Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:Ledest:erlang:18
rabbit_common
0015-Make-rabbit_pbe-work-for-OTP-22.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0015-Make-rabbit_pbe-work-for-OTP-22.patch of Package rabbit_common
From 16624e371df3a705a2d32c59e36804c8533ea94a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Lo=C3=AFc=20Hoguin?= <essen@ninenines.eu> Date: Tue, 19 Mar 2019 15:02:24 +0100 Subject: [PATCH] Make rabbit_pbe work for OTP-22 --- src/rabbit_pbe.erl | 101 ++++++++++++++++++++++++++++++++++++++--------------- 1 file changed, 73 insertions(+), 28 deletions(-) diff --git a/src/rabbit_pbe.erl b/src/rabbit_pbe.erl index de93b27..ac33bf8 100644 --- a/src/rabbit_pbe.erl +++ b/src/rabbit_pbe.erl @@ -20,31 +20,45 @@ -export([encrypt_term/5, decrypt_term/5]). -export([encrypt/5, decrypt/5]). +%% A lot of ugly code in this module can be removed once we support OTP-22+. +-ifdef(OTP_RELEASE). +-if(?OTP_RELEASE >= 22). +-define(HAS_CRYPTO_INFO_FUNCTIONS, 1). +-endif. +-endif. + %% Supported ciphers and hashes +-ifdef(HAS_CRYPTO_INFO_FUNCTIONS). + +%% We only support block ciphers that use an initialization vector. + +supported_ciphers() -> + SupportedByCrypto = proplists:get_value(ciphers, crypto:supports()), + lists:filter(fun(Cipher) -> + Mode = maps:get(mode, crypto:cipher_info(Cipher)), + not lists:member(Mode, [ccm_mode, ecb_mode, gcm_mode, stream_cipher]) + end, + SupportedByCrypto). + +-else. + supported_ciphers() -> - NotSupportedByUs = [%% These ciphers should be supported in a future version. - aes_128_ccm, aes_192_ccm, aes_256_ccm, - aes_128_ctr, aes_192_ctr, aes_256_ctr, - aes_128_gcm, aes_192_gcm, aes_256_gcm, + NotSupportedByUs = [aes_ccm, aes_128_ccm, aes_192_ccm, aes_256_ccm, + aes_gcm, aes_128_gcm, aes_192_gcm, aes_256_gcm, + aes_ecb, aes_128_ecb, aes_192_ecb, aes_256_ecb, chacha20, chacha20_poly1305, - %% These are aliases that correspond to multiple ciphers. - aes_ccm, aes_ctr, aes_gcm, - %% These ciphers will never be supported. - aes_ecb, blowfish_ecb, des_ecb, rc4], + blowfish_ecb, des_ecb, rc4], SupportedByCrypto = proplists:get_value(ciphers, crypto:supports()), lists:filter(fun(Cipher) -> not lists:member(Cipher, NotSupportedByUs) end, SupportedByCrypto). +-endif. + supported_hashes() -> - NotSupportedByUs = [md4, ripemd160], - SupportedByCrypto = proplists:get_value(hashs, crypto:supports()), - lists:filter(fun(Hash) -> - not lists:member(Hash, NotSupportedByUs) - end, - SupportedByCrypto). + proplists:get_value(hashs, crypto:supports()). %% Default encryption parameters (keep those in sync with rabbit.app.src) default_cipher() -> @@ -116,16 +130,25 @@ unpad(Data) -> N = binary:last(Data), binary:part(Data, 0, byte_size(Data) - N). -%% These functions are necessary because the current Erlang crypto interface -%% is lacking interfaces to the following OpenSSL functions: -%% -%% * int EVP_MD_size(const EVP_MD *md); -%% * int EVP_CIPHER_iv_length(const EVP_CIPHER *e); -%% * int EVP_CIPHER_key_length(const EVP_CIPHER *e); -%% * int EVP_CIPHER_block_size(const EVP_CIPHER *e); +-ifdef(HAS_CRYPTO_INFO_FUNCTIONS). + +hash_length(Type) -> + maps:get(size, crypto:hash_info(Type)). + +iv_length(Type) -> + maps:get(iv_length, crypto:cipher_info(Type)). + +key_length(Type) -> + maps:get(key_length, crypto:cipher_info(Type)). + +block_size(Type) -> + maps:get(block_size, crypto:cipher_info(Type)). + +-else. hash_length(md4) -> 16; hash_length(md5) -> 16; +hash_length(ripemd160) -> 20; hash_length(sha) -> 20; hash_length(sha224) -> 28; hash_length(sha3_224) -> 28; @@ -159,6 +182,16 @@ iv_length(aes_cbc256) -> 16; iv_length(aes_128_cbc) -> 16; iv_length(aes_192_cbc) -> 16; iv_length(aes_256_cbc) -> 16; +iv_length(aes_128_cfb8) -> 16; +iv_length(aes_192_cfb8) -> 16; +iv_length(aes_256_cfb8) -> 16; +iv_length(aes_128_cfb128) -> 16; +iv_length(aes_192_cfb128) -> 16; +iv_length(aes_256_cfb128) -> 16; +iv_length(aes_ctr) -> 16; +iv_length(aes_128_ctr) -> 16; +iv_length(aes_192_ctr) -> 16; +iv_length(aes_256_ctr) -> 16; iv_length(aes_ige256) -> 32. key_length(des_cbc) -> 8; @@ -182,17 +215,29 @@ key_length(aes_cbc256) -> 32; key_length(aes_128_cbc) -> 16; key_length(aes_192_cbc) -> 24; key_length(aes_256_cbc) -> 32; +key_length(aes_128_cfb8) -> 16; +key_length(aes_192_cfb8) -> 24; +key_length(aes_256_cfb8) -> 32; +key_length(aes_128_cfb128) -> 16; +key_length(aes_192_cfb128) -> 24; +key_length(aes_256_cfb128) -> 32; +key_length(aes_ctr) -> 32; +key_length(aes_128_ctr) -> 16; +key_length(aes_192_ctr) -> 24; +key_length(aes_256_ctr) -> 32; key_length(aes_ige256) -> 16. -block_size(aes_cbc) -> 32; -block_size(aes_cbc256) -> 32; -block_size(aes_cbc128) -> 32; -block_size(aes_128_cbc) -> 32; -block_size(aes_192_cbc) -> 32; -block_size(aes_256_cbc) -> 32; -block_size(aes_ige256) -> 32; +block_size(aes_cbc) -> 16; +block_size(aes_cbc256) -> 16; +block_size(aes_cbc128) -> 16; +block_size(aes_128_cbc) -> 16; +block_size(aes_192_cbc) -> 16; +block_size(aes_256_cbc) -> 16; +block_size(aes_ige256) -> 16; block_size(_) -> 8. +-endif. + %% The following was taken from OTP's lib/public_key/src/pubkey_pbe.erl %% %% This is an undocumented interface to password-based encryption algorithms. -- 2.16.4
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor