aboutsummaryrefslogtreecommitdiffstats
path: root/lib/crypto/doc
diff options
context:
space:
mode:
authorIngela Anderton Andin <[email protected]>2013-05-28 09:22:12 +0200
committerIngela Anderton Andin <[email protected]>2013-05-28 09:22:12 +0200
commit7f5fa1b06671d31476e0fc0f28b878a6b5059b1b (patch)
treeeaaecc247d03c90cb46fc3f9f2f2c085f9c653c0 /lib/crypto/doc
parent58de241d5d8e4b0536389b317ecc6e7a2a570997 (diff)
parent6ec1399aa8e6f80d8423acc37027eeda4394e7ad (diff)
downloadotp-7f5fa1b06671d31476e0fc0f28b878a6b5059b1b.tar.gz
otp-7f5fa1b06671d31476e0fc0f28b878a6b5059b1b.tar.bz2
otp-7f5fa1b06671d31476e0fc0f28b878a6b5059b1b.zip
Merge branch 'ia/ssl/public_key/crypto/elliptic_curve/OTP-11009' into maint
* ia/ssl/public_key/crypto/elliptic_curve/OTP-11009: (21 commits) ssl: Do not advertise EC ciphers if crypto support is insufficient crypto: Ctify tests and test new API crypto: Allow integer as srp_private arguments according to docs ssl: Remove unused `srp_parameters` type spec crypto, public_key & ssl: Make more functions accept integer keys snmp: Remove use of deprecated crypto functions crypto,ssh, netconf, inets: binary_to_integer -> bytes_to_integer netconf: Remove use of deprecated crypto functions crypto: Documentation fixes from review crypto: Change argument order of crypto:next_iv/3 crypto,public_key,ssl: Change return value of crypto:generate_key(ecdh,..) ssl, public_key, crypto: crypto:algorithms/0 -> crypto:supports/0 ssl, public_key & inets: Remove use of deprecated crypto functions from test code ssl: Remove use of deprecated crypto functions public_key: Remove use of deprecated crypto functions dialyzer: Remove use of deprecated crypto functions ssh & crypto: Remove use of deprecated crypto functions from ssh Update primary bootstrap common_test: Replace use of deprecated crypto functions beam_lib, compile: Replace use of deprecated crypto functions ...
Diffstat (limited to 'lib/crypto/doc')
-rw-r--r--lib/crypto/doc/src/crypto.xml108
1 files changed, 72 insertions, 36 deletions
diff --git a/lib/crypto/doc/src/crypto.xml b/lib/crypto/doc/src/crypto.xml
index df765ade87..bdccfee341 100644
--- a/lib/crypto/doc/src/crypto.xml
+++ b/lib/crypto/doc/src/crypto.xml
@@ -60,6 +60,7 @@
<title>DATA TYPES </title>
<p><code>key_value() = integer() | binary() </code></p>
+ <p>Always <c>binary()</c> when used as return value</p>
<p><code>rsa_public() = [key_value()] = [E, N] </code></p>
<p> Where E is the public exponent and N is public modulus. </p>
@@ -77,21 +78,14 @@
<p><code>dss_private() = [key_value()] = [P, Q, G, X] </code></p>
<p>Where P, Q and G are the dss parameters and X is the private key.</p>
- <p><code>dss_public() = [key_value()] =[P, Q, G, Y] </code></p>
-
- <p><code>srp_public() = key_value() </code></p>
+ <p><code>srp_public() = key_value() </code></p>
<p>Where is <c>A</c> or <c>B</c> from <url href="http://srp.stanford.edu/design.html">SRP design</url></p>
<p><code>srp_private() = key_value() </code></p>
<p>Where is <c>a</c> or <c>b</c> from <url href="http://srp.stanford.edu/design.html">SRP design</url></p>
- <p><code>srp_params() = {user, [Generator::binary(), Prime::binary(), Version::atom()]} |
- {host, [Verifier::binary(), Generator::binary(), Prime::binary(), Version::atom()]}
- | {user, [DerivedKey::binary(), Prime::binary(), Generator::binary(), Version::atom() | [Scrambler:binary()]]}
- | {host,[Verifier::binary(), Prime::binary(), Version::atom() | [Scrambler::binary]]} </code></p>
-
<p>Where Verifier is <c>v</c>, Generator is <c>g</c> and Prime is<c> N</c>, DerivedKey is <c>X</c>, and Scrambler is
- <c>u</c> (optional will be genrated if not provided) from <url href="http://srp.stanford.edu/design.html">SRP design</url>
+ <c>u</c> (optional will be generated if not provided) from <url href="http://srp.stanford.edu/design.html">SRP design</url>
Version = '3' | '6' | '6a'
</p>
@@ -142,25 +136,23 @@
<p><code>des3_key() = [binary(), binary(), binary()] </code> Each key part is 64 bits (in CBC mode only 8 bits are used)</p>
- <p><code> message_digest_algorithms() = md5 | ripemd160 | sha | sha224 | sha256 | sha384 | sha512 </code> md4 is aslo supported for hash_init/1 and hash/2.
