1<?xml version="1.0" encoding="utf-8" ?> 2<!DOCTYPE chapter SYSTEM "chapter.dtd"> 3 4<chapter> 5 <header> 6 <copyright> 7 <year>1999</year><year>2020</year> 8 <holder>Ericsson AB. All Rights Reserved.</holder> 9 </copyright> 10 <legalnotice> 11 Licensed under the Apache License, Version 2.0 (the "License"); 12 you may not use this file except in compliance with the License. 13 You may obtain a copy of the License at 14 15 http://www.apache.org/licenses/LICENSE-2.0 16 17 Unless required by applicable law or agreed to in writing, software 18 distributed under the License is distributed on an "AS IS" BASIS, 19 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 20 See the License for the specific language governing permissions and 21 limitations under the License. 22 23 </legalnotice> 24 25 <title>Crypto Release Notes</title> 26 <prepared>Peter Högfeldt</prepared> 27 <docno></docno> 28 <date>2003-06-06</date> 29 <rev>B</rev> 30 <file>notes.xml</file> 31 </header> 32 <p>This document describes the changes made to the Crypto application.</p> 33 34<section><title>Crypto 5.0.4</title> 35 36 <section><title>Fixed Bugs and Malfunctions</title> 37 <list> 38 <item> 39 <p> 40 Fixed minor memory leak at <c>crypto</c> module purge.</p> 41 <p> 42 Own Id: OTP-17668 Aux Id: PR-5245 </p> 43 </item> 44 <item> 45 <p> 46 Fix possible inconsistency in fips mode when linking with 47 some cryptolibs.</p> 48 <p> 49 Own Id: OTP-17672</p> 50 </item> 51 </list> 52 </section> 53 54</section> 55 56<section><title>Crypto 5.0.3</title> 57 58 <section><title>Fixed Bugs and Malfunctions</title> 59 <list> 60 <item> 61 <p> 62 Fix bug in <c>crypto:ensure_engine_unloaded</c>. Also 63 fixed minor memory leak related to engine unloading.</p> 64 <p> 65 Own Id: OTP-17593 Aux Id: ERIERL-679 </p> 66 </item> 67 <item> 68 <p> 69 Fixes that FIPS enable and disable (or vice versa) on 70 Windows sometimes leads to core dump at the time of 71 process exit.</p> 72 <p> 73 Own Id: OTP-17618 Aux Id: PR-5126, GH-4920 </p> 74 </item> 75 </list> 76 </section> 77 78 79 <section><title>Improvements and New Features</title> 80 <list> 81 <item> 82 <p> 83 Disable fips if cryptolib < 1.0.1 and OTP/crypto is 84 configured with --enable-fips</p> 85 <p> 86 If not, there could be compiling or loading problems with 87 antique OpenSSL versions.</p> 88 <p> 89 Own Id: OTP-17389</p> 90 </item> 91 </list> 92 </section> 93 94</section> 95 96<section><title>Crypto 5.0.2</title> 97 98 <section><title>Fixed Bugs and Malfunctions</title> 99 <list> 100 <item> 101 <p> 102 EC keys are now zero-padded to the expected length if 103 needed.</p> 104 <p> 105 Own Id: OTP-17442 Aux Id: GH-4861 </p> 106 </item> 107 </list> 108 </section> 109 110</section> 111 112<section><title>Crypto 5.0.1</title> 113 114 <section><title>Fixed Bugs and Malfunctions</title> 115 <list> 116 <item> 117 <p> 118 Removed a risk for coredump.</p> 119 <p> 120 Own Id: OTP-17391 Aux Id: GH-4810 </p> 121 </item> 122 <item> 123 <p> 124 Fixed and documented the <c>DED_LDFLAGS_CONFTEST</c> 125 configuration variable in 126 <c>$ERL_TOP/HOWTO/INSTALL.md</c>.</p> 127 <p> 128 Own Id: OTP-17419 Aux Id: GH-4821 </p> 129 </item> 130 <item> 131 <p> 132 Commit of generated <c>configure</c> script.</p> 133 <p> 134 Own Id: OTP-17420 Aux Id: OTP-17398, GH-4821 </p> 135 </item> 136 </list> 137 </section> 138 139</section> 140 141<section><title>Crypto 5.0</title> 142 143 <section><title>Fixed Bugs and Malfunctions</title> 144 <list> 145 <item> 146 <p> 147 Add <c>/usr/local/opt/openssl</c> to the openssl 148 configure search path. This path is where some tools on 149 OS X place openssl.</p> 150 <p> 151 Own Id: OTP-16882</p> 152 </item> 153 <item> 154 <p> 155 Fix compiler warnings produced by the clang compiler.</p> 156 <p> 157 Own Id: OTP-17105 Aux Id: PR-2872 </p> 158 </item> 159 <item> 160 <p> The <c>configure</c> scripts in <c>crypto</c> and 161 <c>erts</c> now fail if a requested feature cannot be 162 enabled. </p> <p> Large parts of the <c>configure</c> 163 script of <c>crypto</c> have been rewritten with various 164 improvements and bug fixes. It is now better at finding 165 usable OpenSSL libraries, but will in the following cases 166 fail to detect OpenSSL libraries where it previously 167 sometimes detected the libraries by chance: </p> <list> 168 <item> OpenSSL installations with <c>include</c> 169 directory and <c>lib</c> directory parts installed in 170 different base directories. In order to detect such 171 installations after this change, the user must explicitly 172 specify the locations using the <seeguide 173 marker="system/installation_guide:INSTALL#Advanced-configuration-and-build-of-ErlangOTP_Configuring"><c>--with-ssl=<path></c></seeguide> 174 and the <seeguide 175 marker="system/installation_guide:INSTALL#Advanced-configuration-and-build-of-ErlangOTP_Configuring"><c>--with-ssl-incl=<path></c></seeguide> 176 <c>configure</c> command line arguments. </item> <item> 177 When building with old <c>gcc</c> compilers or other 178 compilers on Debian derivatives with multiarch 179 directories under the <c>lib</c> directory. In order to 180 detect such installations after this change, the user 181 must explicitly specify the multiarch directory name 182 using the <seeguide 183 marker="system/installation_guide:INSTALL#Advanced-configuration-and-build-of-ErlangOTP_Configuring"><c>--with-ssl-lib-subdir=lib/<multiarch-dir></c></seeguide> 184 <c>configure</c> command line argument. </item> </list> 185 <p> 186 Own Id: OTP-17254 Aux Id: ERIERL-618, GH-4230 </p> 187 </item> 188 <item> 189 <p> 190 The value 'none' was missing in the specs of 191 crypto:sign/4 and crypto:verify/6.</p> 192 <p> 193 Own Id: OTP-17312 Aux Id: PR-4723 </p> 194 </item> 195 </list> 196 </section> 197 198 199 <section><title>Improvements and New Features</title> 200 <list> 201 <item> 202 <p> 203 The functions and cipher names that were deprecated in 204 OTP-23.0 are now removed.</p> 205 <p> 206 *** POTENTIAL INCOMPATIBILITY ***</p> 207 <p> 208 Own Id: OTP-16656</p> 209 </item> 210 <item> 211 <p> 212 Removed installed directory priv/obj/ containing 213 superfluous object files.</p> 214 <p> 215 Own Id: OTP-17001 Aux Id: PR-2852 </p> 216 </item> 217 <item> 218 <p> 219 TLS connections now support EdDSA certificates.</p> 220 <p> 221 Own Id: OTP-17142 Aux Id: PR-4756, GH-4637, GH-4650 </p> 222 </item> 223 <item> 224 <p> 225 Add prop_aead attribute to map from crypto:cipher_info/1.</p> 226 <p> 227 Own Id: OTP-17313 Aux Id: PR-4686 </p> 228 </item> 229 </list> 230 </section> 231 232</section> 233 234<section><title>Crypto 4.9.0.2</title> 235 236 <section><title>Fixed Bugs and Malfunctions</title> 237 <list> 238 <item> 239 <p> 240 EC keys are now zero-padded to the expected length if 241 needed.</p> 242 <p> 243 Own Id: OTP-17442 Aux Id: GH-4861 </p> 244 </item> 245 </list> 246 </section> 247 248</section> 249 250<section><title>Crypto 4.9.0.1</title> 251 252 <section><title>Fixed Bugs and Malfunctions</title> 253 <list> 254 <item> 255 <p> 256 Removed a risk for coredump.</p> 257 <p> 258 Own Id: OTP-17391 Aux Id: GH-4810 </p> 259 </item> 260 <item> 261 <p> 262 Commit of generated <c>configure</c> script.</p> 263 <p> 264 Own Id: OTP-17420 Aux Id: OTP-17398, GH-4821 </p> 265 </item> 266 </list> 267 </section> 268 269</section> 270 271<section><title>Crypto 4.9</title> 272 273 <section><title>Fixed Bugs and Malfunctions</title> 274 <list> 275 <item> 276 <p> 277 Fix minor memory leaks in crypto ENGINE and robustify the 278 code.</p> 279 <p> 280 Own Id: OTP-17212</p> 281 </item> 282 <item> 283 <p> 284 The otp_test_engine no longer fails if NO_EC* is set in 285 the OpenSSL configuration.</p> 286 <p> 287 Own Id: OTP-17256 Aux Id: PR-4580, GH-4573 </p> 288 </item> 289 </list> 290 </section> 291 292 293 <section><title>Improvements and New Features</title> 294 <list> 295 <item> 296 <p> 297 Various address sanitizer support.</p> 298 <p> 299 Own Id: OTP-16959 Aux Id: PR-2965 </p> 300 </item> 301 <item> 302 <p> 303 EVP is now disabled for OpenSSL cryptolib versions up to 304 and including 1.0.2</p> 305 <p> 306 Own Id: OTP-17116 Aux Id: PR-2972 </p> 307 </item> 308 <item> 309 <p> 310 Warning for unused C function removed</p> 311 <p> 312 Own Id: OTP-17145 Aux Id: OTP-17105, PR-2872 </p> 313 </item> 314 </list> 315 </section> 316 317</section> 318 319<section><title>Crypto 4.8.3</title> 320 321 <section><title>Fixed Bugs and Malfunctions</title> 322 <list> 323 <item> 324 <p> 325 Adding missing flag in BN-calls in SRP.</p> 326 <p> 327 Own Id: OTP-17107</p> 328 </item> 329 </list> 330 </section> 331 332</section> 333 334<section><title>Crypto 4.8.2</title> 335 336 <section><title>Fixed Bugs and Malfunctions</title> 337 <list> 338 <item> 339 <p> 340 Fixed usage of <c>AC_CONFIG_AUX_DIRS()</c> macros in 341 configure script sources.</p> 342 <p> 343 Own Id: OTP-17093 Aux Id: ERL-1447, PR-2948 </p> 344 </item> 345 </list> 346 </section> 347 348</section> 349 350<section><title>Crypto 4.8.1</title> 351 352 <section><title>Fixed Bugs and Malfunctions</title> 353 <list> 354 <item> 355 <p> 356 Build the supported curves cache in the NIF when crypto 357 is loaded, no matter how it is loaded.</p> 358 <p> 359 This prevents a possible problem with different processes 360 starting the crypto application concurrently.</p> 361 <p> 362 Own Id: OTP-16819 Aux Id: PR-2720 </p> 363 </item> 364 <item> 365 <p> 366 It is now possible to build with crypto and openssl 367 gprof-enabled and statically link them into the VM.</p> 368 <p> 369 Own Id: OTP-17029</p> 370 </item> 371 </list> 372 </section> 373 374 375 <section><title>Improvements and New Features</title> 376 <list> 377 <item> 378 <p> 379 Fixed performance loss in HMAC when using older OpenSSL 380 due to mutex issues.