From 882fa794883e6dbc0e56f22645cd3aec21920c53 Mon Sep 17 00:00:00 2001 From: Hans Nilsson Date: Fri, 7 Sep 2018 13:46:52 +0200 Subject: crypto: Add missing documentation for enable_fips_mode/1 --- lib/crypto/doc/src/crypto.xml | 21 ++++++++++++++++++++- lib/crypto/src/crypto.erl | 4 ++-- 2 files changed, 22 insertions(+), 3 deletions(-) diff --git a/lib/crypto/doc/src/crypto.xml b/lib/crypto/doc/src/crypto.xml index 9d436847ac..d5f5009297 100644 --- a/lib/crypto/doc/src/crypto.xml +++ b/lib/crypto/doc/src/crypto.xml @@ -642,7 +642,11 @@ crypto and the underlying libcrypto library. If crypto was built with FIPS support this can be either enabled (when running in FIPS mode) or not_enabled. For other builds - this value is always not_supported.

+ this value is always not_supported. +

+

See enable_fips_mode/1 about how to enable + FIPS mode. +

In FIPS mode all non-FIPS compliant algorithms are disabled and raise exception error:notsup. Check @@ -653,6 +657,21 @@ + + + Change FIPS mode. + +

Enables (Enable = true) or disables (Enable = false) FIPS mode. Returns true if + the operation was successful or false otherwise. +

+

Note that to enable FIPS mode succesfully, OTP must be built with the configure option --enable-fips, + and the underlying libcrypto must also support FIPS. +

+

See also info_fips/0. +

+ + + Provides information about the libraries used by crypto. diff --git a/lib/crypto/src/crypto.erl b/lib/crypto/src/crypto.erl index a841f0f168..c64586897e 100644 --- a/lib/crypto/src/crypto.erl +++ b/lib/crypto/src/crypto.erl @@ -346,8 +346,8 @@ info_lib() -> ?nif_stub. info_fips() -> ?nif_stub. --spec enable_fips_mode(boolean()) -> boolean(). - +-spec enable_fips_mode(Enable) -> Result when Enable :: boolean(), + Result :: boolean(). enable_fips_mode(_) -> ?nif_stub. %%%================================================================ -- cgit v1.2.3