Merge branch 'hans/crypto/new_api/OTP-15644'

* hans/crypto/new_api/OTP-15644: (26 commits)
  crypto: Add FIPS testing for a couple of algorithms
  crypto: Sort ciphers in alphabetic order in testsuite
  crypto: Better error report in crypto_SUITE
  crypto: Wrong ifdef symbol used for ENGINE
  crypto: Handle EVP_CIPHER_CTX copying correctly
  crypto: Fix bug in ng_api
  crypto: Better error descriptions
  crypto: Fix bug for older cryptolib
  crypto: Fix leak for eddsa detected by Valgrind
  crypto: Testcase for TLS using new API
  crypto: Rename SSL special functions
  crypto: New function for SSL app
  crypto: Remove compat specials from crypto_init
  crypto: Exceptions as error return in api_ng
  crypto: Relocate the new api code inside the crypto.erl file
  crypto: Cleaning of comments + spec fixing
  crypto: Remove unused variables in test case
  crypto: Test fixes for stream api emulated by the new api
  crypto: Shrink aes.c,h (remove aes_ctr_stream_* funcs)
  crypto: Remove chacha20.c,h and rc4.c,h
  ...

18 files changed, 489 insertions, 753 deletions

diff --git a/lib/crypto/c_src/Makefile.in b/lib/crypto/c_src/Makefile.in
index e1e7f71538..b6a65d7488 100644
--- a/lib/crypto/c_src/Makefile.in
+++ b/lib/crypto/c_src/Makefile.in
@@ -77,9 +77,7 @@ CRYPTO_OBJS = $(OBJDIR)/crypto$(TYPEMARKER).o \
 	$(OBJDIR)/algorithms$(TYPEMARKER).o \
 	$(OBJDIR)/api_ng$(TYPEMARKER).o \
 	$(OBJDIR)/atoms$(TYPEMARKER).o \
-	$(OBJDIR)/block$(TYPEMARKER).o \
 	$(OBJDIR)/bn$(TYPEMARKER).o \
-	$(OBJDIR)/chacha20$(TYPEMARKER).o \
 	$(OBJDIR)/cipher$(TYPEMARKER).o \
 	$(OBJDIR)/cmac$(TYPEMARKER).o \
 	$(OBJDIR)/dh$(TYPEMARKER).o \
@@ -98,7 +96,6 @@ CRYPTO_OBJS = $(OBJDIR)/crypto$(TYPEMARKER).o \
 	$(OBJDIR)/pkey$(TYPEMARKER).o \
 	$(OBJDIR)/poly1305$(TYPEMARKER).o \
 	$(OBJDIR)/rand$(TYPEMARKER).o \
-	$(OBJDIR)/rc4$(TYPEMARKER).o \
 	$(OBJDIR)/rsa$(TYPEMARKER).o \
 	$(OBJDIR)/srp$(TYPEMARKER).o
 CALLBACK_OBJS = $(OBJDIR)/crypto_callback$(TYPEMARKER).o
diff --git a/lib/crypto/c_src/aes.c b/lib/crypto/c_src/aes.c
index ee2bb70fb7..4b01e629f9 100644
--- a/lib/crypto/c_src/aes.c
+++ b/lib/crypto/c_src/aes.c
@@ -166,156 +166,7 @@ ERL_NIF_TERM aes_ige_crypt_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv
 }
 
 
-#ifdef HAVE_EVP_AES_CTR
-ERL_NIF_TERM aes_ctr_stream_init(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
-{/* (Key, IVec) */
-    ErlNifBinary     key_bin, ivec_bin;
-    struct evp_cipher_ctx *ctx = NULL;
-    const EVP_CIPHER *cipher;
-    ERL_NIF_TERM     ret;
-
-    ASSERT(argc == 2);
-
-    if (!enif_inspect_iolist_as_binary(env, argv[0], &key_bin))
-        goto bad_arg;
-    if (!enif_inspect_binary(env, argv[1], &ivec_bin))
-        goto bad_arg;
-    if (ivec_bin.size != 16)
-        goto bad_arg;
-
-    switch (key_bin.size)
-    {
-    case 16:
-        cipher = EVP_aes_128_ctr();
-        break;
-    case 24:
-        cipher = EVP_aes_192_ctr();
-        break;
-    case 32:
-        cipher = EVP_aes_256_ctr();
-        break;
-    default:
-        goto bad_arg;
-    }
-
-    if ((ctx = enif_alloc_resource(evp_cipher_ctx_rtype, sizeof(struct evp_cipher_ctx))) == NULL)
-        goto err;
-    if ((ctx->ctx = EVP_CIPHER_CTX_new()) == NULL)
-        goto err;
-
-    if (EVP_CipherInit_ex(ctx->ctx, cipher, NULL,
-                          key_bin.data, ivec_bin.data, 1) != 1)
-        goto err;
-
-    if (EVP_CIPHER_CTX_set_padding(ctx->ctx, 0) != 1)
-        goto err;
-
-    ret = enif_make_resource(env, ctx);
-    goto done;
-
- bad_arg:
-    return enif_make_badarg(env);
-
- err:
-    ret = enif_make_badarg(env);
-
- done:
-    if (ctx)
-        enif_release_resource(ctx);
-    return ret;
-}
-
-ERL_NIF_TERM aes_ctr_stream_encrypt(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
-{/* (Context, Data) */
-    struct evp_cipher_ctx *ctx = NULL, *new_ctx = NULL;
-    ErlNifBinary   data_bin;
-    ERL_NIF_TERM   ret, cipher_term;
-    unsigned char  *out;
-    int            outl = 0;
-
-    ASSERT(argc == 2);
-
-    if (!enif_get_resource(env, argv[0], evp_cipher_ctx_rtype, (void**)&ctx))
-        goto bad_arg;
-    if (!enif_inspect_iolist_as_binary(env, argv[1], &data_bin))
-        goto bad_arg;
-    if (data_bin.size > INT_MAX)
-        goto bad_arg;
-
-    if ((new_ctx = enif_alloc_resource(evp_cipher_ctx_rtype, sizeof(struct evp_cipher_ctx))) == NULL)
-        goto err;
-    if ((new_ctx->ctx = EVP_CIPHER_CTX_new()) == NULL)
-        goto err;
-
-    if (EVP_CIPHER_CTX_copy(new_ctx->ctx, ctx->ctx) != 1)
-        goto err;
-
-    if ((out = enif_make_new_binary(env, data_bin.size, &cipher_term)) == NULL)
-        goto err;
-
-    if (EVP_CipherUpdate(new_ctx->ctx, out, &outl, data_bin.data, (int)data_bin.size) != 1)
-        goto err;
-    ASSERT(outl >= 0 && (size_t)outl == data_bin.size);
-
-    ret = enif_make_tuple2(env, enif_make_resource(env, new_ctx), cipher_term);
-    CONSUME_REDS(env,data_bin);
-    goto done;
-
- bad_arg:
-    return enif_make_badarg(env);
-
- err:
-    ret = enif_make_badarg(env);
-
- done:
-    if (new_ctx)
-        enif_release_resource(new_ctx);
-    return ret;
-}
-
-#else /* if not HAVE_EVP_AES_CTR */
-
-ERL_NIF_TERM aes_ctr_stream_init(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
-{/* (Key, IVec) */
-    ASSERT(argc == 2);
-
-    return aes_ctr_stream_init_compat(env, argv[0], argv[1]);
-}
-
-
-ERL_NIF_TERM aes_ctr_stream_init_compat(ErlNifEnv* env, const ERL_NIF_TERM key_term, const ERL_NIF_TERM iv_term)
-{
-    ErlNifBinary key_bin, ivec_bin;
-    ERL_NIF_TERM ecount_bin;
-    unsigned char *outp;
- 
-    if (!enif_inspect_iolist_as_binary(env, key_term, &key_bin))
-        goto bad_arg;
-    if (key_bin.size != 16 && key_bin.size != 24 && key_bin.size != 32)
-        goto bad_arg;
-    if (!enif_inspect_binary(env, iv_term, &ivec_bin))
-        goto bad_arg;
-    if (ivec_bin.size != 16)
-        goto bad_arg;
-    if ((outp = enif_make_new_binary(env, AES_BLOCK_SIZE, &ecount_bin)) == NULL)
-        goto err;
-    memset(outp, 0, AES_BLOCK_SIZE);
-
-    return enif_make_tuple4(env, key_term, iv_term, ecount_bin, enif_make_int(env, 0));
-
- bad_arg:
- err:
-    return enif_make_badarg(env);
-}
-
-ERL_NIF_TERM aes_ctr_stream_encrypt(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
-{
-    ASSERT(argc == 2);
-
-    return aes_ctr_stream_encrypt_compat(env, argv[0], argv[1]);
-}
-
-
+#if !defined(HAVE_EVP_AES_CTR)
 ERL_NIF_TERM aes_ctr_stream_encrypt_compat(ErlNifEnv* env, const ERL_NIF_TERM state_arg, const ERL_NIF_TERM data_arg)
 {/* ({Key, IVec, ECount, Num}, Data) */
     ErlNifBinary key_bin, ivec_bin, text_bin, ecount_bin;
diff --git a/lib/crypto/c_src/aes.h b/lib/crypto/c_src/aes.h
index 527d041410..c0b2b91f8d 100644
--- a/lib/crypto/c_src/aes.h
+++ b/lib/crypto/c_src/aes.h
@@ -27,10 +27,7 @@ ERL_NIF_TERM aes_cfb_8_crypt(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]
 ERL_NIF_TERM aes_cfb_128_crypt_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
 ERL_NIF_TERM aes_ige_crypt_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
 
-ERL_NIF_TERM aes_ctr_stream_init(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
-ERL_NIF_TERM aes_ctr_stream_encrypt(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
 #if !defined(HAVE_EVP_AES_CTR)
-ERL_NIF_TERM aes_ctr_stream_init_compat(ErlNifEnv* env, const ERL_NIF_TERM key_term, const ERL_NIF_TERM iv_term);
 ERL_NIF_TERM aes_ctr_stream_encrypt_compat(ErlNifEnv* env, const ERL_NIF_TERM state_arg, const ERL_NIF_TERM data_arg);
 #endif
 
diff --git a/lib/crypto/c_src/api_ng.c b/lib/crypto/c_src/api_ng.c
index c4114d1626..6a833a0984 100644
--- a/lib/crypto/c_src/api_ng.c
+++ b/lib/crypto/c_src/api_ng.c
@@ -25,199 +25,532 @@
 /*
  * A unified set of functions for encryption/decryption.
  *
- * EXPERIMENTAL!!
- *
  */
 ERL_NIF_TERM ng_crypto_update(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
+ERL_NIF_TERM ng_crypto_one_shot(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
 
 
 
-/* Try better error messages in new functions */
-#define ERROR_Term(Env, ReasonTerm) enif_make_tuple2((Env), atom_error, (ReasonTerm))
-#define ERROR_Str(Env, ReasonString) ERROR_Term((Env), enif_make_string((Env),(ReasonString),(ERL_NIF_LATIN1)))
+/* All nif functions return a valid value or throws an exception */
+#define EXCP(Env, Class, Str)  enif_raise_exception((Env), \
+                                    enif_make_tuple2((Env), (Class), \
+                                                     enif_make_string((Env),(Str),(ERL_NIF_LATIN1)) ))
 
-/* Initializes state for (de)encryption
- */
-ERL_NIF_TERM ng_crypto_init_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
-{/* (Cipher, Key, IVec, Encrypt)  % if no IV for the Cipher, set IVec = <<>>
- */
-    ErlNifBinary     key_bin, ivec_bin;
-    unsigned char *iv = NULL;
-    struct evp_cipher_ctx *ctx;
-    const struct cipher_type_t *cipherp;
-    const EVP_CIPHER *cipher;
-    ERL_NIF_TERM enc_flg_arg, ret;
-    int enc;
-    unsigned iv_len;
-
-    enc_flg_arg = argv[argc-1];
-    if (enc_flg_arg == atom_true)
-        enc = 1;
-    else if (enc_flg_arg == atom_false)
-        enc = 0;
-    else if (enc_flg_arg == atom_undefined)
+#define EXCP_NOTSUP(Env, Str) EXCP((Env), atom_notsup, (Str))
+#define EXCP_BADARG(Env, Str) EXCP((Env), atom_badarg, (Str))
+#define EXCP_ERROR(Env, Str)  EXCP((Env), atom_error, (Str))
+
+
+#ifdef HAVE_ECB_IVEC_BUG
+    /* <= 0.9.8l returns faulty ivec length */
+# define GET_IV_LEN(Ciph) ((Ciph)->flags & ECB_BUG_0_9_8L) ? 0 : EVP_CIPHER_iv_length((Ciph)->cipher.p)
+#else
+# define GET_IV_LEN(Ciph) EVP_CIPHER_iv_length((Ciph)->cipher.p)
+#endif
+
+/*************************************************************************/
+/* Get the arguments for the initialization of the EVP_CIPHER_CTX. Check */
+/* them and initialize that context.                                     */
+/*************************************************************************/
+static int get_init_args(ErlNifEnv* env,
+                         struct evp_cipher_ctx *ctx_res,
+                         const ERL_NIF_TERM cipher_arg,
+                         const ERL_NIF_TERM key_arg, 
+                         const ERL_NIF_TERM ivec_arg,
+                         const ERL_NIF_TERM encflg_arg,
+                         const struct cipher_type_t **cipherp,
+                         ERL_NIF_TERM *return_term)
+{
+    int ivec_len;
+    ErlNifBinary key_bin;
+    ErlNifBinary ivec_bin;
+    int encflg;                    
+
+    ctx_res->ctx = NULL; /* For testing if *ctx should be freed after errors */
+
+    /* Fetch the flag telling if we are going to encrypt (=true) or decrypt (=false) */
+    if (encflg_arg == atom_true)
+        encflg = 1;
+    else if (encflg_arg == atom_false)
+        encflg = 0;
+    else if (encflg_arg == atom_undefined)
         /* For compat funcs in crypto.erl */
-        enc = -1;
+        encflg = -1;
     else
-        return ERROR_Str(env, "Bad enc flag");
+        {
+            *return_term = EXCP_BADARG(env, "Bad enc flag");
+            goto err;
+        }
 
-    if (!enif_inspect_binary(env, argv[1], &key_bin))
-        return ERROR_Str(env, "Bad key");
+    /* Fetch the key */
+    if (!enif_inspect_iolist_as_binary(env, key_arg, &key_bin))
+        {
+            *return_term = EXCP_BADARG(env, "Bad key");
+            goto err;
+        }
 
-    if (!(cipherp = get_cipher_type(argv[0], key_bin.size)))
-        return ERROR_Str(env, "Unknown cipher or bad key size");
+    /* Fetch cipher type */
+    if (!enif_is_atom(env, cipher_arg))
+        {
+            *return_term = EXCP_BADARG(env, "Cipher id is not an atom");
+            goto err;
+        }
 
-    if (FORBIDDEN_IN_FIPS(cipherp))
-        return enif_raise_exception(env, atom_notsup);
+    if (!(*cipherp = get_cipher_type(cipher_arg, key_bin.size)))
+        {
+            if (!get_cipher_type_no_key(cipher_arg))
+                *return_term = EXCP_BADARG(env, "Unknown cipher");
+            else
+                *return_term = EXCP_BADARG(env, "Bad key size");
+            goto err;
+        }
 
-    if (enc == -1)
-        return atom_undefined;
+    if (FORBIDDEN_IN_FIPS(*cipherp))
+        {
+            *return_term = EXCP_NOTSUP(env, "Forbidden in FIPS");
+            goto err;
+        }
 
-    if (!(cipher = cipherp->cipher.p)) {
+    /* Get ivec_len for this cipher (if we found one) */
 #if !defined(HAVE_EVP_AES_CTR)
-        if (cipherp->flags & AES_CTR_COMPAT)
-            return aes_ctr_stream_init_compat(env, argv[1], argv[2]);
-        else
+    /* This code is for historic OpenSSL where EVP_aes_*_ctr is not defined.... */
+    if ((*cipherp)->cipher.p) {
+        /* Not aes_ctr compatibility code since EVP_*
+           was defined and assigned to (*cipherp)->cipher.p */
+        ivec_len = GET_IV_LEN(*cipherp);
+    } else {
+        /* No EVP_* was found */
+        if ((*cipherp)->flags & AES_CTR_COMPAT)
+            /* Use aes_ctr compatibility code later */
+            ivec_len = 16;
+        else {
+            /* Unsupported crypto */
+            *return_term = EXCP_NOTSUP(env, "Cipher not supported in this libcrypto version");
+            goto err;
+        }
+    }
+#else
+    /* Normal code */
+    if (!((*cipherp)->cipher.p)) {
+        *return_term = EXCP_NOTSUP(env, "Cipher not supported in this libcrypto version");
+        goto err;
+    }
+    ivec_len = GET_IV_LEN(*cipherp);
 #endif
-            return enif_raise_exception(env, atom_notsup);
+    
+    /* (*cipherp)->cipher.p != NULL and ivec_len has a value */
+
+    /* Fetch IV */
+    if (ivec_len && (ivec_arg != atom_undefined)) {
+        if (!enif_inspect_iolist_as_binary(env, ivec_arg, &ivec_bin))
+            {
+                *return_term = EXCP_BADARG(env, "Bad iv type");
+                goto err;
+            }
+
+        if (ivec_len != ivec_bin.size)
+            {
+                *return_term = EXCP_BADARG(env, "Bad iv size");
+                goto err;
+            }
     }
 
-#ifdef HAVE_ECB_IVEC_BUG
-    if (cipherp->flags & ECB_BUG_0_9_8L)
-        iv_len = 0; /* <= 0.9.8l returns faulty ivec length */
-    else
+    ctx_res->iv_len = ivec_len;
+    
+#if !defined(HAVE_EVP_AES_CTR)
+    if (!((*cipherp)->cipher.p)
+        && ((*cipherp)->flags & AES_CTR_COMPAT)
+        ) {
+        /* Must use aes_ctr compatibility code */
+        ERL_NIF_TERM ecount_bin;
+        unsigned char *outp;
+        if ((outp = enif_make_new_binary(env, AES_BLOCK_SIZE, &ecount_bin)) == NULL) {
+            *return_term = EXCP_ERROR(env, "Can't allocate ecount_bin");
+            goto err;
+        }
+        memset(outp, 0, AES_BLOCK_SIZE);
+
+        ctx_res->env = enif_alloc_env();
+        if (!ctx_res->env) {
+            *return_term = EXCP_ERROR(env, "Can't allocate env");
+            goto err;
+        }
+        ctx_res->state =
+            enif_make_copy(ctx_res->env,
+                           enif_make_tuple4(env, key_arg, ivec_arg, ecount_bin, enif_make_int(env, 0)));
+        goto success;
+    } else {
+        /* Flag for subsequent calls that no aes_ctr compatibility code should be called */
+        ctx_res->state = atom_undefined;
+        ctx_res->env = NULL;
+    }
 #endif
-        iv_len = EVP_CIPHER_iv_length(cipher);
 
-    if (iv_len) {
-        if (!enif_inspect_binary(env, argv[2], &ivec_bin))
-            return ERROR_Str(env, "Bad iv type");
+    /* Initialize the EVP_CIPHER_CTX */
 
-        if (iv_len != ivec_bin.size)
-            return ERROR_Str(env, "Bad iv size");
+    ctx_res->ctx = EVP_CIPHER_CTX_new();
+    if (! ctx_res->ctx)
+        {
+            *return_term = EXCP_ERROR(env, "Can't allocate context");
+            goto err;
+        }
 
-        iv = ivec_bin.data;
-    }
+    if (!EVP_CipherInit_ex(ctx_res->ctx, (*cipherp)->cipher.p, NULL, NULL, NULL, encflg))
+        {
+            *return_term = EXCP_ERROR(env, "Can't initialize context, step 1");
+            goto err;
+        }
 
-    if ((ctx = enif_alloc_resource(evp_cipher_ctx_rtype, sizeof(struct evp_cipher_ctx))) == NULL)
-        return ERROR_Str(env, "Can't allocate resource");
+    if (!EVP_CIPHER_CTX_set_key_length(ctx_res->ctx, (int)key_bin.size))
+        {
+            *return_term = EXCP_ERROR(env, "Can't initialize context, key_length");
+            goto err;
+        }
 
-    ctx->ctx = EVP_CIPHER_CTX_new();
-    if (! ctx->ctx)
-        return ERROR_Str(env, "Can't allocate context");
 
-    if (!EVP_CipherInit_ex(ctx->ctx, cipher, NULL, NULL, NULL, enc)) {
-        enif_release_resource(ctx);
-        return ERROR_Str(env, "Can't initialize context, step 1");
+    if (EVP_CIPHER_type((*cipherp)->cipher.p) == NID_rc2_cbc) {
+        if (key_bin.size > INT_MAX / 8) {
+            *return_term = EXCP_BADARG(env, "To large rc2_cbc key");
+            goto err;
+        }
+        if (!EVP_CIPHER_CTX_ctrl(ctx_res->ctx, EVP_CTRL_SET_RC2_KEY_BITS, (int)key_bin.size * 8, NULL)) {
+            *return_term = EXCP_ERROR(env, "ctrl rc2_cbc key");
+            goto err;
+        }
     }
 
-    if (!EVP_CIPHER_CTX_set_key_length(ctx->ctx, (int)key_bin.size)) {
-        enif_release_resource(ctx);
-        return ERROR_Str(env, "Can't initialize context, key_length");
-    }
+    if (ivec_arg == atom_undefined || ivec_len == 0)
+        {
+            if (!EVP_CipherInit_ex(ctx_res->ctx, NULL, NULL, key_bin.data, NULL, -1)) {
+                *return_term = EXCP_ERROR(env, "Can't initialize key");
+                goto err;
+            }
+        }
+    else
+        if (!EVP_CipherInit_ex(ctx_res->ctx, NULL, NULL, key_bin.data, ivec_bin.data, -1))
+            {
+                *return_term = EXCP_ERROR(env, "Can't initialize key or iv");
+                goto err;
+            }
 
