Encryption

Name -- Syntax / Description
bf_decrypt
bf_decrypt( key, encrypted, plaintext var )
Blowfish decryption
Returns 1 on success, 0 on error
  • key = the encryption key in ECB mode. the key must be 16 characters.
  • plaintext = the text thats encrypted
  • encrypted = if sucessful it will contain the results
bf_encrypt
bf_encrypt( key, plaintext, encrypted var )
Blowfish encryption
Returns 1 on success, 0 on error
  • key = the encryption key in ECB mode. The key must be 16 characters.
  • plaintext = the text thats encrypted
  • encrypted = if sucessful it will contain the results
crypto_base64_decode
crypto_base64_decode( data )
Decodes and returns Base-64 decodes data.
Returns the decrypted data
  • data = the information to decode
crypto_base64_encode
crypto_base64_encode( data )
Encodes and returns Base-64 encoded data.
Returns the encrypted data
  • data = the information to encode
crypto_hmac_sha1
crypto_hmac_sha1( value, key, output_format, output)
Calculates an HMAC SHA-1 (Hash-based Message Authentication Code) of value
returns: 1 on success, 0 on failure (including OpenSSL not being available)
  • value = value to hash by reference
  • key = key to use to calculate the hmac
  • output_format = 'hex' or 'binary'
  • output = hmac_sha1 hash value.
crypto_hmac_sha256
crypto_hmac_sha256( buffer var, key, format, result var )
Calculates an HMAC SHA-256 (Hash-based Message Authentication Code) of buffer
Returns 1 on success, 0 on error or if on an unsuported platform.
  • buffer = value to hash
  • key = binary key to use to calculate the hmac
  • format = "binary" or "hex"
  • result = a variable used to store the results.
crypto_last_error
crypto_last_error()
Returns the error text from the last SSL error, or other internal errors in the crypto suite of functions. Use crypto_last_ssl_error() instead to get the code of the last SSL error.
Returns error text.
crypto_last_ssl_error
crypto_last_ssl_error()
Returns the Integer value of the last SSL error code. Use crypto_last_error() instead to get the text of the last SSL error.
Returns error code.
crypto_library_version
crypto_library_version( info )
crypto_md5
crypto_md5( buffer )
Calculates the MD5 hash of a string.
Returns the MD5 hash value.
  • buffer = the data to be hashed.
crypto_md5_file
crypto_md5_file( file, location, hash var )
Calculates the md5 hash of a file
Returns 1 on success, 0 on failure.
  • file = Name of file to calculate the hash of
  • location = Location either "script" or "data"
  • hash = MD5 hash value
crypto_rand_bytes
crypto_rand_bytes( n )
Generates n random bytes.
Returns a string of bytes
  • n = the number of bytes
crypto_sha1
crypto_sha1( buffer var, format, result var )
Returns an SHA1 hash of buffer. Secure Hash Algorithm
Returns 1 on success, 0 on failure. (including OpenSSL not being available)
  • buffer = value to hash by reference
  • output_format = 'hex' or 'binary'. Anything else will result in binary output.
  • output = returned sha1 hash value.
crypto_sha256
crypto_sha256( buffer var, format, result var )
Returns an SHA256 hash of buffer. Secure Hash Algorithm. May not be available on platforms running versions of OpenSSL Older than v0.9.8.
Returns 1 on success, 0 on failure. (including OpenSSL not being available)
  • buffer = value to hash by reference
  • output_format = 'hex' or 'binary'. Anything else will result in binary output.
  • output = returned sha1 hash value.
rsa_free
rsa_free( rsa var )
Frees memory associated with a previously loaded RSA keypair.
Returns 1 on success, 0 on error.
  • rsa = a handle returned by one of the rsa_load_xxx functions
rsa_generate_keypair
rsa_generate_keypair( pubkey_file, privkey_file, bits, e, passphrase )
Generates an RSA keypair, saving the public key in pubkey_file, the private key in privkey_file, and encrypting the private key with passphrase.
Returns 1 on success, 0 on error.
  • pubkey_file = The name of the file in which the generated public key is stored
  • privkey_file = The name of the file in which the generated private key is stored
  • bits = The RSA modulus size, in bits
  • e = The public key exponent. Must be an odd number, typically 3, 17 or 65537
  • passphrase = The passphrase used to encrypt the private key
rsa_generate_keypair_mem
rsa_generate_keypair_mem( pubkey var, privkey var, bits, e, passphrase )
Generates an RSA keypair, returning the public and private keys in variables, and encrypting the private key with passphrase.
