now explicitly checked at start-up that the crypto driver is properly loaded (Thanks to Claes Wikstrom).

Own Id: OTP-6109

The previously undocumented and UNSUPPORTED ssh application has been updated and documented. This release of the ssh application is still considered to be a beta release and (if necessary) there could still be changes in its API before it reaches 1.0.

Also, more cryptographic algorithms have been added to the crypto application.

*** POTENTIAL INCOMPATIBILITY ***

Own Id: OTP-5631

Added support for RFC 3826 - The Advanced Encryption Standard (AES) Cipher Algorithm in the SNMP User-based Security Model.

Martin Björklund

Linked in drivers in the crypto, and asn1 applications are now compiled with the -D_THREAD_SAFE and -D_REENTRANT switches on unix when the emulator has thread support enabled.

Linked in drivers on MacOSX are not compiled with the undocumented -lbundle1.o switch anymore. Thanks to Sean Hinde who sent us a patch.

Linked in driver in crypto, and port programs in ssl, now compiles on OSF1.

Minor makefile improvements in runtime_tools.

Own Id: OTP-5346

Corrected error handling. If the port to the driver that crypto uses is unexpectedly closed (which should not happen during normal operation of crypto), crypto will terminate immediately (rather than crashing the next time crypto is used). Also corrected build problems on Mac OS X.

Own Id: OTP-5279

It was not possible in R9 to relink the crypto driver. The object file was missing as well as an example makefile. The crypto driver object file is now released with the application (installed in priv/obj). An example makefile has also been added to the priv/obj directory. The makefile serves as an example of how to relink the driver on Unix (crypto_drv.so) or Windows (crypto_drv.dll).

Own Id: OTP-4828 Aux Id: seq8193

Previous versions of Crypto where delivered with statically linked binaries based on SSLeay. That is not longer the case. The current version of Crypto requires dynamically linked OpenSSL libraries that the user has to install. The library needed is libcrypto.so (Unix) or libeay32.[lib|dll] (Win32). For further details see the crypto(6) application manual page.

This version of Crypto uses the new DES interface of OpenSSL 0.9.7, which is not backward compatible with earlier versions of OpenSSL.

The start of crypto failed on Windows, due to erroneous addition of a DES3 algorithm.

Own Id: OTP-4684

Aux Id: seq7864

In the manual page crypto(3) the function names md5_finish and sha_finish have been changed to md5_final and sha_final to correctly document the implementation.

Own Id: OTP-3409

The driver part of the Crypto application has been updated to use the erl_driver header file. Version 1.1.1 requires emulator version 4.9.1 or later.

On Windows the crypto_drv was incorrectly linked to static run-time libraries instead of dynamic ones.

Own Id: OTP-3240