bf_decrypt
bf_decrypt( key, encrypted, plaintext var )
Blowfish decryption
Returns 1 on success, 0 on error
 key = the encryption key in ECB mode. the key must be 16 characters.
 plaintext = the text thats encrypted
 encrypted = if sucessful it will contain the results

bf_encrypt
bf_encrypt( key, plaintext, encrypted var )
Blowfish encryption
Returns 1 on success, 0 on error
 key = the encryption key in ECB mode. The key must be 16 characters.
 plaintext = the text thats encrypted
 encrypted = if sucessful it will contain the results

crypto_base64_decode
crypto_base64_decode( data )
Decodes and returns Base64 decodes data.
Returns the decrypted data
 data = the information to decode

crypto_base64_encode
crypto_base64_encode( data )
Encodes and returns Base64 encoded data.
Returns the encrypted data
 data = the information to encode

crypto_cipher_block_size
crypto_cipher_block_size( ciphername )
Programatically determine the block size attribute of the cipher specified by "ciphername".
returns the numeric size, in bytes, or 1 if an invalid "ciphername" is specified.
 ciphername = an OpenSSL cipher identifier, such as "aes128cbc" or "rc2ofb".

crypto_cipher_iv_length
crypto_cipher_iv_length( ciphername )
Programatically determine the iv_length attribute of the cipher specified by "ciphername".
returns the numeric size, in bytes, or 1 if an invalid "ciphername" is specified.
 ciphername = an OpenSSL cipher identifier, such as "aes128cbc" or "rc2ofb".

crypto_cipher_key_length
crypto_cipher_key_length( ciphername )
Programatically determine the key_length attribute of the cipher specified by "ciphername".
returns the numeric size, in bytes, or 1 if an invalid "ciphername" is specified.
 ciphername = an OpenSSL cipher identifier, such as "aes128cbc" or "rc2ofb".

crypto_cipher_mode
crypto_cipher_mode( ciphername )
Returns the block mode of operation of the cipher specified by "ciphername."
 where ciphername = an OpenSSL cipher identifier, such as "aes128cbc" or "rc2ofb"

crypto_digest_block_size
crypto_digest_block_size( digestname )
Programatically determines the block_size attribute of the digest algorithm specified by "digestname".
Returns the numeric size, in bytes, or 1 if an invalid "digestname" is specified.
 digestname = an OpenSSL digest identifier, such as "sha256" or "md5".

crypto_digest_size
crypto_digest_size( digestname )
Programatically determines the digest_size attribute of the digest algorithm specified by "digestname".
Returns the numeric size, in bytes, or 1 if an invalid "digestname" is specified.
 digestname = an OpenSSL digest identifier, such as "sha256" or "md5".

crypto_evp_decrypt
crypto_evp_decrypt( ciphername, key, iv, encrypted, plaintext var )
Decrypts "plaintext" using the block cipher specified by "ciphername", placing the decrypted data into "plaintext".
Return 1 on success, 0 on failure.
 ciphername = The OpenSSL identifier of the cipher, such as "bfcbc" or "desede3cbc".
 key = The key used for encryption.
 iv = The initialization vector used for encryption. returned by crypto_cipher_iv_length().
 encrypted = The ciphertext to be decrypted
 plaintext = [output] Receives the plaintext

crypto_evp_digest
crypto_evp_digest( digestname, buffer var, digest var )
Calculates the digest of "buffer" using digest algorithm "digestname", placing the calculated digest in "digest". The digest output is always in raw binary format, use miva_hex_encode() or crypto_base64_encode() if other output formats are desired.
Returns 1 on success or 0 if an invalid or unsupported "digestname" is specified.
 digestname = an OpenSSL digest identifier, such as "sha256" or "md5". buffer =
 digest =

crypto_evp_encrypt
crypto_evp_encrypt( ciphername, key, iv, plaintext, encrypted var )
Encrypts "plaintext" using the block cipher specified by "ciphername", placing the encrypted data into "encrypted".
returns 1 on success, 0 on failure
 ciphername = The OpenSSL identifier of the cipher, such as "bfcbc" or "desede3cbc".
 key = The encryption key. Must be exactly the number of bytes required by the cipher, as returned by crypto_cipher_key_length.
 iv = An initialization vector, if required by the cipher. Must be exactly the number of bytes required by the cipher, as returned by crypto_cipher_iv_length.
 plaintext = The text to be encrypted
 encrypted = [output] Receives the cipher text

crypto_evp_hmac
crypto_evp_hmac( digestname, key, buffer var, digest var )
Calculates the HMAC of "buffer" using digest algorithm "digestname" and key "key", placing the HMAC in "digest". The HMAC output is always in raw binary format, use miva_hex_encode() or crypto_base64_encode() if other output formats are desired.
Returns 1 on success or 0 if an invalid or unsupported "digestname" is specified.
 digestname = an OpenSSL digest identifier, such as "sha256" or "md5".
 buffer = The data that will be process.
 digest = The result of the HMAC function.