Returns 1 on success, 0 on error.
  • pubkey = The variable which receives the generated public key
  • privkey = The variable which receives the generated private key
  • bits = The RSA modulus size, in bits
  • e = The public key exponent. Must be an odd number, typically 3, 17 or 65537
  • passphrase = The passphrase used to encrypt the private key
rsa_load_privatekey
rsa_load_privatekey( privkey_file, rsa var, passphrase )
Load an encrypted RSA private key from a PKCS#8 file specified by privkey_file, and decrypt it using passphrase.
Returns 1 on success, 0 on error.
  • privkey_file = The name of the file containing the encrypted private key
  • rsa = A variable which receives an internal reference to the loaded RSA key
  • passphrase = The passphrase used to decrypt the private key
rsa_load_privatekey_mem
rsa_load_privatekey_mem( privkey, rsa var, passphrase )
Loads an encrypted RSA private key from a memory buffer containing PKCS#8 data
Returns 1 on success, 0 on error.
  • privkey = The encrypted private key information in PKCS#8 format
  • rsa = A variable which receives an internal reference to the loaded RSA key
  • passphrase = The passphrase used to decrypt the private key
rsa_load_publickey
rsa_load_publickey( pubkey_file, rsa var )
Load an RSA public key from a PKCS#1 file specified by "pubkey_file".
Returns 1 on success, 0 on error.
  • pubkey_file = The name of the file containing the public key
  • rsa = A variable which receives an internal reference to the loaded RSA key
rsa_load_publickey_mem
rsa_load_publickey_mem( pubkey, rsa var )
Loads an RSA public key from a memory buffer containing PKCS#1 data
Returns 1 on success, 0 on error.
  • pubkey = The public key in PKCS#1 format
  • rsa = A variable which receives an internal reference to the loaded RSA key
rsa_private_decrypt
rsa_private_decrypt( rsa, encrypted, plaintext var )
Decrypts data previously encrypted using the public key portion of an RSA keypair.
Returns 1 on success, 0 on error.
  • rsa = The internal reference to the RSA private key used for decryption
  • encrypted = The encrypted ciphertext, in raw binary format
  • plaintext = A variable which receives the decrypted plaintext
rsa_private_encrypt
rsa_private_encrypt( rsa, plaintext, encrypted var )
Encrypts data using the private key portion of an RSA keypair.
Returns 1 on success, 0 on error.
  • rsa = The internal reference to the RSA private key used for encryption
  • plaintext = The data to be encrypted
  • encrypted = A variable which receives the encrypted ciphertext in raw binary format
rsa_public_decrypt
rsa_public_decrypt( rsa, encrypted, plaintext var )
Decrypts data previously encrypted using the private key portion of an RSA keypair.
Returns 1 on success, 0 on error.
  • rsa = The internal reference to the RSA public key used for decryption
  • encrypted = The encrypted ciphertext, in raw binary format
  • plaintext = A variable which receives the decrypted plaintext
rsa_public_encrypt
rsa_public_encrypt( rsa, plaintext, encrypted var )
Encrypts data using the public key portion of an RSA keypair.
Returns 1 on success, 0 on error.
  • rsa = The internal reference to the RSA public key used for encryption
  • plaintext = The data to be encrypted
  • encrypted = A variable which receives the encrypted ciphertext in raw binary format
rsa_save_privatekey
rsa_save_privatekey( privkey_file, rsa var, passphrase )
Encrypts and writes a previously loaded RSA private key to a file in PKCS#8 format
Returns 1 on success, 0 on error.
  • privkey_file = The name of the file in which the private key is to be stored
  • rsa = The internal reference to the RSA private key to be saved
  • passphrase = The passphrase used to encrypt the private key
rsa_save_privatekey_mem
rsa_save_privatekey_mem( privkey var, rsa var, passphrase )
Encrypts a previously loaded RSA private key and stores it into a variable in PKCS#8 format
Returns 1 on success, 0 on error.
  • privkey = The variable which will receive the encrypted private key
  • rsa = The internal reference to the RSA private key to be saved
  • passphrase = The passphrase used to encrypt the private key
rsa_sign
rsa_sign( rsa, buffer, signature var )
Generates a digital signature using SHA1 and an RSA private key
Returns 1 on success, 0 on failure. Requires OpenSSL 0.9.7 or greater.
  • rsa = The internal reference to the RSA private key to be used
  • buffer = The data to be signed
  • signature = A variable which receives the signature in raw binary format
rsa_verify
rsa_verify( rsa, buffer, signature )
Verifies a digital signature previously generated by rsa_sign
Returns 1 on success, 0 on verification failure or error. Requires OpenSSL 0.9.7 or greater.