</p> 381 <p> 382 A workaround is implemented to allow fallback from using 383 the EVP API for HMAC operations. On some architectures 384 this may improve the performance, especially with old 385 OpenSSL versions. This fallback to low-level functions is 386 always enabled for openssl versions before 1.0.2.</p> 387 <p> 388 Own Id: OTP-17025 Aux Id: ERL-1400, PR-2877 </p> 389 </item> 390 </list> 391 </section> 392 393</section> 394 395<section><title>Crypto 4.8</title> 396 397 <section><title>Fixed Bugs and Malfunctions</title> 398 <list> 399 <item> 400 <p> 401 Fix type spec bug in crypto for crypto_init and 402 crypto:one_time</p> 403 <p> 404 Own Id: OTP-16658 Aux Id: OTP-15884, ERL-1257 </p> 405 </item> 406 <item> 407 <p> 408 The deprecation message for crypto:rand_uniform/2 409 indicated a non-existent function. The correct one 410 (rand:uniform/1) is now suggested.</p> 411 <p> 412 Own Id: OTP-16846 Aux Id: PR-2741 </p> 413 </item> 414 </list> 415 </section> 416 417 418 <section><title>Improvements and New Features</title> 419 <list> 420 <item> 421 <p> 422 Implemented a workaround to allow fallback from using the 423 EVP API for Diffie-Hellman key generation</p> 424 <p> 425 Own Id: OTP-16771 Aux Id: ERIERL-509 </p> 426 </item> 427 <item> 428 <p> 429 The internal Diffie-Hellman high level API for key 430 generation was slow in old and by OpenSSL now unsupported 431 cryptolib versions (1.0.1 and earlier).</p> 432 <p> 433 If such a cryptolib is used anyhow, the low-level API is 434 used internally in the crypto application.</p> 435 <p> 436 Own Id: OTP-16774</p> 437 </item> 438 </list> 439 </section> 440 441</section> 442 443<section><title>Crypto 4.7</title> 444 445 <section><title>Fixed Bugs and Malfunctions</title> 446 <list> 447 <item> 448 <p> 449 Crypto reported unsupported elliptic curves as supported 450 on e.g Fedora distros.</p> 451 <p> 452 Own Id: OTP-16579 Aux Id: ERL-825 </p> 453 </item> 454 </list> 455 </section> 456 457 458 <section><title>Improvements and New Features</title> 459 <list> 460 <item> 461 <p> 462 Support for ed25519 and ed448 added to 463 <c>crypto:generate_key</c>.</p> 464 <p> 465 Own Id: OTP-15967 Aux Id: PR-2329 </p> 466 </item> 467 <item> 468 <p> 469 The <seeguide marker="crypto:new_api#the-new-api">new 470 crypto functions api</seeguide> (crypto_init, 471 crypto_update and crypto_one_time) has been updated.</p> 472 <p> 473 There is now a function <seemfa 474 marker="crypto:crypto#crypto_final/1"><c>crypto_final/1</c></seemfa> 475 and a possibility to set options in <seemfa 476 marker="crypto:crypto#crypto_init/3"><c>crypto_init/3</c></seemfa> 477 and <seemfa 478 marker="crypto:crypto#crypto_init/4"><c>crypto_init/4</c></seemfa>. 479 See the manual for details.</p> 480 <p> 481 Own Id: OTP-16160</p> 482 </item> 483 <item> 484 <p> 485 As <seeguide 486 marker="crypto:notes#crypto-4.5">announced</seeguide> in 487 OTP 22.0, a New API was introduced in CRYPTO. See the 488 <seeguide marker="crypto:new_api"><i>New and Old 489 API</i></seeguide> chapter in the CRYPTO User's Guide for 490 more information and suggested replacement functions.</p> 491 <p> 492 <seeguide marker="crypto:new_api#the-old-api">The Old 493 API</seeguide> is now deprecated in OTP-23.0 and will be 494 removed in OTP-24.0.</p> 495 <p> 496 This deprecation includes cipher names. See the section 497 <seeguide 498 marker="crypto:new_api#retired-cipher-names">Retired 499 cipher names</seeguide> in the crypto User's Guide, 500 chapter <seeguide marker="crypto:new_api#the-old-api">The 501 Old API</seeguide>.</p> 502 <p> 503 Own Id: OTP-16232</p> 504 </item> 505 <item> 506 <p> 507 Fix C-compilation without deprecated OpenSSL cryptolib 508 APIs</p> 509 <p> 510 Own Id: OTP-16369 Aux Id: PR-2474 </p> 511 </item> 512 <item> 513 <p>Refactored the internal handling of deprecated and 514 removed functions.</p> 515 <p> 516 Own Id: OTP-16469</p> 517 </item> 518 <item> 519 <p> 520 Added missing 'eddh' to <seemfa 521 marker="crypto:crypto#supports/1">crypto:supports(public_keys)</seemfa>.</p> 522 <p> 523 Own Id: OTP-16583</p> 524 </item> 525 </list> 526 </section> 527 528</section> 529 530<section><title>Crypto 4.6.5.4</title> 531 532 <section><title>Fixed Bugs and Malfunctions</title> 533 <list> 534 <item> 535 <p> 536 EC keys are now zero-padded to the expected length if 537 needed.</p> 538 <p> 539 Own Id: OTP-17442 Aux Id: GH-4861 </p> 540 </item> 541 </list> 542 </section> 543 544</section> 545 546<section><title>Crypto 4.6.5.3</title> 547 548 <section><title>Fixed Bugs and Malfunctions</title> 549 <list> 550 <item> 551 <p> 552 Removed a risk for coredump.</p> 553 <p> 554 Own Id: OTP-17391 Aux Id: GH-4810 </p> 555 </item> 556 <item> 557 <p> 558 Commit of generated <c>configure</c> script.</p> 559 <p> 560 Own Id: OTP-17420 Aux Id: OTP-17398, GH-4821 </p> 561 </item> 562 </list> 563 </section> 564 565</section> 566 567<section><title>Crypto 4.6.5.2</title> 568 569 <section><title>Fixed Bugs and Malfunctions</title> 570 <list> 571 <item> 572 <p> 573 Adding missing flag in BN-calls in SRP.</p> 574 <p> 575 Own Id: OTP-17107</p> 576 </item> 577 </list> 578 </section> 579 580</section> 581 582<section><title>Crypto 4.6.5.1</title> 583 584 <section><title>Improvements and New Features</title> 585 <list> 586 <item> 587 <p> 588 Implemented a workaround to allow fallback from using the 589 EVP API for Diffie-Hellman key generation</p> 590 <p> 591 Own Id: OTP-16771 Aux Id: ERIERL-509 </p> 592 </item> 593 </list> 594 </section> 595 596</section> 597 598<section><title>Crypto 4.6.5</title> 599 600 <section><title>Fixed Bugs and Malfunctions</title> 601 <list> 602 <item> 603 <p> 604 Fixed potential memory leaks involving calls to the 605 crypto ng_api.</p> 606 <p> 607 Own Id: OTP-16428 Aux Id: PR-2511 </p> 608 </item> 609 </list> 610 </section> 611 612</section> 613 614<section><title>Crypto 4.6.4</title> 615 616 <section><title>Fixed Bugs and Malfunctions</title> 617 <list> 618 <item> 619 <p> 620 Constant time comparisons added.</p> 621 <p> 622 Own Id: OTP-16376</p> 623 </item> 624 </list> 625 </section> 626 627</section> 628 629<section><title>Crypto 4.6.3</title> 630 631 <section><title>Improvements and New Features</title> 632 <list> 633 <item> 634 <p> 635 The chipers aes_cfb8 and aes_cfb128 are now using the EVP 636 interface. The supported key lengths are 128, 192 and 256 637 bits.</p> 638 <p> 639 Own Id: OTP-16133 Aux Id: PR-2407 </p> 640 </item> 641 <item> 642 <p> 643 The chipers aes_cfb8 and aes_cfb128 are now available in 644 FIPS enabled mode.</p> 645 <p> 646 Own Id: OTP-16134 Aux Id: PR-2407 </p> 647 </item> 648 </list> 649 </section> 650 651</section> 652 653<section><title>Crypto 4.6.2</title> 654 655 <section><title>Fixed Bugs and Malfunctions</title> 656 <list> 657 <item> 658 <p> 659 The AEAD tag was not previously checked on decrypt with 660 chacha20_poly1305</p> 661 <p> 662 Own Id: OTP-16242 Aux Id: ERL-1078 </p> 663 </item> 664 </list> 665 </section> 666 667</section> 668 669<section><title>Crypto 4.6.1</title> 670 671 <section><title>Fixed Bugs and Malfunctions</title> 672 <list> 673 <item> 674 <p> 675 FIxed a bug if the erlang emulator was linked with a very 676 old cryptolib version (1.0.1 or earlier).</p> 677 <p> 678 The bug now fixed could have triggered a core dump if an 679 unknown cipher name was used in crypto functions.</p> 680 <p> 681 Own Id: OTP-16202</p> 682 </item> 683 </list> 684 </section> 685 686</section> 687 688<section><title>Crypto 4.6</title> 689 690 <section><title>Fixed Bugs and Malfunctions</title> 691 <list> 692 <item> 693 <p> 694 The implementation of <c>crypto_one_time/4</c> is 695 adjusted to match the type specification. The spec and 696 the black-box behaviour of the function are unchanged.</p> 697 <p> 698 Some details: Both the spec and the implementation were 699 correct seen separately. But with both of them combined 700 simultaneously with <c>crypto_one_time/5</c> which was 701 called by the implementation of <c>crypto_one_time/4</c>, 702 an (obvious) error was detected by a Dialyzer with more 703 thorough checking than usual.</p> 704 <p> 705 Own Id: OTP-15884 Aux Id: ERL-974 </p> 706 </item> 707 <item> 708 <p> 709 When using crypto with FIPS mode enabled, the digests 710 were not correctly handled.</p> 711 <p> 712 Own Id: OTP-15911</p> 713 </item> 714 <item> 715 <p> 716 A memory leak in error handling code in 717 <c>ng_crypto_init_nif</c> is fixed.</p> 718 <p> 719 Own Id: OTP-15924</p> 720 </item> 721 <item> 722 <p> 723 Fixed the broken static build of the crypto nifs</p> 724 <p> 725 Own Id: OTP-15928 Aux Id: PR-2296 </p> 726 </item> 727 </list> 728 </section> 729 730 731 <section><title>Improvements and New Features</title> 732 <list> 733 <item> 734 <p> 735 The Message Authentication Codes (MAC) CMAC, HMAC and 736 Poly1305 are unified into common functions in the New 737 Crypto API. See the manual for CRYPTO.</p> 738 <p> 739 Own Id: OTP-13872</p> 740 </item> 741 </list> 742 </section> 743 744</section> 745 746<section><title>Crypto 4.5.1</title> 747 748 <section><title>Fixed Bugs and Malfunctions</title> 749 <list> 750 <item> 751 <p> 752 The cipher aes-ctr was disabled by misstake in 753 crypto:supports for cryptolibs before 1.0.1. It worked 754 however in the encrypt and decrypt functions.</p> 755 <p> 756 Own Id: OTP-15829</p> 757 </item> 758 </list> 759 </section> 760 761</section> 762 763<section><title>Crypto 4.5</title> 764 765 <section><title>Fixed Bugs and Malfunctions</title> 766 <list> 767 <item> 768 <p> 769 Fixed a bug in error return for <c>crypto:poly1305/2</c>. 