8 files changed, 165 insertions, 31 deletions
diff --git a/lib/crypto/doc/src/book.xml b/lib/crypto/doc/src/book.xml
index 43ed49113f..b8b2c935b3 100644
--- a/lib/crypto/doc/src/book.xml
+++ b/lib/crypto/doc/src/book.xml
@@ -4,7 +4,7 @@
 <book xmlns:xi="http://www.w3.org/2001/XInclude">
   <header titlestyle="normal">
     <copyright>
-      <year>1999</year><year>2013</year>
+      <year>1999</year><year>2016</year>
       <holder>Ericsson AB. All Rights Reserved.</holder>
     </copyright>
     <legalnotice>
diff --git a/lib/crypto/doc/src/crypto.xml b/lib/crypto/doc/src/crypto.xml
index 563a090e98..82e450ec21 100644
--- a/lib/crypto/doc/src/crypto.xml
+++ b/lib/crypto/doc/src/crypto.xml
@@ -4,7 +4,7 @@
 <erlref>
   <header>
     <copyright>
-      <year>1999</year><year>2014</year>
+      <year>1999</year><year>2017</year>
       <holder>Ericsson AB. All Rights Reserved.</holder>
     </copyright>
     <legalnotice>
@@ -100,7 +100,7 @@
 
     <code>dh_private() = key_value() </code>
 
-    <code>dh_params() = [key_value()] = [P, G] </code>
+    <code>dh_params() = [key_value()] = [P, G] | [P, G, PrivateKeyBitLength]</code>
 
     <code>ecdh_public() = key_value() </code>
 
@@ -135,9 +135,8 @@
 
      <code>stream_cipher() = rc4 | aes_ctr </code>
 
-     <code>block_cipher() =  aes_cbc128 | aes_cfb8 | aes_cfb128 | aes_ige256 | blowfish_cbc |
-     blowfish_cfb64 | des_cbc | des_cfb | des3_cbc | des3_cbf
-     | des_ede3 | rc2_cbc </code>
+     <code>block_cipher() =  aes_cbc | aes_cfb8 | aes_cfb128 | aes_ige256 | blowfish_cbc |
+     blowfish_cfb64 | des_cbc | des_cfb | des3_cbc | des3_cfb | des_ede3 | rc2_cbc </code>
 
      <code>aead_cipher() =  aes_gcm | chacha20_poly1305 </code>
 
@@ -160,8 +159,9 @@
      <code> hash_algorithms() =  md5 | ripemd160 | sha | sha224 | sha256 | sha384 | sha512 </code> <p>md4 is also supported for hash_init/1 and hash/2.
      Note that both md4 and md5 are recommended only for compatibility with existing applications.
      </p>
-     <code> cipher_algorithms() = des_cbc | des_cfb |  des3_cbc | des3_cbf | des_ede3 |
-     blowfish_cbc | blowfish_cfb64 | aes_cbc128 | aes_cfb8 | aes_cfb128| aes_cbc256 | aes_ige256 | aes_gcm | chacha20_poly1305 | rc2_cbc | aes_ctr| rc4  </code>
+     <code> cipher_algorithms() = aes_cbc | aes_cfb8 | aes_cfb128 | aes_ctr | aes_gcm |
+     aes_ige256 | blowfish_cbc | blowfish_cfb64 | chacha20_poly1305 | des_cbc | des_cfb |
+     des3_cbc | des3_cfb | des_ede3 | rc2_cbc | rc4 </code>
      <code> public_key_algorithms() =   rsa |dss | ecdsa | dh | ecdh | ec_gf2m</code>
      <p>Note that ec_gf2m is not strictly a public key algorithm, but a restriction on what curves are supported
      with ecdsa and ecdh.
@@ -203,6 +203,7 @@
     <func>
       <name>block_encrypt(Type, Key, Ivec, PlainText) -> CipherText</name>
       <name>block_encrypt(AeadType, Key, Ivec, {AAD, PlainText}) -> {CipherText, CipherTag}</name>
+      <name>block_encrypt(aes_gcm, Key, Ivec, {AAD, PlainText, TagLength}) -> {CipherText, CipherTag}</name>
       <fsummary>Encrypt <c>PlainText</c> according to <c>Type</c> block cipher</fsummary>
       <type>
 	<v>Type = block_cipher() </v>
@@ -210,6 +211,7 @@
 	<v>Key = block_key() </v>
         <v>PlainText = iodata() </v>
         <v>AAD = IVec = CipherText = CipherTag = binary()</v>
+        <v>TagLength = 1..16</v>
       </type>
       <desc>
         <p>Encrypt <c>PlainText</c> according to <c>Type</c> block cipher.
@@ -306,6 +308,8 @@
       <desc>
 	<p>Generates public keys of type <c>Type</c>.
 	See also <seealso marker="public_key:public_key#generate_key-1">public_key:generate_key/1</seealso>
+	May throw exception <c>low_entropy</c> in case the random generator
+	failed due to lack of secure "randomness".
 	</p>
       </desc>
     </func>
@@ -594,22 +598,6 @@
     </func>
 
