diff options
author | Ingela Anderton Andin <[email protected]> | 2013-05-28 09:22:12 +0200 |
---|---|---|
committer | Ingela Anderton Andin <[email protected]> | 2013-05-28 09:22:12 +0200 |
commit | 7f5fa1b06671d31476e0fc0f28b878a6b5059b1b (patch) | |
tree | eaaecc247d03c90cb46fc3f9f2f2c085f9c653c0 /lib/crypto/doc/src/crypto.xml | |
parent | 58de241d5d8e4b0536389b317ecc6e7a2a570997 (diff) | |
parent | 6ec1399aa8e6f80d8423acc37027eeda4394e7ad (diff) | |
download | otp-7f5fa1b06671d31476e0fc0f28b878a6b5059b1b.tar.gz otp-7f5fa1b06671d31476e0fc0f28b878a6b5059b1b.tar.bz2 otp-7f5fa1b06671d31476e0fc0f28b878a6b5059b1b.zip |
Merge branch 'ia/ssl/public_key/crypto/elliptic_curve/OTP-11009' into maint
* ia/ssl/public_key/crypto/elliptic_curve/OTP-11009: (21 commits)
ssl: Do not advertise EC ciphers if crypto support is insufficient
crypto: Ctify tests and test new API
crypto: Allow integer as srp_private arguments according to docs
ssl: Remove unused `srp_parameters` type spec
crypto, public_key & ssl: Make more functions accept integer keys
snmp: Remove use of deprecated crypto functions
crypto,ssh, netconf, inets: binary_to_integer -> bytes_to_integer
netconf: Remove use of deprecated crypto functions
crypto: Documentation fixes from review
crypto: Change argument order of crypto:next_iv/3
crypto,public_key,ssl: Change return value of crypto:generate_key(ecdh,..)
ssl, public_key, crypto: crypto:algorithms/0 -> crypto:supports/0
ssl, public_key & inets: Remove use of deprecated crypto functions from test code
ssl: Remove use of deprecated crypto functions
public_key: Remove use of deprecated crypto functions
dialyzer: Remove use of deprecated crypto functions
ssh & crypto: Remove use of deprecated crypto functions from ssh
Update primary bootstrap
common_test: Replace use of deprecated crypto functions
beam_lib, compile: Replace use of deprecated crypto functions
...
Diffstat (limited to 'lib/crypto/doc/src/crypto.xml')
-rw-r--r-- | lib/crypto/doc/src/crypto.xml | 108 |
1 files changed, 72 insertions, 36 deletions
diff --git a/lib/crypto/doc/src/crypto.xml b/lib/crypto/doc/src/crypto.xml index df765ade87..bdccfee341 100644 --- a/lib/crypto/doc/src/crypto.xml +++ b/lib/crypto/doc/src/crypto.xml @@ -60,6 +60,7 @@ <title>DATA TYPES </title> <p><code>key_value() = integer() | binary() </code></p> + <p>Always <c>binary()</c> when used as return value</p> <p><code>rsa_public() = [key_value()] = [E, N] </code></p> <p> Where E is the public exponent and N is public modulus. </p> @@ -77,21 +78,14 @@ <p><code>dss_private() = [key_value()] = [P, Q, G, X] </code></p> <p>Where P, Q and G are the dss parameters and X is the private key.</p> - <p><code>dss_public() = [key_value()] =[P, Q, G, Y] </code></p> - - <p><code>srp_public() = key_value() </code></p> + <p><code>srp_public() = key_value() </code></p> <p>Where is <c>A</c> or <c>B</c> from <url href="http://srp.stanford.edu/design.html">SRP design</url></p> <p><code>srp_private() = key_value() </code></p> <p>Where is <c>a</c> or <c>b</c> from <url href="http://srp.stanford.edu/design.html">SRP design</url></p> - <p><code>srp_params() = {user, [Generator::binary(), Prime::binary(), Version::atom()]} | - {host, [Verifier::binary(), Generator::binary(), Prime::binary(), Version::atom()]} - | {user, [DerivedKey::binary(), Prime::binary(), Generator::binary(), Version::atom() | [Scrambler:binary()]]} - | {host,[Verifier::binary(), Prime::binary(), Version::atom() | [Scrambler::binary]]} </code></p> - <p>Where Verifier is <c>v</c>, Generator is <c>g</c> and Prime is<c> N</c>, DerivedKey is <c>X</c>, and Scrambler is - <c>u</c> (optional will be genrated if not provided) from <url href="http://srp.stanford.edu/design.html">SRP