770 It returned the atom <c>notsup</c> instead of the 771 exception <c>notsup</c>.</p> 772 <p> 773 *** POTENTIAL INCOMPATIBILITY ***</p> 774 <p> 775 Own Id: OTP-15677</p> 776 </item> 777 <item> 778 <p> 779 The cipher chacha20 was introduced in OpenSSL 1.1.0. 780 However, it could in a very odd situation, fail for 781 versions less than OpenSSL 1.1.0d. It is therefore 782 disabled for those versions.</p> 783 <p> 784 *** POTENTIAL INCOMPATIBILITY ***</p> 785 <p> 786 Own Id: OTP-15678</p> 787 </item> 788 </list> 789 </section> 790 791 792 <section><title>Improvements and New Features</title> 793 <list> 794 <item> 795 <p> A new <c>rand</c> module algorithm, <c>exro928ss</c> 796 (Xoroshiro928**), has been implemented. It has got a 797 really long period and good statistical quality for all 798 output bits, while still being only about 50% slower than 799 the default algorithm. </p><p> The same generator is also 800 used as a long period counter in a new <c>crypto</c> 801 plugin for the <c>rand</c> module, algorithm 802 <c>crypto_aes</c>. This plugin uses AES-256 to scramble 803 the counter which buries any detectable statistical 804 artifacts. Scrambling is done in chunks which are cached 805 to get good amortized speed (about half of the default 806 algorithm). </p> 807 <p> 808 Own Id: OTP-14461 Aux Id: PR-1857 </p> 809 </item> 810 <item> 811 <p> 812 Crypto's single C-file is split into multiple files. The 813 different coding styles in the different parts are 814 unified into a single style.</p> 815 <p> 816 Own Id: OTP-14732 Aux Id: PR-2068, PR-2095 </p> 817 </item> 818 <item> 819 <p> 820 Build configuration of the <c>crypto</c> application has 821 been moved from the <c>erts</c> application into the 822 <c>crypto</c> application.</p> 823 <p> 824 Own Id: OTP-15129</p> 825 </item> 826 <item> 827 <p> 828 Adds two hash functions <c>blake2b</c> and <c>blake2s</c> 829 (64 bit hash and 32 bit hash respectively). These are 830 modern and standard hash functions used in blockchains 831 and encrypted communication protocols. The hash functions 832 are available in OpenSSL since version 1.1.1.</p> 833 <p> 834 Own Id: OTP-15564 Aux Id: PR-2129 </p> 835 </item> 836 <item> 837 <p> 838 A new API is implemented in crypto. See the CRYPTO user's 839 guide, chapter <i>New and Old API</i> for more 840 information.</p> 841 <p> 842 The old api with the <c>crypto:block_*</c> and 843 <c>crypto:stream_*</c> interfaces are kept for 844 compatibility, but implemented with the new api. Please 845 note that since the error checking is more thorough, 846 there <i>might</i> be arguments with for example faulty 847 lengths that are no longer accepted.</p> 848 <p> 849 *** POTENTIAL INCOMPATIBILITY ***</p> 850 <p> 851 Own Id: OTP-15644 Aux Id: OTP-14732 , OTP-15451, PR-1857 852 , PR-2068, PR-2095 </p> 853 </item> 854 <item> 855 <p> 856 The new hash_info/1 and cipher_info/1 functions returns 857 maps with information about the hash or cipher in the 858 argument.</p> 859 <p> 860 Own Id: OTP-15655 Aux Id: PR-2173, ERL-864, PR-2186 </p> 861 </item> 862 <item> 863 <p> 864 Obey additional OpenSSL configure flags when compiling 865 the C-part of the CRYPTO application: <c>no-bf</c>, 866 <c>no-blake2</c>, <c>no-chacha</c>, <c>no-cmac</c>, 867 <c>no-dh</c>, <c>no-dsa</c>, <c>no-md4</c>, 868 <c>no-poly1305</c>, <c>no-rc2</c>, <c>no-rc4</c> and 869 <c>no-rmd160</c>.</p> 870 <p> 871 Own Id: OTP-15683</p> 872 </item> 873 <item> 874 <p> 875 A new function <c>crypto:supports/1</c> is introduced. 876 The single argument takes an atom as argument: 877 <c>hashes</c>, <c>public_keys</c>, <c>ciphers</c>, 878 <c>macs</c>, <c>curves</c> or <c>rsa_opts</c>. The return 879 value is a list of supported algorithms.</p> 880 <p> 881 The difference with the existing <c>crypto:supports/0</c> 882 is, apart from the argument and the return value, that 883 the old function reports what is supported by the old 884 api, and the new function reports algorithms in the new 885 api.</p> 886 <p> 887 Own Id: OTP-15771</p> 888 </item> 889 </list> 890 </section> 891 892</section> 893 894<section><title>Crypto 4.4.2.3</title> 895 896 <section><title>Fixed Bugs and Malfunctions</title> 897 <list> 898 <item> 899 <p> 900 Adding missing flag in BN-calls in SRP.</p> 901 <p> 902 Own Id: OTP-17107</p> 903 </item> 904 </list> 905 </section> 906 907</section> 908 909<section><title>Crypto 4.4.2.2</title> 910 911 <section><title>Fixed Bugs and Malfunctions</title> 912 <list> 913 <item> 914 <p> 915 Constant time comparisons added.</p> 916 <p> 917 Own Id: OTP-16376</p> 918 </item> 919 </list> 920 </section> 921 922</section> 923 924<section><title>Crypto 4.4.2.1</title> 925 926 <section><title>Improvements and New Features</title> 927 <list> 928 <item> 929 <p> 930 The chipers aes_cfb8 and aes_cfb128 are now using the EVP 931 interface. The supported key lengths are 128, 192 and 256 932 bits.</p> 933 <p> 934 Own Id: OTP-16133 Aux Id: PR-2407 </p> 935 </item> 936 <item> 937 <p> 938 The chipers aes_cfb8 and aes_cfb128 are now available in 939 FIPS enabled mode.</p> 940 <p> 941 Own Id: OTP-16134 Aux Id: PR-2407 </p> 942 </item> 943 </list> 944 </section> 945 946</section> 947 948<section><title>Crypto 4.4.2</title> 949 950 <section><title>Fixed Bugs and Malfunctions</title> 951 <list> 952 <item> 953 <p> 954 Fixed build link error on Windows. Unresolved symbol 955 'bcmp'.</p> 956 <p> 957 Own Id: OTP-15750 Aux Id: ERL-905 </p> 958 </item> 959 </list> 960 </section> 961 962</section> 963 964<section><title>Crypto 4.4.1</title> 965 966 <section><title>Fixed Bugs and Malfunctions</title> 967 <list> 968 <item> 969 <p> 970 Fixes a bug that caused <c>crypto:sign</c> and 971 <c>crypto:verify</c> to return the error message 972 <c>badarg</c> instead of <c>notsup</c> in one case. That 973 case was when signing or verifying with eddsa keys (that 974 is, ed15519 or ed448), but only when FIPS was supported 975 and enabled.</p> 976 <p> 977 Own Id: OTP-15634</p> 978 </item> 979 </list> 980 </section> 981 982 983 <section><title>Improvements and New Features</title> 984 <list> 985 <item> 986 <p> 987 Added a crypto benchmark test suite.</p> 988 <p> 989 Own Id: OTP-15447</p> 990 </item> 991 </list> 992 </section> 993 994</section> 995 996<section><title>Crypto 4.4</title> 997 998 <section><title>Fixed Bugs and Malfunctions</title> 999 <list> 1000 <item> 1001 <p> 1002 Updated the RSA options part in the crypto application's 1003 C-code, documentation and tests.</p> 1004 <p> 1005 Own Id: OTP-15302</p> 1006 </item> 1007 </list> 1008 </section> 1009 1010 1011 <section><title>Improvements and New Features</title> 1012 <list> 1013 <item> 1014 <p> 1015 Added ed25519 and ed448 sign/verify.</p> 1016 <p> 1017 Requires OpenSSL 1.1.1 or higher as cryptolib under the 1018 OTP application <c>crypto</c>.</p> 1019 <p> 1020 Own Id: OTP-15419 Aux Id: OTP-15094 </p> 1021 </item> 1022 <item> 1023 <p> 1024 Fixed valgrind warnings.</p> 1025 <p> 1026 Own Id: OTP-15467</p> 1027 </item> 1028 </list> 1029 </section> 1030 1031</section> 1032 1033<section><title>Crypto 4.3.3</title> 1034 1035 <section><title>Fixed Bugs and Malfunctions</title> 1036 <list> 1037 <item> 1038 <p> 1039 The RSA options <c>rsa_mgf1_md</c>, <c>rsa_oaep_md</c>, 1040 and <c>rsa_oaep_label</c> were always disabled. They will 1041 now be enabled when a suitable cryptolib is used.</p> 1042 <p> 1043 They are still experimental and may change without prior 1044 notice.</p> 1045 <p> 1046 Own Id: OTP-15212 Aux Id: ERL-675, PR1899, PR838 </p> 1047 </item> 1048 <item> 1049 <p> 1050 The ciphers <c>aes_ige256</c> and <c>blowfish_cbc</c> had 1051 naming issues in <c>crypto:next_iv/2</c>.</p> 1052 <p> 1053 Own Id: OTP-15283</p> 1054 </item> 1055 <item> 1056 <p> 1057 the <c>RSA_SSLV23_PADDING</c> is disabled if LibreSSL is 1058 used as cryptlib. This is due to compilation problems.</p> 1059 <p> 1060 This will be investigated further in the future.</p> 1061 <p> 1062 Own Id: OTP-15303</p> 1063 </item> 1064 </list> 1065 </section> 1066 1067 1068 <section><title>Improvements and New Features</title> 1069 <list> 1070 <item> 1071 <p> 1072 The supported named elliptic curves are now reported in 1073 <c>crypto:supports/0</c> in a new entry tagged by 1074 <c>'curves'</c>.</p> 1075 <p> 1076 The function <c>crypto:ec_curves/0</c> is kept for 1077 compatibility.</p> 1078 <p> 1079 Own Id: OTP-14717 Aux Id: OTP-15244 </p> 1080 </item> 1081 <item> 1082 <p> 1083 The typing in the CRYPTO and PUBLIC_KEY applications are 1084 reworked and a few mistakes are corrected.</p> 1085 <p> 1086 The documentation is now generated from the typing and 1087 some clarifications are made.</p> 1088 <p> 1089 A new chapter on Algorithm Details such as key sizes and 1090 availability is added to the CRYPTO User's Guide.</p> 1091 <p> 1092 Own Id: OTP-15134</p> 1093 </item> 1094 <item> 1095 <p> 1096 Support for SHA3 both as a separate hash and in HMAC is 1097 now available if OpenSSL 1.1.1 or higher is used as 1098 cryptolib.</p> 1099 <p> 1100 Available lengths are reported in the <c>'hashs'</c> 1101 entry in <c>crypto:supports/0</c> as <c>sha3_*</c>.</p> 1102 <p> 1103 Own Id: OTP-15153</p> 1104 </item> 1105 <item> 1106 <p> 1107 The mac algorithm <c>poly1305</c> and the cipher 1108 algorithm <c>chacha20</c> are now supported if OpenSSL 1109 1.1.1 or higher is used as cryptolib.</p> 1110 <p> 1111 Own Id: OTP-15164 Aux Id: OTP-15209 </p> 1112 </item> 1113 <item> 1114 <p> 1115 The key exchange Edward curves <c>x25519</c> and 1116 <c>x448</c> are now supported if OpenSSL 1.1.1 or higher 1117 is used as cryptolib.</p> 1118 <p> 1119 Own Id: OTP-15240 Aux Id: OTP-15133 </p> 1120 </item> 1121 <item> 1122 <p> 1123 The supported RSA options for sign/verify and 1124 encrypt/decrypt are now reported in 1125 <c>crypto:supports/0</c> in a new entry tagged by 1126 '<c>rsa_opts</c>'.