21 files changed, 977 insertions, 288 deletions
diff --git a/lib/crypto/c_src/Makefile.in b/lib/crypto/c_src/Makefile.in
index b6a65d7488..f922c3fb9b 100644
--- a/lib/crypto/c_src/Makefile.in
+++ b/lib/crypto/c_src/Makefile.in
@@ -92,16 +92,15 @@ CRYPTO_OBJS = $(OBJDIR)/crypto$(TYPEMARKER).o \
 	$(OBJDIR)/hash$(TYPEMARKER).o \
 	$(OBJDIR)/hmac$(TYPEMARKER).o \
 	$(OBJDIR)/info$(TYPEMARKER).o \
+	$(OBJDIR)/mac$(TYPEMARKER).o \
 	$(OBJDIR)/math$(TYPEMARKER).o \
 	$(OBJDIR)/pkey$(TYPEMARKER).o \
-	$(OBJDIR)/poly1305$(TYPEMARKER).o \
 	$(OBJDIR)/rand$(TYPEMARKER).o \
 	$(OBJDIR)/rsa$(TYPEMARKER).o \
 	$(OBJDIR)/srp$(TYPEMARKER).o
 CALLBACK_OBJS = $(OBJDIR)/crypto_callback$(TYPEMARKER).o
 NIF_MAKEFILE = $(PRIVDIR)/Makefile
-CRYPTO_STATIC_OBJS = $(OBJDIR)/crypto_static$(TYPEMARKER).o\
-	$(OBJDIR)/crypto_callback_static$(TYPEMARKER).o
+CRYPTO_STATIC_OBJS = $(patsubst $(OBJDIR)/%$(TYPEMARKER).o,$(OBJDIR)/%_static$(TYPEMARKER).o,$(CRYPTO_OBJS) $(CALLBACK_OBJS))
 
 NIF_ARCHIVE = $(LIBDIR)/crypto$(TYPEMARKER).a
 
diff --git a/lib/crypto/c_src/algorithms.c b/lib/crypto/c_src/algorithms.c
index 75cddeb1e9..53b8b7eaa9 100644
--- a/lib/crypto/c_src/algorithms.c
+++ b/lib/crypto/c_src/algorithms.c
@@ -20,13 +20,12 @@
 
 #include "algorithms.h"
 #include "cipher.h"
+#include "mac.h"
 
 static unsigned int algo_hash_cnt, algo_hash_fips_cnt;
 static ERL_NIF_TERM algo_hash[14];   /* increase when extending the list */
 static unsigned int algo_pubkey_cnt, algo_pubkey_fips_cnt;
 static ERL_NIF_TERM algo_pubkey[12]; /* increase when extending the list */
-static unsigned int algo_mac_cnt, algo_mac_fips_cnt;
-static ERL_NIF_TERM algo_mac[3]; /* increase when extending the list */
 static unsigned int algo_curve_cnt, algo_curve_fips_cnt;
 static ERL_NIF_TERM algo_curve[89]; /* increase when extending the list */
 static unsigned int algo_rsa_opts_cnt, algo_rsa_opts_fips_cnt;
@@ -101,19 +100,6 @@ void init_algorithms_types(ErlNifEnv* env)
 #endif
     algo_pubkey[algo_pubkey_cnt++] = enif_make_atom(env, "srp");
 
- 
-    // Validated algorithms first
-    algo_mac_cnt = 0;
-    algo_mac[algo_mac_cnt++] = enif_make_atom(env,"hmac");
-#ifdef HAVE_CMAC
-    algo_mac[algo_mac_cnt++] = enif_make_atom(env,"cmac");
-#endif
-#ifdef HAVE_POLY1305
-    algo_mac[algo_mac_cnt++] = enif_make_atom(env,"poly1305");
-#endif
-    // Non-validated algorithms follow
-    algo_mac_fips_cnt = algo_mac_cnt;
-
     // Validated algorithms first
     algo_curve_cnt = 0;
 #if defined(HAVE_EC)
@@ -250,7 +236,6 @@ void init_algorithms_types(ErlNifEnv* env)
     // Check that the max number of algos is updated
     ASSERT(algo_hash_cnt <= sizeof(algo_hash)/sizeof(ERL_NIF_TERM));
     ASSERT(algo_pubkey_cnt <= sizeof(algo_pubkey)/sizeof(ERL_NIF_TERM));
-    ASSERT(algo_mac_cnt <= sizeof(algo_mac)/sizeof(ERL_NIF_TERM));
     ASSERT(algo_curve_cnt <= sizeof(algo_curve)/sizeof(ERL_NIF_TERM));
     ASSERT(algo_rsa_opts_cnt <= sizeof(algo_rsa_opts)/sizeof(ERL_NIF_TERM));
 }
@@ -284,18 +269,12 @@ ERL_NIF_TERM cipher_algorithms(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv
     return cipher_types_as_list(env); /* Exclude old api ciphers */
 }
 
+
 ERL_NIF_TERM mac_algorithms(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
 {
-    unsigned int cnt  =
-#ifdef FIPS_SUPPORT
-        FIPS_mode() ? algo_mac_fips_cnt :
-#endif
-        algo_mac_cnt;
-
-    return enif_make_list_from_array(env, algo_mac, cnt);
+    return mac_types_as_list(env);
 }
 
-
 ERL_NIF_TERM curve_algorithms(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
 {
     unsigned int cnt  =
diff --git a/lib/crypto/c_src/api_ng.c b/lib/crypto/c_src/api_ng.c
index 3408ba1b88..941e03cc98 100644
--- a/lib/crypto/c_src/api_ng.c
+++ b/lib/crypto/c_src/api_ng.c
@@ -100,7 +100,7 @@ static int get_init_args(ErlNifEnv* env,
         }
 
 
-    if (FORBIDDEN_IN_FIPS(*cipherp))
+    if (CIPHER_FORBIDDEN_IN_FIPS(*cipherp))
         {
             *return_term = EXCP_NOTSUP(env, "Forbidden in FIPS");
             goto err;
@@ -334,12 +334,11 @@ ERL_NIF_TERM ng_crypto_init_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM arg
         if ((ctx_res = enif_alloc_resource(evp_cipher_ctx_rtype, sizeof(struct evp_cipher_ctx))) == NULL)
             return EXCP_ERROR(env, "Can't allocate resource");
 
-        if (!get_init_args(env, ctx_res, argv[0], argv[1], argv[2], argv[argc-1],
+        if (get_init_args(env, ctx_res, argv[0], argv[1], argv[2], argv[argc-1],
                            &cipherp, &ret))
-            /* Error msg in &ret */
-            goto ret;
+            ret = enif_make_resource(env, ctx_res);
+        /* else error msg in ret */
 
-        ret = enif_make_resource(env, ctx_res);
         if(ctx_res) enif_release_resource(ctx_res);
 
     } else if (enif_get_resource(env, argv[0], (ErlNifResourceType*)evp_cipher_ctx_rtype, (void**)&ctx_res)) {
diff --git a/lib/crypto/c_src/atoms.c b/lib/crypto/c_src/atoms.c
index 059c14690f..fc983ec03b 100644
--- a/lib/crypto/c_src/atoms.c
+++ b/lib/crypto/c_src/atoms.c
@@ -30,6 +30,10 @@ ERL_NIF_TERM atom_rsa_no_padding;
 ERL_NIF_TERM atom_signature_md;
 ERL_NIF_TERM atom_undefined;
 
+ERL_NIF_TERM atom_hmac;
+ERL_NIF_TERM atom_cmac;
+ERL_NIF_TERM atom_poly1305;
+
 ERL_NIF_TERM atom_ok;
 ERL_NIF_TERM atom_none;
 ERL_NIF_TERM atom_notsup;
@@ -85,6 +89,8 @@ ERL_NIF_TERM atom_ecdsa;
 #ifdef HAVE_ED_CURVE_DH
 ERL_NIF_TERM atom_x25519;
 ERL_NIF_TERM atom_x448;
+ERL_NIF_TERM atom_ed25519;
+ERL_NIF_TERM atom_ed448;
 #endif
 
 ERL_NIF_TERM atom_eddsa;
@@ -155,6 +161,11 @@ int init_atoms(ErlNifEnv *env, const ERL_NIF_TERM fips_mode, const ERL_NIF_TERM
     atom_rsa_no_padding = enif_make_atom(env,"rsa_no_padding");
     atom_signature_md = enif_make_atom(env,"signature_md");
     atom_undefined = enif_make_atom(env,"undefined");
+
+    atom_hmac = enif_make_atom(env,"hmac");
+    atom_cmac = enif_make_atom(env,"cmac");
+    atom_poly1305 = enif_make_atom(env,"poly1305");
+
     atom_ok = enif_make_atom(env,"ok");
     atom_none = enif_make_atom(env,"none");
     atom_notsup = enif_make_atom(env,"notsup");
@@ -210,6 +221,8 @@ int init_atoms(ErlNifEnv *env, const ERL_NIF_TERM fips_mode, const ERL_NIF_TERM
 #ifdef HAVE_ED_CURVE_DH
     atom_x25519 = enif_make_atom(env,"x25519");
     atom_x448 = enif_make_atom(env,"x448");
+    atom_ed25519 = enif_make_atom(env,"ed25519");
+    atom_ed448 = enif_make_atom(env,"ed448");
 #endif
     atom_eddsa = enif_make_atom(env,"eddsa");
 #ifdef HAVE_EDDSA
diff --git a/lib/crypto/c_src/atoms.h b/lib/crypto/c_src/atoms.h
index f5913de96f..956aab93eb 100644
--- a/lib/crypto/c_src/atoms.h
+++ b/lib/crypto/c_src/atoms.h
@@ -34,6 +34,10 @@ extern ERL_NIF_TERM atom_rsa_no_padding;
 extern ERL_NIF_TERM atom_signature_md;
 extern ERL_NIF_TERM atom_undefined;
 
+extern ERL_NIF_TERM atom_hmac;
+extern ERL_NIF_TERM atom_cmac;
+extern ERL_NIF_TERM atom_poly1305;
+
 extern ERL_NIF_TERM atom_ok;
 extern ERL_NIF_TERM atom_none;
 extern ERL_NIF_TERM atom_notsup;
@@ -89,6 +93,8 @@ extern ERL_NIF_TERM atom_ecdsa;
 #ifdef HAVE_ED_CURVE_DH
 extern ERL_NIF_TERM atom_x25519;
 extern ERL_NIF_TERM atom_x448;
+extern ERL_NIF_TERM atom_ed25519;
+extern ERL_NIF_TERM atom_ed448;
 #endif
 
 extern ERL_NIF_TERM atom_eddsa;
diff --git a/lib/crypto/c_src/bn.c b/lib/crypto/c_src/bn.c
index 34ed4f7ebc..6021d56db6 100644
--- a/lib/crypto/c_src/bn.c
+++ b/lib/crypto/c_src/bn.c
@@ -32,8 +32,6 @@ int get_bn_from_mpint(ErlNifEnv* env, ERL_NIF_TERM term, BIGNUM** bnp)
     if (bin.size > INT_MAX - 4)
         goto err;
 
-    ERL_VALGRIND_ASSERT_MEM_DEFINED(bin.data, bin.size);
-
     if (bin.size < 4)
         goto err;
     sz = (int)bin.size - 4;
@@ -60,8 +58,6 @@ int get_bn_from_bin(ErlNifEnv* env, ERL_NIF_TERM term, BIGNUM** bnp)
     if (bin.size > INT_MAX)
         goto err;
 
-    ERL_VALGRIND_ASSERT_MEM_DEFINED(bin.data, bin.size);
-
     if ((ret = BN_bin2bn(bin.data, (int)bin.size, NULL)) == NULL)
         goto err;
 
@@ -103,8 +99,6 @@ ERL_NIF_TERM mod_exp_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
     unsigned extra_byte;
     ERL_NIF_TERM ret;
 
-    ASSERT(argc == 4);
-
     if (!get_bn_from_bin(env, argv[0], &bn_base))
         goto bad_arg;
     if (!get_bn_from_bin(env, argv[1], &bn_exponent))
@@ -177,7 +171,6 @@ ERL_NIF_TERM bn2term(ErlNifEnv* env, const BIGNUM *bn)
 
     BN_bn2bin(bn, ptr);
 
-    ERL_VALGRIND_MAKE_MEM_DEFINED(ptr, dlen);
     return ret;
 
  err:
diff --git a/lib/crypto/c_src/cipher.c b/lib/crypto/c_src/cipher.c
index 00072af632..e144a891a6 100644
--- a/lib/crypto/c_src/cipher.c
+++ b/lib/crypto/c_src/cipher.c
@@ -214,7 +214,7 @@ ERL_NIF_TERM cipher_info_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]
     if ((cipherp = get_cipher_type_no_key(argv[0])) == NULL)
         return enif_make_badarg(env);
 
-    if (FORBIDDEN_IN_FIPS(cipherp))
+    if (CIPHER_FORBIDDEN_IN_FIPS(cipherp))
         return enif_raise_exception(env, atom_notsup);
     if ((cipher = cipherp->cipher.p) == NULL)
         return enif_raise_exception(env, atom_notsup);
@@ -330,10 +330,11 @@ ERL_NIF_TERM cipher_types_as_list(ErlNifEnv* env)
 
     for (p = cipher_types; (p->type.atom & (p->type.atom != atom_false)); p++) {
         if ((prev == p->type.atom) ||
-            FORBIDDEN_IN_FIPS(p) )
+            CIPHER_FORBIDDEN_IN_FIPS(p) )
             continue;
 
         if ((p->cipher.p != NULL) ||
+            (p->flags & AES_CTR_COMPAT) ||
             (p->type.atom == atom_aes_ige256))  /* Special handling. Bad indeed... */
             {
                 hd = enif_make_list_cell(env, p->type.atom, hd);
diff --git a/lib/crypto/c_src/cipher.h b/lib/crypto/c_src/cipher.h
index 0e51c410eb..c23e128824 100644
--- a/lib/crypto/c_src/cipher.h
+++ b/lib/crypto/c_src/cipher.h
@@ -52,10 +52,10 @@ struct cipher_type_t {
 
 #ifdef FIPS_SUPPORT
 /* May have FIPS support, must check dynamically if it is enabled */
-# define FORBIDDEN_IN_FIPS(P) (((P)->flags & NO_FIPS_CIPHER) && FIPS_mode())
+# define CIPHER_FORBIDDEN_IN_FIPS(P) (((P)->flags & NO_FIPS_CIPHER) && FIPS_mode())
 #else
 /* No FIPS support since the symbol FIPS_SUPPORT is undefined */
-# define FORBIDDEN_IN_FIPS(P) 0
+# define CIPHER_FORBIDDEN_IN_FIPS(P) 0
 #endif
 
 extern ErlNifResourceType* evp_cipher_ctx_rtype;
diff --git a/lib/crypto/c_src/cmac.c b/lib/crypto/c_src/cmac.c
index 49e67ccf29..a1564f6661 100644
--- a/lib/crypto/c_src/cmac.c
+++ b/lib/crypto/c_src/cmac.c
@@ -18,71 +18,56 @@
  * %CopyrightEnd%
  */
 
-#include "cmac.h"
-#include "cipher.h"
+#include "common.h"
 
-ERL_NIF_TERM cmac_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
-{/* (Type, Key, Data) */
-#if defined(HAVE_CMAC)
-    const struct cipher_type_t *cipherp;
-    const EVP_CIPHER     *cipher;
-    CMAC_CTX             *ctx = NULL;
-    ErlNifBinary         key;
-    ErlNifBinary         data;
-    ERL_NIF_TERM         ret;
-    size_t               ret_size;
-    unsigned char       *outp;
-    int                  cipher_len;
+/*****************************************************************
+ *
+ * This file has functions for compatibility with cryptolibs
+ * lacking the EVP_Digest API.
+ *
+ * See mac.c for the implementation using the EVP interface.
+ *
+ ****************************************************************/
 
-    ASSERT(argc == 3);
+#if defined(HAVE_CMAC) && !defined(HAVE_EVP_PKEY_new_CMAC_key)
 
-    if (!enif_inspect_iolist_as_binary(env, argv[1], &key))
-        goto bad_arg;
-    if ((cipherp = get_cipher_type(argv[0], key.size)) == NULL)
-        goto bad_arg;
-    if (cipherp->flags & (NON_EVP_CIPHER | AEAD_CIPHER))
-        goto bad_arg;
-    if (!enif_inspect_iolist_as_binary(env, argv[2], &data))
-        goto bad_arg;
+#include "cmac.h"
 
-    if (FORBIDDEN_IN_FIPS(cipherp))
-        return enif_raise_exception(env, atom_notsup);
-    if ((cipher = cipherp->cipher.p) == NULL)
-        return enif_raise_exception(env, atom_notsup);
+int cmac_low_level(ErlNifEnv* env,
+                   ErlNifBinary key_bin, const EVP_CIPHER* cipher, ErlNifBinary text,
+                   ErlNifBinary *ret_bin, int *ret_bin_alloc, ERL_NIF_TERM *return_term)
+{
+    CMAC_CTX *ctx = NULL;
+    size_t size;
 
     if ((ctx = CMAC_CTX_new()) == NULL)
-        goto err;
-    if (!CMAC_Init(ctx, key.data, key.size, cipher, NULL))
-        goto err;
-    if (!CMAC_Update(ctx, data.data, data.size))
-        goto err;
-    if ((cipher_len = EVP_CIPHER_block_size(cipher)) < 0)
-        goto err;
-    if ((outp = enif_make_new_binary(env, (size_t)cipher_len, &ret)) == NULL)
-        goto err;
-    if (!CMAC_Final(ctx, outp, &ret_size))
-        goto err;
+        goto local_err;
 
-    ASSERT(ret_size == (unsigned)EVP_CIPHER_block_size(cipher));
-    CONSUME_REDS(env, data);
-    goto done;
+    if (!CMAC_Init(ctx, key_bin.data, key_bin.size, cipher, NULL))
+        goto local_err;
 
- bad_arg:
-    return enif_make_badarg(env);
+    if (!CMAC_Update(ctx, text.data, text.size))
+        goto local_err;
 
- err:
-    ret = atom_notsup;
+    if ((size = (size_t)EVP_CIPHER_block_size(cipher)) < 0)
+        goto local_err;
 
- done:
+    if (!enif_alloc_binary(size, ret_bin))
+        goto local_err;
+    *ret_bin_alloc = 1;
+                
+    if (!CMAC_Final(ctx, ret_bin->data, &ret_bin->size))
+        goto local_err;
+
+    CMAC_CTX_free(ctx);
+    return 1;
+
+ local_err:
     if (ctx)
         CMAC_CTX_free(ctx);
-    return ret;
 
-#else
-    /* The CMAC functionality was introduced in OpenSSL 1.0.1
-     * Although OTP requires at least version 0.9.8, the versions 0.9.8 and 1.0.0 are
-     * no longer maintained. */
-    return atom_notsup;
-#endif
+    *return_term = EXCP_ERROR(env,"Compat cmac");
+    return 0;
 }
 
+#endif
diff --git a/lib/crypto/c_src/cmac.h b/lib/crypto/c_src/cmac.h
index 14488def58..04c742b2dc 100644
--- a/lib/crypto/c_src/cmac.h
+++ b/lib/crypto/c_src/cmac.h
@@ -23,6 +23,12 @@
 
 #include "common.h"
 
-ERL_NIF_TERM cmac_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
+#if defined(HAVE_CMAC) && !defined(HAVE_EVP_PKEY_new_CMAC_key)
+
+int cmac_low_level(ErlNifEnv* env,
+                   ErlNifBinary key_bin, const EVP_CIPHER* cipher, ErlNifBinary text,
+                   ErlNifBinary *ret_bin, int *ret_bin_alloc, ERL_NIF_TERM *return_term);
+
+#endif
 
 #endif /* E_CMAC_H__ */
diff --git a/lib/crypto/c_src/crypto.c b/lib/crypto/c_src/crypto.c
index d533cba140..2ea7b7c329 100644
--- a/lib/crypto/c_src/crypto.c
+++ b/lib/crypto/c_src/crypto.c
@@ -31,7 +31,7 @@
 #include "api_ng.h"
 #include "bn.h"
 #include "cipher.h"
-#include "cmac.h"
+#include "mac.h"
 #include "dh.h"
 #include "digest.h"
 #include "dss.h"
@@ -46,7 +46,6 @@
 #include "info.h"
 #include "math.h"
 #include "pkey.h"
-#include "poly1305.h"
 #include "rand.h"
 #include "rsa.h"
 #include "srp.h"
@@ -74,13 +73,10 @@ static ErlNifFunc nif_funcs[] = {
     {"hash_init_nif", 1, hash_init_nif, 0},
     {"hash_update_nif", 2, hash_update_nif, 0},
     {"hash_final_nif", 1, hash_final_nif, 0},
-    {"hmac_nif", 3, hmac_nif, 0},
-    {"hmac_nif", 4, hmac_nif, 0},
-    {"hmac_init_nif", 2, hmac_init_nif, 0},
-    {"hmac_update_nif", 2, hmac_update_nif, 0},
-    {"hmac_final_nif", 1, hmac_final_nif, 0},
-    {"hmac_final_nif", 2, hmac_final_nif, 0},
-    {"cmac_nif", 3, cmac_nif, 0},
+    {"mac_nif", 4, mac_nif, 0},
+    {"mac_init_nif", 3, mac_init_nif, 0},
+    {"mac_update_nif", 2, mac_update_nif, 0},
+    {"mac_final_nif", 1, mac_final_nif, 0},
     {"cipher_info_nif", 1, cipher_info_nif, 0},
     {"aes_ige_crypt_nif", 4, aes_ige_crypt_nif, 0},
     {"ng_crypto_init_nif", 4, ng_crypto_init_nif, 0},
@@ -99,7 +95,7 @@ static ErlNifFunc nif_funcs[] = {
     {"dh_generate_key_nif", 4, dh_generate_key_nif, 0},
     {"dh_compute_key_nif", 3, dh_compute_key_nif, 0},
     {"evp_compute_key_nif", 3, evp_compute_key_nif, 0},
-    {"evp_generate_key_nif", 1, evp_generate_key_nif, 0},
+    {"evp_generate_key_nif", 2, evp_generate_key_nif, 0},
     {"privkey_to_pubkey_nif", 2, privkey_to_pubkey_nif, 0},
     {"srp_value_B_nif", 5, srp_value_B_nif, 0},
     {"srp_user_secret_nif", 7, srp_user_secret_nif, 0},
@@ -112,8 +108,6 @@ static ErlNifFunc nif_funcs[] = {
 
     {"aead_cipher", 7, aead_cipher, 0},
 
-    {"poly1305_nif", 2, poly1305_nif, 0},
-
     {"engine_by_id_nif", 1, engine_by_id_nif, 0},
     {"engine_init_nif", 1, engine_init_nif, 0},
     {"engine_finish_nif", 1, engine_finish_nif, 0},
@@ -181,9 +175,15 @@ static int initialize(ErlNifEnv* env, ERL_NIF_TERM load_info)
     if (!enif_inspect_binary(env, tpl_array[1], &lib_bin))
         return __LINE__;
 
+#ifdef HAS_EVP_PKEY_CTX
+    if (!init_mac_ctx(env)) {
+	return __LINE__;
+    }
+#else
     if (!init_hmac_ctx(env)) {
 	return __LINE__;
     }
+#endif
     if (!init_hash_ctx(env)) {
         return __LINE__;
     }
@@ -248,6 +248,7 @@ static int initialize(ErlNifEnv* env, ERL_NIF_TERM load_info)
 #endif /* OPENSSL_THREADS */
 
     init_digest_types(env);
+    init_mac_types(env);
     init_cipher_types(env);
     init_algorithms_types(env);
 
diff --git a/lib/crypto/c_src/digest.c b/lib/crypto/c_src/digest.c
index c987a664d5..0f887ab765 100644
--- a/lib/crypto/c_src/digest.c
+++ b/lib/crypto/c_src/digest.c
@@ -22,7 +22,7 @@
 
 static struct digest_type_t digest_types[] =
 {
-    {{"md4"},
+    {{"md4"}, NO_FIPS_DIGEST,
 #ifdef HAVE_MD4
      {&EVP_md4}
 #else
@@ -30,7 +30,7 @@ static struct digest_type_t digest_types[] =
 #endif
     },
 
-    {{"md5"},
+    {{"md5"}, NO_FIPS_DIGEST,
 #ifdef HAVE_MD5
      {&EVP_md5}
 #else
@@ -38,7 +38,7 @@ static struct digest_type_t digest_types[] =
 #endif
     },
 
-    {{"ripemd160"},
+    {{"ripemd160"}, NO_FIPS_DIGEST,
 #ifdef HAVE_RIPEMD160
      {&EVP_ripemd160}
 #else
@@ -46,9 +46,9 @@ static struct digest_type_t digest_types[] =
 #endif
     },
 
-    {{"sha"}, {&EVP_sha1}},
+    {{"sha"}, 0, {&EVP_sha1}},
 
-    {{"sha224"},
+    {{"sha224"}, 0,
 #ifdef HAVE_SHA224
      {&EVP_sha224}
 #else
@@ -56,7 +56,7 @@ static struct digest_type_t digest_types[] =
 #endif
     },
 
-    {{"sha256"},
+    {{"sha256"}, 0,
 #ifdef HAVE_SHA256
      {&EVP_sha256}
 #else
@@ -64,7 +64,7 @@ static struct digest_type_t digest_types[] =
 #endif
     },
 