  • rsa = The internal reference to the RSA public key used for verification
  • buffer = The data for which the signature is to be verified
  • signature = The signature to verify, in raw binary format
x509_create
x509_create( cert, x509 var )
Create an X509 Certificate from the PEM format data in "cert" where cert = PEM format certificate, x509 =Index into an internal array of certificates.
Returns 1 on sucess, 0 on error.
x509_free
x509_free( rsa var )
Deletes an x509 from the internal array of x509 certificates where x509 = Index into internal array of x509 certificates.
Returns 1 on success, 0 on error.
x509_load
x509_load( cert, x509 var )
Load an X509 Certificate from the file specified by "cert" where cert = File containing an x509 certificate, x509 = Index into an internal array of certificates.
Returns 1 on sucess, 0 on error.
x509_rsa_publickey
x509_rsa_publickey( x509 var, rsa var )
Extracts the RSA public key from the X509 specified by "x509" and stores it in "rsa" where x509 = Index into internal array of x509 certificates, rsa =Index into internal array of RSA public keys.
Returns 1 on success, 0 on error.
x509_verify
x509_verify( x509 var, trusted_certs )
Verifies that the X509 certificate specified by "x509" was issued by one of the X509 certificates (in PEM format) in "trusted_certs", where x509 = Index into internal array of certificates, trusted_certs = Certificates (in PEM text format) to find the x50
Returns 1 on successful find, 0 if certificate isn't in trusted_certs, or other error.
crypto_cipher_mode
crypto_cipher_mode( ciphername )
Returns the block mode of operation of the cipher specified by "ciphername."
  • where ciphername = an OpenSSL cipher identifier, such as "aes-128-cbc" or "rc2-ofb"
crypto_cipher_block_size
crypto_cipher_block_size( ciphername )
Programatically determine the block size attribute of the cipher specified by "ciphername".
returns the numeric size, in bytes, or -1 if an invalid "ciphername" is specified.
  • ciphername = an OpenSSL cipher identifier, such as "aes-128-cbc" or "rc2-ofb".
crypto_cipher_key_length
crypto_cipher_key_length( ciphername )
Programatically determine the key_length attribute of the cipher specified by "ciphername".
returns the numeric size, in bytes, or -1 if an invalid "ciphername" is specified.
  • ciphername = an OpenSSL cipher identifier, such as "aes-128-cbc" or "rc2-ofb".
crypto_cipher_iv_length
crypto_cipher_iv_length( ciphername )
Programatically determine the iv_length attribute of the cipher specified by "ciphername".
returns the numeric size, in bytes, or -1 if an invalid "ciphername" is specified.
  • ciphername = an OpenSSL cipher identifier, such as "aes-128-cbc" or "rc2-ofb".
crypto_evp_encrypt
crypto_evp_encrypt( ciphername, key, iv, plaintext, encrypted var )
Encrypts "plaintext" using the block cipher specified by "ciphername", placing the encrypted data into "encrypted".
returns 1 on success, 0 on failure
  • ciphername = The OpenSSL identifier of the cipher, such as "bf-cbc" or "des-ede3-cbc".
  • key = The encryption key. Must be exactly the number of bytes required by the cipher, as returned by crypto_cipher_key_length.
  • iv = An initialization vector, if required by the cipher. Must be exactly the number of bytes required by the cipher, as returned by crypto_cipher_iv_length.
  • plaintext = The text to be encrypted
  • encrypted = [output] Receives the cipher text
crypto_evp_decrypt
crypto_evp_decrypt( ciphername, key, iv, encrypted, plaintext var )
Decrypts "plaintext" using the block cipher specified by "ciphername", placing the decrypted data into "plaintext".
Return 1 on success, 0 on failure.
  • ciphername = The OpenSSL identifier of the cipher, such as "bf-cbc" or "des-ede3-cbc".
  • key = The key used for encryption.
  • iv = The initialization vector used for encryption. returned by crypto_cipher_iv_length().
  • encrypted = The ciphertext to be decrypted
  • plaintext = [output] Receives the plaintext
crypto_digest_block_size
crypto_digest_block_size( digestname )
Programatically determines the block_size attribute of the digest algorithm specified by "digestname".
Returns the numeric size, in bytes, or -1 if an invalid "digestname" is specified.
  • digestname = an OpenSSL digest identifier, such as "sha256" or "md5".
crypto_digest_size
crypto_digest_size( digestname )
Programatically determines the digest_size attribute of the digest algorithm specified by "digestname".
