2 files changed, 66 insertions, 3 deletions

diff --git a/lib/crypto/doc/src/crypto.xml b/lib/crypto/doc/src/crypto.xml
index c32e3430ab..8c30d3d50c 100644
--- a/lib/crypto/doc/src/crypto.xml
+++ b/lib/crypto/doc/src/crypto.xml
@@ -159,12 +159,24 @@
 
      <code>digest_type() =  md5 | sha | sha224 | sha256 | sha384 | sha512</code>
 
+     <code>rsa_digest_type() = md5 | ripemd160 | sha | sha224 | sha256 | sha384 | sha512</code>
+
+     <code>dss_digest_type() = sha | sha224 | sha256 | sha384 | sha512</code> <p>Note that the actual supported
+     dss_digest_type depends on the underlying crypto library. In OpenSSL version >= 1.0.1 the listed digest are supported, while in 1.0.0 only sha, sha224 and sha256 are supported. In version 0.9.8 only sha is supported.</p>
+
+     <code>ecdsa_digest_type() = sha | sha224 | sha256 | sha384 | sha512</code>
+
+     <code>sign_options() = [{rsa_pad, rsa_sign_padding()} | {rsa_pss_saltlen, integer()}]</code>
+
+     <code>rsa_sign_padding() = rsa_pkcs1_padding | rsa_pkcs1_pss_padding</code>
+
      <code> hash_algorithms() =  md5 | ripemd160 | sha | sha224 | sha256 | sha384 | sha512 </code> <p>md4 is also supported for hash_init/1 and hash/2.
      Note that both md4 and md5 are recommended only for compatibility with existing applications.
      </p>
      <code> cipher_algorithms() = aes_cbc | aes_cfb8 | aes_cfb128 | aes_ctr | aes_gcm |
      aes_ige256 | blowfish_cbc | blowfish_cfb64 | chacha20_poly1305 | des_cbc | des_cfb |
      des3_cbc | des3_cfb | des_ede3 | rc2_cbc | rc4 </code>
+     <code> mac_algorithms() =   hmac | cmac</code>
      <code> public_key_algorithms() =   rsa |dss | ecdsa | dh | ecdh | ec_gf2m</code>
      <p>Note that ec_gf2m is not strictly a public key algorithm, but a restriction on what curves are supported
      with ecdsa and ecdh.
@@ -681,6 +693,7 @@
 
     <func>
       <name>sign(Algorithm, DigestType, Msg, Key) -> binary()</name>
+      <name>sign(Algorithm, DigestType, Msg, Key, Options) -> binary()</name>
       <fsummary> Create digital signature.</fsummary>
       <type>
 	<v>Algorithm = rsa | dss | ecdsa </v>
@@ -688,8 +701,9 @@
 	<d>The msg is either the binary "cleartext" data to be
 	signed or it is the hashed value of "cleartext" i.e. the
 	digest (plaintext).</d>
-	<v>DigestType = digest_type()</v>
+	<v>DigestType = rsa_digest_type() | dss_digest_type() | ecdsa_digest_type()</v>
 	<v>Key = rsa_private() | dss_private() | [ecdh_private(),ecdh_params()]</v>
+	<v>Options = sign_options()</v>
       </type>
       <desc>
 	<p>Creates a digital signature.</p>
@@ -956,7 +970,8 @@ _FloatValue = rand:uniform().     % [0.0; 1.0[</pre>
       <type>
       <v> AlgorithmList =  [{hashs, [hash_algorithms()]},
                             {ciphers, [cipher_algorithms()]},
-			    {public_keys, [public_key_algorithms()]}
+			    {public_keys, [public_key_algorithms()]},
+			    {macs, [mac_algorithms()]}]
       </v>
       </type>
       <desc>
@@ -990,15 +1005,17 @@ _FloatValue = rand:uniform().     % [0.0; 1.0[</pre>
 
   <func>
       <name>verify(Algorithm, DigestType, Msg, Signature, Key) -> boolean()</name>
+      <name>verify(Algorithm, DigestType, Msg, Signature, Key, Options) -> boolean()</name>
       <fsummary>Verifies a digital signature.</fsummary>
       <type>
 	<v> Algorithm = rsa | dss | ecdsa </v>
 	<v>Msg = binary() | {digest,binary()}</v>
 	<d>The msg is either the binary "cleartext" data
         or it is the hashed value of "cleartext" i.e. the digest (plaintext).</d>
-	<v>DigestType = digest_type()</v>
+	<v>DigestType = rsa_digest_type() | dss_digest_type() | ecdsa_digest_type()</v>
 	<v>Signature = binary()</v>
 	<v>Key = rsa_public() | dss_public() | [ecdh_public(),ecdh_params()]</v>
+	<v>Options = sign_options()</v>
       </type>
       <desc>
 	<p>Verifies a digital signature</p>
diff --git a/lib/crypto/doc/src/notes.xml b/lib/crypto/doc/src/notes.xml
index 574353ce7a..9376e6f649 100644
--- a/lib/crypto/doc/src/notes.xml
+++ b/lib/crypto/doc/src/notes.xml
@@ -31,6 +31,52 @@
   </header>
   <p>This document describes the changes made to the Crypto application.</p>
 
+<section><title>Crypto 4.1</title>
+
+    <section><title>Fixed Bugs and Malfunctions</title>
+      <list>
+        <item>
+	    <p>On macOS, <c>crypto</c> would crash if <c>observer</c>
+	    had been started before <c>crypto</c>. On the beta for
+	    macOS 10.13 (High Sierra), <c>crypto</c> would crash.
+	    Both of those bugs have been fixed.</p>
+          <p>
+	    Own Id: OTP-14499 Aux Id: ERL-251 ERL-439 </p>
+        </item>
+      </list>
+    </section>
+
+
+    <section><title>Improvements and New Features</title>
+      <list>
+        <item>
+          <p>
+	    Extend crypto:sign, crypto:verify, public_key:sign and
+	    public_key:verify with:</p>
+          <p>
+	    * support for RSASSA-PS padding for signatures and for
+	    saltlength setting<br/> * X9.31 RSA padding.<br/> * sha,
+	    sha224, sha256, sha384, and sha512 for dss signatures as
+	    mentioned in NIST SP 800-57 Part 1.<br/> * ripemd160 to
+	    be used for rsa signatures.</p>
+          <p>
+	    This is a manual merge of half of the pull request 838 by
+	    potatosalad from Sept 2015.</p>
+          <p>
+	    Own Id: OTP-13704 Aux Id: PR838 </p>
+        </item>
+        <item>
+          <p>
+	    A new tuple in <c>crypto:supports/0</c> reports supported
+	    MAC algorithms.</p>
+          <p>
+	    Own Id: OTP-14504</p>
+        </item>
+      </list>
+    </section>
+
+</section>
+
 <section><title>Crypto 4.0</title>
 
     <section><title>Fixed Bugs and Malfunctions</title>