-    {{"sha384"},
+    {{"sha384"}, 0,
 #ifdef HAVE_SHA384
      {&EVP_sha384}
 #else
@@ -72,7 +72,7 @@ static struct digest_type_t digest_types[] =
 #endif
     },
 
-    {{"sha512"},
+    {{"sha512"}, 0,
 #ifdef HAVE_SHA512
      {&EVP_sha512}
 #else
@@ -80,7 +80,7 @@ static struct digest_type_t digest_types[] =
 #endif
     },
 
-    {{"sha3_224"},
+    {{"sha3_224"}, 0,
 #ifdef HAVE_SHA3_224
      {&EVP_sha3_224}
 #else
@@ -88,7 +88,7 @@ static struct digest_type_t digest_types[] =
 #endif
     },
 
-    {{"sha3_256"},
+    {{"sha3_256"}, 0,
 #ifdef HAVE_SHA3_256
      {&EVP_sha3_256}
 #else
@@ -96,7 +96,7 @@ static struct digest_type_t digest_types[] =
 #endif
     },
 
-    {{"sha3_384"},
+    {{"sha3_384"}, 0,
 #ifdef HAVE_SHA3_384
      {&EVP_sha3_384}
 #else
@@ -104,7 +104,7 @@ static struct digest_type_t digest_types[] =
 #endif
     },
 
-    {{"sha3_512"},
+    {{"sha3_512"}, 0,
 #ifdef HAVE_SHA3_512
      {&EVP_sha3_512}
 #else
@@ -112,7 +112,7 @@ static struct digest_type_t digest_types[] =
 #endif
     },
 
-    {{"blake2b"},
+    {{"blake2b"}, 0,
 #ifdef HAVE_BLAKE2
      {&EVP_blake2b512}
 #else
@@ -120,7 +120,7 @@ static struct digest_type_t digest_types[] =
 #endif
     },
 
-    {{"blake2s"},
+    {{"blake2s"}, 0,
 #ifdef HAVE_BLAKE2
      {&EVP_blake2s256}
 #else
@@ -128,7 +128,8 @@ static struct digest_type_t digest_types[] =
 #endif
     },
 
-    {{NULL}, {NULL}}
+    /*==== End of list ==== */
+    {{NULL}, 0, {NULL}}
 };
 
 void init_digest_types(ErlNifEnv* env)
diff --git a/lib/crypto/c_src/digest.h b/lib/crypto/c_src/digest.h
index 06852416cf..b1f8128a1f 100644
--- a/lib/crypto/c_src/digest.h
+++ b/lib/crypto/c_src/digest.h
@@ -28,12 +28,25 @@ struct digest_type_t {
 	const char*  str;        /* before init, NULL for end-of-table */
 	ERL_NIF_TERM atom;       /* after init, 'false' for end-of-table */
     }type;
+    unsigned flags;
     union {
 	const EVP_MD* (*funcp)(void);  /* before init, NULL if notsup */
 	const EVP_MD* p;               /* after init, NULL if notsup */
     }md;
 };
 
+/* masks in the flags field if digest_type_t */
+#define NO_FIPS_DIGEST 1
+
+#ifdef FIPS_SUPPORT
+/* May have FIPS support, must check dynamically if it is enabled */
+# define DIGEST_FORBIDDEN_IN_FIPS(P) (((P)->flags & NO_FIPS_DIGEST) && FIPS_mode())
+#else
+/* No FIPS support since the symbol FIPS_SUPPORT is undefined */
+# define DIGEST_FORBIDDEN_IN_FIPS(P) 0
+#endif
+
+
 void init_digest_types(ErlNifEnv* env);
 struct digest_type_t* get_digest_type(ERL_NIF_TERM type);
 
diff --git a/lib/crypto/c_src/evp.c b/lib/crypto/c_src/evp.c
index 3bf66bfffe..fb6495a640 100644
--- a/lib/crypto/c_src/evp.c
+++ b/lib/crypto/c_src/evp.c
@@ -106,25 +106,34 @@ ERL_NIF_TERM evp_generate_key_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM a
     EVP_PKEY_CTX *ctx = NULL;
     EVP_PKEY *pkey = NULL;
     ERL_NIF_TERM ret_pub, ret_prv, ret;
+    ErlNifBinary prv_key;
     size_t key_len;
     unsigned char *out_pub = NULL, *out_priv = NULL;
 
-    ASSERT(argc == 1);
-
     if (argv[0] == atom_x25519)
         type = EVP_PKEY_X25519;
     else if (argv[0] == atom_x448)
         type = EVP_PKEY_X448;
+    else if (argv[0] == atom_ed25519)
+        type = EVP_PKEY_ED25519;
+    else if (argv[0] == atom_ed448)
+        type = EVP_PKEY_ED448;
     else
         goto bad_arg;
 
-    if ((ctx = EVP_PKEY_CTX_new_id(type, NULL)) == NULL)
-        goto bad_arg;
-
-    if (EVP_PKEY_keygen_init(ctx) != 1)
-        goto err;
-    if (EVP_PKEY_keygen(ctx, &pkey) != 1)
-        goto err;
+    if (argv[1] == atom_undefined) {
+        if ((ctx = EVP_PKEY_CTX_new_id(type, NULL)) == NULL)
+            goto bad_arg;
+        if (EVP_PKEY_keygen_init(ctx) != 1)
+            goto err;
+        if (EVP_PKEY_keygen(ctx, &pkey) != 1)
+            goto err;
+    } else {
+        if (!enif_inspect_binary(env, argv[1], &prv_key))
+            goto bad_arg;
+        if ((pkey = EVP_PKEY_new_raw_private_key(type, NULL, prv_key.data, prv_key.size)) == NULL)
+            goto bad_arg;
+    }
 
     if (EVP_PKEY_get_raw_public_key(pkey, NULL, &key_len) != 1)
         goto err;
diff --git a/lib/crypto/c_src/hmac.c b/lib/crypto/c_src/hmac.c
index ff7005d75e..5e2c68bfee 100644
--- a/lib/crypto/c_src/hmac.c
+++ b/lib/crypto/c_src/hmac.c
@@ -18,6 +18,18 @@
  * %CopyrightEnd%
  */
 
+
+/*****************************************************************
+ *
+ * This file has functions for compatibility with cryptolibs
+ * lacking the EVP_Digest API.
+ *
+ * See mac.c for the implementation using the EVP interface.
+ *
+ ****************************************************************/
+
+#ifndef HAS_EVP_PKEY_CTX
+
 #include "hmac.h"
 #include "digest.h"
 
@@ -47,61 +59,6 @@ int init_hmac_ctx(ErlNifEnv *env) {
     return 0;
 }
 
-ERL_NIF_TERM hmac_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
-{/* (Type, Key, Data) or (Type, Key, Data, MacSize) */
-    struct digest_type_t *digp = NULL;
-    ErlNifBinary         key, data;
-    unsigned char        buff[EVP_MAX_MD_SIZE];
-    unsigned             size = 0, req_size = 0;
-    ERL_NIF_TERM         ret;
-    unsigned char        *outp;
-
-    ASSERT(argc == 3 || argc == 4);
-
-    if ((digp = get_digest_type(argv[0])) == NULL)
-        goto bad_arg;
-    if (!enif_inspect_iolist_as_binary(env, argv[1], &key))
-        goto bad_arg;
-    if (key.size > INT_MAX)
-        goto bad_arg;
-    if (!enif_inspect_iolist_as_binary(env, argv[2], &data))
-        goto bad_arg;
-    if (argc == 4) {
-        if (!enif_get_uint(env, argv[3], &req_size))
-            goto bad_arg;
-    }
-
-    if (digp->md.p == NULL)
-        goto err;
-    if (HMAC(digp->md.p,
-             key.data, (int)key.size,
-             data.data, data.size,
-             buff, &size) == NULL)
-        goto err;
-
-    ASSERT(0 < size && size <= EVP_MAX_MD_SIZE);
-    CONSUME_REDS(env, data);
-
-    if (argc == 4) {
-        if (req_size > size)
-            goto bad_arg;
-
-        size = req_size;
-    }
-
-    if ((outp = enif_make_new_binary(env, size, &ret)) == NULL)
-        goto err;
-
-    memcpy(outp, buff, size);
-    return ret;
-
- bad_arg:
-    return enif_make_badarg(env);
-
- err:
-    return atom_notsup;
-}
-
 static void hmac_context_dtor(ErlNifEnv* env, struct hmac_context *obj)
 {
     if (obj == NULL)
@@ -118,17 +75,17 @@ static void hmac_context_dtor(ErlNifEnv* env, struct hmac_context *obj)
 }
 
