bf_decrypt
bf_decrypt( key, encrypted, plaintext var )
Blowfish decryption
Returns 1 on success, 0 on error
 key = the encryption key in ECB mode. the key must be 16 characters.
 plaintext = the text thats encrypted
 encrypted = if sucessful it will contain the results

bf_encrypt
bf_encrypt( key, plaintext, encrypted var )
Blowfish encryption
Returns 1 on success, 0 on error
 key = the encryption key in ECB mode. The key must be 16 characters.
 plaintext = the text thats encrypted
 encrypted = if sucessful it will contain the results

crypto_base64_decode
crypto_base64_decode( data )
Decodes and returns Base64 decodes data.
Returns the decrypted data
 data = the information to decode

crypto_base64_encode
crypto_base64_encode( data )
Encodes and returns Base64 encoded data.
Returns the encrypted data
 data = the information to encode

crypto_cipher_block_size
crypto_cipher_block_size( ciphername )
Programatically determine the block size attribute of the cipher specified by "ciphername".
returns the numeric size, in bytes, or 1 if an invalid "ciphername" is specified.
 ciphername = an OpenSSL cipher identifier, such as "aes128cbc" or "rc2ofb".

crypto_cipher_iv_length
crypto_cipher_iv_length( ciphername )
Programatically determine the iv_length attribute of the cipher specified by "ciphername".
returns the numeric size, in bytes, or 1 if an invalid "ciphername" is specified.
 ciphername = an OpenSSL cipher identifier, such as "aes128cbc" or "rc2ofb".

crypto_cipher_key_length
crypto_cipher_key_length( ciphername )
Programatically determine the key_length attribute of the cipher specified by "ciphername".
returns the numeric size, in bytes, or 1 if an invalid "ciphername" is specified.
 ciphername = an OpenSSL cipher identifier, such as "aes128cbc" or "rc2ofb".

crypto_cipher_mode
crypto_cipher_mode( ciphername )
Returns the block mode of operation of the cipher specified by "ciphername."
 where ciphername = an OpenSSL cipher identifier, such as "aes128cbc" or "rc2ofb"

crypto_digest_block_size
crypto_digest_block_size( digestname )
Programatically determines the block_size attribute of the digest algorithm specified by "digestname".
Returns the numeric size, in bytes, or 1 if an invalid "digestname" is specified.
 digestname = an OpenSSL digest identifier, such as "sha256" or "md5".

crypto_digest_size
crypto_digest_size( digestname )
Programatically determines the digest_size attribute of the digest algorithm specified by "digestname".
Returns the numeric size, in bytes, or 1 if an invalid "digestname" is specified.
 digestname = an OpenSSL digest identifier, such as "sha256" or "md5".

crypto_evp_decrypt
crypto_evp_decrypt( ciphername, key, iv, encrypted, plaintext var )
Decrypts "plaintext" using the block cipher specified by "ciphername", placing the decrypted data into "plaintext".
Return 1 on success, 0 on failure.
 ciphername = The OpenSSL identifier of the cipher, such as "bfcbc" or "desede3cbc".
 key = The key used for encryption.
 iv = The initialization vector used for encryption. returned by crypto_cipher_iv_length().
 encrypted = The ciphertext to be decrypted
 plaintext = [output] Receives the plaintext

crypto_evp_digest
crypto_evp_digest( digestname, buffer var, digest var )
Calculates the digest of "buffer" using digest algorithm "digestname", placing the calculated digest in "digest". The digest output is always in raw binary format, use miva_hex_encode() or crypto_base64_encode() if other output formats are desired.
Returns 1 on success or 0 if an invalid or unsupported "digestname" is specified.
 digestname = an OpenSSL digest identifier, such as "sha256" or "md5". buffer =
 digest =