+ <p><code>digest_type() = md5 | sha | sha224 | sha256 | sha384 | sha512</code></p>
+
+ <p><code> hash_algorithms() = md5 | ripemd160 | sha | sha224 | sha256 | sha384 | sha512 </code> md4 is also supported for hash_init/1 and hash/2.
Note that both md4 and md5 are recommended only for compatibility with existing applications.
</p>
+ <p><code> cipher_algorithms() = des_cbc | des_cfb | des3_cbc | des3_cbf | des_ede3 |
+ blowfish_cbc | blowfish_cfb64 | aes_cbc128 | aes_cfb128| aes_cbc256 | rc2_cbc | aes_ctr| rc4 </code> </p>
+ <p><code> public_key_algorithms() = rsa |dss | ecdsa | dh | ecdh </code> </p>
+
</section>
<funcs>
- <func>
- <name>algorithms() -> [message_digest_algorithms() | md4 | ec]</name>
- <fsummary>Provide a list of available crypto algorithms.</fsummary>
- <desc>
- <p> Can be used to determine if the crypto library has support for elliptic curve (ec) and
- which message digest algorithms that are supported.</p>
- </desc>
- </func>
-
<func>
<name>block_encrypt(Type, Key, Ivec, PlainText) -> CipherText</name>
<fsummary>Encrypt <c>PlainText</c>according to <c>Type</c> block cipher</fsummary>
<type>
+ <v>Type = block_cipher() </v>
<v>Key = block_key() </v>
<v>PlainText = iodata() </v>
<v>IVec = CipherText = binary()</v>
@@ -176,6 +168,7 @@
<name>block_decrypt(Type, Key, Ivec, CipherText) -> PlainText</name>
<fsummary>Decrypt <c>CipherText</c>according to <c>Type</c> block cipher</fsummary>
<type>
+ <v>Type = block_cipher() </v>
<v>Key = block_key() </v>
<v>PlainText = iodata() </v>
<v>IVec = CipherText = binary()</v>
@@ -186,15 +179,31 @@
</p>
</desc>
</func>
+
+ <func>
+ <name>bytes_to_integer(Bin) -> Integer </name>
+ <fsummary>Convert binary representation, of an integer, to an Erlang integer.</fsummary>
+ <type>
+ <v>Bin = binary() - as returned by crypto functions</v>
+
+ <v>Integer = integer() </v>
+ </type>
+ <desc>
+ <p>Convert binary representation, of an integer, to an Erlang integer.
+ </p>
+ </desc>
+ </func>
<func>
- <name>compute_key(Type, OthersPublicKey, MyPrivateKey, Params) -> SharedSecret</name>
+ <name>compute_key(Type, OthersPublicKey, MyKey, Params) -> SharedSecret</name>
<fsummary>Computes the shared secret</fsummary>
<type>
<v> Type = dh | ecdh | srp </v>
<v>OthersPublicKey = dh_public() | ecdh_public() | srp_public() </v>
- <v>MyPrivate = dh_private() | ecdh_private() | srp_private() </v>
- <v>Params = dh_params() | edhc_params() | srp_params() </v>
+ <v>MyKey = dh_private() | ecdh_private() | {srp_public(),srp_private()}</v>
+ <v>Params = dh_params() | ecdh_params() | SrpUserParams | SrpHostParams</v>
+ <v>SrpUserParams = {user, [DerivedKey::binary(), Prime::binary(), Generator::binary(), Version::atom() | [Scrambler:binary()]]} </v>
+ <v>SrpHostParams = {host, [Verifier::binary(), Prime::binary(), Version::atom() | [Scrambler::binary]]} </v>
<v>SharedSecret = binary()</v>
</type>
<desc>
@@ -217,14 +226,17 @@
</func>
<func>
- <name>generate_key(Type, Params) -> {PublicKey, PrivateKey} </name>
- <name>generate_key(Type, Params, PrivateKey) -> {PublicKey, PrivateKey} </name>
+ <name>generate_key(Type, Params) -> {PublicKey, PrivKeyOut} </name>
+ <name>generate_key(Type, Params, PrivKeyIn) -> {PublicKey, PrivKeyOut} </name>
<fsummary>Generates a public keys of type <c>Type</c></fsummary>
<type>
<v> Type = dh | ecdh | srp </v>
- <v>Params = dh_params() | edhc_params() | srp_params() </v>
+ <v>Params = dh_params() | ecdh_params() | SrpUserParams | SrpHostParams </v>
+ <v>SrpUserParams = {user, [Generator::binary(), Prime::binary(), Version::atom()]}</v>
+ <v>SrpHostParams = {host, [Verifier::binary(), Generator::binary(), Prime::binary(), Version::atom()]}</v>
<v>PublicKey = dh_public() | ecdh_public() | srp_public() </v>
- <v>PrivateKey = dh_private() | ecdh_private() | srp_private() </v>
+ <v>PrivKeyIn = undefined | dh_private() | srp_private() </v>
+ <v>PrivKeyOut = dh_private() | ecdh_private() | srp_private() </v>
</type>
<desc>
<p>Generates public keys of type <c>Type</c>.
