[erlang-patches] Streaming AES CTR and HMAC functions

Travis Jensen <>
Mon May 2 22:58:55 CEST 2011


git fetch git://github.com/SoftwareMaven/otp.git  streaming_crypto_functions


Add true streaming AES (CTR) encryption and streaming HMAC operations

The current crypto module implementations require all of the data
being encrypted or authenticated to be in memory at one time. When
trying to encrypt or authenticate a large file (on order of GBs),
this is problematic.

The implementation of AES CTR uses the same underlying implementation
as aes_ctr_[en|de]crypt, but hands the state back to the client
after every operation.

The HMAC implementation differs from the previous implementations of
sha_mac and md5_mac. The old implementations did not utilize the
OpenSSL HMAC implementation. In order to ensure that I didn't
implement something incorrectly, I chose to use the OpenSSL HMAC
implementation directly, since it handles streaming as well. This
has the added side benefit of allowing other hash functions to be
used as desired (for instances, I added support for ripemd160
hashing).

While I haven't done this, it seems like the existing md5_mac and
sha_mac functions could either be depricated or redefined in terms
of the new hmac_ functions.



-- 
*Travis Jensen*
***
*Read the Software Maven @ http://softwaremaven.innerbrane.com/
Read my LinkedIn profile @ http://www.linkedin.com/in/travisjensen
Read my Twitter mumblings @ http://twitter.com/SoftwareMaven
Send me email @ 

**What kind of guy calls himself the Software Maven???**
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-patches/attachments/20110502/86c10174/attachment.html>


More information about the erlang-patches mailing list