crypto_evp_encrypt
crypto_evp_encrypt( ciphername, key, iv, plaintext, encrypted var )
Encrypts "plaintext" using the block cipher specified by "ciphername", placing the encrypted data into "encrypted".
returns 1 on success, 0 on failure
 ciphername = The OpenSSL identifier of the cipher, such as "bfcbc" or "desede3cbc".
 key = The encryption key. Must be exactly the number of bytes required by the cipher, as returned by crypto_cipher_key_length.
 iv = An initialization vector, if required by the cipher. Must be exactly the number of bytes required by the cipher, as returned by crypto_cipher_iv_length.
 plaintext = The text to be encrypted
 encrypted = [output] Receives the cipher text

crypto_evp_hmac
crypto_evp_hmac( digestname, key, buffer var, digest var )
Calculates the HMAC of "buffer" using digest algorithm "digestname" and key "key", placing the HMAC in "digest". The HMAC output is always in raw binary format, use miva_hex_encode() or crypto_base64_encode() if other output formats are desired.
Returns 1 on success or 0 if an invalid or unsupported "digestname" is specified.
 digestname = an OpenSSL digest identifier, such as "sha256" or "md5".
 buffer = The data that will be process.
 digest = The result of the HMAC function.

crypto_hmac_md5
crypto_hmac_md5( buffer var, key, format, result var )
Performs an HMACMD5 on "buffer" using key "key", storing the result in "result".
Returns 1 on success, 0 on error.
 buffer = the data that will be processed.
 key = the encryption key
 format = on of the literal string "hex" or "binary"
 result = the return data.

crypto_hmac_sha1
crypto_hmac_sha1( value, key, output_format, output)
Calculates an HMAC SHA1 (Hashbased Message Authentication Code) of value
returns: 1 on success, 0 on failure (including OpenSSL not being available)
 value = value to hash by reference
 key = key to use to calculate the hmac
 output_format = 'hex' or 'binary'
 output = hmac_sha1 hash value.

crypto_hmac_sha256
crypto_hmac_sha256( buffer var, key, format, result var )
Calculates an HMAC SHA256 (Hashbased Message Authentication Code) of buffer
Returns 1 on success, 0 on error or if on an unsuported platform.
 buffer = value to hash
 key = binary key to use to calculate the hmac
 format = "binary" or "hex"
 result = a variable used to store the results.

crypto_last_error
crypto_last_error()
Returns the error text from the last SSL error, or other internal errors in the crypto suite of functions. Use crypto_last_ssl_error() instead to get the code of the last SSL error.
Returns error text.

crypto_last_ssl_error
crypto_last_ssl_error()
Returns the Integer value of the last SSL error code. Use crypto_last_error() instead to get the text of the last SSL error.
Returns error code.

crypto_library_version
crypto_library_version( info )

crypto_md5
crypto_md5( buffer )
Calculates the MD5 hash of a string.
Returns the MD5 hash value.
 buffer = the data to be hashed.

crypto_md5_file
crypto_md5_file( file, location, hash var )
Calculates the md5 hash of a file
Returns 1 on success, 0 on failure.
 file = Name of file to calculate the hash of
 location = Location either "script" or "data"
 hash = MD5 hash value

crypto_pbkdf1
crypto_pbkdf1( digestname, password, salt, iterations, dklen, dk var )
Derives a key of "dklen" bytes using PBKDF1 from PKCS #5.
Returns 1 on success or 0 on error.
 digestname = The digest algorithm to use. Must be one of "md2", "md5" or "sha1". password = The password from which a key is to be derived.
 salt = Exactly 8 bytes of random data that are used as a salt.
 iterations = The number of iterations to perform.
 dklen = The desired output length of the derived key. May not be longer than the output digest size of the specified digest algorithm.
 dk = [output] Receives the derived key. The output is in raw binary.

crypto_pbkdf2
crypto_pbkdf2( digestname, password, salt, iterations, dklen, dk var )
Derives a key of "dklen" bytes using PBKDF2 from PKCS #5.
Returns 1 on success or 0 on error.
 digestname = The digest algorithm to use. May be any of the digests supported by the installed OpenSSL version.
 password = The password from which a key is to be derived.
 salt = Random data of any length that is used to salt the derivation. RFC 2898 recommends a minimum salt length of 8 bytes.
 iterations = The number of iterations to perform. RFC 2898 recommends at least 1000 iterations.
 dklen = The desired output length of the derived key. May be any positive value.
 dk = [output] Receives the derived key. The output is in raw binary.