-    if (EVP_CIPHER_type(cipher) == NID_rc2_cbc) {
-        if (key_bin.size > INT_MAX / 8) {
-            enif_release_resource(ctx);
-            return ERROR_Str(env, "To large rc2_cbc key");
+    EVP_CIPHER_CTX_set_padding(ctx_res->ctx, 0);
+
+    *return_term = atom_ok;
+
+#if !defined(HAVE_EVP_AES_CTR)
+ success:
+#endif
+    return 1;
+
+ err:
+    if (ctx_res->ctx) EVP_CIPHER_CTX_free(ctx_res->ctx);
+    return 0;
+}
+
+/*************************************************************************/
+/* Get the arguments for the EVP_CipherUpdate function, and call it.     */
+/*************************************************************************/
+
+static int get_update_args(ErlNifEnv* env,
+                           struct evp_cipher_ctx *ctx_res,
+                           const ERL_NIF_TERM indata_arg,
+                           ERL_NIF_TERM *return_term)
+{
+    ErlNifBinary in_data_bin, out_data_bin;
+    int out_len, block_size;
+
+    if (!enif_inspect_binary(env, indata_arg, &in_data_bin) )
+        {
+            *return_term = EXCP_BADARG(env, "Bad 2:nd arg");
+            goto err;
         }
-        if (!EVP_CIPHER_CTX_ctrl(ctx->ctx, EVP_CTRL_SET_RC2_KEY_BITS, (int)key_bin.size * 8, NULL)) {
-            enif_release_resource(ctx);
-            return ERROR_Str(env, "ctrl rc2_cbc key");
+
+    ASSERT(in_data_bin.size <= INT_MAX);
+
+#if !defined(HAVE_EVP_AES_CTR)
+    if (ctx_res->state != atom_undefined) {
+        ERL_NIF_TERM state0, newstate_and_outdata;
+        const ERL_NIF_TERM *tuple_argv;
+        int tuple_argc;
+        
+        state0 = enif_make_copy(env, ctx_res->state);
+        
+        if (enif_get_tuple(env, state0, &tuple_argc, &tuple_argv) && (tuple_argc == 4)) {
+            /* A compatibility state term */
+            /* encrypt and decrypt is performed by calling the same function */
+            newstate_and_outdata = aes_ctr_stream_encrypt_compat(env, state0, indata_arg);
+
+            if (enif_get_tuple(env, newstate_and_outdata, &tuple_argc, &tuple_argv) && (tuple_argc == 2)) {
+                /* newstate_and_outdata = {NewState, OutData} */
+                ctx_res->state = enif_make_copy(ctx_res->env, tuple_argv[0]);
+                /* Return the OutData (from the newstate_and_outdata tuple) only: */
+                *return_term = tuple_argv[1];
+            }
         }
+    } else
+#endif
+    {
+        block_size = EVP_CIPHER_CTX_block_size(ctx_res->ctx);
+
+        if (!enif_alloc_binary((size_t)in_data_bin.size+block_size, &out_data_bin))
+            {
+                *return_term = EXCP_ERROR(env, "Can't allocate outdata");
+                goto err;
+            }
+
+        if (!EVP_CipherUpdate(ctx_res->ctx, out_data_bin.data, &out_len, in_data_bin.data, in_data_bin.size))
+            {
+                *return_term = EXCP_ERROR(env, "Can't update");
+                goto err;
+            }
+
+        if (!enif_realloc_binary(&out_data_bin, (size_t)out_len))
+            {
+                *return_term = EXCP_ERROR(env, "Can't reallocate");
+                goto err;
+            }
+
+        CONSUME_REDS(env, in_data_bin);
+        /* return the result text as a binary: */
+        *return_term = enif_make_binary(env, &out_data_bin);
     }
 
-    if (!EVP_CipherInit_ex(ctx->ctx, NULL, NULL, key_bin.data, iv, enc)) {
-        enif_release_resource(ctx);
-        return ERROR_Str(env, "Can't initialize key and/or iv");
-    }
+    /* success: */
+    return 1;
 
-    EVP_CIPHER_CTX_set_padding(ctx->ctx, 0);
+ err:
+    return 0;
+}
 
-    ret = enif_make_resource(env, ctx);
-    enif_release_resource(ctx);
+/*************************************************************************/
+/* Initialize the state for (de/en)cryption                              */
+/*************************************************************************/
+
+ERL_NIF_TERM ng_crypto_init_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
+{/* (Cipher, Key, IVec, Encrypt)  % if no IV for the Cipher, set IVec = <<>>
+ */
+    struct evp_cipher_ctx *ctx_res = NULL;
+    const struct cipher_type_t *cipherp;
+    ERL_NIF_TERM ret;
+    int encflg;
+
+    if (enif_is_atom(env, argv[0])) {
+        if ((ctx_res = enif_alloc_resource(evp_cipher_ctx_rtype, sizeof(struct evp_cipher_ctx))) == NULL)
+            return EXCP_ERROR(env, "Can't allocate resource");
+
+        if (!get_init_args(env, ctx_res, argv[0], argv[1], argv[2], argv[argc-1],
+                           &cipherp, &ret))
+            /* Error msg in &ret */
+            goto ret;
+
+        ret = enif_make_resource(env, ctx_res);
+        if(ctx_res) enif_release_resource(ctx_res);
+
+    } else if (enif_get_resource(env, argv[0], evp_cipher_ctx_rtype, (void**)&ctx_res)) {
+        /* Fetch the flag telling if we are going to encrypt (=true) or decrypt (=false) */
+        if (argv[3] == atom_true)
+            encflg = 1;
+        else if (argv[3] == atom_false)
+            encflg = 0;
+        else {
+            ret = EXCP_BADARG(env, "Bad enc flag");
+            goto ret;
+        }
+        if (ctx_res->ctx) {
+            /* It is *not* a ctx_res for the compatibility handling of non-EVP aes_ctr */
+            if (!EVP_CipherInit_ex(ctx_res->ctx, NULL, NULL, NULL, NULL, encflg)) {
+                ret = EXCP_ERROR(env, "Can't initialize encflag");
+                goto ret;
+            }
+        }
+        ret = argv[0];
+    } else {
+        ret = EXCP_BADARG(env, "Bad 1:st arg");
+        goto ret;
+    }
+
+ ret:
     return ret;
 }
 
-ERL_NIF_TERM ng_crypto_update(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
-{/* (Context, Data)
-    (Context, Data, IV) */
-    struct evp_cipher_ctx *ctx;
-    ErlNifBinary   in_data_bin, ivec_bin, out_data_bin;
-    int            out_len, block_size;
 
-#if !defined(HAVE_EVP_AES_CTR)
-    const ERL_NIF_TERM *state_term;
-    int state_arity;
+/*************************************************************************/
+/* Encrypt/decrypt                                                       */
+/*************************************************************************/
 
-    if (enif_get_tuple(env, argv[0], &state_arity, &state_term) && (state_arity == 4)) {
-        return aes_ctr_stream_encrypt_compat(env, argv[0], argv[1]);
-    }
+#if !defined(HAVE_EVP_CIPHER_CTX_COPY)
+/*
+  The EVP_CIPHER_CTX_copy is not available in older cryptolibs although
+  the function is needed.
+  Instead of implement it in-place, we have a copy here as a compatibility
+  function
+*/
+
+int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in);
+
+int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in)
+{
+    if ((in == NULL) || (in->cipher == NULL))
+        {
+            return 0;
+        }
+#ifdef HAS_ENGINE_SUPPORT
+    /* Make sure it's safe to copy a cipher context using an ENGINE */
+    if (in->engine && !ENGINE_init(in->engine))
+        return 0;
 #endif
 
-    if (!enif_get_resource(env, argv[0], evp_cipher_ctx_rtype, (void**)&ctx))
-        return ERROR_Str(env, "Bad 1:st arg");
-    
-    if (!enif_inspect_binary(env, argv[1], &in_data_bin) )
-        return ERROR_Str(env, "Bad 2:nd arg");
+    EVP_CIPHER_CTX_cleanup(out);
+    memcpy(out,in,sizeof *out);
 
-    /* arg[1] was checked by the caller */
-    ASSERT(in_data_bin.size =< INT_MAX);
+    if (in->cipher_data && in->cipher->ctx_size)
+        {
+            out->cipher_data=OPENSSL_malloc(in->cipher->ctx_size);
+            if (!out->cipher_data)
+                return 0;
+            memcpy(out->cipher_data,in->cipher_data,in->cipher->ctx_size);
+        }
 
