2 files changed, 146 insertions, 11 deletions
diff --git a/lib/crypto/doc/src/crypto.xml b/lib/crypto/doc/src/crypto.xml
index 256eab3e3c..c407350c47 100644
--- a/lib/crypto/doc/src/crypto.xml
+++ b/lib/crypto/doc/src/crypto.xml
@@ -53,7 +53,7 @@
         <p>aes: Advanced Encryption Standard (AES) (FIPS 197) </p>
       </item>
       <item>
-        <p>ecb, cbc, cfb, ofb: Recommendation for Block Cipher Modes
+        <p>ecb, cbc, cfb, ofb, ctr: Recommendation for Block Cipher Modes
           of Operation (NIST SP 800-38A).</p>
       </item>
       <item>
@@ -557,6 +557,34 @@ Mpint() = <![CDATA[<<ByteLen:32/integer-big, Bytes:ByteLen/binary>>]]>
       </desc>
     </func>
     <func>
+      <name>aes_ctr_encrypt(Key, IVec, Text) -> Cipher</name>
+      <fsummary>Encrypt <c>Text</c>according to AES in Counter mode</fsummary>
+      <type>
+        <v>Key = Text = iolist() | binary()</v>
+        <v>IVec = Cipher = binary()</v>
+      </type>
+      <desc>
+      <p>Encrypts <c>Text</c> according to AES in Counter mode (CTR). <c>Text</c>
+        can be any number of bytes. <c>Key</c> is the AES key and must be either
+        128, 192 or 256 bits long. <c>IVec</c> is an arbitrary initializing vector of 128 bits
+        (16 bytes).</p>
+    </desc>
+    </func>
+    <func>
+      <name>aes_ctr_decrypt(Key, IVec, Cipher) -> Text</name>
+      <fsummary>Decrypt <c>Cipher</c>according to AES in Counter mode</fsummary>
+      <type>
+        <v>Key = Cipher = iolist() | binary()</v>
+        <v>IVec = Text = binary()</v>
+      </type>
+      <desc>
+      <p>Decrypts <c>Cipher</c> according to AES in Counter mode (CTR). <c>Cipher</c>
+        can be any number of bytes. <c>Key</c> is the AES key and must be either
+        128, 192 or 256 bits long. <c>IVec</c> is an arbitrary initializing vector of 128 bits
+        (16 bytes).</p>
+    </desc>
+    </func>
+    <func>
       <name>erlint(Mpint) -> N</name>
       <name>mpint(N) -> Mpint</name>
       <fsummary>Convert between binary multi-precision integer and erlang big integer</fsummary>
@@ -755,39 +783,44 @@ Mpint() = <![CDATA[<<ByteLen:32/integer-big, Bytes:ByteLen/binary>>]]>
       
     <func>
       <name>dss_sign(Data, Key) -> Signature</name>
+      <name>dss_sign(DigestType, Data, Key) -> Signature</name>
       <fsummary>Sign the data using dsa with given private key.</fsummary>
       <type>
-        <v>Digest = Mpint</v>
+        <v>DigestType = sha | none (default is sha)</v>
+        <v>Data = Mpint | ShaDigest</v>
         <v>Key = [P, Q, G, X]</v>
         <v>P, Q, G, X = Mpint</v>
 	<d> Where <c>P</c>, <c>Q</c> and <c>G</c> are the dss
 	  parameters and <c>X</c> is the private key.</d>
-        <v>Mpint = binary()</v>
+        <v>ShaDigest = binary() with length 20 bytes</v>
         <v>Signature = binary()</v>
       </type>
       <desc>
-        <p>Calculates the sha digest of the <c>Data</c>
-	  and creates a DSS signature with the private key <c>Key</c>
-	  of the digest.</p>
+        <p>Creates a DSS signature with the private key <c>Key</c> of a digest.
+        If <c>DigestType</c> is 'sha', the digest is calculated as SHA1 of <c>Data</c>.
+        If <c>DigestType</c> is 'none', <c>Data</c> is the precalculated SHA1 digest.</p>
       </desc>
     </func>
 