crypto_rand_bytes
crypto_rand_bytes( n )
Generates n random bytes.
Returns a string of bytes

crypto_rand_set_rand_engine
crypto_rand_set_rand_engine( engine )
Specify the random number generating engine to use.
Return value: 1 on success, 0 on failure.
 engine = Name of the random number generator engine to use.

crypto_sha1
crypto_sha1( buffer var, format, result var )
Returns an SHA1 hash of buffer. Secure Hash Algorithm
Returns 1 on success, 0 on failure. (including OpenSSL not being available)
 buffer = value to hash by reference
 output_format = 'hex' or 'binary'. Anything else will result in binary output.
 output = returned sha1 hash value.

crypto_sha256
crypto_sha256( buffer var, format, result var )
Returns an SHA256 hash of buffer. Secure Hash Algorithm. May not be available on platforms running versions of OpenSSL Older than v0.9.8.
Returns 1 on success, 0 on failure. (including OpenSSL not being available)
 buffer = value to hash by reference
 output_format = 'hex' or 'binary'. Anything else will result in binary output.
 output = returned sha1 hash value.

crypto_xor
crypto_xor( buffer var, dest var )
Efficiently performs a bytebybyte XOR of buffer and dest, storing the resulting data in "dest". If "buffer" is longer than "dest", any extra bytes are ignored.
Returns nothing.
 buffer = the data that will be processed.
 dest = the data that will processed against buffer and will contain the results.

rsa_free
rsa_free( rsa var )
Frees memory associated with a previously loaded RSA keypair.
Returns 1 on success, 0 on error.
 rsa = a handle returned by one of the rsa_load_xxx functions

rsa_generate_keypair
rsa_generate_keypair( pubkey_file, privkey_file, bits, e, passphrase )
Generates an RSA keypair, saving the public key in pubkey_file, the private key in privkey_file, and encrypting the private key with passphrase.
Returns 1 on success, 0 on error.
 pubkey_file = The name of the file in which the generated public key is stored
 privkey_file = The name of the file in which the generated private key is stored
 bits = The RSA modulus size, in bits
 e = The public key exponent. Must be an odd number, typically 3, 17 or 65537
 passphrase = The passphrase used to encrypt the private key

rsa_generate_keypair_mem
rsa_generate_keypair_mem( pubkey var, privkey var, bits, e, passphrase )
Generates an RSA keypair, returning the public and private keys in variables, and encrypting the private key with passphrase.
Returns 1 on success, 0 on error.
 pubkey = The variable which receives the generated public key
 privkey = The variable which receives the generated private key
 bits = The RSA modulus size, in bits
 e = The public key exponent. Must be an odd number, typically 3, 17 or 65537
 passphrase = The passphrase used to encrypt the private key

rsa_generate_keypair_mem_cipher
rsa_generate_keypair_mem_cipher( pubkey var, privkey var, bits, e, passphrase, ciphername )
Behaves identical to the legacy counterpart rsa_generate_keypair_mem() except that it allows the caller to specify the cipher used to encrypt the private key (the legacy function always uses desede3cbc).
Returns 1 on success or 0 on error.
 pubkey = The variable which receives the generated public key
 privkey = The variable which receives the generated private key
 bits = The RSA modulus size, in bits
 e = The public key exponent. Must be an odd number, typically 3, 17 or 65537
 passphrase = The passphrase used to encrypt the private key
 ciphername = an OpenSSL cipher identifier, such as "aes128cbc"

rsa_load_privatekey
rsa_load_privatekey( privkey_file, rsa var, passphrase )
Load an encrypted RSA private key from a PKCS#8 file specified by privkey_file, and decrypt it using passphrase.
Returns 1 on success, 0 on error.
 privkey_file = The name of the file containing the encrypted private key
 rsa = A variable which receives an internal reference to the loaded RSA key
 passphrase = The passphrase used to decrypt the private key

rsa_load_privatekey_engine
rsa_load_privatekey_engine( engine, key_id, rsa var )
Load an encryption key based on a key id.
Return value: 1 on success, 0 on failure.
 engine = Name of the encryption engine to use.