-    block_size = EVP_CIPHER_CTX_block_size(ctx->ctx);
-    if (in_data_bin.size % (size_t)block_size != 0)
-        return ERROR_Str(env, "Data not a multiple of block size");
+#if defined(EVP_CIPH_CUSTOM_COPY) && defined(EVP_CTRL_COPY)
+    if (in->cipher->flags & EVP_CIPH_CUSTOM_COPY)
+        return in->cipher->ctrl((EVP_CIPHER_CTX *)in, EVP_CTRL_COPY, 0, out);
+#endif
+    return 1;
+}
+/****** End of compatibility function ******/
+#endif
 
-    if (argc==3) {
-        if (!enif_inspect_iolist_as_binary(env, argv[2], &ivec_bin))
-            return ERROR_Str(env, "Not binary IV");
-       
-        if (ivec_bin.size > INT_MAX)
-            return ERROR_Str(env, "Too big IV");
-       
-        if (!EVP_CipherInit_ex(ctx->ctx, NULL, NULL, NULL, ivec_bin.data, -1))
-            return ERROR_Str(env, "Can't set IV");
-    }
 
-    if (!enif_alloc_binary((size_t)in_data_bin.size+block_size, &out_data_bin))
-        return ERROR_Str(env, "Can't allocate outdata");
+ERL_NIF_TERM ng_crypto_update(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
+{/* (Context, Data [, IV]) */
+    struct evp_cipher_ctx *ctx_res;
+    ERL_NIF_TERM ret;
+
+    if (!enif_get_resource(env, argv[0], evp_cipher_ctx_rtype, (void**)&ctx_res))
+        return EXCP_BADARG(env, "Bad 1:st arg");
+    
+    if (argc == 3) {
+        struct evp_cipher_ctx ctx_res_copy;
+        ErlNifBinary ivec_bin;
 
-    if (!EVP_CipherUpdate(ctx->ctx, out_data_bin.data, &out_len, in_data_bin.data, in_data_bin.size))
-        return ERROR_Str(env, "Can't update");
+        memcpy(&ctx_res_copy, ctx_res, sizeof ctx_res_copy);
+#if !defined(HAVE_EVP_AES_CTR)
+        if (ctx_res_copy.state == atom_undefined)
+            /* Not going to use aes_ctr compat functions */
+#endif
+            {
+                ctx_res_copy.ctx = EVP_CIPHER_CTX_new();
 
-    if (!enif_realloc_binary(&out_data_bin, (size_t)out_len))
-        return ERROR_Str(env, "Can't reallocate");
+                if (!EVP_CIPHER_CTX_copy(ctx_res_copy.ctx, ctx_res->ctx)) {
+                    ret = EXCP_ERROR(env, "Can't copy ctx_res");
+                    goto err;
+                }
+            }
 
-    CONSUME_REDS(env, in_data_bin);
-    return enif_make_binary(env, &out_data_bin);
+        ctx_res = &ctx_res_copy;
+
+        if (!enif_inspect_iolist_as_binary(env, argv[2], &ivec_bin))
+            {
+                ret = EXCP_BADARG(env, "Bad iv type");
+                goto err;
+            }
+
+        if (ctx_res_copy.iv_len != ivec_bin.size)
+            {
+                ret = EXCP_BADARG(env, "Bad iv size");
+                goto err;
+            }
+        
+#if !defined(HAVE_EVP_AES_CTR)
+        if ((ctx_res_copy.state != atom_undefined) ) {
+            /* replace the iv in state with argv[2] */
+            ERL_NIF_TERM state0;
+            const ERL_NIF_TERM *tuple_argv;
+            int tuple_argc;
+            state0 = enif_make_copy(env, ctx_res_copy.state);
+            if (enif_get_tuple(env, state0, &tuple_argc, &tuple_argv) && (tuple_argc == 4)) {
+                /* A compatibility state term */
+                ctx_res_copy.state = enif_make_tuple4(env, tuple_argv[0], argv[2], tuple_argv[2], tuple_argv[3]);
+            }
+        } else
+#endif
+            if (!EVP_CipherInit_ex(ctx_res_copy.ctx, NULL, NULL, NULL, ivec_bin.data, -1))
+                {
+                    ret = EXCP_ERROR(env, "Can't set iv");
+                    goto err;
+                }
+        
+        get_update_args(env, &ctx_res_copy, argv[1], &ret);
+    } else
+        get_update_args(env, ctx_res, argv[1], &ret);
+
+ err:
+    return ret; /* Both success and error */
 }
 
 
 ERL_NIF_TERM ng_crypto_update_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
-{/* (Context, Data)
-    (Context, Data, IV) */
-    int i;
+{/* (Context, Data [, IV]) */
     ErlNifBinary   data_bin;
-    ERL_NIF_TERM new_argv[3];
 
-    ASSERT(argc =< 3);
+    ASSERT(argc <= 3);
 
-    if (!enif_inspect_iolist_as_binary(env, argv[1], &data_bin))
-        return ERROR_Str(env, "iodata expected as data");
+    if (!enif_inspect_binary(env, argv[1], &data_bin))
+        return EXCP_BADARG(env, "expected binary as data");
 
     if (data_bin.size > INT_MAX)
-        return ERROR_Str(env, "to long data");
-
-    for (i=0; i<argc; i++) new_argv[i] = argv[i];
-    new_argv[1] = enif_make_binary(env, &data_bin);
+        return EXCP_BADARG(env, "to long data");
 
     /* Run long jobs on a dirty scheduler to not block the current emulator thread */
     if (data_bin.size > MAX_BYTES_TO_NIF) {
         return enif_schedule_nif(env, "ng_crypto_update",
                                  ERL_NIF_DIRTY_JOB_CPU_BOUND,
-                                 ng_crypto_update, argc, new_argv);
+                                 ng_crypto_update, argc, argv);
     }
 
-    return ng_crypto_update(env, argc, new_argv);
+    return ng_crypto_update(env, argc, argv);
+}
+
+/*************************************************************************/
+/* One shot                                                              */
+/*************************************************************************/
+
+ERL_NIF_TERM ng_crypto_one_shot(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
+{/* (Cipher, Key, IVec, Data, Encrypt) */
+    struct evp_cipher_ctx ctx_res;
+    const struct cipher_type_t *cipherp;
+    ERL_NIF_TERM ret;
+
+    if (!get_init_args(env, &ctx_res, argv[0], argv[1], argv[2], argv[4], &cipherp, &ret))
+        goto ret;
+
+    get_update_args(env, &ctx_res, argv[3], &ret);
+
+ ret:
+    if (ctx_res.ctx)
+        EVP_CIPHER_CTX_free(ctx_res.ctx);
+    return ret;
 }
 
+ERL_NIF_TERM ng_crypto_one_shot_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
+{/* (Cipher, Key, IVec, Data, Encrypt)  % if no IV for the Cipher, set IVec = <<>>
+  */
+    ErlNifBinary   data_bin;
+
+    ASSERT(argc == 5);
+
+    if (!enif_inspect_binary(env, argv[3], &data_bin))
+        return EXCP_BADARG(env, "expected binary as data");
+
+    if (data_bin.size > INT_MAX)
+        return EXCP_BADARG(env, "to long data");
+
+    /* Run long jobs on a dirty scheduler to not block the current emulator thread */
+    if (data_bin.size > MAX_BYTES_TO_NIF) {
+        return enif_schedule_nif(env, "ng_crypto_one_shot",
+                                 ERL_NIF_DIRTY_JOB_CPU_BOUND,
+                                 ng_crypto_one_shot, argc, argv);
+    }
+
+    return ng_crypto_one_shot(env, argc, argv);
+}
diff --git a/lib/crypto/c_src/api_ng.h b/lib/crypto/c_src/api_ng.h
index a3b40fe7fc..5c7d9af3c5 100644
--- a/lib/crypto/c_src/api_ng.h
+++ b/lib/crypto/c_src/api_ng.h
@@ -25,5 +25,6 @@
 