     <func>
-      <name>rand_bytes(N) -> binary()</name>
-      <fsummary>Generate a binary of random bytes</fsummary>
-      <type>
-        <v>N = integer()</v>
-      </type>
-      <desc>
-        <p>Generates N bytes randomly uniform 0..255, and returns the
-        result in a binary. Uses the <c>crypto</c> library pseudo-random
-        number generator.</p>
-        <p>This function is not recommended for cryptographic purposes.
-        Please use <seealso marker="#strong_rand_bytes/1">
-        strong_rand_bytes/1</seealso> instead.</p>
-      </desc>
-    </func>
-
-    <func>
       <name>rand_seed(Seed) -> ok</name>
       <fsummary>Set the seed for random bytes generation</fsummary>
       <type>
diff --git a/lib/crypto/doc/src/crypto_app.xml b/lib/crypto/doc/src/crypto_app.xml
index 4ba2d34934..2b9e505988 100644
--- a/lib/crypto/doc/src/crypto_app.xml
+++ b/lib/crypto/doc/src/crypto_app.xml
@@ -5,7 +5,7 @@
   <header>
     <copyright>
       <year>1999</year>
-      <year>2014</year>
+      <year>2016</year>
       <holder>Ericsson AB, All Rights Reserved</holder>
     </copyright>
     <legalnotice>
diff --git a/lib/crypto/doc/src/licenses.xml b/lib/crypto/doc/src/licenses.xml
index 57d78f7bd9..e5c06cf7ce 100644
--- a/lib/crypto/doc/src/licenses.xml
+++ b/lib/crypto/doc/src/licenses.xml
@@ -4,7 +4,7 @@
 <chapter>
   <header>
     <copyright>
-      <year>2003</year><year>2013</year>
+      <year>2003</year><year>2016</year>
       <holder>Ericsson AB. All Rights Reserved.</holder>
     </copyright>
     <legalnotice>
diff --git a/lib/crypto/doc/src/notes.xml b/lib/crypto/doc/src/notes.xml
index 0138eb6ad2..887aeca680 100644
--- a/lib/crypto/doc/src/notes.xml
+++ b/lib/crypto/doc/src/notes.xml
@@ -4,7 +4,7 @@
 <chapter>
   <header>
     <copyright>
-      <year>1999</year><year>2013</year>
+      <year>1999</year><year>2016</year>
       <holder>Ericsson AB. All Rights Reserved.</holder>
     </copyright>
     <legalnotice>
@@ -31,6 +31,152 @@
   </header>
   <p>This document describes the changes made to the Crypto application.</p>
 
