aboutsummaryrefslogtreecommitdiffstats
path: root/lib/crypto
diff options
context:
space:
mode:
authorIngela Anderton Andin <[email protected]>2013-05-15 15:51:44 +0200
committerIngela Anderton Andin <[email protected]>2013-05-20 08:41:52 +0200
commit36a9e0a0dcb33c0cab6fdfcc6847e04b1b786a73 (patch)
tree670d317442a0953e8df19d0caab84003bafdc018 /lib/crypto
parent7e47d5082b573e3fc535b0252662813647770e66 (diff)
downloadotp-36a9e0a0dcb33c0cab6fdfcc6847e04b1b786a73.tar.gz
otp-36a9e0a0dcb33c0cab6fdfcc6847e04b1b786a73.tar.bz2
otp-36a9e0a0dcb33c0cab6fdfcc6847e04b1b786a73.zip
ssl, public_key, crypto: crypto:algorithms/0 -> crypto:supports/0
Diffstat (limited to 'lib/crypto')
-rw-r--r--lib/crypto/doc/src/crypto.xml31
-rw-r--r--lib/crypto/src/crypto.erl24
-rw-r--r--lib/crypto/test/crypto_SUITE.erl6
3 files changed, 47 insertions, 14 deletions
diff --git a/lib/crypto/doc/src/crypto.xml b/lib/crypto/doc/src/crypto.xml
index cac8f6ef28..b4e471111a 100644
--- a/lib/crypto/doc/src/crypto.xml
+++ b/lib/crypto/doc/src/crypto.xml
@@ -142,21 +142,16 @@
<p><code>des3_key() = [binary(), binary(), binary()] </code> Each key part is 64 bits (in CBC mode only 8 bits are used)</p>
- <p><code> message_digest_algorithms() = md5 | ripemd160 | sha | sha224 | sha256 | sha384 | sha512 </code> md4 is aslo supported for hash_init/1 and hash/2.
+ <p><code>digest_type() = md5 | sha | sha224 | sha256 | sha384 | sha512</code></p>
+ <p><code> hash_algorithms() = md5 | ripemd160 | sha | sha224 | sha256 | sha384 | sha512 </code> md4 is aslo supported for hash_init/1 and hash/2.
Note that both md4 and md5 are recommended only for compatibility with existing applications.
</p>
+ <p><code> cipher_algorithms() = des | des3 | aes | blowfish | rc2 | rc4 </code> </p>
+ <p><code> public_key_algorithms() = rsa |dss | ecdsa | dh | ecdh </code> </p>
+
</section>
<funcs>
- <func>
- <name>algorithms() -> [message_digest_algorithms() | md4 | ec]</name>
- <fsummary>Provide a list of available crypto algorithms.</fsummary>
- <desc>
- <p> Can be used to determine if the crypto library has support for elliptic curve (ec) and
- which message digest algorithms that are supported.</p>
- </desc>
- </func>
-
<func>
<name>block_encrypt(Type, Key, Ivec, PlainText) -> CipherText</name>
<fsummary>Encrypt <c>PlainText</c>according to <c>Type</c> block cipher</fsummary>
@@ -665,6 +660,22 @@
</desc>
</func>
+ <func>
+ <name>supports() -> AlgorithmList </name>
+ <fsummary>Provide a list of available crypto algorithms.</fsummary>
+ <type>
+ <v> AlgorithmList = [{hashs, [hash_algorithms()]},
+ {ciphers, [cipher_algorithms()]},
+ {public_keys, [public_key_algorithms()]}
+ </v>
+ </type>
+ <desc>
+ <p> Can be used to determine which crypto algorithms that are supported
+ by the underlying OpenSSL library</p>
+ </desc>
+ </func>
+
+
<func>
<name>verify(Algorithm, DigestType, Msg, Signature, Key) -> boolean()</name>
<fsummary>Verifies a digital signature.</fsummary>
diff --git a/lib/crypto/src/crypto.erl b/lib/crypto/src/crypto.erl
index dde53b1217..8c61084f3e 100644
--- a/lib/crypto/src/crypto.erl
+++ b/lib/crypto/src/crypto.erl
@@ -21,7 +21,7 @@
-module(crypto).
--export([start/0, stop/0, info_lib/0, algorithms/0, version/0, binary_to_integer/1]).
+-export([start/0, stop/0, info_lib/0, supports/0, version/0, binary_to_integer/1]).
-export([hash/2, hash_init/1, hash_update/2, hash_final/1]).
-export([sign/4, verify/5]).
-export([generate_key/2, generate_key/3, compute_key/4]).
@@ -218,7 +218,7 @@
des_cbc_ivec, des_cfb_ivec,
info,
%%
- info_lib, algorithms]).
+ info_lib, supports]).
-type mpint() :: binary().
-type rsa_digest_type() :: 'md5' | 'sha' | 'sha224' | 'sha256' | 'sha384' | 'sha512'.
@@ -306,6 +306,22 @@ info_lib() -> ?nif_stub.
algorithms() -> ?nif_stub.
+supports()->
+ Algs = algorithms(),
+ PubKeyAlgs =
+ case lists:member(ec, Algs) of
+ true ->
+ {public_keys, [rsa, dss, ecdsa, dh, ecdh]};
+ false ->
+ {public_keys, [rsa, dss, dh]}
+ end,
+ [{hashs, Algs -- [ec]},
+ {ciphers, [des_cbc, des_cfb, des3_cbc, des3_cbf, des_ede3, blowfish_cbc,
+ blowfish_cfb64, aes_cbc128, aes_cfb128, aes_cbc256, rc2_cbc, aes_ctr, rc4
+ ]},
+ PubKeyAlgs
+ ].
+
%% Crypto app version history:
%% (no version): Driver implementation
%% 2.0 : NIF implementation, requires OTP R14
@@ -756,10 +772,12 @@ block_decrypt(des_ecb, Key, Data) ->
block_decrypt(blowfish_ecb, Key, Data) ->
blowfish_ecb_decrypt(Key, Data).
--spec next_iv(des_cbc | aes_cbc, Data::iodata()) -> binary().
+-spec next_iv(des_cbc | des3_cbc | aes_cbc, Data::iodata()) -> binary().
next_iv(des_cbc, Data) ->
des_cbc_ivec(Data);
+next_iv(des3_cbc, Data) ->
+ des_cbc_ivec(Data);
next_iv(aes_cbc, Data) ->
aes_cbc_ivec(Data).
diff --git a/lib/crypto/test/crypto_SUITE.erl b/lib/crypto/test/crypto_SUITE.erl
index eddb6b83f9..57f5696d3c 100644
--- a/lib/crypto/test/crypto_SUITE.erl
+++ b/lib/crypto/test/crypto_SUITE.erl
@@ -2334,7 +2334,11 @@ openssl_version() ->
end.
if_supported(Algorithm, Fun) ->
- case proplists:get_bool(Algorithm, crypto:algorithms()) of
+ [{hashs, Hashs},
+ {ciphers, Ciphers},
+ {public_keys, Pubkeys}]
+ = crypto:supports(),
+ case proplists:get_bool(Algorithm, Hashs ++ Ciphers ++ Pubkeys) of
true ->
Fun();
_ ->