key_id = identifier of the key to load

rsa = RSA private key associated with the engine and key ID.

rsa_load_privatekey_mem
rsa_load_privatekey_mem( privkey, rsa var, passphrase )
Loads an encrypted RSA private key from a memory buffer containing PKCS#8 data
Returns 1 on success, 0 on error.
 privkey = The encrypted private key information in PKCS#8 format
 rsa = A variable which receives an internal reference to the loaded RSA key
 passphrase = The passphrase used to decrypt the private key

rsa_load_publickey
rsa_load_publickey( pubkey_file, rsa var )
Load an RSA public key from a PKCS#1 file specified by "pubkey_file".
Returns 1 on success, 0 on error.
 pubkey_file = The name of the file containing the public key
 rsa = A variable which receives an internal reference to the loaded RSA key

rsa_load_publickey_engine
rsa_load_publickey_engine( engine, key_id, rsa var )
Load an encryption key based on a key id.
Return value: 1 on success, 0 on failure.
 engine = Name of the encryption engine to use.

key_id = identifier of the key to load

rsa = RSA public key associated with the engine and key ID.

rsa_load_publickey_mem
rsa_load_publickey_mem( pubkey, rsa var )
Loads an RSA public key from a memory buffer containing PKCS#1 data
Returns 1 on success, 0 on error.
 pubkey = The public key in PKCS#1 format
 rsa = A variable which receives an internal reference to the loaded RSA key

rsa_private_decrypt
rsa_private_decrypt( rsa, encrypted, plaintext var )
Decrypts data previously encrypted using the public key portion of an RSA keypair.
Returns 1 on success, 0 on error.
 rsa = The internal reference to the RSA private key used for decryption
 encrypted = The encrypted ciphertext, in raw binary format
 plaintext = A variable which receives the decrypted plaintext

rsa_private_encrypt
rsa_private_encrypt( rsa, plaintext, encrypted var )
Encrypts data using the private key portion of an RSA keypair.
Returns 1 on success, 0 on error.
 rsa = The internal reference to the RSA private key used for encryption
 plaintext = The data to be encrypted
 encrypted = A variable which receives the encrypted ciphertext in raw binary format

rsa_public_decrypt
rsa_public_decrypt( rsa, encrypted, plaintext var )
Decrypts data previously encrypted using the private key portion of an RSA keypair.
Returns 1 on success, 0 on error.
 rsa = The internal reference to the RSA public key used for decryption
 encrypted = The encrypted ciphertext, in raw binary format
 plaintext = A variable which receives the decrypted plaintext

rsa_public_encrypt
rsa_public_encrypt( rsa, plaintext, encrypted var )
Encrypts data using the public key portion of an RSA keypair.
Returns 1 on success, 0 on error.
 rsa = The internal reference to the RSA public key used for encryption
 plaintext = The data to be encrypted
 encrypted = A variable which receives the encrypted ciphertext in raw binary format

rsa_save_privatekey
rsa_save_privatekey( privkey_file, rsa var, passphrase )
Encrypts and writes a previously loaded RSA private key to a file in PKCS#8 format
Returns 1 on success, 0 on error.
 privkey_file = The name of the file in which the private key is to be stored
 rsa = The internal reference to the RSA private key to be saved
 passphrase = The passphrase used to encrypt the private key

rsa_save_privatekey_mem
rsa_save_privatekey_mem( privkey var, rsa var, passphrase )
Encrypts a previously loaded RSA private key and stores it into a variable in PKCS#8 format
Returns 1 on success, 0 on error.
 privkey = The variable which will receive the encrypted private key
 rsa = The internal reference to the RSA private key to be saved
 passphrase = The passphrase used to encrypt the private key

rsa_save_privatekey_mem_cipher
rsa_save_privatekey_mem_cipher( privkey var, rsa var, passphrase, ciphername )
Behaves identical to the legacy counterpart rsa_save_privatekey_mem() except that it allows the caller to specify the cipher used to encrypt the private key (the legacy function always uses desede3cbc).
 ciphername = an OpenSSL cipher identifier that specifies the cipher to be used. Note that OpenSSL only permits a subset of its supported ciphers to be used for RSA key encryption. For example, only CBC mode ciphers are permitted.

