Provided by: erlang-manpages_25.3.2.8+dfsg-1ubuntu4.4_all bug

NAME
       crypto - The Crypto Application


DESCRIPTION
       The  purpose  of  the  Crypto  application  is  to  provide an Erlang API to cryptographic functions, see
       crypto(3erl). Note that the API is on a fairly low level and there are some corresponding  API  functions
       available  in  public_key(3erl),  on  a higher abstraction level, that uses the crypto application in its
       implementation.


DEPENDENCIES
       The current crypto implementation uses nifs to interface  OpenSSLs  crypto  library  and  may  work  with
       limited functionality with as old versions as OpenSSL 0.9.8c. FIPS mode support requires at least version
       1.0.1  and a FIPS capable OpenSSL installation. We recommend using a version that is officially supported
       by the OpenSSL project. API compatible backends like LibreSSL should also work.

       The crypto app is tested daily with at least one version of each of  the  OpenSSL  1.0.1,  1.0.2,  1.1.0,
       1.1.1 and 3.0. FIPS mode is also tested for 1.0.1 and 1.0.2.

       Using OpenSSL 3.0 with Engines or in FIPS mode is not yet supported by the OTP/crypto app.

       Source  releases  of OpenSSL can be downloaded from the OpenSSL project home page, or mirror sites listed
       there.


CONFIGURATION
       The following configuration parameters are defined for the crypto application.  See  app(3erl)  for  more
       information about configuration parameters.

         fips_mode = boolean():
           Specifies  whether  to  run crypto in FIPS mode. This setting will take effect when the nif module is
           loaded. If FIPS mode is requested but not available at run time the nif module and  thus  the  crypto
           module will fail to load. This mechanism prevents the accidental use of non-validated algorithms.

         rand_cache_size = integer():
           Sets    the    cache    size    in   bytes   to   use   by   crypto:rand_seed_alg(crypto_cache)   and
           crypto:rand_seed_alg_s(crypto_cache). This parameter is read when a seed function is called, and then
           kept in generators state object. It has a rather small default value  that  causes  reads  of  strong
           random  bytes  about  once  per  hundred  calls for a random value. The set value is rounded up to an
           integral number of words of the size these seed functions use.


SEE ALSO
       application(3erl)

Ericsson AB                                      crypto 5.1.4.1                                        crypto(7)