diff options
Diffstat (limited to 'lib/crypto')
| -rw-r--r-- | lib/crypto/doc/src/crypto.xml | 31 | ||||
| -rw-r--r-- | lib/crypto/src/crypto.erl | 24 | ||||
| -rw-r--r-- | lib/crypto/test/crypto_SUITE.erl | 6 |
3 files changed, 47 insertions, 14 deletions
diff --git a/lib/crypto/doc/src/crypto.xml b/lib/crypto/doc/src/crypto.xml index cac8f6ef28..b4e471111a 100644 --- a/lib/crypto/doc/src/crypto.xml +++ b/lib/crypto/doc/src/crypto.xml @@ -142,21 +142,16 @@ <p><code>des3_key() = [binary(), binary(), binary()] </code> Each key part is 64 bits (in CBC mode only 8 bits are used)</p> - <p><code> message_digest_algorithms() = md5 | ripemd160 | sha | sha224 | sha256 | sha384 | sha512 </code> md4 is aslo supported for hash_init/1 and hash/2. + <p><code>digest_type() = md5 | sha | sha224 | sha256 | sha384 | sha512</code></p> + <p><code> hash_algorithms() = md5 | ripemd160 | sha | sha224 | sha256 | sha384 | sha512 </code> md4 is aslo supported for hash_init/1 and hash/2. Note that both md4 and md5 are recommended only for compatibility with existing applications. </p> + <p><code> cipher_algorithms() = des | des3 | aes | blowfish | rc2 | rc4 </code> </p> + <p><code> public_key_algorithms() = rsa |dss | ecdsa | dh | ecdh </code> </p> + </section> <funcs> - <func> - <name>algorithms() -> [message_digest_algorithms() | md4 | ec]</name> - <fsummary>Provide a list of available crypto algorithms.</fsummary> - <desc> - <p> Can be used to determine if the crypto library has support for elliptic curve (ec) and - which message digest algorithms that are supported.</p> - </desc> - </func> - <func> <name>block_encrypt(Type, Key, Ivec, PlainText) -> CipherText</name> <fsummary>Encrypt <c>PlainText</c>according to <c>Type</c> block cipher</fsummary> @@ -665,6 +660,22 @@ </desc> </func> + <func> + <name>supports() -> AlgorithmList </name> + <fsummary>Provide a list of available crypto algorithms.</fsummary> + <type> + <v> AlgorithmList = [{hashs, [hash_algorithms()]}, + {ciphers, [cipher_algorithms()]}, + {public_keys, [public_key_algorithms()]} + </v> + </type> + <desc> + <p> Can be used to determine which crypto algorithms that are supported + by the underlying OpenSSL library</p> + </desc> + </func> + + <func> <name>verify(Algorithm, DigestType, Msg, Signature, Key) -> boolean()</name> <fsummary>Verifies a digital signature.</fsummary> diff --git a/lib/crypto/src/crypto.erl b/lib/crypto/src/crypto.erl index dde53b1217..8c61084f3e 100644 --- a/lib/crypto/src/crypto.erl +++ b/lib/crypto/src/crypto.erl @@ -21,7 +21,7 @@ -module(crypto). --export([start/0, stop/0, info_lib/0, algorithms/0, version/0, binary_to_integer/1]). +-export([start/0, stop/0, info_lib/0, supports/0, version/0, binary_to_integer/1]). -export([hash/2, hash_init/1, hash_update/2, hash_final/1]). -export([sign/4, verify/5]). -export([generate_key/2, generate_key/3, compute_key/4]). @@ -218,7 +218,7 @@ des_cbc_ivec, des_cfb_ivec, info, %% - info_lib, algorithms]). + info_lib, supports]). -type mpint() :: binary(). -type rsa_digest_type() :: 'md5' | 'sha' | 'sha224' | 'sha256' | 'sha384' | 'sha512'. @@ -306,6 +306,22 @@ info_lib() -> ?nif_stub. algorithms() -> ?nif_stub. +supports()-> + Algs = algorithms(), + PubKeyAlgs = + case lists:member(ec, Algs) of + true -> + {public_keys, [rsa, dss, ecdsa, dh, ecdh]}; + false -> + {public_keys, [rsa, dss, dh]} + end, + [{hashs, Algs -- [ec]}, + {ciphers, [des_cbc, des_cfb, des3_cbc, des3_cbf, des_ede3, blowfish_cbc, + blowfish_cfb64, aes_cbc128, aes_cfb128, aes_cbc256, rc2_cbc, aes_ctr, rc4 + ]}, + PubKeyAlgs + ]. + %% Crypto app version history: %% (no version): Driver implementation %% 2.0 : NIF implementation, requires OTP R14 @@ -756,10 +772,12 @@ block_decrypt(des_ecb, Key, Data) -> block_decrypt(blowfish_ecb, Key, Data) -> blowfish_ecb_decrypt(Key, Data). --spec next_iv(des_cbc | aes_cbc, Data::iodata()) -> binary(). +-spec next_iv(des_cbc | des3_cbc | aes_cbc, Data::iodata()) -> binary(). next_iv(des_cbc, Data) -> des_cbc_ivec(Data); +next_iv(des3_cbc, Data) -> + des_cbc_ivec(Data); next_iv(aes_cbc, Data) -> aes_cbc_ivec(Data). diff --git a/lib/crypto/test/crypto_SUITE.erl b/lib/crypto/test/crypto_SUITE.erl index eddb6b83f9..57f5696d3c 100644 --- a/lib/crypto/test/crypto_SUITE.erl +++ b/lib/crypto/test/crypto_SUITE.erl @@ -2334,7 +2334,11 @@ openssl_version() -> end. if_supported(Algorithm, Fun) -> - case proplists:get_bool(Algorithm, crypto:algorithms()) of + [{hashs, Hashs}, + {ciphers, Ciphers}, + {public_keys, Pubkeys}] + = crypto:supports(), + case proplists:get_bool(Algorithm, Hashs ++ Ciphers ++ Pubkeys) of true -> Fun(); _ -> |