 ERL_NIF_TERM hmac_init_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
-{/* (Type, Key) */
+{/* (hmac, Type, Key) */
     struct digest_type_t *digp = NULL;
     ErlNifBinary         key;
     ERL_NIF_TERM         ret;
     struct hmac_context  *obj = NULL;
 
-    ASSERT(argc == 2);
+    ASSERT(argc == 3);
 
-    if ((digp = get_digest_type(argv[0])) == NULL)
+    if ((digp = get_digest_type(argv[1])) == NULL)
         goto bad_arg;
-    if (!enif_inspect_iolist_as_binary(env, argv[1], &key))
+    if (!enif_inspect_iolist_as_binary(env, argv[2], &key))
         goto bad_arg;
     if (key.size > INT_MAX)
         goto bad_arg;
@@ -268,3 +225,44 @@ ERL_NIF_TERM hmac_final_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
     return ret;
 }
 
+
+
+int hmac_low_level(ErlNifEnv* env, const EVP_MD *md,
+                   ErlNifBinary key_bin, ErlNifBinary text,
+                   ErlNifBinary *ret_bin, int *ret_bin_alloc, ERL_NIF_TERM *return_term)
+{
+    unsigned int size_int;
+    size_t size;
+
+    /* Find the needed space */
+    if (HMAC(md,
+             key_bin.data, (int)key_bin.size,
+             text.data, text.size,
+             NULL, &size_int) == NULL)
+        {
+            *return_term = EXCP_ERROR(env, "Get HMAC size failed");
+            return 0;
+        }
+
+    size = (size_t)size_int; /* Otherwise "size" is unused in 0.9.8.... */
+    if (!enif_alloc_binary(size, ret_bin))
+        {
+            *return_term = EXCP_ERROR(env, "Alloc binary");
+            return 0;
+        }
+    *ret_bin_alloc = 1;
+
+    /* And do the real HMAC calc */
+    if (HMAC(md,
+             key_bin.data, (int)key_bin.size,
+             text.data, text.size,
+             ret_bin->data, &size_int) == NULL)
+        {
+            *return_term = EXCP_ERROR(env, "HMAC sign failed");
+            return 0;
+        }
+                    
+    return 1;
+}
+
+#endif
diff --git a/lib/crypto/c_src/hmac.h b/lib/crypto/c_src/hmac.h
index 1f0e0ca632..f5805e13e5 100644
--- a/lib/crypto/c_src/hmac.h
+++ b/lib/crypto/c_src/hmac.h
@@ -21,13 +21,19 @@
 #ifndef E_HMAC_H__
 #define E_HMAC_H__ 1
 
+#ifndef HAS_EVP_PKEY_CTX
+
 #include "common.h"
 
 int init_hmac_ctx(ErlNifEnv *env);
 
-ERL_NIF_TERM hmac_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
 ERL_NIF_TERM hmac_init_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
 ERL_NIF_TERM hmac_update_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
 ERL_NIF_TERM hmac_final_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
 