</p> 1127 <p> 1128 The exakt set is still experimental and may change 1129 without prior notice.</p> 1130 <p> 1131 Own Id: OTP-15260</p> 1132 </item> 1133 <item> 1134 <p> 1135 The cipher <c>aes_ccm</c> is added.</p> 1136 <p> 1137 Own Id: OTP-15286</p> 1138 </item> 1139 </list> 1140 </section> 1141 1142</section> 1143 1144<section><title>Crypto 4.3.2</title> 1145 1146 <section><title>Fixed Bugs and Malfunctions</title> 1147 <list> 1148 <item> 1149 <p> Update the crypto engine functions to handle multiple 1150 loads of an engine. </p> <p><c>engine_load/3/4</c> is 1151 updated so it doesn't add the engine ID to OpenSSLs 1152 internal list of engines which makes it possible to run 1153 the engine_load more than once if it doesn't contain 1154 global data.</p> <p>Added <c>ensure_engine_loaded/2/3</c> 1155 which guarantees that the engine just is loaded once and 1156 the following calls just returns a reference to it. This 1157 is done by add the ID to the internal OpenSSL list and 1158 check if it is already registered when the function is 1159 called.</p> <p>Added <c>ensure_engine_unloaded/1/2</c> to 1160 unload engines loaded with ensure_engine_loaded.</p> 1161 <p>Then some more utility functions are added.</p> 1162 <p><c>engine_add/1</c>, adds the engine to OpenSSL 1163 internal list</p> <p><c>engine_remove/1</c>, remove the 1164 engine from OpenSSL internal list</p> 1165 <p><c>engine_get_id/1</c>, fetch the engines id</p> 1166 <p><c>engine_get_name/1</c>, fetch the engine name</p> 1167 <p> 1168 Own Id: OTP-15233</p> 1169 </item> 1170 </list> 1171 </section> 1172 1173</section> 1174 1175<section><title>Crypto 4.3.1</title> 1176 1177 <section><title>Fixed Bugs and Malfunctions</title> 1178 <list> 1179 <item> 1180 <p>Fixed a node crash in <c>crypto:compute_key(ecdh, 1181 ...)</c> when passing a wrongly typed Others 1182 argument.</p> 1183 <p> 1184 Own Id: OTP-15194 Aux Id: ERL-673 </p> 1185 </item> 1186 </list> 1187 </section> 1188 1189</section> 1190 1191<section><title>Crypto 4.3</title> 1192 1193 <section><title>Fixed Bugs and Malfunctions</title> 1194 <list> 1195 <item> 1196 <p> 1197 Removed two undocumented and erroneous functions 1198 (<c>crypto:dh_generate_parameters/2</c> and 1199 <c>crypto:dh_check/1</c>).</p> 1200 <p> 1201 Own Id: OTP-14956 Aux Id: ERL-579 </p> 1202 </item> 1203 <item> 1204 <p> 1205 Fixed bug causing VM crash if doing runtime upgrade of a 1206 crypto module built against OpenSSL older than 0.9.8h. 1207 Bug exists since OTP-20.2.</p> 1208 <p> 1209 Own Id: OTP-15088</p> 1210 </item> 1211 </list> 1212 </section> 1213 1214 1215 <section><title>Improvements and New Features</title> 1216 <list> 1217 <item> 1218 <p> 1219 A new <c>rand</c> plugin algorithm has been implemented 1220 in <c>crypto</c>, that is: <c>crypto_cache</c>. It uses 1221 strong random bytes as randomness source and caches them 1222 to get good speed. See <c>crypto:rand_seed_alg/1</c>.</p> 1223 <p> 1224 Own Id: OTP-13370 Aux Id: PR-1573 </p> 1225 </item> 1226 <item> 1227 <p> 1228 Diffie-Hellman key functions are re-written with the 1229 EVP_PKEY api.</p> 1230 <p> 1231 Own Id: OTP-14864</p> 1232 </item> 1233 </list> 1234 </section> 1235 1236</section> 1237 1238<section><title>Crypto 4.2.2.4</title> 1239 1240 <section><title>Fixed Bugs and Malfunctions</title> 1241 <list> 1242 <item> 1243 <p> 1244 Constant time comparisons added.</p> 1245 <p> 1246 Own Id: OTP-16376</p> 1247 </item> 1248 </list> 1249 </section> 1250 1251</section> 1252 1253<section><title>Crypto 4.2.2.3</title> 1254 1255 <section><title>Improvements and New Features</title> 1256 <list> 1257 <item> 1258 <p> 1259 The chipers aes_cfb8 and aes_cfb128 are now using the EVP 1260 interface. The supported key lengths are 128, 192 and 256 1261 bits.</p> 1262 <p> 1263 Own Id: OTP-16133 Aux Id: PR-2407 </p> 1264 </item> 1265 </list> 1266 </section> 1267 1268</section> 1269 1270<section><title>Crypto 4.2.2.1</title> 1271 1272 <section><title>Fixed Bugs and Malfunctions</title> 1273 <list> 1274 <item> 1275 <p>Fixed a node crash in <c>crypto:compute_key(ecdh, 1276 ...)</c> when passing a wrongly typed Others 1277 argument.</p> 1278 <p> 1279 Own Id: OTP-15194 Aux Id: ERL-673 </p> 1280 </item> 1281 </list> 1282 </section> 1283 1284</section> 1285 1286<section><title>Crypto 4.2.2</title> 1287 1288 <section><title>Fixed Bugs and Malfunctions</title> 1289 <list> 1290 <item> 1291 <p> 1292 If OPENSSL_NO_EC was set, the compilation of the crypto 1293 nifs failed.</p> 1294 <p> 1295 Own Id: OTP-15073</p> 1296 </item> 1297 <item> 1298 <p> 1299 C-compile errors for LibreSSL 2.7.0 - 2.7.2 fixed</p> 1300 <p> 1301 Own Id: OTP-15074 Aux Id: ERL-618 </p> 1302 </item> 1303 </list> 1304 </section> 1305 1306</section> 1307 1308<section><title>Crypto 4.2.1</title> 1309 1310 <section><title>Fixed Bugs and Malfunctions</title> 1311 <list> 1312 <item> 1313 <p> 1314 Fix build error caused by removed RSA padding functions 1315 in LibreSSL >= 2.6.1</p> 1316 <p> 1317 Own Id: OTP-14873</p> 1318 </item> 1319 </list> 1320 </section> 1321 1322</section> 1323 1324<section><title>Crypto 4.2</title> 1325 1326 <section><title>Fixed Bugs and Malfunctions</title> 1327 <list> 1328 <item> 1329 <p> 1330 The compatibility function <c>void HMAC_CTX_free</c> in 1331 <c>crypto.c</c> erroneously tried to return a value.</p> 1332 <p> 1333 Own Id: OTP-14720</p> 1334 </item> 1335 </list> 1336 </section> 1337 1338 1339 <section><title>Improvements and New Features</title> 1340 <list> 1341 <item> 1342 <p> 1343 Rewrite public and private key encode/decode with EVP 1344 api. New RSA padding options added. This is a modified 1345 half of PR-838.</p> 1346 <p> 1347 Own Id: OTP-14446</p> 1348 </item> 1349 <item> 1350 <p> 1351 The crypto API is extended to use private/public keys 1352 stored in an Engine for sign/verify or encrypt/decrypt 1353 operations.</p> 1354 <p> 1355 The ssl application provides an API to use this new 1356 engine concept in TLS.</p> 1357 <p> 1358 Own Id: OTP-14448</p> 1359 </item> 1360 <item> 1361 <p> Add support to plug in alternative implementations 1362 for some or all of the cryptographic operations supported 1363 by the OpenSSL Engine API. When configured appropriately, 1364 OpenSSL calls the engine's implementation of these 1365 operations instead of its own. </p> 1366 <p> 1367 Own Id: OTP-14567</p> 1368 </item> 1369 <item> 1370 <p> 1371 Replaced a call of the OpenSSL deprecated function 1372 <c>DH_generate_parameters</c> in <c>crypto.c</c>.</p> 1373 <p> 1374 Own Id: OTP-14639</p> 1375 </item> 1376 <item> 1377 <p> 1378 Documentation added about how to use keys stored in an 1379 Engine.</p> 1380 <p> 1381 Own Id: OTP-14735 Aux Id: OTP-14448 </p> 1382 </item> 1383 <item> 1384 <p> Add engine_ ctrl_cmd_string/3,4 the OpenSSL Engine 1385 support in crypto. </p> 1386 <p> 1387 Own Id: OTP-14801</p> 1388 </item> 1389 </list> 1390 </section> 1391 1392</section> 1393 1394<section><title>Crypto 4.1</title> 1395 1396 <section><title>Fixed Bugs and Malfunctions</title> 1397 <list> 1398 <item> 1399 <p>On macOS, <c>crypto</c> would crash if <c>observer</c> 1400 had been started before <c>crypto</c>. On the beta for 1401 macOS 10.13 (High Sierra), <c>crypto</c> would crash. 1402 Both of those bugs have been fixed.</p> 1403 <p> 1404 Own Id: OTP-14499 Aux Id: ERL-251 ERL-439 </p> 1405 </item> 1406 </list> 1407 </section> 1408 1409 1410 <section><title>Improvements and New Features</title> 1411 <list> 1412 <item> 1413 <p> 1414 Extend crypto:sign, crypto:verify, public_key:sign and 1415 public_key:verify with:</p> 1416 <p> 1417 * support for RSASSA-PS padding for signatures and for 1418 saltlength setting<br/> * X9.31 RSA padding.<br/> * sha, 1419 sha224, sha256, sha384, and sha512 for dss signatures as 1420 mentioned in NIST SP 800-57 Part 1.<br/> * ripemd160 to 1421 be used for rsa signatures.</p> 1422 <p> 1423 This is a manual merge of half of the pull request 838 by 1424 potatosalad from Sept 2015.</p> 1425 <p> 1426 Own Id: OTP-13704 Aux Id: PR838 </p> 1427 </item> 1428 <item> 1429 <p> 1430 A new tuple in <c>crypto:supports/0</c> reports supported 1431 MAC algorithms.</p> 1432 <p> 1433 Own Id: OTP-14504</p> 1434 </item> 1435 </list> 1436 </section> 1437 1438</section> 1439 1440<section><title>Crypto 4.0</title> 1441 1442 <section><title>Fixed Bugs and Malfunctions</title> 1443 <list> 1444 <item> 1445 <p> 1446 LibreSSL can now be used by the modernized crypto app.</p> 1447 <p> 1448 Own Id: OTP-14247</p> 1449 </item> 1450 <item> 1451 <p> 1452 Add compile option <c>-compile(no_native)</c> in modules 1453 with <c>on_load</c> directive which is not yet supported 1454 by HiPE.</p> 1455 <p> 1456 Own Id: OTP-14316 Aux Id: PR-1390 </p> 1457 </item> 1458 <item> 1459 <p> 1460 Fix a bug in aes cfb128 function introduced by the bug 1461 fix in GitHub pull request <url 1462 href="https://github.com/erlang/otp/pull/1393">#1393</url>.</p> 1463 <p> 1464 Own Id: OTP-14435 Aux Id: PR-1462, PR-1393, OTP-14313 </p> 1465 </item> 1466 </list> 1467 </section> 1468 1469 1470 <section><title>Improvements and New Features</title> 1471 <list> 1472 <item> 1473 <p> 1474 Add basic support for CMAC</p> 1475 <p> 1476 Own Id: OTP-13779 Aux Id: ERL-82 PR-1138 </p> 1477 </item> 1478 <item> 1479 <p> 1480 Removed functions deprecated in crypto-3.0 first released 1481 in OTP-R16B01</p> 1482 <p> 1483 *** POTENTIAL INCOMPATIBILITY ***</p> 1484 <p> 1485 Own Id: OTP-13873</p> 1486 </item> 1487 <item> 1488 <p> 1489 The <c>crypto</c> application now supports OpenSSL 1.1.