rsa_sign
rsa_sign( rsa, buffer, signature var )
Generates a digital signature using SHA1 and an RSA private key
Returns 1 on success, 0 on failure. Requires OpenSSL 0.9.7 or greater.
 rsa = The internal reference to the RSA private key to be used
 buffer = The data to be signed
 signature = A variable which receives the signature in raw binary format

rsa_verify
rsa_verify( rsa, buffer, signature )
Verifies a digital signature previously generated by rsa_sign
Returns 1 on success, 0 on verification failure or error. Requires OpenSSL 0.9.7 or greater.
 rsa = The internal reference to the RSA public key used for verification
 buffer = The data for which the signature is to be verified
 signature = The signature to verify, in raw binary format

x509_create
x509_create( cert, x509 var )
Create an X509 Certificate from the PEM format data in "cert" where cert = PEM format certificate, x509 =Index into an internal array of certificates.
Returns 1 on sucess, 0 on error.

x509_free
x509_free( rsa var )
Deletes an x509 from the internal array of x509 certificates where x509 = Index into internal array of x509 certificates.
Returns 1 on success, 0 on error.

x509_load
x509_load( cert, x509 var )
Load an X509 Certificate from the file specified by "cert" where cert = File containing an x509 certificate, x509 = Index into an internal array of certificates.
Returns 1 on sucess, 0 on error.

x509_rsa_publickey
x509_rsa_publickey( x509 var, rsa var )
Extracts the RSA public key from the X509 specified by "x509" and stores it in "rsa" where x509 = Index into internal array of x509 certificates, rsa =Index into internal array of RSA public keys.
Returns 1 on success, 0 on error.

x509_verify
x509_verify( x509 var, trusted_certs )
Verifies that the X509 certificate specified by "x509" was issued by one of the X509 certificates (in PEM format) in "trusted_certs", where x509 = Index into internal array of certificates, trusted_certs = Certificates (in PEM text format) to find the x50
Returns 1 on successful find, 0 if certificate isn't in trusted_certs, or other error.

x509_load_mem
x509_load_mem( cert, x509 var )
Loads and parses the text of an x509 certificate, and gives a certificate reference that refers to the certificate in internal storage.
Returns 1 on success, 0 on failure
 cert = Text of the certificate
 x509 = Certificate reference. On success, this will be neither zero nor null

x509_get_subject_name
x509_get_subject_name( certref var, subjectname var )
Return X509 name information for the certificate referred to by the certificate reference.
Returns 1 on success, 0 on failure
 certref = Certificate reference returned from functions such as x509_load_mem
 subjectname = Structure with members named for the entry names (e.g., "commonName", "countryName", etc.)

x509_get_issuer_name
x509_get_issuer_name( certref var, issuername var )
Return X509 issuer information for the certificate referred to by the certificate reference.
Returns 1 on success, 0 on failure
 certref = Certificate reference returned from functions such as x509_load_mem
 issuername = Structure with members named for the entry names (e.g., "commonName", "countryName", etc.)

x509_get_extensions
x509_get_extensions( certref var, extensions var )
Return X509 extension information for the certificate referred to by the certificate reference.
Returns 1 on success, 0 on failure
 certref = Certificate reference returned from functions such as x509_load_mem
 extensions = Structure with members named for the entry names (e.g., "data", "oid", etc.)