design</url> + <c>u</c> (optional will be generated if not provided) from <url href="http://srp.stanford.edu/design.html">SRP design</url> Version = '3' | '6' | '6a' </p> @@ -142,25 +136,23 @@ <p><code>des3_key() = [binary(), binary(), binary()] </code> Each key part is 64 bits (in CBC mode only 8 bits are used)</p> - <p><code> message_digest_algorithms() = md5 | ripemd160 | sha | sha224 | sha256 | sha384 | sha512 </code> md4 is aslo supported for hash_init/1 and hash/2. + <p><code>digest_type() = md5 | sha | sha224 | sha256 | sha384 | sha512</code></p> + + <p><code> hash_algorithms() = md5 | ripemd160 | sha | sha224 | sha256 | sha384 | sha512 </code> md4 is also supported for hash_init/1 and hash/2. Note that both md4 and md5 are recommended only for compatibility with existing applications. </p> + <p><code> cipher_algorithms() = des_cbc | des_cfb | des3_cbc | des3_cbf | des_ede3 | + blowfish_cbc | blowfish_cfb64 | aes_cbc128 | aes_cfb128| aes_cbc256 | rc2_cbc | aes_ctr| rc4 </code> </p> + <p><code> public_key_algorithms() = rsa |dss | ecdsa | dh | ecdh </code> </p> + </section> <funcs> - <func> - <name>algorithms() -> [message_digest_algorithms() | md4 | ec]</name> - <fsummary>Provide a list of available crypto algorithms.</fsummary> - <desc> - <p> Can be used to determine if the crypto library has support for elliptic curve (ec) and - which message digest algorithms that are supported.</p> - </desc> - </func> - <func> <name>block_encrypt(Type, Key, Ivec, PlainText) -> CipherText</name> <fsummary>Encrypt <c>PlainText</c>according to <c>Type</c> block cipher</fsummary> <type> + <v>Type = block_cipher() </v> <v>Key = block_key() </v> <v>PlainText = iodata() </v> <v>IVec = CipherText = binary()</v> @@ -176,6 +168,7 @@ <name>block_decrypt(Type, Key, Ivec, CipherText) -> PlainText</name> <fsummary>Decrypt <c>CipherText</c>according to <c>Type</c> block cipher</fsummary> <type> + <v>Type = block_cipher() </v> <v>Key = block_key() </v> <v>PlainText = iodata() </v> <v>IVec = CipherText = binary()</v> @@ -186,15 +179,31 @@ </p> </desc> </func> + + <func> + <name>bytes_to_integer(Bin) -> Integer </name> + <fsummary>Convert binary representation, of an integer, to an Erlang integer.</fsummary> + <type> + <v>Bin = binary() - as returned by crypto functions</v> + + <v>Integer = integer() </v> + </type> + <desc> + <p>Convert binary representation, of an integer, to an Erlang integer. + </p> + </desc> + </func> <func> - <name>compute_key(Type, OthersPublicKey, MyPrivateKey, Params) -> SharedSecret</name> + <name>compute_key(Type, OthersPublicKey, MyKey, Params) -> SharedSecret</name> <fsummary>Computes the shared secret</fsummary> <type> <v> Type = dh | ecdh | srp </v> <v>OthersPublicKey = dh_public() | ecdh_public() | srp_public() </v> - <v>MyPrivate = dh_private() | ecdh_private() | srp_private() </v> - <v>Params = dh_params() | edhc_params() | srp_params() </v> + <v>MyKey = dh_private() | ecdh_private() | {srp_public(),srp_private()}</v> + <v>Params = dh_params() | ecdh_params() | SrpUserParams | SrpHostParams</v> + <v>SrpUserParams = {user, [DerivedKey::binary(), Prime::binary(), Generator::binary(), Version::atom() | [Scrambler:binary()]]} </v> + <v>SrpHostParams = {host, [Verifier::binary(), Prime::binary(), Version::atom() | [Scrambler::binary]]} </v> <v>SharedSecret = binary()</v> </type> <desc> @@ -217,14 +226,17 @@ </func> <func> - <name>generate_key(Type, Params) -> {PublicKey, PrivateKey} </name> - <name>generate_key(Type, Params, PrivateKey) -> {PublicKey, PrivateKey} </name> + <name>generate_key(Type, Params) -> {PublicKey, PrivKeyOut} </name> + <name>generate_key(Type, Params, PrivKeyIn) -> {PublicKey, PrivKeyOut} </name> <fsummary>Generates a public keys