</p> 1490 <p> 1491 Own Id: OTP-13900</p> 1492 </item> 1493 <item> 1494 <p> 1495 Allow Erlang/OTP to use OpenSSL in FIPS-140 mode, in 1496 order to satisfy specific security requirements (mostly 1497 by different parts of the US federal government). </p> 1498 <p> 1499 See the new crypto users guide "FIPS mode" chapter about 1500 building and using the FIPS support which is disabled by 1501 default.</p> 1502 <p> 1503 (Thanks to dszoboszlay and legoscia)</p> 1504 <p> 1505 Own Id: OTP-13921 Aux Id: PR-1180 </p> 1506 </item> 1507 <item> 1508 <p> 1509 Crypto chacha20-poly1305 as in RFC 7539 enabled for 1510 OpenSSL >= 1.1.</p> 1511 <p> 1512 Thanks to mururu.</p> 1513 <p> 1514 Own Id: OTP-14092 Aux Id: PR-1291 </p> 1515 </item> 1516 <item> 1517 <p> 1518 RSA key generation added to <c>crypto:generate_key/2</c>. 1519 Thanks to wiml.</p> 1520 <p> 1521 An interface is also added to 1522 <c>public_key:generate_key/1</c>.</p> 1523 <p> 1524 Own Id: OTP-14140 Aux Id: ERL-165, PR-1299 </p> 1525 </item> 1526 <item> 1527 <p> 1528 Raised minimum requirement for OpenSSL version to 1529 OpenSSL-0.9.8.c although we recommend a much higher 1530 version, that is a version that is still maintained 1531 officially by the OpenSSL project. Note that using such 1532 an old version may restrict the crypto algorithms 1533 supported.</p> 1534 <p> 1535 *** POTENTIAL INCOMPATIBILITY ***</p> 1536 <p> 1537 Own Id: OTP-14171</p> 1538 </item> 1539 <item> 1540 <p> 1541 Deprecate crypto:rand_uniform/2 as it is not 1542 cryptographically strong</p> 1543 <p> 1544 Own Id: OTP-14274</p> 1545 </item> 1546 <item> 1547 <p> 1548 The Crypto application now supports generation of 1549 cryptographically strong random numbers (floats < 1.0 1550 and integer arbitrary ranges) as a plugin to the 'rand' 1551 module.</p> 1552 <p> 1553 Own Id: OTP-14317 Aux Id: PR-1372 </p> 1554 </item> 1555 <item> 1556 <p> 1557 This replaces the hard coded test values for AES, CMAC 1558 and GCM ciphers with the full validation set from NIST's 1559 CAVP program.</p> 1560 <p> 1561 Own Id: OTP-14436 Aux Id: PR-1396 </p> 1562 </item> 1563 </list> 1564 </section> 1565 1566</section> 1567 1568<section><title>Crypto 3.7.4</title> 1569 1570 <section><title>Fixed Bugs and Malfunctions</title> 1571 <list> 1572 <item> 1573 <p> 1574 Fix a bug with AES CFB 128 for 192 and 256 bit keys. 1575 Thanks to kellymclaughlin !</p> 1576 <p> 1577 Own Id: OTP-14313 Aux Id: PR-1393 </p> 1578 </item> 1579 </list> 1580 </section> 1581 1582</section> 1583 1584<section><title>Crypto 3.7.3</title> 1585 1586 <section><title>Improvements and New Features</title> 1587 <list> 1588 <item> 1589 <p> 1590 The implementation of the key exchange algorithms 1591 diffie-hellman-group-exchange-sha* are optimized, up to a 1592 factor of 11 for the slowest ( = biggest and safest) 1593 group size.</p> 1594 <p> 1595 Own Id: OTP-14169 Aux Id: seq-13261 </p> 1596 </item> 1597 </list> 1598 </section> 1599 1600</section> 1601 1602<section><title>Crypto 3.7.2</title> 1603 1604 <section><title>Fixed Bugs and Malfunctions</title> 1605 <list> 1606 <item> 1607 <p> 1608 The crypto application has been fixed to not use RC2 1609 against OpenSSL built with RC2 disabled.</p> 1610 <p> 1611 Own Id: OTP-13895 Aux Id: PR-1163 </p> 1612 </item> 1613 <item> 1614 <p> 1615 The crypto application has been fixed to not use RC4 1616 against OpenSSL built with RC4 disabled.</p> 1617 <p> 1618 Own Id: OTP-13896 Aux Id: PR-1169 </p> 1619 </item> 1620 </list> 1621 </section> 1622 1623 1624 <section><title>Improvements and New Features</title> 1625 <list> 1626 <item> 1627 <p> 1628 To ease troubleshooting, <c>erlang:load_nif/2</c> now 1629 includes the return value from a failed call to 1630 load/reload/upgrade in the text part of the error tuple. 1631 The <c>crypto</c> NIF makes use of this feature by 1632 returning the source line where/if the initialization 1633 fails.</p> 1634 <p> 1635 Own Id: OTP-13951</p> 1636 </item> 1637 </list> 1638 </section> 1639 1640</section> 1641 1642<section><title>Crypto 3.7.1</title> 1643 1644 <section><title>Fixed Bugs and Malfunctions</title> 1645 <list> 1646 <item> 1647 <p> 1648 Crypto has been fixed to work against OpenSSL versions 1649 with disabled DES ciphers. Correct spelling of cipher 1650 algorithm 'des3_cfb' has been introduced; the previous 1651 misspeling still works.</p> 1652 <p> 1653 Own Id: OTP-13783 Aux Id: ERL-203 </p> 1654 </item> 1655 <item> 1656 <p> 1657 The size of an internal array in crypto has been fixed to 1658 not segfault when having all possible ciphers. Bug fix by 1659 Duncan Overbruck.</p> 1660 <p> 1661 Own Id: OTP-13789 Aux Id: PR-1140 </p> 1662 </item> 1663 </list> 1664 </section> 1665 1666</section> 1667 1668<section><title>Crypto 3.7</title> 1669 1670 <section><title>Improvements and New Features</title> 1671 <list> 1672 <item> 1673 <p> 1674 Refactor <c>crypto</c> to use the EVP interface of 1675 OpenSSL, which is the recommended interface that also 1676 enables access to hardware acceleration for some 1677 operations.</p> 1678 <p> 1679 Own Id: OTP-12217</p> 1680 </item> 1681 <item> 1682 <p> 1683 Add support for 192-bit keys for the <c>aes_cbc</c> 1684 cipher.</p> 1685 <p> 1686 Own Id: OTP-13206 Aux Id: pr 832 </p> 1687 </item> 1688 <item> 1689 <p> 1690 Add support for 192-bit keys for <c>aes_ecb</c>.</p> 1691 <p> 1692 Own Id: OTP-13207 Aux Id: pr829 </p> 1693 </item> 1694 <item> 1695 <p> 1696 Deprecate the function <c>crypto:rand_bytes</c> and make 1697 sure that <c>crypto:strong_rand_bytes</c> is used in all 1698 places that are cryptographically significant.</p> 1699 <p> 1700 Own Id: OTP-13214</p> 1701 </item> 1702 <item> 1703 <p> 1704 Enable AES-GCM encryption/decryption to change the tag 1705 length between 1 to 16 bytes.</p> 1706 <p> 1707 Own Id: OTP-13483 Aux Id: PR-998 </p> 1708 </item> 1709 </list> 1710 </section> 1711 1712</section> 1713 1714<section><title>Crypto 3.6.3</title> 1715 1716 <section><title>Fixed Bugs and Malfunctions</title> 1717 <list> 1718 <item> 1719 <p> 1720 Fix bug for <c>aes_ecb</c> block crypto when data is 1721 larger than 16 bytes.</p> 1722 <p> 1723 Own Id: OTP-13249</p> 1724 </item> 1725 <item> 1726 <p> 1727 Improve portability of ECC tests in Crypto and SSL for 1728 "exotic" OpenSSL versions.</p> 1729 <p> 1730 Own Id: OTP-13311</p> 1731 </item> 1732 </list> 1733 </section> 1734 1735</section> 1736 1737<section><title>Crypto 3.6.2</title> 1738 1739 <section><title>Fixed Bugs and Malfunctions</title> 1740 <list> 1741 <item> 1742 <p> 1743 Small documentation fixes</p> 1744 <p> 1745 Own Id: OTP-13017</p> 1746 </item> 1747 </list> 1748 </section> 1749 1750</section> 1751 1752<section><title>Crypto 3.6.1</title> 1753 1754 <section><title>Fixed Bugs and Malfunctions</title> 1755 <list> 1756 <item> 1757 <p> 1758 Make <c>crypto:ec_curves/0</c> return empty list if 1759 elliptic curve is not supported at all.</p> 1760 <p> 1761 Own Id: OTP-12944</p> 1762 </item> 1763 </list> 1764 </section> 1765 1766</section> 1767 1768<section><title>Crypto 3.6</title> 1769 1770 <section><title>Fixed Bugs and Malfunctions</title> 1771 <list> 1772 <item> 1773 <p> 1774 Enhance crypto:generate_key to calculate ECC public keys 1775 from private key.</p> 1776 <p> 1777 Own Id: OTP-12394</p> 1778 </item> 1779 <item> 1780 <p> 1781 Fix bug in <c>crypto:generate_key</c> for <c>ecdh</c> 1782 that could cause VM crash for faulty input.</p> 1783 <p> 1784 Own Id: OTP-12733</p> 1785 </item> 1786 </list> 1787 </section> 1788 1789 1790 <section><title>Improvements and New Features</title> 1791 <list> 1792 <item> 1793 <p> 1794 Use the EVP API for AES-CBC crypto to enables the use of 1795 hardware acceleration for AES-CBC crypto on newer Intel 1796 CPUs (AES-NI), among other platforms.</p> 1797 <p> 1798 Own Id: OTP-12380</p> 1799 </item> 1800 <item> 1801 <p> 1802 Add AES ECB block encryption.</p> 1803 <p> 1804 Own Id: OTP-12403</p> 1805 </item> 1806 </list> 1807 </section> 1808 1809</section> 1810 1811<section><title>Crypto 3.5</title> 1812 1813 <section><title>Improvements and New Features</title> 1814 <list> 1815 <item> 1816 <p> 1817 Extend block_encrypt/decrypt for aes_cfb8 and aes_cfb128 1818 to accept keys of length 128, 192 and 256 bits. Before 1819 only 128 bit keys were accepted.</p> 1820 <p> 1821 Own Id: OTP-12467</p> 1822 </item> 1823 </list> 1824 </section> 1825 1826</section> 1827 1828<section><title>Crypto 3.4.2</title> 1829 1830 <section><title>Improvements and New Features</title> 1831 <list> 1832 <item> 1833 <p> 1834 Add configure option --with-ssl-incl=PATH to support 1835 OpenSSL installations with headers and libraries at 1836 different places.</p> 1837 <p> 1838 Own Id: OTP-12215 Aux Id: seq12700 </p> 1839 </item> 1840 <item> 1841 <p> 1842 Add configure option --with-ssl-rpath to control which 1843 runtime library path to use for dynamic linkage toward 1844 OpenSSL.</p> 1845 <p> 1846 Own Id: OTP-12316 Aux Id: seq12753 </p> 1847 </item> 1848 </list> 1849 </section> 1850 1851</section> 1852 1853<section><title>Crypto 3.4.1</title> 1854 1855 <section><title>Fixed Bugs and Malfunctions</title> 1856 <list> 1857 <item> 1858 <p> 1859 Make <c>crypto</c> verify major version number of OpenSSL 1860 header files and runtime library. Loading of 1861 <c>crypto</c> will fail if there is a version mismatch.</p> 1862 <p> 1863 Own Id: OTP-12146 Aux Id: seq12700 </p> 1864 </item> 1865 </list> 1866 </section> 1867 1868</section> 1869 1870<section><title>Crypto 3.4</title> 1871 1872 <section><title>Fixed Bugs and Malfunctions</title> 1873 <list> 1874 <item> 1875 <p> 1876 Fix memory leak in <c>crypto:hmac_init/upgrade/final</c> 1877 functions for all data and in <c>crypto:hmac/3/4</c> for 1878 data larger than 20000 bytes. Bug exists since OTP 17.0.