 ERL_NIF_TERM ng_crypto_init_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
 ERL_NIF_TERM ng_crypto_update_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
+ERL_NIF_TERM ng_crypto_one_shot_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
 
 #endif /* E_AES_H__ */
diff --git a/lib/crypto/c_src/atoms.c b/lib/crypto/c_src/atoms.c
index 798c26c9bb..114e3c1985 100644
--- a/lib/crypto/c_src/atoms.c
+++ b/lib/crypto/c_src/atoms.c
@@ -33,6 +33,7 @@ ERL_NIF_TERM atom_undefined;
 ERL_NIF_TERM atom_ok;
 ERL_NIF_TERM atom_none;
 ERL_NIF_TERM atom_notsup;
+ERL_NIF_TERM atom_badarg;
 ERL_NIF_TERM atom_digest;
 #ifdef FIPS_SUPPORT
 ERL_NIF_TERM atom_enabled;
@@ -150,6 +151,7 @@ int init_atoms(ErlNifEnv *env, const ERL_NIF_TERM fips_mode, const ERL_NIF_TERM
     atom_ok = enif_make_atom(env,"ok");
     atom_none = enif_make_atom(env,"none");
     atom_notsup = enif_make_atom(env,"notsup");
+    atom_badarg = enif_make_atom(env,"badarg");
     atom_digest = enif_make_atom(env,"digest");
 
     atom_type = enif_make_atom(env,"type");
diff --git a/lib/crypto/c_src/atoms.h b/lib/crypto/c_src/atoms.h
index f8e9211459..fc46d838aa 100644
--- a/lib/crypto/c_src/atoms.h
+++ b/lib/crypto/c_src/atoms.h
@@ -37,6 +37,7 @@ extern ERL_NIF_TERM atom_undefined;
 extern ERL_NIF_TERM atom_ok;
 extern ERL_NIF_TERM atom_none;
 extern ERL_NIF_TERM atom_notsup;
+extern ERL_NIF_TERM atom_badarg;
 extern ERL_NIF_TERM atom_digest;
 #ifdef FIPS_SUPPORT
 extern ERL_NIF_TERM atom_enabled;
diff --git a/lib/crypto/c_src/block.c b/lib/crypto/c_src/block.c
deleted file mode 100644
index 0a4fd72623..0000000000
--- a/lib/crypto/c_src/block.c
+++ /dev/null
@@ -1,149 +0,0 @@
-/*
- * %CopyrightBegin%
- *
- * Copyright Ericsson AB 2010-2018. All Rights Reserved.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * %CopyrightEnd%
- */
-
-#include "block.h"
-#include "aes.h"
-#include "cipher.h"
-
-ERL_NIF_TERM block_crypt_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
-{/* (Type, Key, Ivec, Text, IsEncrypt) or (Type, Key, Text, IsEncrypt) */
-    const struct cipher_type_t *cipherp;
-    const EVP_CIPHER     *cipher;
-    ErlNifBinary         key, ivec, text;
-    EVP_CIPHER_CTX       *ctx = NULL;
-    ERL_NIF_TERM         ret;
-    unsigned char        *out;
-    int                  ivec_size, out_size = 0;
-    int                  cipher_len;
-
-    ASSERT(argc == 4 || argc == 5);
-
-    if (!enif_inspect_iolist_as_binary(env, argv[1], &key))
-        goto bad_arg;
-    if (key.size > INT_MAX)
-        goto bad_arg;
-    if ((cipherp = get_cipher_type(argv[0], key.size)) == NULL)
-        goto bad_arg;
-    if (cipherp->flags & (NON_EVP_CIPHER | AEAD_CIPHER))
-        goto bad_arg;
-    if (!enif_inspect_iolist_as_binary(env, argv[argc - 2], &text))
-        goto bad_arg;
-    if (text.size > INT_MAX)
-        goto bad_arg;
-
-    if (FORBIDDEN_IN_FIPS(cipherp))
-        return enif_raise_exception(env, atom_notsup);
-    if ((cipher = cipherp->cipher.p) == NULL)
-        return enif_raise_exception(env, atom_notsup);
-
-    if (cipherp->flags & AES_CFBx) {
-        if (argv[0] == atom_aes_cfb8
-            && (key.size == 24 || key.size == 32)) {
-            /* Why do EVP_CIPHER_CTX_set_key_length() fail on these key sizes?
-             * Fall back on low level API
-             */
-            return aes_cfb_8_crypt(env, argc-1, argv+1);
-        }
-        else if (argv[0] == atom_aes_cfb128
-                 && (key.size == 24 || key.size == 32)) {
-            /* Why do EVP_CIPHER_CTX_set_key_length() fail on these key sizes?
-             * Fall back on low level API
-             */
-            return aes_cfb_128_crypt_nif(env, argc-1, argv+1);
-        }
-    }
-
-    ivec_size  = EVP_CIPHER_iv_length(cipher);
-
-#ifdef HAVE_ECB_IVEC_BUG
-    if (cipherp->flags & ECB_BUG_0_9_8L)
-        ivec_size = 0; /* 0.9.8l returns faulty ivec_size */
-#endif
-
-    if (ivec_size < 0)
-        goto bad_arg;
-
-    if ((cipher_len = EVP_CIPHER_block_size(cipher)) < 0)
-        goto bad_arg;
-    if (text.size % (size_t)cipher_len != 0)
-        goto bad_arg;
-
-    if (ivec_size == 0) {
-        if (argc != 4)
-            goto bad_arg;
-    } else {
-        if (argc != 5)
-            goto bad_arg;
-        if (!enif_inspect_iolist_as_binary(env, argv[2], &ivec))
-            goto bad_arg;
-        if (ivec.size != (size_t)ivec_size)
-            goto bad_arg;
-    }
-
-    if ((out = enif_make_new_binary(env, text.size, &ret)) == NULL)
-        goto err;
-    if ((ctx = EVP_CIPHER_CTX_new()) == NULL)
-        goto err;
-
-    if (!EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL,
-                           (argv[argc - 1] == atom_true)))
-        goto err;
-    if (!EVP_CIPHER_CTX_set_key_length(ctx, (int)key.size))
-        goto err;
-
-    if (EVP_CIPHER_type(cipher) == NID_rc2_cbc) {
-        if (key.size > INT_MAX / 8)
-            goto err;
-        if (!EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_SET_RC2_KEY_BITS, (int)key.size * 8, NULL))
-            goto err;
-    }
-
-    if (!EVP_CipherInit_ex(ctx, NULL, NULL, key.data,
-                           ivec_size ? ivec.data : NULL, -1))
-        goto err;
-    if (!EVP_CIPHER_CTX_set_padding(ctx, 0))
-        goto err;
-
-    /* OpenSSL 0.9.8h asserts text.size > 0 */
-    if (text.size > 0) {
-        if (!EVP_CipherUpdate(ctx, out, &out_size, text.data, (int)text.size))
-            goto err;