Returns the numeric size, in bytes, or -1 if an invalid "digestname" is specified.
  • digestname = an OpenSSL digest identifier, such as "sha256" or "md5".
crypto_evp_digest
crypto_evp_digest( digestname, buffer var, digest var )
Calculates the digest of "buffer" using digest algorithm "digestname", placing the calculated digest in "digest". The digest output is always in raw binary format, use miva_hex_encode() or crypto_base64_encode() if other output formats are desired.
Returns 1 on success or 0 if an invalid or unsupported "digestname" is specified.
  • digestname = an OpenSSL digest identifier, such as "sha256" or "md5". buffer =
  • digest =
crypto_evp_hmac
crypto_evp_hmac( digestname, key, buffer var, digest var )
Calculates the HMAC of "buffer" using digest algorithm "digestname" and key "key", placing the HMAC in "digest". The HMAC output is always in raw binary format, use miva_hex_encode() or crypto_base64_encode() if other output formats are desired.
Returns 1 on success or 0 if an invalid or unsupported "digestname" is specified.
  • digestname = an OpenSSL digest identifier, such as "sha256" or "md5".
  • buffer = The data that will be process.
  • digest = The result of the HMAC function.
crypto_xor
crypto_xor( buffer var, dest var )
Efficiently performs a byte-by-byte XOR of buffer and dest, storing the resulting data in "dest". If "buffer" is longer than "dest", any extra bytes are ignored.
Returns nothing.
  • buffer = the data that will be processed.
  • dest = the data that will processed against buffer and will contain the results.
crypto_pbkdf1
crypto_pbkdf1( digestname, password, salt, iterations, dklen, dk var )
Derives a key of "dklen" bytes using PBKDF1 from PKCS #5.
Returns 1 on success or 0 on error.
  • digestname = The digest algorithm to use. Must be one of "md2", "md5" or "sha1". password = The password from which a key is to be derived.
  • salt = Exactly 8 bytes of random data that are used as a salt.
  • iterations = The number of iterations to perform.
  • dklen = The desired output length of the derived key. May not be longer than the output digest size of the specified digest algorithm.
  • dk = [output] Receives the derived key. The output is in raw binary.
crypto_pbkdf2
crypto_pbkdf2( digestname, password, salt, iterations, dklen, dk var )
Derives a key of "dklen" bytes using PBKDF2 from PKCS #5.
Returns 1 on success or 0 on error.
  • digestname = The digest algorithm to use. May be any of the digests supported by the installed OpenSSL version.
  • password = The password from which a key is to be derived.
  • salt = Random data of any length that is used to salt the derivation. RFC 2898 recommends a minimum salt length of 8 bytes.
  • iterations = The number of iterations to perform. RFC 2898 recommends at least 1000 iterations.
  • dklen = The desired output length of the derived key. May be any positive value.
  • dk = [output] Receives the derived key. The output is in raw binary.
rsa_generate_keypair_mem_cipher
rsa_generate_keypair_mem_cipher( pubkey var, privkey var, bits, e, passphrase, ciphername )
Behaves identical to the legacy counterpart rsa_generate_keypair_mem() except that it allows the caller to specify the cipher used to encrypt the private key (the legacy function always uses des-ede3-cbc).
Returns 1 on success or 0 on error.
  • pubkey = The variable which receives the generated public key
  • privkey = The variable which receives the generated private key
  • bits = The RSA modulus size, in bits
  • e = The public key exponent. Must be an odd number, typically 3, 17 or 65537
  • passphrase = The passphrase used to encrypt the private key
  • ciphername = an OpenSSL cipher identifier, such as "aes-128-cbc"
rsa_save_privatekey_mem_cipher
rsa_save_privatekey_mem_cipher( privkey var, rsa var, passphrase, ciphername )
Behaves identical to the legacy counterpart rsa_save_privatekey_mem() except that it allows the caller to specify the cipher used to encrypt the private key (the legacy function always uses des-ede3-cbc).
  • ciphername = an OpenSSL cipher identifier that specifies the cipher to be used. Note that OpenSSL only permits a subset of its supported ciphers to be used for RSA key encryption. For example, only CBC mode ciphers are permitted.
crypto_hmac_md5
crypto_hmac_md5( buffer var, key, format, result var )
Performs an HMAC-MD5 on "buffer" using key "key", storing the result in "result".
Returns 1 on success, 0 on error.
  • buffer = the data that will be processed.
  • key = the encryption key
  • format = on of the literal string "hex" or "binary"
  • result = the return data.
User Annotations: encryption