</p> 1879 <p> 1880 Own Id: OTP-11953</p> 1881 </item> 1882 <item> 1883 <p> 1884 Fix memory leak in <c>crypto</c> for elliptic curve.</p> 1885 <p> 1886 Own Id: OTP-11999</p> 1887 </item> 1888 </list> 1889 </section> 1890 1891 1892 <section><title>Improvements and New Features</title> 1893 <list> 1894 <item> 1895 <p> 1896 Add <c>aes_cfb8</c> cypher to <c>crypto:block_encrypt</c> 1897 and <c>block_decrypt</c>.</p> 1898 <p> 1899 Own Id: OTP-11911</p> 1900 </item> 1901 </list> 1902 </section> 1903 1904</section> 1905 1906<section><title>Crypto 3.3</title> 1907 1908 <section><title>Fixed Bugs and Malfunctions</title> 1909 <list> 1910 <item> 1911 <p> 1912 Fix memory leaks and invalid deallocations in 1913 <c>mod_pow</c>, <c>mod_exp</c> and 1914 <c>generate_key(srp,...)</c> when bad arguments are 1915 passed. (Thanks to Florian Zumbiehi)</p> 1916 <p> 1917 Own Id: OTP-11550</p> 1918 </item> 1919 <item> 1920 <p> 1921 Correction of the word 'ChipherText' throughout the 1922 documentation (Thanks to Andrew Tunnell-Jones)</p> 1923 <p> 1924 Own Id: OTP-11609</p> 1925 </item> 1926 <item> 1927 <p> 1928 Fix fatal bug when using a hmac context variable in more 1929 than one call to <c>hmac_update</c> or <c>hmac_final</c>. 1930 The reuse of hmac contexts has never worked as the 1931 underlying OpenSSL implementation does not support it. It 1932 is now documented as having undefined behaviour, but it 1933 does not crash or corrupt the VM anymore.</p> 1934 <p> 1935 Own Id: OTP-11724</p> 1936 </item> 1937 <item> 1938 <p> 1939 Crypto handles out-of-memory with a controlled abort 1940 instead of crash/corruption. (Thanks to Florian Zumbiehi)</p> 1941 <p> 1942 Own Id: OTP-11725</p> 1943 </item> 1944 <item> 1945 <p> 1946 Application upgrade (appup) files are corrected for the 1947 following applications: </p> 1948 <p> 1949 <c>asn1, common_test, compiler, crypto, debugger, 1950 dialyzer, edoc, eldap, erl_docgen, et, eunit, gs, hipe, 1951 inets, observer, odbc, os_mon, otp_mibs, parsetools, 1952 percept, public_key, reltool, runtime_tools, ssh, 1953 syntax_tools, test_server, tools, typer, webtool, wx, 1954 xmerl</c></p> 1955 <p> 1956 A new test utility for testing appup files is added to 1957 test_server. This is now used by most applications in 1958 OTP.</p> 1959 <p> 1960 (Thanks to Tobias Schlager)</p> 1961 <p> 1962 Own Id: OTP-11744</p> 1963 </item> 1964 </list> 1965 </section> 1966 1967 1968 <section><title>Improvements and New Features</title> 1969 <list> 1970 <item> 1971 <p> 1972 By giving --enable-static-{nifs,drivers} to configure it 1973 is now possible to statically linking of nifs and drivers 1974 to the main Erlang VM binary. At the moment only the asn1 1975 and crypto nifs of the Erlang/OTP nifs and drivers have 1976 been prepared to be statically linked. For more details 1977 see the Installation Guide in the System documentation.</p> 1978 <p> 1979 Own Id: OTP-11258</p> 1980 </item> 1981 <item> 1982 <p> 1983 Add IGE mode for AES cipher in crypto (Thanks to Yura 1984 Beznos).</p> 1985 <p> 1986 Own Id: OTP-11522</p> 1987 </item> 1988 <item> 1989 <p> 1990 Moved elliptic curve definition from the crypto 1991 NIF/OpenSSL into Erlang code, adds the RFC-5639 brainpool 1992 curves and makes TLS use them (RFC-7027).</p> 1993 <p> 1994 Thanks to Andreas Schultz</p> 1995 <p> 1996 Own Id: OTP-11578</p> 1997 </item> 1998 <item> 1999 <p> 2000 Remove all obsolete application processes from crypto and 2001 make it into a pure library application.</p> 2002 <p> 2003 Own Id: OTP-11619</p> 2004 </item> 2005 </list> 2006 </section> 2007 2008</section> 2009 2010<section><title>Crypto 3.2</title> 2011 2012 <section><title>Fixed Bugs and Malfunctions</title> 2013 <list> 2014 <item> 2015 <p> 2016 Fix uninitialized pointers in crypto (Thanks to Anthony 2017 Ramine)</p> 2018 <p> 2019 Own Id: OTP-11510</p> 2020 </item> 2021 </list> 2022 </section> 2023 2024</section> 2025 2026<section><title>Crypto 3.1</title> 2027 2028 <section><title>Improvements and New Features</title> 2029 <list> 2030 <item> 2031 <p> 2032 Refactor ecdsa cipher to simplify code and improve 2033 performance.</p> 2034 <p> 2035 Own Id: OTP-11320</p> 2036 </item> 2037 </list> 2038 </section> 2039 2040</section> 2041 2042<section><title>Crypto 3.0</title> 2043 2044 <section><title>Improvements and New Features</title> 2045 <list> 2046 <item> 2047 <p> 2048 Integrate elliptic curve contribution from Andreas 2049 Schultz </p> 2050 <p> 2051 In order to be able to support elliptic curve cipher 2052 suites in SSL/TLS, additions to handle elliptic curve 2053 infrastructure has been added to public_key and crypto.</p> 2054 <p> 2055 This also has resulted in a rewrite of the crypto API to 2056 gain consistency and remove unnecessary overhead. All OTP 2057 applications using crypto has been updated to use the new 2058 API.</p> 2059 <p> 2060 Impact: Elliptic curve cryptography (ECC) offers 2061 equivalent security with smaller key sizes than other 2062 public key algorithms. Smaller key sizes result in 2063 savings for power, memory, bandwidth, and computational 2064 cost that make ECC especially attractive for constrained 2065 environments.</p> 2066 <p> 2067 Own Id: OTP-11009</p> 2068 </item> 2069 <item> 2070 <p> 2071 Fixed a spelling mistake in crypto docs. Thanks to Klaus 2072 Trainer</p> 2073 <p> 2074 Own Id: OTP-11058</p> 2075 </item> 2076 </list> 2077 </section> 2078 2079 2080 <section><title>Known Bugs and Problems</title> 2081 <list> 2082 <item> 2083 <p> 2084 Make the crypto functions interruptible by chunking input 2085 when it is very large and bumping reductions in the nifs.</p> 2086 <p> 2087 Not yet implemented for block_encrypt|decrypt/4</p> 2088 <p> 2089 Impact: Individual calls to crypto functions may take 2090 longer time but over all system performance should 2091 improve as crypto calls will not become throughput 2092 bottlenecks.</p> 2093 <p> 2094 Own Id: OTP-11142</p> 2095 </item> 2096 </list> 2097 </section> 2098 2099</section> 2100 2101<section><title>Crypto 2.3</title> 2102 2103 <section><title>Improvements and New Features</title> 2104 <list> 2105 <item> 2106 <p> 2107 Enable runtime upgrade of crypto including the OpenSSL 2108 library used by crypto.</p> 2109 <p> 2110 Own Id: OTP-10596</p> 2111 </item> 2112 <item> 2113 <p> 2114 Improve documentation and tests for hmac functions in 2115 crypto. Thanks to Daniel White</p> 2116 <p> 2117 Own Id: OTP-10640</p> 2118 </item> 2119 <item> 2120 <p> 2121 Added ripemd160 support to crypto. Thanks to Michael 2122 Loftis</p> 2123 <p> 2124 Own Id: OTP-10667</p> 2125 </item> 2126 </list> 2127 </section> 2128 2129</section> 2130 2131<section><title>Crypto 2.2</title> 2132 2133 <section><title>Fixed Bugs and Malfunctions</title> 2134 <list> 2135 <item> 2136 <p> 2137 Remove unnecessary dependency to libssl from crypto NIF 2138 library. This dependency was introduced by accident in 2139 R14B04.</p> 2140 <p> 2141 Own Id: OTP-10064</p> 2142 </item> 2143 </list> 2144 </section> 2145 2146 2147 <section><title>Improvements and New Features</title> 2148 <list> 2149 <item> 2150 <p> 2151 Add crypto and public_key support for the hash functions 2152 SHA224, SHA256, SHA384 and SHA512 and also hmac and 2153 rsa_sign/verify support using these hash functions. 2154 Thanks to Andreas Schultz for making a prototype.</p> 2155 <p> 2156 Own Id: OTP-9908</p> 2157 </item> 2158 <item> 2159 <p> 2160 Optimize RSA private key handling in <c>crypto</c> and 2161 <c>public_key</c>.</p> 2162 <p> 2163 Own Id: OTP-10065</p> 2164 </item> 2165 <item> 2166 <p> 2167 Make <c>crypto:aes_cfb_128_encrypt</c> and 2168 <c>crypto:aes_cfb_128_decrypt</c> handle data and cipher 2169 with arbitrary length. (Thanks to Stefan Zegenhagen)</p> 2170 <p> 2171 Own Id: OTP-10136</p> 2172 </item> 2173 </list> 2174 </section> 2175 2176</section> 2177 2178<section><title>Crypto 2.1</title> 2179 2180 <section><title>Improvements and New Features</title> 2181 <list> 2182 <item> 2183 <p> 2184 public_key, ssl and crypto now supports PKCS-8</p> 2185 <p> 2186 Own Id: OTP-9312</p> 2187 </item> 2188 <item> 2189 <p>Erlang/OTP can now be built using parallel make if you 2190 limit the number of jobs, for instance using '<c>make 2191 -j6</c>' or '<c>make -j10</c>'. '<c>make -j</c>' does not 2192 work at the moment because of some missing 2193 dependencies.</p> 2194 <p> 2195 Own Id: OTP-9451</p> 2196 </item> 2197 <item> 2198 <p> 2199 Add DES and Triple DES cipher feedback (CFB) mode 2200 functions to <c>crypto</c>. (Thanks to Paul Guyot)</p> 2201 <p> 2202 Own Id: OTP-9640</p> 2203 </item> 2204 <item> 2205 <p> 2206 Add sha256, sha384 and sha512 support for 2207 <c>crypto:rsa_verify</c>.</p> 2208 <p> 2209 Own Id: OTP-9778</p> 2210 </item> 2211 </list> 2212 </section> 2213 2214</section> 2215 2216<section><title>Crypto 2.0.4</title> 2217 2218 <section><title>Fixed Bugs and Malfunctions</title> 2219 <list> 2220 <item> 2221 <p> 2222 <c>crypto:rand_uniform</c> works correctly for negative 2223 integers. Fails with <c>badarg</c> exception for invalid 2224 ranges (when <c>Hi =< Lo</c>) instead of returning 2225 incorrect output.</p> 2226 <p> 2227 Own Id: OTP-9526</p> 2228 </item> 2229 <item> 2230 <p> 2231 Fix win32 OpenSSL static linking (Thanks to Dave 2232 Cottlehuber)</p> 2233 <p> 2234 Own Id: OTP-9532</p> 2235 </item> 2236 </list> 2237 </section> 2238 2239</section> 2240 2241<section><title>Crypto 2.0.3</title> 2242 2243 <section><title>Fixed Bugs and Malfunctions</title> 2244 <list> 2245 <item> 2246 <p> 2247 Various small documentation fixes (Thanks to Bernard 2248 Duggan)</p> 2249 <p> 2250 Own Id: OTP-9172</p> 2251 </item> 2252 </list> 2253 </section> 2254 2255 2256 <section><title>Improvements and New Features</title> 2257 <list> 2258 <item> 2259 <p> 2260 New <c>crypto</c> support for streaming of AES CTR and 2261 HMAC. (Thanks to Travis Jensen)</p> 2262 <p> 2263 Own Id: OTP-9275</p> 2264 </item> 2265 <item> 2266 <p> 2267 Due to standard library DLL mismatches between versions 2268 of OpenSSL and Erlang/OTP, OpenSSL is now linked 2269 statically to the crypto driver on Windows. This fixes 2270 problems starting crypto when running Erlang as a service 2271 on all Windows versions.