-        if (ASSERT(out_size == text.size), 0)
-            goto err;
-        if (!EVP_CipherFinal_ex(ctx, out + out_size, &out_size))
-            goto err;
-    }
-
-    ASSERT(out_size == 0);
-    CONSUME_REDS(env, text);
-    goto done;
-
- bad_arg:
-    ret = enif_make_badarg(env);
-    goto done;
-
- err:
-    ret = enif_raise_exception(env, atom_notsup);
-
- done:
-    if (ctx)
-        EVP_CIPHER_CTX_free(ctx);
-    return ret;
-}
diff --git a/lib/crypto/c_src/block.h b/lib/crypto/c_src/block.h
deleted file mode 100644
index cc5e78ce12..0000000000
--- a/lib/crypto/c_src/block.h
+++ /dev/null
@@ -1,28 +0,0 @@
-/*
- * %CopyrightBegin%
- *
- * Copyright Ericsson AB 2010-2018. All Rights Reserved.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * %CopyrightEnd%
- */
-
-#ifndef E_BLOCK_H__
-#define E_BLOCK_H__ 1
-
-#include "common.h"
-
-ERL_NIF_TERM block_crypt_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
-
-#endif /* E_BLOCK_H__ */
diff --git a/lib/crypto/c_src/chacha20.c b/lib/crypto/c_src/chacha20.c
deleted file mode 100644
index cfcc395dca..0000000000
--- a/lib/crypto/c_src/chacha20.c
+++ /dev/null
@@ -1,124 +0,0 @@
-/*
- * %CopyrightBegin%
- *
- * Copyright Ericsson AB 2010-2018. All Rights Reserved.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * %CopyrightEnd%
- */
-
-#include "chacha20.h"
-#include "cipher.h"
-
-ERL_NIF_TERM chacha20_stream_init(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
-{/* (Key, IV) */
-#if defined(HAVE_CHACHA20)
-    ErlNifBinary     key_bin, ivec_bin;
-    struct evp_cipher_ctx *ctx = NULL;
-    const EVP_CIPHER *cipher;
-    ERL_NIF_TERM     ret;
-
-    ASSERT(argc == 2);
-
-    if (!enif_inspect_iolist_as_binary(env, argv[0], &key_bin))
-        goto bad_arg;
-    if (key_bin.size != 32)
-        goto bad_arg;
-    if (!enif_inspect_binary(env, argv[1], &ivec_bin))
-        goto bad_arg;
-    if (ivec_bin.size != 16)
-        goto bad_arg;
-
-    cipher = EVP_chacha20();
-
-    if ((ctx = enif_alloc_resource(evp_cipher_ctx_rtype, sizeof(struct evp_cipher_ctx))) == NULL)
-        goto err;
-    if ((ctx->ctx = EVP_CIPHER_CTX_new()) == NULL)
-        goto err;
-
-    if (EVP_CipherInit_ex(ctx->ctx, cipher, NULL,
-                          key_bin.data, ivec_bin.data, 1) != 1)
-        goto err;
-    if (EVP_CIPHER_CTX_set_padding(ctx->ctx, 0) != 1)
-        goto err;
-
-    ret = enif_make_resource(env, ctx);
-    goto done;
-
- bad_arg:
-    return enif_make_badarg(env);
-
- err:
-    ret = enif_make_badarg(env);
-
- done:
-    if (ctx)
-        enif_release_resource(ctx);
-    return ret;
-
-#else
-    return enif_raise_exception(env, atom_notsup);
-#endif
-}
-
-ERL_NIF_TERM chacha20_stream_crypt(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
-{/* (State, Data) */
-#if defined(HAVE_CHACHA20)
-    struct evp_cipher_ctx *ctx = NULL, *new_ctx = NULL;
-    ErlNifBinary   data_bin;
-    ERL_NIF_TERM   ret, cipher_term;
-    unsigned char  *out;
-    int            outl = 0;
-
-    ASSERT(argc == 2);
-
-    if (!enif_get_resource(env, argv[0], evp_cipher_ctx_rtype, (void**)&ctx))
-        goto bad_arg;
-    if (!enif_inspect_iolist_as_binary(env, argv[1], &data_bin))
-        goto bad_arg;
-    if (data_bin.size > INT_MAX)
-        goto bad_arg;
-
-    if ((new_ctx = enif_alloc_resource(evp_cipher_ctx_rtype, sizeof(struct evp_cipher_ctx))) == NULL)
-        goto err;
-    if ((new_ctx->ctx = EVP_CIPHER_CTX_new()) == NULL)
-        goto err;
-
-    if (EVP_CIPHER_CTX_copy(new_ctx->ctx, ctx->ctx) != 1)
-        goto err;
-    if ((out = enif_make_new_binary(env, data_bin.size, &cipher_term)) == NULL)
-        goto err;
-    if (EVP_CipherUpdate(new_ctx->ctx, out, &outl, data_bin.data, (int)data_bin.size) != 1)
-        goto err;
-    ASSERT(outl >= 0 && (size_t)outl == data_bin.size);
-
-    ret = enif_make_tuple2(env, enif_make_resource(env, new_ctx), cipher_term);
-    CONSUME_REDS(env, data_bin);
-    goto done;
-
- bad_arg:
-    return enif_make_badarg(env);
-
- err:
-    ret = enif_make_badarg(env);
-
- done:
-    if (new_ctx)
-        enif_release_resource(new_ctx);
-    return ret;
-
-#else
-    return enif_raise_exception(env, atom_notsup);
-#endif
-}
diff --git a/lib/crypto/c_src/chacha20.h b/lib/crypto/c_src/chacha20.h
deleted file mode 100644
index 7e2ccae2bb..0000000000
--- a/lib/crypto/c_src/chacha20.h
+++ /dev/null
@@ -1,29 +0,0 @@
-/*
- * %CopyrightBegin%
- *
- * Copyright Ericsson AB 2010-2018. All Rights Reserved.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * %CopyrightEnd%
- */
-
-#ifndef E_CHACHA20_H__
-#define E_CHACHA20_H__ 1
-
-#include "common.h"
-
-ERL_NIF_TERM chacha20_stream_init(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
-ERL_NIF_TERM chacha20_stream_crypt(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
-
-#endif /* E_CHACHA20_H__ */
diff --git a/lib/crypto/c_src/cipher.c b/lib/crypto/c_src/cipher.c
index c055a62654..5c57898c50 100644
--- a/lib/crypto/c_src/cipher.c
+++ b/lib/crypto/c_src/cipher.c
@@ -98,7 +98,9 @@ static struct cipher_type_t cipher_types[] =
     {{"aes_128_ctr"}, {NULL}, 16, AES_CTR_COMPAT},
     {{"aes_192_ctr"}, {NULL}, 24, AES_CTR_COMPAT},
     {{"aes_256_ctr"}, {NULL}, 32, AES_CTR_COMPAT},
-    {{"aes_ctr"},     {NULL}, 0, AES_CTR_COMPAT},
+    {{"aes_ctr"},     {NULL}, 16, AES_CTR_COMPAT},
+    {{"aes_ctr"},     {NULL}, 24, AES_CTR_COMPAT},
+    {{"aes_ctr"},     {NULL}, 32, AES_CTR_COMPAT},
 #endif
 