+<section><title>Crypto 3.7.4</title>
+
+    <section><title>Fixed Bugs and Malfunctions</title>
+      <list>
+        <item>
+          <p>
+	    Fix a bug with AES CFB 128 for 192 and 256 bit keys.
+	    Thanks to kellymclaughlin !</p>
+          <p>
+	    Own Id: OTP-14313 Aux Id: PR-1393 </p>
+        </item>
+      </list>
+    </section>
+
+</section>
+
+<section><title>Crypto 3.7.3</title>
+
+    <section><title>Improvements and New Features</title>
+      <list>
+        <item>
+          <p>
+	    The implementation of the key exchange algorithms
+	    diffie-hellman-group-exchange-sha* are optimized, up to a
+	    factor of 11 for the slowest ( = biggest and safest)
+	    group size.</p>
+          <p>
+	    Own Id: OTP-14169 Aux Id: seq-13261 </p>
+        </item>
+      </list>
+    </section>
+
+</section>
+
+<section><title>Crypto 3.7.2</title>
+
+    <section><title>Fixed Bugs and Malfunctions</title>
+      <list>
+        <item>
+          <p>
+	    The crypto application has been fixed to not use RC2
+	    against OpenSSL built with RC2 disabled.</p>
+          <p>
+	    Own Id: OTP-13895 Aux Id: PR-1163 </p>
+        </item>
+        <item>
+          <p>
+	    The crypto application has been fixed to not use RC4
+	    against OpenSSL built with RC4 disabled.</p>
+          <p>
+	    Own Id: OTP-13896 Aux Id: PR-1169 </p>
+        </item>
+      </list>
+    </section>
+
+
+    <section><title>Improvements and New Features</title>
+      <list>
+        <item>
+          <p>
+	    To ease troubleshooting, <c>erlang:load_nif/2</c> now
+	    includes the return value from a failed call to
+	    load/reload/upgrade in the text part of the error tuple.
+	    The <c>crypto</c> NIF makes use of this feature by
+	    returning the source line where/if the initialization
+	    fails.</p>
+          <p>
+	    Own Id: OTP-13951</p>
+        </item>
+      </list>
+    </section>
+
+</section>
+
+<section><title>Crypto 3.7.1</title>
+
+    <section><title>Fixed Bugs and Malfunctions</title>
+      <list>
+        <item>
+          <p>
+	    Crypto has been fixed to work against OpenSSL versions
+	    with disabled DES ciphers. Correct spelling of cipher
+	    algorithm 'des3_cfb' has been introduced; the previous
+	    misspeling still works.</p>
+          <p>
+	    Own Id: OTP-13783 Aux Id: ERL-203 </p>
+        </item>
+        <item>
+          <p>
+	    The size of an internal array in crypto has been fixed to
+	    not segfault when having all possible ciphers. Bug fix by
+	    Duncan Overbruck.</p>
+          <p>
+	    Own Id: OTP-13789 Aux Id: PR-1140 </p>
+        </item>
+      </list>
+    </section>
+
+</section>
+
+<section><title>Crypto 3.7</title>
+
+    <section><title>Improvements and New Features</title>
+      <list>
+        <item>
+          <p>
+	    Refactor <c>crypto</c> to use the EVP interface of
+	    OpenSSL, which is the recommended interface that also
+	    enables access to hardware acceleration for some
+	    operations.</p>
+          <p>
+	    Own Id: OTP-12217</p>
+        </item>
+        <item>
+          <p>
+	    Add support for 192-bit keys for the <c>aes_cbc</c>
+	    cipher.</p>
+          <p>
+	    Own Id: OTP-13206 Aux Id: pr 832 </p>
+        </item>
+        <item>
+          <p>
+	    Add support for 192-bit keys for <c>aes_ecb</c>.</p>
+          <p>
+	    Own Id: OTP-13207 Aux Id: pr829 </p>
+        </item>
+        <item>
+          <p>
+	    Deprecate the function <c>crypto:rand_bytes</c> and make
+	    sure that <c>crypto:strong_rand_bytes</c> is used in all
+	    places that are cryptographically significant.</p>
+          <p>
+	    Own Id: OTP-13214</p>
+        </item>
+        <item>
+          <p>
+	    Enable AES-GCM encryption/decryption to change the tag
+	    length between 1 to 16 bytes.</p>
+          <p>
+	    Own Id: OTP-13483 Aux Id: PR-998 </p>
+        </item>
+      </list>
+    </section>
+
+</section>
+
 <section><title>Crypto 3.6.3</title>
 
     <section><title>Fixed Bugs and Malfunctions</title>
@@ -769,7 +915,7 @@
 	    also been extended. </item><item> The <c>configure</c>
 	    scripts of <c>erl_interface</c> and <c>odbc</c> now
 	    search for thread libraries and thread library quirks the
-	    same way as <c>erts</c> do. </item><item> The
+	    same way as ERTS do. </item><item> The
 	    <c>configure</c> script of the <c>odbc</c> application
 	    now also looks for odbc libraries in <c>lib64</c> and
 	    <c>lib/64</c> directories when building on a 64-bit
diff --git a/lib/crypto/doc/src/ref_man.xml b/lib/crypto/doc/src/ref_man.xml
index ccdb5afb9b..14922cbcec 100644
--- a/lib/crypto/doc/src/ref_man.xml
+++ b/lib/crypto/doc/src/ref_man.xml
@@ -4,7 +4,7 @@
 <application xmlns:xi="http://www.w3.org/2001/XInclude">
   <header>
     <copyright>
-      <year>1999</year><year>2013</year>
+      <year>1999</year><year>2016</year>
       <holder>Ericsson AB. All Rights Reserved.</holder>
     </copyright>
     <legalnotice>
diff --git a/lib/crypto/doc/src/release_notes.xml b/lib/crypto/doc/src/release_notes.xml
index 5253027b9c..a2d7964455 100644
--- a/lib/crypto/doc/src/release_notes.xml
+++ b/lib/crypto/doc/src/release_notes.xml
@@ -5,7 +5,7 @@
   <header>
     <copyright>
       <year>1999</year>
-      <year>2013</year>
+      <year>2016</year>
       <holder>Ericsson AB, All Rights Reserved</holder>
     </copyright>
     <legalnotice>
diff --git a/lib/crypto/doc/src/usersguide.xml b/lib/crypto/doc/src/usersguide.xml
index 469ab10cc8..fb088a8285 100644
--- a/lib/crypto/doc/src/usersguide.xml
+++ b/lib/crypto/doc/src/usersguide.xml
@@ -4,7 +4,7 @@
 <part xmlns:xi="http://www.w3.org/2001/XInclude">
   <header>
     <copyright>
-      <year>2003</year><year>2013</year>
+      <year>2003</year><year>2016</year>
       <holder>Ericsson AB. All Rights Reserved.</holder>
     </copyright>
     <legalnotice>