</p> 2272 <p> 2273 Own Id: OTP-9280</p> 2274 </item> 2275 </list> 2276 </section> 2277 2278</section> 2279 2280<section><title>Crypto 2.0.2.2</title> 2281 2282 <section><title>Improvements and New Features</title> 2283 <list> 2284 <item> 2285 <p> 2286 Strengthened random number generation. (Thanks to Geoff Cant)</p> 2287 <p> 2288 Own Id: OTP-9225</p> 2289 </item> 2290 </list> 2291 </section> 2292 2293</section> 2294 2295<section><title>Crypto 2.0.2.1</title> 2296 2297 <section><title>Improvements and New Features</title> 2298 <list> 2299 <item> 2300 <p> 2301 Misc. Updates.</p> 2302 <p> 2303 Own Id: OTP-9132</p> 2304 </item> 2305 </list> 2306 </section> 2307 2308</section> 2309 2310<section><title>Crypto 2.0.2</title> 2311 2312 <section><title>Improvements and New Features</title> 2313 <list> 2314 <item> 2315 <p> 2316 AES CTR encryption support in <c>crypto</c>.</p> 2317 <p> 2318 Own Id: OTP-8752 Aux Id: seq11642 </p> 2319 </item> 2320 </list> 2321 </section> 2322 2323</section> 2324 2325<section><title>Crypto 2.0.1</title> 2326 2327 <section><title>Fixed Bugs and Malfunctions</title> 2328 <list> 2329 <item> 2330 <p> 2331 Crypto dialyzer type error in md5_mac and sha_mac.</p> 2332 <p> 2333 Own Id: OTP-8718</p> 2334 </item> 2335 <item> 2336 <p> 2337 RC4 stream cipher didn't work. This since the new NIF 2338 implementation of <c>crypto:rc4_encrypt_with_state/2</c> 2339 introduced in <c>crypto-2.0</c> didn't return an updated 2340 state. (Thanks to Paul Guyot)</p> 2341 <p> 2342 Own Id: OTP-8781</p> 2343 </item> 2344 <item> 2345 <p> 2346 A number of memory leaks in the crypto NIF library have 2347 been fixed.</p> 2348 <p> 2349 Own Id: OTP-8810</p> 2350 </item> 2351 </list> 2352 </section> 2353 2354 2355 <section><title>Improvements and New Features</title> 2356 <list> 2357 <item> 2358 <p> 2359 Added erlang:system_info(build_type) which makes it 2360 easier to chose drivers, NIF libraries, etc based on 2361 build type of the runtime system.</p> 2362 <p> 2363 The NIF library for crypto can now be built for valgrind 2364 and/or debug as separate NIF libraries that will be 2365 automatically loaded if the runtime system has been built 2366 with a matching build type.</p> 2367 <p> 2368 Own Id: OTP-8760</p> 2369 </item> 2370 </list> 2371 </section> 2372 2373</section> 2374 2375<section><title>Crypto 2.0</title> 2376 2377 <section><title>Improvements and New Features</title> 2378 <list> 2379 <item> 2380 <p> 2381 crypto application changed to use NIFs instead of driver.</p> 2382 <p> 2383 Own Id: OTP-8333</p> 2384 </item> 2385 <item> 2386 <p> 2387 des_ecb_encrypt/2 and des_ecb_decrypt/2 has been added to 2388 the crypto module. The crypto:md4/1 function has been 2389 documented.</p> 2390 <p> 2391 Own Id: OTP-8551</p> 2392 </item> 2393 <item> 2394 <p>The undocumented, unsupport, and deprecated function 2395 <c>lists:flat_length/1</c> has been removed.</p> 2396 <p> 2397 Own Id: OTP-8584</p> 2398 </item> 2399 <item> 2400 <p> 2401 New variants of <c>crypto:dss_sign</c> and 2402 <c>crypto:dss_verify</c> with an extra argument to 2403 control how the digest is calculated.</p> 2404 <p> 2405 Own Id: OTP-8700</p> 2406 </item> 2407 </list> 2408 </section> 2409 2410</section> 2411 2412<section><title>Crypto 1.6.4</title> 2413 2414 <section><title>Improvements and New Features</title> 2415 <list> 2416 <item> 2417 <p>Cross compilation improvements and other build system 2418 improvements.</p> 2419 <p>Most notable:</p> <list><item> Lots of cross 2420 compilation improvements. The old cross compilation 2421 support was more or less non-existing as well as broken. 2422 Please, note that the cross compilation support should 2423 still be considered as experimental. Also note that old 2424 cross compilation configurations cannot be used without 2425 modifications. For more information on cross compiling 2426 Erlang/OTP see the <c>$ERL_TOP/INSTALL-CROSS.md</c> file. 2427 </item><item> Support for staged install using <url 2428 href="http://www.gnu.org/prep/standards/html_node/DESTDIR.html">DESTDIR</url>. 2429 The old broken <c>INSTALL_PREFIX</c> has also been fixed. 2430 For more information see the <c>$ERL_TOP/INSTALL.md</c> 2431 file. </item><item> Documentation of the <c>release</c> 2432 target of the top <c>Makefile</c>. For more information 2433 see the <c>$ERL_TOP/INSTALL.md</c> file. </item><item> 2434 <c>make install</c> now by default creates relative 2435 symbolic links instead of absolute ones. For more 2436 information see the <c>$ERL_TOP/INSTALL.md</c> file. 2437 </item><item> <c>$ERL_TOP/configure --help=recursive</c> 2438 now works and prints help for all applications with 2439 <c>configure</c> scripts. </item><item> Doing <c>make 2440 install</c>, or <c>make release</c> directly after 2441 <c>make all</c> no longer triggers miscellaneous 2442 rebuilds. </item><item> Existing bootstrap system is now 2443 used when doing <c>make install</c>, or <c>make 2444 release</c> without a preceding <c>make all</c>. 2445 </item><item> The <c>crypto</c> and <c>ssl</c> 2446 applications use the same runtime library path when 2447 dynamically linking against <c>libssl.so</c> and 2448 <c>libcrypto.so</c>. The runtime library search path has 2449 also been extended. </item><item> The <c>configure</c> 2450 scripts of <c>erl_interface</c> and <c>odbc</c> now 2451 search for thread libraries and thread library quirks the 2452 same way as ERTS do. </item><item> The 2453 <c>configure</c> script of the <c>odbc</c> application 2454 now also looks for odbc libraries in <c>lib64</c> and 2455 <c>lib/64</c> directories when building on a 64-bit 2456 system. </item><item> The <c>config.h.in</c> file in the 2457 <c>erl_interface</c> application is now automatically 2458 generated in instead of statically updated which reduces 2459 the risk of <c>configure</c> tests without any effect. 2460 </item></list> 2461 <p>(Thanks to Henrik Riomar for suggestions and 2462 testing)</p> 2463 <p>(Thanks to Winston Smith for the AVR32-Linux cross 2464 configuration and testing)</p> 2465 <p> 2466 *** POTENTIAL INCOMPATIBILITY ***</p> 2467 <p> 2468 Own Id: OTP-8323</p> 2469 </item> 2470 <item> 2471 <p> 2472 The crypto module now supports Blowfish in ECB, CBC and 2473 OFB modes. (Thanks to Paul Oliver.)</p> 2474 <p> 2475 Own Id: OTP-8331</p> 2476 </item> 2477 <item> 2478 <p>The documentation is now possible to build in an open 2479 source environment after a number of bugs are fixed and 2480 some features are added in the documentation build 2481 process. </p> 2482 <p>- The arity calculation is updated.</p> 2483 <p>- The module prefix used in the function names for 2484 bif's are removed in the generated links so the links 2485 will look like 2486 "http://www.erlang.org/doc/man/erlang.html#append_element-2" 2487 instead of 2488 "http://www.erlang.org/doc/man/erlang.html#erlang:append_element-2".</p> 2489 <p>- Enhanced the menu positioning in the html 2490 documentation when a new page is loaded.</p> 2491 <p>- A number of corrections in the generation of man 2492 pages (thanks to Sergei Golovan)</p> 2493 <p>- The legal notice is taken from the xml book file so 2494 OTP's build process can be used for non OTP 2495 applications.</p> 2496 <p> 2497 Own Id: OTP-8343</p> 2498 </item> 2499 </list> 2500 </section> 2501 2502</section> 2503 2504<section><title>Crypto 1.6.3</title> 2505 2506 <section><title>Fixed Bugs and Malfunctions</title> 2507 <list> 2508 <item> 2509 <p> 2510 Suppressed false valgrind errors caused by libcrypto 2511 using uninitialized data as entropy.</p> 2512 <p> 2513 Own Id: OTP-8200</p> 2514 </item> 2515 </list> 2516 </section> 2517 2518 2519 <section><title>Improvements and New Features</title> 2520 <list> 2521 <item> 2522 <p> 2523 The documentation is now built with open source tools 2524 (xsltproc and fop) that exists on most platforms. One 2525 visible change is that the frames are removed.</p> 2526 <p> 2527 Own Id: OTP-8201</p> 2528 </item> 2529 <item> 2530 <p> 2531 When the crypto application failed to load the 2532 OpenSSL/LibEAY shared object, error indication was 2533 sparse. Now a more specific error message is sent to the 2534 error logger.</p> 2535 <p> 2536 Own Id: OTP-8281</p> 2537 </item> 2538 </list> 2539 </section> 2540 2541</section> 2542 2543<section><title>Crypto 1.6.2</title> 2544 2545 <section><title>Fixed Bugs and Malfunctions</title> 2546 <list> 2547 <item> 2548 <p> 2549 Fixed emulator crash caused by crypto using an old 2550 openssl version that did not cope with large file 2551 descriptors.</p> 2552 <p> 2553 Own Id: OTP-8261 Aux Id: seq11434 </p> 2554 </item> 2555 </list> 2556 </section> 2557 2558</section> 2559 2560<section><title>Crypto 1.6.1</title> 2561 2562 <section><title>Fixed Bugs and Malfunctions</title> 2563 <list> 2564 <item> 2565 <p> 2566 <c>Makefile.in</c> has been updated to use the LDFLAGS 2567 environment variable (if set). (Thanks to Davide 2568 Pesavento.)</p> 2569 <p> 2570 Own Id: OTP-8157</p> 2571 </item> 2572 </list> 2573 </section> 2574 2575 2576 <section><title>Improvements and New Features</title> 2577 <list> 2578 <item> 2579 <p> 2580 Support for Blowfish cfb64 added to <c>crypto</c>.