From c18b13d4c8aa31b145703bbbf228fb07d6b2a0a5 Mon Sep 17 00:00:00 2001 From: Erlang/OTP Date: Wed, 21 Jun 2017 10:53:19 +0200 Subject: Prepare release --- lib/crypto/doc/src/notes.xml | 128 +++++++++++++++++++++++++++++++++++++++++++ lib/crypto/vsn.mk | 2 +- 2 files changed, 129 insertions(+), 1 deletion(-) (limited to 'lib/crypto') diff --git a/lib/crypto/doc/src/notes.xml b/lib/crypto/doc/src/notes.xml index 62b013e463..574353ce7a 100644 --- a/lib/crypto/doc/src/notes.xml +++ b/lib/crypto/doc/src/notes.xml @@ -31,6 +31,134 @@

This document describes the changes made to the Crypto application.

+
Crypto 4.0 + +
Fixed Bugs and Malfunctions + + +

+ LibreSSL can now be used by the modernized crypto app.

+

+ Own Id: OTP-14247

+
+ +

+ Add compile option -compile(no_native) in modules + with on_load directive which is not yet supported + by HiPE.

+

+ Own Id: OTP-14316 Aux Id: PR-1390

+
+ +

+ Fix a bug in aes cfb128 function introduced by the bug + fix in GitHub pull request #1393.

+

+ Own Id: OTP-14435 Aux Id: PR-1462, PR-1393, OTP-14313

+
+
+
+ + +
Improvements and New Features + + +

+ Add basic support for CMAC

+

+ Own Id: OTP-13779 Aux Id: ERL-82 PR-1138

+
+ +

+ Removed functions deprecated in crypto-3.0 first released + in OTP-R16B01

+

+ *** POTENTIAL INCOMPATIBILITY ***

+

+ Own Id: OTP-13873

+
+ +

+ The crypto application now supports OpenSSL 1.1.

+

+ Own Id: OTP-13900

+
+ +

+ Allow Erlang/OTP to use OpenSSL in FIPS-140 mode, in + order to satisfy specific security requirements (mostly + by different parts of the US federal government).

+

+ See the new crypto users guide "FIPS mode" chapter about + building and using the FIPS support which is disabled by + default.

+

+ (Thanks to dszoboszlay and legoscia)

+

+ Own Id: OTP-13921 Aux Id: PR-1180

+
+ +

+ Crypto chacha20-poly1305 as in RFC 7539 enabled for + OpenSSL >= 1.1.

+

+ Thanks to mururu.

+

+ Own Id: OTP-14092 Aux Id: PR-1291

+
+ +

+ RSA key generation added to crypto:generate_key/2. + Thanks to wiml.

+

+ An interface is also added to + public_key:generate_key/1.

+

+ Own Id: OTP-14140 Aux Id: ERL-165, PR-1299

+
+ +

+ Raised minimum requirement for OpenSSL version to + OpenSSL-0.9.8.c although we recommend a much higher + version, that is a version that is still maintained + officially by the OpenSSL project. Note that using such + an old version may restrict the crypto algorithms + supported.

+

+ *** POTENTIAL INCOMPATIBILITY ***

+

+ Own Id: OTP-14171

+
+ +

+ Deprecate crypto:rand_uniform/2 as it is not + cryptographically strong

+

+ Own Id: OTP-14274

+
+ +

+ The Crypto application now supports generation of + cryptographically strong random numbers (floats < 1.0 + and integer arbitrary ranges) as a plugin to the 'rand' + module.

+

+ Own Id: OTP-14317 Aux Id: PR-1372

+
+ +

+ This replaces the hard coded test values for AES, CMAC + and GCM ciphers with the full validation set from NIST's + CAVP program.

+

+ Own Id: OTP-14436 Aux Id: PR-1396

+
+
+
+ +
+
Crypto 3.7.4
Fixed Bugs and Malfunctions diff --git a/lib/crypto/vsn.mk b/lib/crypto/vsn.mk index f3e0623ac9..796e3b6d84 100644 --- a/lib/crypto/vsn.mk +++ b/lib/crypto/vsn.mk @@ -1 +1 @@ -CRYPTO_VSN = 3.7.4 +CRYPTO_VSN = 4.0 -- cgit v1.2.3