 #if defined(HAVE_CHACHA20)
@@ -162,6 +164,11 @@ static void evp_cipher_ctx_dtor(ErlNifEnv* env, struct evp_cipher_ctx* ctx) {
 
     if (ctx->ctx)
         EVP_CIPHER_CTX_free(ctx->ctx);
+
+#if !defined(HAVE_EVP_AES_CTR)
+    if (ctx->env)
+        enif_free_env(ctx->env);
+#endif
 }
 
 int init_cipher_ctx(ErlNifEnv *env) {
diff --git a/lib/crypto/c_src/cipher.h b/lib/crypto/c_src/cipher.h
index b0d9d324e1..b94873940f 100644
--- a/lib/crypto/c_src/cipher.h
+++ b/lib/crypto/c_src/cipher.h
@@ -59,6 +59,11 @@ struct cipher_type_t {
 extern ErlNifResourceType* evp_cipher_ctx_rtype;
 struct evp_cipher_ctx {
     EVP_CIPHER_CTX* ctx;
+    int iv_len;
+#if !defined(HAVE_EVP_AES_CTR)
+    ErlNifEnv* env;
+    ERL_NIF_TERM state;
+#endif
 };
 
 ERL_NIF_TERM cipher_info_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
diff --git a/lib/crypto/c_src/crypto.c b/lib/crypto/c_src/crypto.c
index 261590d9a5..4aed06a489 100644
--- a/lib/crypto/c_src/crypto.c
+++ b/lib/crypto/c_src/crypto.c
@@ -29,9 +29,7 @@
 #include "aes.h"
 #include "algorithms.h"
 #include "api_ng.h"
-#include "block.h"
 #include "bn.h"
-#include "chacha20.h"
 #include "cipher.h"
 #include "cmac.h"
 #include "dh.h"
@@ -50,7 +48,6 @@
 #include "pkey.h"
 #include "poly1305.h"
 #include "rand.h"
-#include "rc4.h"
 #include "rsa.h"
 #include "srp.h"
 
@@ -80,22 +77,16 @@ static ErlNifFunc nif_funcs[] = {
     {"hmac_final_nif", 2, hmac_final_nif, 0},
     {"cmac_nif", 3, cmac_nif, 0},
     {"cipher_info_nif", 1, cipher_info_nif, 0},
-    {"block_crypt_nif", 5, block_crypt_nif, 0},
-    {"block_crypt_nif", 4, block_crypt_nif, 0},
     {"aes_ige_crypt_nif", 4, aes_ige_crypt_nif, 0},
-    {"aes_ctr_stream_init", 2, aes_ctr_stream_init, 0},
-    {"aes_ctr_stream_encrypt", 2, aes_ctr_stream_encrypt, 0},
-    {"aes_ctr_stream_decrypt", 2, aes_ctr_stream_encrypt, 0},
     {"ng_crypto_init_nif", 4, ng_crypto_init_nif, 0},
     {"ng_crypto_update_nif", 2, ng_crypto_update_nif, 0},
     {"ng_crypto_update_nif", 3, ng_crypto_update_nif, 0},
+    {"ng_crypto_one_shot_nif", 5, ng_crypto_one_shot_nif, 0},
     {"strong_rand_bytes_nif", 1, strong_rand_bytes_nif, 0},
     {"strong_rand_range_nif", 1, strong_rand_range_nif, 0},
     {"rand_uniform_nif", 2, rand_uniform_nif, 0},
     {"mod_exp_nif", 4, mod_exp_nif, 0},
     {"do_exor", 2, do_exor, 0},
-    {"rc4_set_key", 1, rc4_set_key, 0},
-    {"rc4_encrypt_with_state", 2, rc4_encrypt_with_state, 0},
     {"pkey_sign_nif", 5, pkey_sign_nif, 0},
     {"pkey_verify_nif", 6, pkey_verify_nif, 0},
     {"pkey_crypt_nif", 6, pkey_crypt_nif, 0},
@@ -117,10 +108,6 @@ static ErlNifFunc nif_funcs[] = {
     {"aead_encrypt", 6, aead_encrypt, 0},
     {"aead_decrypt", 6, aead_decrypt, 0},
 
-    {"chacha20_stream_init",    2, chacha20_stream_init, 0},
-    {"chacha20_stream_encrypt", 2, chacha20_stream_crypt, 0},
-    {"chacha20_stream_decrypt", 2, chacha20_stream_crypt, 0},
-
     {"poly1305_nif", 2, poly1305_nif, 0},
 
     {"engine_by_id_nif", 1, engine_by_id_nif, 0},
diff --git a/lib/crypto/c_src/openssl_config.h b/lib/crypto/c_src/openssl_config.h
index 1c138e3bd1..46868cb987 100644
--- a/lib/crypto/c_src/openssl_config.h
+++ b/lib/crypto/c_src/openssl_config.h
@@ -109,6 +109,7 @@
 #ifndef HAS_LIBRESSL
 # if OPENSSL_VERSION_NUMBER >= PACKED_OPENSSL_VERSION_PLAIN(1,0,0)
 #  define HAS_EVP_PKEY_CTX
+#  define HAVE_EVP_CIPHER_CTX_COPY
 # endif
 #endif
 
diff --git a/lib/crypto/c_src/pkey.c b/lib/crypto/c_src/pkey.c
index 393358d173..638bb588fa 100644
--- a/lib/crypto/c_src/pkey.c
+++ b/lib/crypto/c_src/pkey.c
@@ -719,6 +719,11 @@ enif_get_atom(env,argv[1],buf,1024,ERL_NIF_LATIN1); printf("hash=%s ",buf);
     if (pkey)
         EVP_PKEY_free(pkey);
 
+#ifdef HAVE_EDDSA
+    if (mdctx)
+        EVP_MD_CTX_free(mdctx);
+#endif
+
     return ret;
 }
 
diff --git a/lib/crypto/c_src/rc4.c b/lib/crypto/c_src/rc4.c
deleted file mode 100644
index e423661097..0000000000
--- a/lib/crypto/c_src/rc4.c
+++ /dev/null
@@ -1,92 +0,0 @@
-/*
- * %CopyrightBegin%
- *
- * Copyright Ericsson AB 2010-2018. All Rights Reserved.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * %CopyrightEnd%
- */
-
-#include "rc4.h"
-
-ERL_NIF_TERM rc4_set_key(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
-{/* (Key) */
-#ifndef OPENSSL_NO_RC4
-    ErlNifBinary key;
-    ERL_NIF_TERM ret;
-    RC4_KEY *rc4_key;
-
-    CHECK_NO_FIPS_MODE();
-
-    ASSERT(argc == 1);
-
-    if (!enif_inspect_iolist_as_binary(env, argv[0], &key))
-        goto bad_arg;
-    if (key.size > INT_MAX)
-        goto bad_arg;
-
-    if ((rc4_key = (RC4_KEY*)enif_make_new_binary(env, sizeof(RC4_KEY), &ret)) == NULL)
-        goto err;
-
-    RC4_set_key(rc4_key, (int)key.size, key.data);
-    return ret;
-
- bad_arg:
- err:
-    return enif_make_badarg(env);
-
-#else
-    return enif_raise_exception(env, atom_notsup);
-#endif
-}
-
-ERL_NIF_TERM rc4_encrypt_with_state(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
-{/* (State, Data) */
-#ifndef OPENSSL_NO_RC4
-    ErlNifBinary state, data;
-    RC4_KEY* rc4_key;
-    ERL_NIF_TERM new_state, new_data;
-    unsigned char *outp;
-
-    CHECK_NO_FIPS_MODE();
-
-    ASSERT(argc == 2);
-
-    if (!enif_inspect_iolist_as_binary(env, argv[0], &state))
-        goto bad_arg;
-    if (state.size != sizeof(RC4_KEY))
-        goto bad_arg;
-    if (!enif_inspect_iolist_as_binary(env, argv[1], &data))
-        goto bad_arg;
-
-    if ((rc4_key = (RC4_KEY*)enif_make_new_binary(env, sizeof(RC4_KEY), &new_state)) == NULL)
-        goto err;
-    if ((outp = enif_make_new_binary(env, data.size, &new_data)) == NULL)
-        goto err;
-
-    memcpy(rc4_key, state.data, sizeof(RC4_KEY));
-    RC4(rc4_key, data.size, data.data, outp);
-
-    CONSUME_REDS(env, data);
-    return enif_make_tuple2(env, new_state, new_data);
-
- bad_arg:
- err:
-    return enif_make_badarg(env);
-
-#else
-    return enif_raise_exception(env, atom_notsup);
-#endif
-}
-
diff --git a/lib/crypto/c_src/rc4.h b/lib/crypto/c_src/rc4.h
deleted file mode 100644
index 28bf674253..0000000000
--- a/lib/crypto/c_src/rc4.h
+++ /dev/null
@@ -1,29 +0,0 @@
-/*
- * %CopyrightBegin%
- *
- * Copyright Ericsson AB 2010-2018. All Rights Reserved.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * %CopyrightEnd%
- */
-
-#ifndef E_RC4_H__
-#define E_RC4_H__ 1
-
-#include "common.h"
-
-ERL_NIF_TERM rc4_set_key(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
-ERL_NIF_TERM rc4_encrypt_with_state(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
-
-#endif /* E_RC4_H__ */