of type <c>Type</c></fsummary> <type> <v> Type = dh | ecdh | srp </v> - <v>Params = dh_params() | edhc_params() | srp_params() </v> + <v>Params = dh_params() | ecdh_params() | SrpUserParams | SrpHostParams </v> + <v>SrpUserParams = {user, [Generator::binary(), Prime::binary(), Version::atom()]}</v> + <v>SrpHostParams = {host, [Verifier::binary(), Generator::binary(), Prime::binary(), Version::atom()]}</v> <v>PublicKey = dh_public() | ecdh_public() | srp_public() </v> - <v>PrivateKey = dh_private() | ecdh_private() | srp_private() </v> + <v>PrivKeyIn = undefined | dh_private() | srp_private() </v> + <v>PrivKeyOut = dh_private() | ecdh_private() | srp_private() </v> </type> <desc> <p>Generates public keys of type <c>Type</c>. @@ -407,16 +419,20 @@ </func> <func> - <name>next_iv(Type, Data) -> </name> + <name>next_iv(Type, Data) -> NextIVec</name> + <name>next_iv(Type, Data, IVec) -> NextIVec</name> <fsummary></fsummary> <type> - <v>Type = des_cbc | aes_cbc</v> + <v>Type = des_cbc | des3_cbc | aes_cbc | des_cfb</v> <v>Data = iodata()</v> + <v>IVec = NextIVec = binary()</v> </type> <desc> <p>Returns the initialization vector to be used in the next - iteration of encrypt/decrypt of type <c>Type</c>. Data is the - encrypted data from the previous iteration step.</p> + iteration of encrypt/decrypt of type <c>Type</c>. <c>Data</c> is the + encrypted data from the previous iteration step. The <c>IVec</c> + argument is only needed for <c>des_cfb</c> as the vector used + in the previous iteration step.</p> </desc> </func> @@ -549,10 +565,12 @@ signed or it is the hashed value of "plain text" i.e. the digest.</d> <v>DigestType = digest_type()</v> - <v>Key = rsa_private_key() | dsa_private_key() | ec_private_key()</v> + <v>Key = rsa_private() | dss_private() | [ecdh_private(),ecdh_params()]</v> </type> <desc> - <p> Creates a digital signature.</p> + <p>Creates a digital signature.</p> + <p>Algorithm <c>dss</c> can only be used together with digest type + <c>sha</c>.</p> See also <seealso marker="public_key:public_key#sign/3">public_key:sign/3</seealso> </desc> </func> @@ -591,10 +609,9 @@ <name>stream_init(Type, Key) -> State</name> <fsummary></fsummary> <type> - <v>Type rc4 </v> + <v>Type = rc4 </v> <v>State = opaque() </v> <v>Key = iodata()</v> - <v>IVec = binary()</v> </type> <desc> <p>Initializes the state for use in RC4 stream encryption @@ -607,7 +624,7 @@ <name>stream_init(Type, Key, IVec) -> State</name> <fsummary></fsummary> <type> - <v>Type aes_ctr </v> + <v>Type = aes_ctr </v> <v>State = opaque() </v> <v>Key = iodata()</v> <v>IVec = binary()</v> @@ -651,6 +668,22 @@ </desc> </func> + <func> + <name>supports() -> AlgorithmList </name> + <fsummary>Provide a list of available crypto algorithms.</fsummary> + <type> + <v> AlgorithmList = [{hashs, [hash_algorithms()]}, + {ciphers, [cipher_algorithms()]}, + {public_keys, [public_key_algorithms()]} + </v> + </type> + <desc> + <p> Can be used to determine which crypto algorithms that are supported + by the underlying OpenSSL library</p> + </desc> + </func> + + <func> <name>verify(Algorithm, DigestType, Msg, Signature, Key) -> boolean()</name> <fsummary>Verifies a digital signature.</fsummary> @@ -661,10 +694,13 @@ or it is the hashed value of "plain text" i.e. the digest.</d> <v>DigestType = digest_type()</v> <v>Signature = binary()</v> - <v>Key = rsa_public_key() | dsa_public_key() | ec_public_key()</v> + <v>Key = rsa_public() | dss_public() | [ecdh_public(),ecdh_params()]</v> </type> <desc> <p>Verifies a digital signature</p> + <p>Algorithm <c>dss</c> can only be used together with digest type + <c>sha</c>.</p> + See also <seealso marker="public_key:public_key#sign/3">public_key:verify/3</seealso> </desc> </func> |