x509_digest
x509_digest( x509 var, digestname, digest var )
Return the digest of the given certificate referred to by the certificate reference, using the specified hash algorithm.
Returns 1 on success, 0 on failure
 x509 = Certificate reference returned from functions such as x509_load_mem
 digestname = Hash algorithm name, such as "md5" or "sha256". Supported digest algorithms will vary between OpenSSL installations
 digest = Hash value of the certificate

x509_pubkey_digest
x509_pubkey_digest( x509 var, digestname, digest var )
Return the digest of the public key portion of the given certificate referred to by the certificate reference, using the specified hash algorithm.
Returns 1 on success, 0 on failure
 x509 = Certificate reference returned from functions such as x509_load_mem
 digestname = Hash algorithm name, such as "md5" or "sha256". Supported digest algorithms will vary between OpenSSL installations
 digest = Hash value of the public key of the certificate

crypto_evp_encrypt_auth
crypto_evp_encrypt_auth( ciphername, key, iv, aad, plaintext, encrypted var, tag var )
Encrypt the data in "plaintext" using the ciphername, key, and initial vector, returning the encrypted data in "encrypted" and a tag value in "tag" to be used to ensure that the ciphertext and AAD are not tampered with in transit.
Returns 1 on success, 0 on failure
 ciphername = Name of cipher to use. An example is "aes256gcm"
 key = Key value
 iv = Initial vector
 aad = Additional authenticated data
 plaintext = Plaintext to encrypt
 encrypted = Resulting encrypted value
 tag = tag value

pkcs7_load_mem
pkcs7_load_mem( cert, format, pkcs7 var )
Load a list of PKCS7 structures in the specified format into memory, and return a structure reference that refers to the structure(s) in internal storage.
Returns 1 on success, 0 on failure
 cert = Text of a list of pkcs7 structures
 format = Format of the structure(s) passed in. Valid values are "der", "pem", or "pkcs12", with "der" used if the format is missing or any other values are passed
 pkcs7 = Structure array reference. On success, this will be neither zero nor null

pkcs7_get_certs
pkcs7_get_certs( pkcs7 var, x509s var )
Given a structure reference such as returned from pkcs7_load_mem, return certificate references for the x509 certificates that are embedded therein.
Returns Count of array elements returned, 1 on failure
 pkcs7 = Structure reference
 x509s = Array of x509 certificate references

pkcs7_verify
pkcs7_verify( pkcs7 var, root_x509 var, content )
Given a pkcs7 structure reference and root x509 certificate reference, verify the pkcs7 structure and the signed content (if provided).
Returns 1 on success, 0 on failure
 pkcs7 = PKCS7 structure reference
 root_x509 = Root x509 certificate reference
 content = Optional content if not present in the PKCS structure

pkcs7_free
pkcs7_free( pkcs7 var )
Remove a pkcs7 structure from internal memory. The passed pkcs7 structure reference is unchanged on failure (invalid reference) or set to 0 on success.
Returns 1 on success, 0 on failure
 pkcs7 = PKCS7 structure reference

evp_pkey_load_mem
evp_pkey_load_mem( data, format, passphrase, pkey var )
Given a EVP PKEY structure in the given format and a passphrase, verifies the PKEY structure and stores it in internal storage, and returns a reference to the internal storage.
Returns 1 on success, 0 on failure
 data = EVP PKEY structure text
 format = Format of the PKEY structure text. Only "pkcs12" is supported
 passphrase = Passphrase for the PKEY structure
 pkey = Structure reference

evp_pkey_load_pubkey_mem
evp_pkey_load_pubkey_mem( data, format, pkey var )
Given EVP PKEY information in the given format, parse and load the public key from it and return a reference to the internal storage.
Returns 1 on success, 0 on failure
 data = EVP PKEY text
 format = Format of the EVP PKEY text. Valid values are "pem" and "der"
 pkey = Structure reference to internal storage

evp_pkey_derive
evp_pkey_derive( privkey var, peer var, key var )
Given structure references to a EVP PKEY structure with a secret key and a peer public key, derive a shared secret key and return the text in "key".
Returns 1 on success, 0 on failure
 privkey = EVP PKEY structure reference
 peer = EVP PKEY structure reference
 key = Returned text of shared secret key

evp_pkey_free
evp_pkey_free( key var )
Remove an EVP_PKEY structure from internal memory. The passed EVP_PKEY structure reference is unchanged on failure (invalid reference) or set to 0 on success.
Returns 1 on success, 0 on failure
 key = EVP_PKEY structure reference
