diff options
author | Dániel Szoboszlay <[email protected]> | 2014-05-13 10:39:36 +0200 |
---|---|---|
committer | Magnus Henoch <[email protected]> | 2016-09-28 15:09:42 +0100 |
commit | cbc937f1c16964669a6d4865aeda2fcdeef9df0f (patch) | |
tree | 74a65eafb13b6a271fec4730fe6f09356fe40d73 /lib/crypto/doc/src/crypto_app.xml | |
parent | b6c83354ac6c3d37dd5f9891932302e4104606eb (diff) | |
download | otp-cbc937f1c16964669a6d4865aeda2fcdeef9df0f.tar.gz otp-cbc937f1c16964669a6d4865aeda2fcdeef9df0f.tar.bz2 otp-cbc937f1c16964669a6d4865aeda2fcdeef9df0f.zip |
Document FIPS mode support
Diffstat (limited to 'lib/crypto/doc/src/crypto_app.xml')
-rw-r--r-- | lib/crypto/doc/src/crypto_app.xml | 24 |
1 files changed, 22 insertions, 2 deletions
diff --git a/lib/crypto/doc/src/crypto_app.xml b/lib/crypto/doc/src/crypto_app.xml index 2b9e505988..a958bdfcb7 100644 --- a/lib/crypto/doc/src/crypto_app.xml +++ b/lib/crypto/doc/src/crypto_app.xml @@ -41,14 +41,34 @@ <section> <title>DEPENDENCIES</title> - <p>The current crypto implementation uses nifs to interface OpenSSLs crypto library - and requires <em>OpenSSL</em> package version 0.9.8 or higher.</p> + <p>The current crypto implementation uses nifs to interface + OpenSSLs crypto library and requires <em>OpenSSL</em> package + version 0.9.8 or higher. FIPS mode support requires at least + version 1.0.1 and a FIPS capable OpenSSL installation.</p> + <p>Source releases of OpenSSL can be downloaded from the <url href="http://www.openssl.org">OpenSSL</url> project home page, or mirror sites listed there. </p> </section> <section> + <title>CONFIGURATION</title> + <p>The following configuration parameters are defined for the + crypto application. See <c>app(3)</c> for more information about + configuration parameters.</p> + <taglist> + <tag><c>fips_mode = boolean()</c></tag> + <item> + <p>Specifies whether to run crypto in FIPS mode. This setting + will take effect when the nif module is loaded. If FIPS mode + is requested but not available at run time the nif module and + thus the crypto module will fail to load. This mechanism + prevents the accidental use of non-validated algorithms.</p> + </item> + </taglist> + </section> + + <section> <title>SEE ALSO</title> <p>application(3)</p> </section> |