GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages
crypto(7) Erlang Application Definition crypto(7)

crypto - The Crypto Application

The purpose of the Crypto application is to provide an Erlang API to cryptographic functions, see crypto(3). Note that the API is on a fairly low level and there are some corresponding API functions available in public_key(3), on a higher abstraction level, that uses the crypto application in its implementation.

The current crypto implementation uses nifs to interface OpenSSLs crypto library and may work with limited functionality with as old versions as OpenSSL 0.9.8c. FIPS mode support requires at least version 1.0.1 and a FIPS capable OpenSSL installation. We recommend using a version that is officially supported by the OpenSSL project. API compatible backends like LibreSSL should also work.

The crypto app is tested daily with at least one version of each of the OpenSSL 0.9.8, 1.0.0, 1.0.1, 1.0.2, 1.1.0 and 1.1.1. FIPS mode is also tested.

Note:
Compiling, linking and running with OpenSSL 3.0.0 works although the crypto app calls deprecated functions. We do not recommend it for other than experimental purposes or alpha testing, since it is not extensively tested yet.

Source releases of OpenSSL can be downloaded from the OpenSSL project home page, or mirror sites listed there.

The following configuration parameters are defined for the crypto application. See app(3) for more information about configuration parameters.
fips_mode = boolean():
Specifies whether to run crypto in FIPS mode. This setting will take effect when the nif module is loaded. If FIPS mode is requested but not available at run time the nif module and thus the crypto module will fail to load. This mechanism prevents the accidental use of non-validated algorithms.
rand_cache_size = integer():
Sets the cache size in bytes to use by crypto:rand_seed_alg(crypto_cache) and crypto:rand_seed_alg_s(crypto_cache). This parameter is read when a seed function is called, and then kept in generators state object. It has a rather small default value that causes reads of strong random bytes about once per hundred calls for a random value. The set value is rounded up to an integral number of words of the size these seed functions use.

application(3)
crypto 5.0.5 Ericsson AB

Search for    or go to Top of page |  Section 7 |  Main Index

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with ManDoc.