@@ -407,16 +419,20 @@
</func>
<func>
- <name>next_iv(Type, Data) -> </name>
+ <name>next_iv(Type, Data) -> NextIVec</name>
+ <name>next_iv(Type, Data, IVec) -> NextIVec</name>
<fsummary></fsummary>
<type>
- <v>Type = des_cbc | aes_cbc</v>
+ <v>Type = des_cbc | des3_cbc | aes_cbc | des_cfb</v>
<v>Data = iodata()</v>
+ <v>IVec = NextIVec = binary()</v>
</type>
<desc>
<p>Returns the initialization vector to be used in the next
- iteration of encrypt/decrypt of type <c>Type</c>. Data is the
- encrypted data from the previous iteration step.</p>
+ iteration of encrypt/decrypt of type <c>Type</c>. <c>Data</c> is the
+ encrypted data from the previous iteration step. The <c>IVec</c>
+ argument is only needed for <c>des_cfb</c> as the vector used
+ in the previous iteration step.</p>
</desc>
</func>
@@ -549,10 +565,12 @@
signed or it is the hashed value of "plain text" i.e. the
digest.</d>
<v>DigestType = digest_type()</v>
- <v>Key = rsa_private_key() | dsa_private_key() | ec_private_key()</v>
+ <v>Key = rsa_private() | dss_private() | [ecdh_private(),ecdh_params()]</v>
</type>
<desc>
- <p> Creates a digital signature.</p>
+ <p>Creates a digital signature.</p>
+ <p>Algorithm <c>dss</c> can only be used together with digest type
+ <c>sha</c>.</p>
See also <seealso marker="public_key:public_key#sign/3">public_key:sign/3</seealso>
</desc>
</func>
@@ -591,10 +609,9 @@
<name>stream_init(Type, Key) -> State</name>
<fsummary></fsummary>
<type>
- <v>Type rc4 </v>
+ <v>Type = rc4 </v>
<v>State = opaque() </v>
<v>Key = iodata()</v>
- <v>IVec = binary()</v>
</type>
<desc>
<p>Initializes the state for use in RC4 stream encryption
@@ -607,7 +624,7 @@
<name>stream_init(Type, Key, IVec) -> State</name>
<fsummary></fsummary>
<type>
- <v>Type aes_ctr </v>
+ <v>Type = aes_ctr </v>
<v>State = opaque() </v>
<v>Key = iodata()</v>
<v>IVec = binary()</v>
@@ -651,6 +668,22 @@
</desc>
</func>
+ <func>
+ <name>supports() -> AlgorithmList </name>
+ <fsummary>Provide a list of available crypto algorithms.</fsummary>
+ <type>
+ <v> AlgorithmList = [{hashs, [hash_algorithms()]},
+ {ciphers, [cipher_algorithms()]},
+ {public_keys, [public_key_algorithms()]}
+ </v>
+ </type>
+ <desc>
+ <p> Can be used to determine which crypto algorithms that are supported
+ by the underlying OpenSSL library</p>
+ </desc>
+ </func>
+
+
<func>
<name>verify(Algorithm, DigestType, Msg, Signature, Key) -> boolean()</name>
<fsummary>Verifies a digital signature.</fsummary>
@@ -661,10 +694,13 @@
or it is the hashed value of "plain text" i.e. the digest.</d>
<v>DigestType = digest_type()</v>
<v>Signature = binary()</v>
- <v>Key = rsa_public_key() | dsa_public_key() | ec_public_key()</v>
+ <v>Key = rsa_public() | dss_public() | [ecdh_public(),ecdh_params()]</v>
</type>
<desc>
<p>Verifies a digital signature</p>
+ <p>Algorithm <c>dss</c> can only be used together with digest type
+ <c>sha</c>.</p>
+
See also <seealso marker="public_key:public_key#sign/3">public_key:verify/3</seealso>
</desc>
</func>