</p> 2581 <p> 2582 Own Id: OTP-8096</p> 2583 </item> 2584 <item> 2585 <p> 2586 New function <c>crypto:aes_cbc_ivec</c></p> 2587 <p> 2588 Own Id: OTP-8141</p> 2589 </item> 2590 </list> 2591 </section> 2592 2593</section> 2594 2595<section><title>Crypto 1.6</title> 2596 2597 <section><title>Fixed Bugs and Malfunctions</title> 2598 <list> 2599 <item> 2600 <p> 2601 The <c>dh_compute_key</c> sometimes returned a 2602 SharedSecret of incorrect size.</p> 2603 <p> 2604 Own Id: OTP-7674</p> 2605 </item> 2606 </list> 2607 </section> 2608 2609 2610 <section><title>Improvements and New Features</title> 2611 <list> 2612 <item> 2613 <p> 2614 Optimization for drivers by creating small binaries 2615 direct on process heap.</p> 2616 <p> 2617 Own Id: OTP-7762</p> 2618 </item> 2619 </list> 2620 </section> 2621 2622</section> 2623 2624<section><title>Crypto 1.5.3</title> 2625 2626 <section><title>Improvements and New Features</title> 2627 <list> 2628 <item> 2629 <p> 2630 Added new functions: dss_verify/3, rsa_verify/3, 2631 rsa_verify/4, dss_sign/2, rsa_sign/2, rsa_sign/3, 2632 rsa_public_encrypt, rsa_private_decrypt/3, 2633 rsa_private_encrypt/3, rsa_public_decrypt/3, 2634 dh_generate_key/1, dh_generate_key/2, dh_compute_key/3.</p> 2635 <p> 2636 Own Id: OTP-7545</p> 2637 </item> 2638 </list> 2639 </section> 2640 2641</section> 2642 2643<section><title>Crypto 1.5.2.1</title> 2644 2645 <section><title>Improvements and New Features</title> 2646 <list> 2647 <item> 2648 <p> 2649 Minor performance optimization.</p> 2650 <p> 2651 Own Id: OTP-7521</p> 2652 </item> 2653 </list> 2654 </section> 2655 2656</section> 2657 2658<section><title>Crypto 1.5.2</title> 2659 2660 <section><title>Fixed Bugs and Malfunctions</title> 2661 <list> 2662 <item> 2663 <p> 2664 ./configure has been improved to find 64-bit OpenSSL 2665 libraries.</p> 2666 <p> 2667 Own Id: OTP-7270</p> 2668 </item> 2669 </list> 2670 </section> 2671 2672 2673 <section><title>Improvements and New Features</title> 2674 <list> 2675 <item> 2676 <p> 2677 crypto and zlib drivers improved to allow concurent smp 2678 access.</p> 2679 <p> 2680 Own Id: OTP-7262</p> 2681 </item> 2682 </list> 2683 </section> 2684 2685</section> 2686 2687 <section> 2688 <title>Crypto 1.5.1.1</title> 2689 2690 <section> 2691 <title>Improvements and New Features</title> 2692 <list type="bulleted"> 2693 <item> 2694 <p>The linked in driver for the crypto application is now 2695 linked statically against the OpenSSL libraries, to avoid 2696 installation and runtime problems in connection to the 2697 OpenSSL library locations.</p> 2698 <p>Own Id: OTP-6680</p> 2699 </item> 2700 <item> 2701 <p>Minor Makefile changes.</p> 2702 <p>Own Id: OTP-6689</p> 2703 </item> 2704 </list> 2705 </section> 2706 </section> 2707 2708 <section> 2709 <title>Crypto 1.5</title> 2710 2711 <section> 2712 <title>Improvements and New Features</title> 2713 <list type="bulleted"> 2714 <item> 2715 <p>It is now explicitly checked at start-up that the crypto 2716 driver is properly loaded (Thanks to Claes Wikstrom).</p> 2717 <p>Own Id: OTP-6109</p> 2718 </item> 2719 </list> 2720 </section> 2721 </section> 2722 2723 <section> 2724 <title>Crypto 1.4</title> 2725 2726 <section> 2727 <title>Improvements and New Features</title> 2728 <list type="bulleted"> 2729 <item> 2730 <p>The previously undocumented and UNSUPPORTED <c>ssh</c> 2731 application has been updated and documented. This release 2732 of the <c>ssh</c> application is still considered to be a 2733 beta release and (if necessary) there could still be 2734 changes in its API before it reaches 1.0.</p> 2735 <p>Also, more cryptographic algorithms have been added to 2736 the <c>crypto</c> application.</p> 2737 <p>*** POTENTIAL INCOMPATIBILITY ***</p> 2738 <p>Own Id: OTP-5631</p> 2739 </item> 2740 </list> 2741 </section> 2742 </section> 2743 2744 <section> 2745 <title>Crypto 1.3</title> 2746 2747 <section> 2748 <title>Improvements and New Features</title> 2749 <list type="bulleted"> 2750 <item> 2751 <p>Added support for RFC 3826 - The Advanced Encryption Standard 2752 (AES) Cipher Algorithm in the SNMP User-based Security Model. 2753 <br></br> 2754Martin Björklund</p> 2755 </item> 2756 </list> 2757 </section> 2758 </section> 2759 2760 <section> 2761 <title>Crypto 1.2.3</title> 2762 2763 <section> 2764 <title>Fixed Bugs and Malfunctions</title> 2765 <list type="bulleted"> 2766 <item> 2767 <p>Linked in drivers in the crypto, and asn1 applications 2768 are now compiled with the -D_THREAD_SAFE and -D_REENTRANT 2769 switches on unix when the emulator has thread support 2770 enabled.</p> 2771 <p>Linked in drivers on MacOSX are not compiled with the 2772 undocumented -lbundle1.o switch anymore. Thanks to Sean 2773 Hinde who sent us a patch.</p> 2774 <p>Linked in driver in crypto, and port programs in ssl, now 2775 compiles on OSF1.</p> 2776 <p>Minor makefile improvements in runtime_tools.</p> 2777 <p>Own Id: OTP-5346</p> 2778 </item> 2779 </list> 2780 </section> 2781 </section> 2782 2783 <section> 2784 <title>Crypto 1.2.2</title> 2785 2786 <section> 2787 <title>Improvements and New Features</title> 2788 <list type="bulleted"> 2789 <item> 2790 <p>Corrected error handling. If the port to the driver that 2791 crypto uses is unexpectedly closed (which should not 2792 happen during normal operation of crypto), crypto will 2793 terminate immediately (rather than crashing the next time 2794 crypto is used). Also corrected build problems on Mac OS 2795 X.</p> 2796 <p>Own Id: OTP-5279</p> 2797 </item> 2798 </list> 2799 </section> 2800 </section> 2801 2802 <section> 2803 <title>Crypto 1.2.1</title> 2804 2805 <section> 2806 <title>Fixed Bugs and Malfunctions</title> 2807 <list type="bulleted"> 2808 <item> 2809 <p>It was not possible in R9 to relink the crypto driver. 2810 The object file was missing as well as an example 2811 makefile. The crypto driver object file is now released 2812 with the application (installed in priv/obj). An example 2813 makefile has also been added to the priv/obj directory. 2814 The makefile serves as an example of how to relink the 2815 driver on Unix (crypto_drv.so) or Windows 2816 (crypto_drv.dll).</p> 2817 <p>Own Id: OTP-4828 Aux Id: seq8193 </p> 2818 </item> 2819 </list> 2820 </section> 2821 </section> 2822 2823 <section> 2824 <title>Crypto 1.2</title> 2825 2826 <section> 2827 <title>Improvements and New Features</title> 2828 <list type="bulleted"> 2829 <item> 2830 <p>Previous versions of Crypto where delivered with 2831 statically linked binaries based on SSLeay. That is not 2832 longer the case. The current version of Crypto requires 2833 dynamically linked OpenSSL libraries that the user has to 2834 install. The library needed is <c>libcrypto.so</c> (Unix) 2835 or <c>libeay32.[lib|dll]</c> (Win32). For further details 2836 see the crypto(6) application manual page.</p> 2837 </item> 2838 <item> 2839 <p>This version of Crypto uses the new DES interface of 2840 OpenSSL 0.9.7, which is not backward compatible with 2841 earlier versions of OpenSSL. 2842 </p> 2843 </item> 2844 <item>The functions <c>des_ede3_cbc_encrypt/5</c> and 2845 <c>des_ede3_cbc_decrypt/5</c> have been renamed to 2846 <c>des3_cbc_encrypt/5</c> and <c>des3_cbc_decrypt/5</c>, 2847 respectively. The old functions have been retained (they are 2848 deprecated and not listed in the crypto(3) manual page).</item> 2849 </list> 2850 </section> 2851 2852 <section> 2853 <title>Reported Fixed Bugs and Malfunctions</title> 2854 <list type="bulleted"> 2855 <item> 2856 <p>The start of crypto failed on Windows, due to erroneous addition 2857 of a DES3 algorithm.</p> 2858 <p>Own Id: OTP-4684 2859 <br></br> 2860Aux Id: seq7864</p> 2861 </item> 2862 </list> 2863 </section> 2864 </section> 2865 2866 <section> 2867 <title>Crypto 1.1.3</title> 2868 2869 <section> 2870 <title>Reported Fixed Bugs and Malfunctions</title> 2871 <list type="bulleted"> 2872 <item>To obtain backward compatibility with the old SSLeay 2873 package, and with earlier versions of OpenSSL, the macro 2874 OPENSSL_DES_LIBDES_COMPATIBILITY has been added to 2875 <c>crypto_drv.c</c>. This is of importance only for the open 2876 source version of Crypto. 2877 </item> 2878 </list> 2879 </section> 2880 </section> 2881 2882 <section> 2883 <title>Crypto 1.1.2</title> 2884 2885 <section> 2886 <title>Reported Fixed Bugs and Malfunctions</title> 2887 <list type="bulleted"> 2888 <item> 2889 <p>In the manual page <c>crypto(3)</c> the function names 2890 <c>md5_finish</c> and <c>sha_finish</c> have been changed to 2891 <c>md5_final</c> and <c>sha_final</c> to correctly document 2892 the implementation.</p> 2893 <p>Own Id: OTP-3409 2894 </p> 2895 </item> 2896 </list> 2897 </section> 2898 </section> 2899 2900 <section> 2901 <title>Crypto 1.1.1</title> 2902 <p>Code replacement in runtime is supported. Upgrade can be done from 2903 from version 1.1 and downgrade to version 1.1. 2904 </p> 2905 2906 <section> 2907 <title>Improvements and New Features</title> 2908 <list type="bulleted"> 2909 <item> 2910 <p>The driver part of the Crypto application has been 2911 updated to use the erl_driver header file. Version 1.1.1 2912 requires emulator version 4.9.1 or later.</p> 2913 </item> 2914 </list> 2915 </section> 2916 </section> 2917 2918 <section> 2919 <title>Crypto 1.1</title> 2920 2921 <section> 2922 <title>Reported Fixed Bugs and Malfunctions</title> 2923 <list type="bulleted"> 2924 <item> 2925 <p>On Windows the crypto_drv was incorrectly linked to 2926 static run-time libraries instead of dynamic ones.</p> 2927 <p>Own Id: OTP-3240 2928 </p> 2929 </item> 2930 </list> 2931 </section> 2932 </section> 2933 2934 <section> 2935 <title>Crypto 1.0</title> 2936 <p>New application. 2937 </p> 2938 </section> 2939</chapter> 2940