     <func>
       <name>dss_verify(Data, Signature, Key) -> Verified</name>
+      <name>dss_verify(DigestType, Data, Signature, Key) -> Verified</name>
       <fsummary>Verify the data and signature using dsa with given public key.</fsummary>
       <type>
         <v>Verified = boolean()</v>
-        <v>Digest, Signature = Mpint</v>
+        <v>DigestType = sha | none</v>
+        <v>Data = Mpint | ShaDigest</v>
+        <v>Signature = Mpint</v>
         <v>Key = [P, Q, G, Y]</v>
         <v>P, Q, G, Y = Mpint</v>
 	<d> Where <c>P</c>, <c>Q</c> and <c>G</c> are the dss
 	  parameters and <c>Y</c> is the public key.</d>
-        <v>Mpint = binary()</v>
+        <v>ShaDigest = binary() with length 20 bytes</v>
       </type>
       <desc>
-        <p>Calculates the sha digest of the <c>Data</c> and verifies that the
-          digest matches the DSS signature using the public key <c>Key</c>.
-	</p>
+        <p>Verifies that a digest matches the DSS signature using the public key <c>Key</c>.
+        If <c>DigestType</c> is 'sha', the digest is calculated as SHA1 of <c>Data</c>.
+        If <c>DigestType</c> is 'none', <c>Data</c> is the precalculated SHA1 digest.</p>
       </desc>
     </func>
 
diff --git a/lib/crypto/doc/src/notes.xml b/lib/crypto/doc/src/notes.xml
index 6b9d1f56f1..54dd0cb01f 100644
--- a/lib/crypto/doc/src/notes.xml
+++ b/lib/crypto/doc/src/notes.xml
@@ -30,6 +30,108 @@
   </header>
   <p>This document describes the changes made to the Crypto application.</p>
 
+<section><title>Crypto 2.0.2</title>
+
+    <section><title>Improvements and New Features</title>
+      <list>
+        <item>
+          <p>
+	    AES CTR encryption support in <c>crypto</c>.</p>
+          <p>
+	    Own Id: OTP-8752 Aux Id: seq11642 </p>
+        </item>
+      </list>
+    </section>
+
+</section>
+
+<section><title>Crypto 2.0.1</title>
+
+    <section><title>Fixed Bugs and Malfunctions</title>
+      <list>
+        <item>
+          <p>
+	    Crypto dialyzer type error in md5_mac and sha_mac.</p>
+          <p>
+	    Own Id: OTP-8718</p>
+        </item>
+        <item>
+          <p>
+	    RC4 stream cipher didn't work. This since the new NIF
+	    implementation of <c>crypto:rc4_encrypt_with_state/2</c>
+	    introduced in <c>crypto-2.0</c> didn't return an updated
+	    state. (Thanks to Paul Guyot)</p>
+          <p>
+	    Own Id: OTP-8781</p>
+        </item>
+        <item>
+          <p>
+	    A number of memory leaks in the crypto NIF library have
+	    been fixed.</p>
+          <p>
+	    Own Id: OTP-8810</p>
+        </item>
+      </list>
+    </section>
+
+
+    <section><title>Improvements and New Features</title>
+      <list>
+        <item>
+          <p>
+	    Added erlang:system_info(build_type) which makes it
+	    easier to chose drivers, NIF libraries, etc based on
+	    build type of the runtime system.</p>
+          <p>
+	    The NIF library for crypto can now be built for valgrind
+	    and/or debug as separate NIF libraries that will be
+	    automatically loaded if the runtime system has been built
+	    with a matching build type.</p>
+          <p>
+	    Own Id: OTP-8760</p>
+        </item>
+      </list>
+    </section>
+
+</section>
+
+<section><title>Crypto 2.0</title>
+
+    <section><title>Improvements and New Features</title>
+      <list>
+        <item>
+          <p>
+	    crypto application changed to use NIFs instead of driver.</p>
+          <p>
+	    Own Id: OTP-8333</p>
+        </item>
+        <item>
+          <p>
+	    des_ecb_encrypt/2 and des_ecb_decrypt/2 has been added to
+	    the crypto module. The crypto:md4/1 function has been
+	    documented.</p>
+          <p>
+	    Own Id: OTP-8551</p>
+        </item>
+        <item>
+	    <p>The undocumented, unsupport, and deprecated function
+	    <c>lists:flat_length/1</c> has been removed.</p>
+          <p>
+	    Own Id: OTP-8584</p>
+        </item>
+        <item>
+          <p>
+	    New variants of <c>crypto:dss_sign</c> and
+	    <c>crypto:dss_verify</c> with an extra argument to
+	    control how the digest is calculated.</p>
+          <p>
+	    Own Id: OTP-8700</p>
+        </item>
+      </list>
+    </section>
+
+</section>
+
 <section><title>Crypto 1.6.4</title>
 
     <section><title>Improvements and New Features</title>