+int hmac_low_level(ErlNifEnv* env, const EVP_MD *md,
+                   ErlNifBinary key_bin, ErlNifBinary text,
+                   ErlNifBinary *ret_bin, int *ret_bin_alloc, ERL_NIF_TERM *return_term);
+#endif
+
 #endif /* E_HMAC_H__ */
diff --git a/lib/crypto/c_src/mac.c b/lib/crypto/c_src/mac.c
new file mode 100644
index 0000000000..149975ba9d
--- /dev/null
+++ b/lib/crypto/c_src/mac.c
@@ -0,0 +1,751 @@
+/*
+ * %CopyrightBegin%
+ *
+ * Copyright Ericsson AB 2010-2019. All Rights Reserved.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * %CopyrightEnd%
+ */
+
+#include "common.h"
+#include "cipher.h"
+#include "digest.h"
+#include "cmac.h"
+#include "hmac.h"
+#include "mac.h"
+
+/***************************
+     MAC type declaration
+***************************/
+
+struct mac_type_t {
+    union {
+	const char*  str;        /* before init, NULL for end-of-table */
+	ERL_NIF_TERM atom;       /* after init, 'false' for end-of-table */
+    }name;
+    unsigned flags;
+    union {
+        const int pkey_type;
+    }alg;
+    int type;
+    size_t key_len;      /* != 0 to also match on key_len */
+};
+
+/* masks in the flags field if mac_type_t */
+#define NO_FIPS_MAC 1
+
+#define NO_mac 0
+#define HMAC_mac 1
+#define CMAC_mac 2
+#define POLY1305_mac 3
+
+static struct mac_type_t mac_types[] =
+{
+    {{"poly1305"}, NO_FIPS_MAC,
+#ifdef HAVE_POLY1305
+     /* If we have POLY then we have EVP_PKEY */
+     {EVP_PKEY_POLY1305}, POLY1305_mac, 32
+#else
+     {EVP_PKEY_NONE}, NO_mac, 0
+#endif
+    },
+
+    {{"hmac"}, 0,
+#ifdef HAS_EVP_PKEY_CTX
+     {EVP_PKEY_HMAC}, HMAC_mac, 0
+#else
+     /* HMAC is always supported, but possibly with low-level routines */
+     {EVP_PKEY_NONE}, HMAC_mac, 0
+#endif
+    },
+
+    {{"cmac"}, 0,
+#ifdef HAVE_CMAC
+     /* If we have CMAC then we have EVP_PKEY */
+     {EVP_PKEY_CMAC}, CMAC_mac, 0
+#else
+     {EVP_PKEY_NONE}, NO_mac, 0
+#endif
+    },
+
+    /*==== End of list ==== */
+    {{NULL}, 0,
+     {0}, NO_mac, 0
+    }
+};
+
+
+#ifdef FIPS_SUPPORT
+/* May have FIPS support, must check dynamically if it is enabled */
+# define MAC_FORBIDDEN_IN_FIPS(P) (((P)->flags & NO_FIPS_MAC) && FIPS_mode())
+#else
+/* No FIPS support since the symbol FIPS_SUPPORT is undefined */
+# define MAC_FORBIDDEN_IN_FIPS(P) 0
+#endif
+
+
+/***************************
+ Mandatory prototypes
+***************************/
+
+struct mac_type_t* get_mac_type(ERL_NIF_TERM type, size_t key_len);
+struct mac_type_t* get_mac_type_no_key(ERL_NIF_TERM type);
+
+ERL_NIF_TERM mac_one_time(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
+
+ERL_NIF_TERM mac_update(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
+
+
+/********************************
+ Support functions for type array
+*********************************/
+
+void init_mac_types(ErlNifEnv* env)
+{
+    struct mac_type_t* p = mac_types;
+
+    for (p = mac_types; p->name.str; p++) {
+	p->name.atom = enif_make_atom(env, p->name.str);
+    }
+    p->name.atom = atom_false;  /* end marker */
+}
+
+
+ERL_NIF_TERM mac_types_as_list(ErlNifEnv* env)
+{
+    struct mac_type_t* p;
+    ERL_NIF_TERM prev, hd;
+
+    hd = enif_make_list(env, 0);
+    prev = atom_undefined;
+
+    for (p = mac_types; (p->name.atom & (p->name.atom != atom_false)); p++) {
+        if (prev == p->name.atom)
+            continue;
+
+        if (p->type != NO_mac)
+            {
+                hd = enif_make_list_cell(env, p->name.atom, hd);
+            }
+    }
+
+    return hd;
+}
+
+struct mac_type_t* get_mac_type(ERL_NIF_TERM type, size_t key_len)
+{
+    struct mac_type_t* p = NULL;
+    for (p = mac_types; p->name.atom != atom_false; p++) {
+	if (type == p->name.atom) {
+            if ((p->key_len == 0) || (p->key_len == key_len))
+                return p;
+	}
+    }
+    return NULL;
+}
+
+struct mac_type_t* get_mac_type_no_key(ERL_NIF_TERM type)
+{
+    struct mac_type_t* p = NULL;
+    for (p = mac_types; p->name.atom != atom_false; p++) {
+	if (type == p->name.atom) {
+	    return p;
+	}
+    }
+    return NULL;
+}
+
+/*******************************************************************
+ *
+ * Mac nif
+ *
+ ******************************************************************/
+ERL_NIF_TERM mac_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
+{/* (MacType, SubType, Key, Text) */
+    ErlNifBinary  text;
+
+    if (!enif_inspect_iolist_as_binary(env, argv[3], &text))
+        return EXCP_BADARG(env, "Bad text");
+
+    if (text.size > INT_MAX)
+        return EXCP_BADARG(env, "Too long text");
+
+    /* Run long jobs on a dirty scheduler to not block the current emulator thread */
+    if (text.size > MAX_BYTES_TO_NIF) {
+        return enif_schedule_nif(env, "mac_one_time",
+                                 ERL_NIF_DIRTY_JOB_CPU_BOUND,
+                                 mac_one_time, argc, argv);
+    }
+
+    return mac_one_time(env, argc, argv);
+}
+
+
+
+ERL_NIF_TERM mac_one_time(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
+{/* (MacType, SubType, Key, Text) */
+
+    struct mac_type_t *macp;
+    ErlNifBinary key_bin, text;
+    int ret_bin_alloc = 0;
+    ERL_NIF_TERM return_term;
+    const EVP_MD *md = NULL;
+    ErlNifBinary ret_bin;
+#ifdef HAS_EVP_PKEY_CTX
+    size_t size;
+    EVP_PKEY *pkey = NULL;
+    EVP_MD_CTX *mctx = NULL;
+#endif
+
+    /*---------------------------------
+      Get common indata and validate it
+    */
+    if (!enif_inspect_iolist_as_binary(env, argv[2], &key_bin))
+        {
+            return_term = EXCP_BADARG(env, "Bad key");
+            goto err;
+        }
+
+    if (!enif_inspect_iolist_as_binary(env, argv[3], &text))
+        {
+            return_term = EXCP_BADARG(env, "Bad text");
+            goto err;
+        }
+
+    if (!(macp = get_mac_type(argv[0], key_bin.size)))
+        {
+            if (!get_mac_type_no_key(argv[0]))
+                return_term = EXCP_BADARG(env, "Unknown mac algorithm");
+            else
+                return_term = EXCP_BADARG(env, "Bad key length");
+            goto err;
+        }
+
+    if (MAC_FORBIDDEN_IN_FIPS(macp))
+        {
+            return_term = EXCP_NOTSUP(env, "MAC algorithm forbidden in FIPS");
+            goto err;
+        }
+
+    /*--------------------------------------------------
+      Algorithm dependent indata checking and computation.
+      If EVP_PKEY is available, only set the pkey variable
+      and do the computation after the switch statement.
+      If not available, do the low-level calls in the 
+      corresponding case part
+    */
+    switch (macp->type) {
+
+        /********
+         * HMAC *
+         ********/
+    case HMAC_mac:
+        {
+            struct digest_type_t *digp;
+
+            if ((digp = get_digest_type(argv[1])) == NULL)
+                {
+                    return_term = EXCP_BADARG(env, "Bad digest algorithm for HMAC");
+                    goto err;
+                }
+            if (digp->md.p == NULL)
+                {
+                    return_term = EXCP_NOTSUP(env, "Unsupported digest algorithm");
+                    goto err;
+                }
+            if (DIGEST_FORBIDDEN_IN_FIPS(digp))
+                {
+                    return_term = EXCP_NOTSUP(env, "Digest algorithm for HMAC forbidden in FIPS");
+                    goto err;
+                }
+            md = digp->md.p;
+
+#ifdef HAS_EVP_PKEY_CTX
+# ifdef HAVE_PKEY_new_raw_private_key
+            /* Prefered for new applications according to EVP_PKEY_new_mac_key(3) */
+            pkey = EVP_PKEY_new_raw_private_key(EVP_PKEY_HMAC, /*engine*/ NULL, key_bin.data,  key_bin.size);
+# else
+            /* Available in older versions */
+            pkey = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, /*engine*/ NULL, key_bin.data,  key_bin.size);
+# endif
+
+#else
+            if (!hmac_low_level(env, md, key_bin, text, &ret_bin, &ret_bin_alloc, &return_term))
+                goto err;
+            else
+                goto success;
+#endif
+        }
+        break;
+
+
+        /********
+         * CMAC *
+         ********/
+#ifdef HAVE_CMAC
+    case CMAC_mac:
+        {
+            const struct cipher_type_t *cipherp;
+            if (!(cipherp = get_cipher_type(argv[1], key_bin.size)))
+                { /* Something went wrong. Find out what by retrying in another way. */
+                    if (!get_cipher_type_no_key(argv[1]))
+                        return_term = EXCP_BADARG(env, "Unknown cipher");
+                    else
+                        /* Cipher exists, so it must be the key size that is wrong */
+                        return_term = EXCP_BADARG(env, "Bad key size");
+                    goto err;
+                }
+            
+            if (CIPHER_FORBIDDEN_IN_FIPS(cipherp))
+                {
+                    return_term = EXCP_NOTSUP(env, "Cipher algorithm not supported in FIPS");
+                    goto err;
+                }
+
+            if (cipherp->cipher.p == NULL)
+                {
+                    return_term = EXCP_NOTSUP(env, "Unsupported cipher algorithm");
+                    goto err;
+                }
+
+# ifdef HAVE_EVP_PKEY_new_CMAC_key
+            pkey = EVP_PKEY_new_CMAC_key(/*engine*/ NULL, key_bin.data,  key_bin.size, cipherp->cipher.p);
+# else
+            if (!cmac_low_level(env, key_bin, cipherp->cipher.p, text, &ret_bin, &ret_bin_alloc, &return_term))
+                goto err;
+            else
+                goto success;
+# endif
+        }
+        break;
+#endif /* HAVE_CMAC */
+
+
+        /************
+         * POLY1305 *
+         ************/
+#ifdef HAVE_POLY1305
+    case POLY1305_mac:
+        /* poly1305 implies that EVP_PKEY_new_raw_private_key exists */
+        pkey = EVP_PKEY_new_raw_private_key(EVP_PKEY_POLY1305, /*engine*/ NULL, key_bin.data,  key_bin.size);
+        break;
+#endif
+
+
+        /***************
+         * Unknown MAC *
+         ***************/
+    case NO_mac:
+    default:
+        /* We know that this mac is supported with some version(s) of cryptolib */
+        return_term = EXCP_NOTSUP(env, "Unsupported mac algorithm");
+        goto err;
+    }
+
+    /*-----------------------------------------
+      Common computations when we have EVP_PKEY
+    */
+#ifdef HAS_EVP_PKEY_CTX
+    if (!pkey)
+        {
+            return_term = EXCP_ERROR(env, "EVP_PKEY_key creation");
+            goto err;
+        }
+    
+    if ((mctx = EVP_MD_CTX_new()) == NULL)
+        {
+            return_term = EXCP_ERROR(env, "EVP_MD_CTX_new");
+            goto err;
+        }
+
+    if (EVP_DigestSignInit(mctx, /*&pctx*/ NULL, md, /*engine*/ NULL, pkey) != 1)
+        {
+            return_term = EXCP_ERROR(env, "EVP_DigestSign");
+            goto err;
+        }
+
+# ifdef HAVE_DigestSign_as_single_op
+    if (EVP_DigestSign(mctx, NULL, &size, text.data, text.size) != 1)
+        {
+            return_term = EXCP_ERROR(env, "Can't get sign size");
+            goto err;
