.TH crypto 7 "crypto 5.0.5" "Ericsson AB" "Erlang Application Definition" .SH NAME crypto \- The Crypto Application .SH DESCRIPTION .LP The purpose of the Crypto application is to provide an Erlang API to cryptographic functions, see crypto(3)\&. Note that the API is on a fairly low level and there are some corresponding API functions available in public_key(3), on a higher abstraction level, that uses the crypto application in its implementation\&. .SH "DEPENDENCIES" .LP The current crypto implementation uses nifs to interface OpenSSLs crypto library and may work with limited functionality with as old versions as \fIOpenSSL\fR\& 0\&.9\&.8c\&. FIPS mode support requires at least version 1\&.0\&.1 and a FIPS capable OpenSSL installation\&. We recommend using a version that is officially supported by the OpenSSL project\&. API compatible backends like LibreSSL should also work\&. .LP The crypto app is tested daily with at least one version of each of the OpenSSL 0\&.9\&.8, 1\&.0\&.0, 1\&.0\&.1, 1\&.0\&.2, 1\&.1\&.0 and 1\&.1\&.1\&. FIPS mode is also tested\&. .LP .RS -4 .B Note: .RE Compiling, linking and running with OpenSSL 3\&.0\&.0 works although the crypto app calls deprecated functions\&. We do not recommend it for other than experimental purposes or alpha testing, since it is not extensively tested yet\&. .LP Source releases of OpenSSL can be downloaded from the OpenSSL project home page, or mirror sites listed there\&. .SH "CONFIGURATION" .LP The following configuration parameters are defined for the crypto application\&. See \fIapp(3)\fR\& for more information about configuration parameters\&. .RS 2 .TP 2 .B \fIfips_mode = boolean()\fR\&: Specifies whether to run crypto in FIPS mode\&. This setting will take effect when the nif module is loaded\&. If FIPS mode is requested but not available at run time the nif module and thus the crypto module will fail to load\&. This mechanism prevents the accidental use of non-validated algorithms\&. .TP 2 .B \fIrand_cache_size = integer()\fR\&: Sets the cache size in bytes to use by \fIcrypto:rand_seed_alg(crypto_cache)\fR\& and \fIcrypto:rand_seed_alg_s(crypto_cache)\fR\&\&. This parameter is read when a seed function is called, and then kept in generators state object\&. It has a rather small default value that causes reads of strong random bytes about once per hundred calls for a random value\&. The set value is rounded up to an integral number of words of the size these seed functions use\&. .RE .SH "SEE ALSO" .LP application(3)