Wed Feb 9 14:34:51 CET 2011
2011/2/9 Jesper Pettersson <jesper.pettersson@REDACTED>:
> I have some questions regarding the crypto- and ssl-modules to see what the
> future plan is and if anyone in the community has written any functionality
> that may be on the way in.
> 1) Support for the SHA-2 hash suite (SHA-256, SHA-384 and SHA-512)
> In the documentation and running crypto:info/1 I can only find references to
> MD4, MD5 and SHA-1.
> rsa_digest_type() can only be md5 and sha1 according to doumentation.
> 2) Support for RSASSA-PSS padding with RSA Signatures.
> According to the documentation currently no_padding and RSAPSS-PKCS1 padding
> are supported.
> This padding technique adds message blinding, making sure that the same
> message will never get the same signature even when signed with the same
> key. Further reading: http://www.rsa.com/rsalabs/node.asp?id=2005
> 3) Follow-up on 1 & 2, Support for sha256WithRSAEncryption, oid
In the long term we plan to support TLS 1.2 and then support for this
I think will follow. But as for right now openssl does not yet support
TLS 1.2 and
theire support for TLS 1.1 is still experimental, hence I think this
is somewhere in
a more distant future.
> 4) Is there an explicit upper limit on the RSA key modulus lengths in the
> Erlang implementation?
Erlang (crypto) does not enforce any limitations that is not already present
in openssl. Crypto uses openssls crypto library.
But apart from cryptographic operations new ssl does not use openssl
and all message and certificate handling is implemented in Erlang.
> 5) Are there any plans to include ECC (Elliptic Curve Cryptography) as a
> public key algorithm in Erlang?
No such plans at the moment.
Regards Ingela Erlang/OTP team - Ericsson AB
More information about the erlang-questions