+        }
+# else
+    if (EVP_DigestSignUpdate(mctx, text.data, text.size) != 1)
+        {
+            return_term = EXCP_ERROR(env, "EVP_DigestSignUpdate");
+            goto err;
+        }
+
+    if (EVP_DigestSignFinal(mctx, NULL, &size) != 1)
+        {
+            return_term = EXCP_ERROR(env, "Can't get sign size");
+            goto err;
+        }
+# endif
+   
+    if (!enif_alloc_binary(size, &ret_bin))
+        {
+            return_term = EXCP_ERROR(env, "Alloc binary");
+            goto err;
+        }
+    ret_bin_alloc = 1;
+
+# ifdef HAVE_DigestSign_as_single_op
+    if (EVP_DigestSign(mctx, ret_bin.data, &size, text.data, text.size) != 1)
+# else    
+    if (EVP_DigestSignFinal(mctx, ret_bin.data, &size) != 1)
+# endif
+        {
+            return_term = EXCP_ERROR(env, "Signing");
+            goto err;
+        }
+
+    goto success; /* The label "success:" could be left without any "goto success"
+                     in some combination of flags. This prevents a compiler warning
+                  */
+#endif /* ifdef HAS_EVP_PKEY_CTX */
+
+
+    /****************************
+     Exit when we got a signature
+    *****************************/
+ success:
+    CONSUME_REDS(env, text);
+
+    return_term = enif_make_binary(env, &ret_bin);
+    ret_bin_alloc = 0;
+
+ err:
+
+#ifdef HAS_EVP_PKEY_CTX
+    if (pkey)
+        EVP_PKEY_free(pkey);
+    if (mctx)
+        EVP_MD_CTX_free(mctx);
+#endif
+
+    if (ret_bin_alloc)
+        enif_release_binary(&ret_bin);
+
+    return return_term;
+}
+
+
+/*******************************************************************
+ *
+ * Mac ctx
+ *
+ ******************************************************************/
+
+int init_mac_ctx(ErlNifEnv *env);
+
+struct mac_context
+{
+    EVP_MD_CTX *ctx;
+};
+
+static ErlNifResourceType* mac_context_rtype;
+
+static void mac_context_dtor(ErlNifEnv* env, struct mac_context*);
+
+int init_mac_ctx(ErlNifEnv *env) {
+    mac_context_rtype = enif_open_resource_type(env, NULL, "mac_context",
+                                                (ErlNifResourceDtor*) mac_context_dtor,
+                                                ERL_NIF_RT_CREATE|ERL_NIF_RT_TAKEOVER,
+                                                NULL);
+    if (mac_context_rtype == NULL)
+        goto err;
+
+    return 1;
+
+ err:
+    PRINTF_ERR0("CRYPTO: Could not open resource type 'mac_context'");
+    return 0;
+}
+
+
+static void mac_context_dtor(ErlNifEnv* env, struct mac_context *obj)
+{
+    if (obj == NULL)
+        return;
+
+    if (obj->ctx)
+        EVP_MD_CTX_free(obj->ctx);
+}
+
+/*******************************************************************
+ *
+ * mac_init, mac_update, mac_final nifs
+ *
+ ******************************************************************/
+
+ERL_NIF_TERM mac_init_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
+{/* (MacType, SubType, Key) */
+#ifdef HAS_EVP_PKEY_CTX
+    struct mac_context  *obj = NULL;
+    struct mac_type_t *macp;
+    ErlNifBinary key_bin;
+    ERL_NIF_TERM return_term;
+    const EVP_MD *md = NULL;
+    EVP_PKEY *pkey = NULL;
+
+    /*---------------------------------
+      Get common indata and validate it
+    */
+    if (!enif_inspect_iolist_as_binary(env, argv[2], &key_bin))
+        {
+            return_term = EXCP_BADARG(env, "Bad key");
+            goto err;
+        }
+
+    if (!(macp = get_mac_type(argv[0], key_bin.size)))
+        {
+            if (!get_mac_type_no_key(argv[0]))
+                return_term = EXCP_BADARG(env, "Unknown mac algorithm");
+            else
+                return_term = EXCP_BADARG(env, "Bad key length");
+            goto err;
+        }
+
+    if (MAC_FORBIDDEN_IN_FIPS(macp))
+        {
+            return_term = EXCP_NOTSUP(env, "MAC algorithm forbidden in FIPS");
+            goto err;
+        }
+
+    /*--------------------------------------------------
+      Algorithm dependent indata checking and computation.
+      If EVP_PKEY is available, only set the pkey variable
+      and do the computation after the switch statement.
+      If not available, do the low-level calls in the 
+      corresponding case part
+    */
+    switch (macp->type) {
+
+        /********
+         * HMAC *
+         ********/
+    case HMAC_mac:
+        {
+            struct digest_type_t *digp;
+
+            if ((digp = get_digest_type(argv[1])) == NULL)
+                {
+                    return_term = EXCP_BADARG(env, "Bad digest algorithm for HMAC");
+                    goto err;
+                }
+            if (digp->md.p == NULL)
+                {
+                    return_term = EXCP_NOTSUP(env, "Unsupported digest algorithm");
+                    goto err;
+                }
+            if (DIGEST_FORBIDDEN_IN_FIPS(digp))
+                {
+                    return_term = EXCP_NOTSUP(env, "Digest algorithm for HMAC forbidden in FIPS");
+                    goto err;
+                }
+            md = digp->md.p;
+
+# ifdef HAVE_PKEY_new_raw_private_key
+            /* Prefered for new applications according to EVP_PKEY_new_mac_key(3) */
+            pkey = EVP_PKEY_new_raw_private_key(EVP_PKEY_HMAC, /*engine*/ NULL, key_bin.data,  key_bin.size);
+# else
+            /* Available in older versions */
+            pkey = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, /*engine*/ NULL, key_bin.data,  key_bin.size);
+# endif
+        }
+        break;
+
+
+        /********
+         * CMAC *
+         ********/
+#if defined(HAVE_CMAC) && defined(HAVE_EVP_PKEY_new_CMAC_key)
+    case CMAC_mac:
+        {
+            const struct cipher_type_t *cipherp;
+            if (!(cipherp = get_cipher_type(argv[1], key_bin.size)))
+                { /* Something went wrong. Find out what by retrying in another way. */
+                    if (!get_cipher_type_no_key(argv[1]))
+                        return_term = EXCP_BADARG(env, "Unknown cipher");
+                    else
+                        /* Cipher exists, so it must be the key size that is wrong */
+                        return_term = EXCP_BADARG(env, "Bad key size");
+                    goto err;
+                }
+            
+            if (CIPHER_FORBIDDEN_IN_FIPS(cipherp))
+                {
+                    return_term = EXCP_NOTSUP(env, "Cipher algorithm not supported in FIPS");
+                    goto err;
+                }
+
+            if (cipherp->cipher.p == NULL)
+                {
+                    return_term = EXCP_NOTSUP(env, "Unsupported cipher algorithm");
+                    goto err;
+                }
+
+            pkey = EVP_PKEY_new_CMAC_key(/*engine*/ NULL, key_bin.data,  key_bin.size, cipherp->cipher.p);
+        }
+        break;
+#endif /* HAVE_CMAC && HAVE_EVP_PKEY_new_CMAC_key */
+
+
+        /************
+         * POLY1305 *
+         ************/
+#ifdef HAVE_POLY1305
+    case POLY1305_mac:
+        /* poly1305 implies that EVP_PKEY_new_raw_private_key exists */
+        pkey = EVP_PKEY_new_raw_private_key(EVP_PKEY_POLY1305, /*engine*/ NULL, key_bin.data,  key_bin.size);
+        break;
+#endif
+
+
+        /***************
+         * Unknown MAC *
+         ***************/
+    case NO_mac:
+    default:
+        /* We know that this mac is supported with some version(s) of cryptolib */
+        return_term = EXCP_NOTSUP(env, "Unsupported mac algorithm");
+        goto err;
+    }
+
+    /*-----------------------------------------
+      Common computations
+    */
+    if (!pkey)
+        {
+            return_term = EXCP_ERROR(env, "EVP_PKEY_key creation");
+            goto err;
+        }
+    
+    if ((obj = enif_alloc_resource(mac_context_rtype, sizeof(struct mac_context))) == NULL)
+        {
+            return_term = EXCP_ERROR(env, "Can't allocate mac_context_rtype");
+            goto err;
+        }
+
+    if ((obj->ctx = EVP_MD_CTX_new()) == NULL)
+        {
+            return_term = EXCP_ERROR(env, "EVP_MD_CTX_new");
+            goto err;
+        }
+
+    if (EVP_DigestSignInit(obj->ctx, /*&pctx*/ NULL, md, /*engine*/ NULL, pkey) != 1)
+        {
+            return_term = EXCP_ERROR(env, "EVP_DigestSign");
+            goto err;
+        }
+
+    return_term = enif_make_resource(env, obj);
+
+ err:
+
+    if (obj)
+        enif_release_resource(obj);
+
+    if (pkey)
+        EVP_PKEY_free(pkey);
+
+    return return_term;
+
+#else
+    if (argv[0] != atom_hmac)
+        return EXCP_NOTSUP(env, "Unsupported mac algorithm");
+
+    return hmac_init_nif(env, argc, argv);
+#endif
+}
+
+
+
+ERL_NIF_TERM mac_update_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
+{/* (Ref, Text) */
+    ErlNifBinary  text;
+
+    if (!enif_inspect_iolist_as_binary(env, argv[1], &text))
+        return EXCP_BADARG(env, "Bad text");
+
+    if (text.size > INT_MAX)
+        return EXCP_BADARG(env, "Too long text");
+
+    /* Run long jobs on a dirty scheduler to not block the current emulator thread */
+    if (text.size > MAX_BYTES_TO_NIF) {
+        return enif_schedule_nif(env, "mac_update",
+                                 ERL_NIF_DIRTY_JOB_CPU_BOUND,
+                                 mac_update, argc, argv);
+    }
+
+    return mac_update(env, argc, argv);
+}
+
+
+ERL_NIF_TERM mac_update(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
+{/* (Ref, Text) */
+#ifdef HAS_EVP_PKEY_CTX
+    struct mac_context *obj = NULL;
+    ErlNifBinary text;
+
+    if (!enif_get_resource(env, argv[0], (ErlNifResourceType*)mac_context_rtype, (void**)&obj))
+        return EXCP_BADARG(env, "Bad ref");
+
+    if (!enif_inspect_iolist_as_binary(env, argv[1], &text))
+        return EXCP_BADARG(env, "Bad text");
+
+    if (EVP_DigestSignUpdate(obj->ctx, text.data, text.size) != 1)
+        return EXCP_ERROR(env, "EVP_DigestSignUpdate");
+
+    CONSUME_REDS(env, text);
+    return argv[0];
+
+#else
+    return hmac_update_nif(env, argc, argv);
+#endif
+}
+
+
+
+ERL_NIF_TERM mac_final_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
+{/* (Ref) */
+#ifdef HAS_EVP_PKEY_CTX
+    struct mac_context *obj;
+    size_t size;
+    ErlNifBinary ret_bin;
+    
+    if (!enif_get_resource(env, argv[0], (ErlNifResourceType*)mac_context_rtype, (void**)&obj))
+        return EXCP_BADARG(env, "Bad ref");
+
+    if (EVP_DigestSignFinal(obj->ctx, NULL, &size) != 1)
+        return EXCP_ERROR(env, "Can't get sign size");
+   
+    if (!enif_alloc_binary(size, &ret_bin))
+        return EXCP_ERROR(env, "Alloc binary");
+
+    if (EVP_DigestSignFinal(obj->ctx, ret_bin.data, &size) != 1)
+        {
+            enif_release_binary(&ret_bin);
+            return EXCP_ERROR(env, "Signing");
+        }
+ 
+    return enif_make_binary(env, &ret_bin);
+
+#else
+    return hmac_final_nif(env, argc, argv);
+#endif
+}
+
diff --git a/lib/crypto/c_src/poly1305.h b/lib/crypto/c_src/mac.h
index 4bf45e6218..053a331324 100644
--- a/lib/crypto/c_src/poly1305.h
+++ b/lib/crypto/c_src/mac.h
@@ -18,11 +18,21 @@
  * %CopyrightEnd%
  */
 
