diff options
Diffstat (limited to 'lib/crypto/doc/src/notes.xml')
| -rw-r--r-- | lib/crypto/doc/src/notes.xml | 196 |
1 files changed, 196 insertions, 0 deletions
diff --git a/lib/crypto/doc/src/notes.xml b/lib/crypto/doc/src/notes.xml index 0a3f68ade2..5f47981855 100644 --- a/lib/crypto/doc/src/notes.xml +++ b/lib/crypto/doc/src/notes.xml @@ -31,6 +31,202 @@ </header> <p>This document describes the changes made to the Crypto application.</p> +<section><title>Crypto 4.5.1</title> + + <section><title>Fixed Bugs and Malfunctions</title> + <list> + <item> + <p> + The cipher aes-ctr was disabled by misstake in + crypto:supports for cryptolibs before 1.0.1. It worked + however in the encrypt and decrypt functions.</p> + <p> + Own Id: OTP-15829</p> + </item> + </list> + </section> + +</section> + +<section><title>Crypto 4.5</title> + + <section><title>Fixed Bugs and Malfunctions</title> + <list> + <item> + <p> + Fixed a bug in error return for <c>crypto:poly1305/2</c>. + It returned the atom <c>notsup</c> instead of the + exception <c>notsup</c>.</p> + <p> + *** POTENTIAL INCOMPATIBILITY ***</p> + <p> + Own Id: OTP-15677</p> + </item> + <item> + <p> + The cipher chacha20 was introduced in OpenSSL 1.1.0. + However, it could in a very odd situation, fail for + versions less than OpenSSL 1.1.0d. It is therefore + disabled for those versions.</p> + <p> + *** POTENTIAL INCOMPATIBILITY ***</p> + <p> + Own Id: OTP-15678</p> + </item> + </list> + </section> + + + <section><title>Improvements and New Features</title> + <list> + <item> + <p> A new <c>rand</c> module algorithm, <c>exro928ss</c> + (Xoroshiro928**), has been implemented. It has got a + really long period and good statistical quality for all + output bits, while still being only about 50% slower than + the default algorithm. </p><p> The same generator is also + used as a long period counter in a new <c>crypto</c> + plugin for the <c>rand</c> module, algorithm + <c>crypto_aes</c>. This plugin uses AES-256 to scramble + the counter which buries any detectable statistical + artifacts. Scrambling is done in chunks which are cached + to get good amortized speed (about half of the default + algorithm). </p> + <p> + Own Id: OTP-14461 Aux Id: PR-1857 </p> + </item> + <item> + <p> + Crypto's single C-file is split into multiple files. The + different coding styles in the different parts are + unified into a single style.</p> + <p> + Own Id: OTP-14732 Aux Id: PR-2068, PR-2095 </p> + </item> + <item> + <p> + Build configuration of the <c>crypto</c> application has + been moved from the <c>erts</c> application into the + <c>crypto</c> application.</p> + <p> + Own Id: OTP-15129</p> + </item> + <item> + <p> + Adds two hash functions <c>blake2b</c> and <c>blake2s</c> + (64 bit hash and 32 bit hash respectively). These are + modern and standard hash functions used in blockchains + and encrypted communication protocols. The hash functions + are available in OpenSSL since version 1.1.1.</p> + <p> + Own Id: OTP-15564 Aux Id: PR-2129 </p> + </item> + <item> + <p> + A new API is implemented in crypto. See the CRYPTO user's + guide, chapter <i>New and Old API</i> for more + information.</p> + <p> + The old api with the <c>crypto:block_*</c> and + <c>crypto:stream_*</c> interfaces are kept for + compatibility, but implemented with the new api. Please + note that since the error checking is more thorough, + there <i>might</i> be arguments with for example faulty + lengths that are no longer accepted.</p> + <p> + *** POTENTIAL INCOMPATIBILITY ***</p> + <p> + Own Id: OTP-15644 Aux Id: OTP-14732 , OTP-15451, PR-1857 + , PR-2068, PR-2095 </p> + </item> + <item> + <p> + The new hash_info/1 and cipher_info/1 functions returns + maps with information about the hash or cipher in the + argument.</p> + <p> + Own Id: OTP-15655 Aux Id: PR-2173, ERL-864, PR-2186 </p> + </item> + <item> + <p> + Obey additional OpenSSL configure flags when compiling + the C-part of the CRYPTO application: <c>no-bf</c>, + <c>no-blake2</c>, <c>no-chacha</c>, <c>no-cmac</c>, + <c>no-dh</c>, <c>no-dsa</c>, <c>no-md4</c>, + <c>no-poly1305</c>, <c>no-rc2</c>, <c>no-rc4</c> and + <c>no-rmd160</c>.</p> + <p> + Own Id: OTP-15683</p> + </item> + <item> + <p> + A new function <c>crypto:supports/1</c> is introduced. + The single argument takes an atom as argument: + <c>hashes</c>, <c>public_keys</c>, <c>ciphers</c>, + <c>macs</c>, <c>curves</c> or <c>rsa_opts</c>. The return + value is a list of supported algorithms.</p> + <p> + The difference with the existing <c>crypto:supports/0</c> + is, apart from the argument and the return value, that + the old function reports what is supported by the old + api, and the new function reports algorithms in the new + api.</p> + <p> + Own Id: OTP-15771</p> + </item> + </list> + </section> + +</section> + +<section><title>Crypto 4.4.2</title> + + <section><title>Fixed Bugs and Malfunctions</title> + <list> + <item> + <p> + Fixed build link error on Windows. Unresolved symbol + 'bcmp'.</p> + <p> + Own Id: OTP-15750 Aux Id: ERL-905 </p> + </item> + </list> + </section> + +</section> + +<section><title>Crypto 4.4.1</title> + + <section><title>Fixed Bugs and Malfunctions</title> + <list> + <item> + <p> + Fixes a bug that caused <c>crypto:sign</c> and + <c>crypto:verify</c> to return the error message + <c>badarg</c> instead of <c>notsup</c> in one case. That + case was when signing or verifying with eddsa keys (that + is, ed15519 or ed448), but only when FIPS was supported + and enabled.</p> + <p> + Own Id: OTP-15634</p> + </item> + </list> + </section> + + + <section><title>Improvements and New Features</title> + <list> + <item> + <p> + Added a crypto benchmark test suite.</p> + <p> + Own Id: OTP-15447</p> + </item> + </list> + </section> + +</section> + <section><title>Crypto 4.4</title> <section><title>Fixed Bugs and Malfunctions</title> |