-#ifndef E_POLY1305_H__
-#define E_POLY1305_H__ 1
+#ifndef E_MAC_H__
+#define E_MAC_H__ 1
 
 #include "common.h"
 
-ERL_NIF_TERM poly1305_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
+int init_mac_ctx(ErlNifEnv *env);
 
-#endif /* E_POLY1305_H__ */
+void init_mac_types(ErlNifEnv* env);
+
+ERL_NIF_TERM mac_types_as_list(ErlNifEnv* env);
+
+ERL_NIF_TERM mac_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
+
+ERL_NIF_TERM mac_init_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
+ERL_NIF_TERM mac_update_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
+ERL_NIF_TERM mac_final_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[]);
+
+#endif /* E_MAC_H__ */
diff --git a/lib/crypto/c_src/openssl_config.h b/lib/crypto/c_src/openssl_config.h
index 339eb5b8f4..32a0830717 100644
--- a/lib/crypto/c_src/openssl_config.h
+++ b/lib/crypto/c_src/openssl_config.h
@@ -110,6 +110,12 @@
 #  define HAS_EVP_PKEY_CTX
 #  define HAVE_EVP_CIPHER_CTX_COPY
 # endif
+
+# if OPENSSL_VERSION_NUMBER >= PACKED_OPENSSL_VERSION_PLAIN(1,1,1)
+#   define HAVE_PKEY_new_raw_private_key
+#   define HAVE_EVP_PKEY_new_CMAC_key
+#   define HAVE_DigestSign_as_single_op
+# endif
 #endif
 
 
diff --git a/lib/crypto/c_src/pkey.c b/lib/crypto/c_src/pkey.c
index a1e2677b34..d53d91c25b 100644
--- a/lib/crypto/c_src/pkey.c
+++ b/lib/crypto/c_src/pkey.c
@@ -59,8 +59,9 @@ static int get_pkey_public_key(ErlNifEnv *env, ERL_NIF_TERM algorithm, ERL_NIF_T
 			       EVP_PKEY **pkey);
 static int get_pkey_crypt_options(ErlNifEnv *env, ERL_NIF_TERM algorithm, ERL_NIF_TERM options,
 				  PKeyCryptOptions *opt);
+#ifdef HAVE_RSA_SSLV23_PADDING
 static size_t size_of_RSA(EVP_PKEY *pkey);
-
+#endif
 
 static int get_pkey_digest_type(ErlNifEnv *env, ERL_NIF_TERM algorithm, ERL_NIF_TERM type,
 				const EVP_MD **md)
@@ -1031,6 +1032,7 @@ static int get_pkey_crypt_options(ErlNifEnv *env, ERL_NIF_TERM algorithm, ERL_NI
     return PKEY_BADARG;
 }
 
+#ifdef HAVE_RSA_SSLV23_PADDING
 static size_t size_of_RSA(EVP_PKEY *pkey) {
     int ret = 0;
     RSA *rsa = NULL;
@@ -1045,6 +1047,7 @@ static size_t size_of_RSA(EVP_PKEY *pkey) {
 
     return (ret < 0) ? 0 : (size_t)ret;
 }
+#endif
 
 ERL_NIF_TERM pkey_crypt_nif(ErlNifEnv *env, int argc, const ERL_NIF_TERM argv[])
 {/* (Algorithm, Data, PublKey=[E,N]|[E,N,D]|[E,N,D,P1,P2,E1,E2,C], Options, IsPrivate, IsEncrypt) */
diff --git a/lib/crypto/c_src/poly1305.c b/lib/crypto/c_src/poly1305.c
deleted file mode 100644
index 76579c0a29..0000000000
--- a/lib/crypto/c_src/poly1305.c
+++ /dev/null
@@ -1,90 +0,0 @@
-/*
- * %CopyrightBegin%
- *
- * Copyright Ericsson AB 2010-2018. All Rights Reserved.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * %CopyrightEnd%
- */
-
-#include "poly1305.h"
-
-/* For OpenSSL >= 1.1.1 the hmac_nif and cmac_nif could be integrated into poly1305 (with 'type' as parameter) */
-ERL_NIF_TERM poly1305_nif(ErlNifEnv* env, int argc, const ERL_NIF_TERM argv[])
-{/* (Key, Text) */
-#ifdef HAVE_POLY1305
-    ErlNifBinary key_bin, text, ret_bin;
-    ERL_NIF_TERM ret;
-    EVP_PKEY *key = NULL;
-    EVP_MD_CTX *mctx = NULL;
-    EVP_PKEY_CTX *pctx = NULL;
-    const EVP_MD *md = NULL;
-    size_t size;
-    int ret_bin_alloc = 0;
-
-    ASSERT(argc == 2);
-
-    if (!enif_inspect_binary(env, argv[0], &key_bin))
-        goto bad_arg;
-    if (key_bin.size != 32)
-        goto bad_arg;
-    if (!enif_inspect_binary(env, argv[1], &text))
-        goto bad_arg;
-
-    if ((key = EVP_PKEY_new_raw_private_key(EVP_PKEY_POLY1305, /*engine*/ NULL, key_bin.data,  key_bin.size)) == NULL)
-        goto err;
-
-    if ((mctx = EVP_MD_CTX_new()) == NULL)
-        goto err;
-    if (EVP_DigestSignInit(mctx, &pctx, md, /*engine*/ NULL, key) != 1)
-        goto err;
-    if (EVP_DigestSignUpdate(mctx, text.data, text.size) != 1)
-        goto err;
-
-    if (EVP_DigestSignFinal(mctx, NULL, &size) != 1)
-        goto err;
-    if (!enif_alloc_binary(size, &ret_bin))
-        goto err;
-    ret_bin_alloc = 1;
-    if (EVP_DigestSignFinal(mctx, ret_bin.data, &size) != 1)
-        goto err;
-
-    if (size != ret_bin.size) {
-        if (!enif_realloc_binary(&ret_bin, size))
-            goto err;
-    }
-
-    ret = enif_make_binary(env, &ret_bin);
-    ret_bin_alloc = 0;
-    goto done;
-
- bad_arg:
-    return enif_make_badarg(env);
-
- err:
-    if (ret_bin_alloc)
-        enif_release_binary(&ret_bin);
-    ret = atom_error;
-
- done:
-    if (mctx)
-        EVP_MD_CTX_free(mctx);
-    if (key)
-        EVP_PKEY_free(key);
-    return ret;
-
-#else
-    return enif_raise_exception(env, atom_notsup);
-#endif
-}