crypto_hmac_md5
crypto_hmac_md5( buffer var, key, format, result var )
Performs an HMACMD5 on "buffer" using key "key", storing the result in "result".
Returns 1 on success, 0 on error.
 buffer = the data that will be processed.
 key = the encryption key
 format = on of the literal string "hex" or "binary"
 result = the return data.

crypto_hmac_sha1
crypto_hmac_sha1( value, key, output_format, output)
Calculates an HMAC SHA1 (Hashbased Message Authentication Code) of value
returns: 1 on success, 0 on failure (including OpenSSL not being available)
 value = value to hash by reference
 key = key to use to calculate the hmac
 output_format = 'hex' or 'binary'
 output = hmac_sha1 hash value.

crypto_hmac_sha256
crypto_hmac_sha256( buffer var, key, format, result var )
Calculates an HMAC SHA256 (Hashbased Message Authentication Code) of buffer
Returns 1 on success, 0 on error or if on an unsuported platform.
 buffer = value to hash
 key = binary key to use to calculate the hmac
 format = "binary" or "hex"
 result = a variable used to store the results.

crypto_last_error
crypto_last_error()
Returns the error text from the last SSL error, or other internal errors in the crypto suite of functions. Use crypto_last_ssl_error() instead to get the code of the last SSL error. ⇨ Version 5.32  Previously if the crypto error originated from Miva Empresa, the returned error was always the same. If the crypto error was from OpenSSL then it would be lost after calling the function. Modified to always return the last crypto error.
Returns error text.

crypto_last_ssl_error
crypto_last_ssl_error()
Returns the Integer value of the last SSL error code. Use crypto_last_error() instead to get the text of the last SSL error.
Returns error code.

crypto_library_version
crypto_library_version( info )

crypto_md5
crypto_md5( buffer )
Calculates the MD5 hash of a string.
Returns the MD5 hash value.
 buffer = the data to be hashed.

crypto_md5_file
crypto_md5_file( file, location, hash var )
Calculates the md5 hash of a file
Returns 1 on success, 0 on failure.
 file = Name of file to calculate the hash of
 location = Location either "script" or "data"
 hash = MD5 hash value

crypto_pbkdf1
crypto_pbkdf1( digestname, password, salt, iterations, dklen, dk var )
Derives a key of "dklen" bytes using PBKDF1 from PKCS #5.
Returns 1 on success or 0 on error.
 digestname = The digest algorithm to use. Must be one of "md2", "md5" or "sha1". password = The password from which a key is to be derived.
 salt = Exactly 8 bytes of random data that are used as a salt.
 iterations = The number of iterations to perform.
 dklen = The desired output length of the derived key. May not be longer than the output digest size of the specified digest algorithm.
 dk = [output] Receives the derived key. The output is in raw binary.

crypto_pbkdf2
crypto_pbkdf2( digestname, password, salt, iterations, dklen, dk var )
Derives a key of "dklen" bytes using PBKDF2 from PKCS #5.
Returns 1 on success or 0 on error.
 digestname = The digest algorithm to use. May be any of the digests supported by the installed OpenSSL version.
 password = The password from which a key is to be derived.
 salt = Random data of any length that is used to salt the derivation. RFC 2898 recommends a minimum salt length of 8 bytes.
 iterations = The number of iterations to perform. RFC 2898 recommends at least 1000 iterations.
 dklen = The desired output length of the derived key. May be any positive value.
 dk = [output] Receives the derived key. The output is in raw binary.

crypto_rand_bytes
crypto_rand_bytes( n )
Generates n random bytes.
Returns a string of bytes

crypto_rand_set_rand_engine
crypto_rand_set_rand_engine( engine )
Specify the random number generating engine to use.
Return value: 1 on success, 0 on failure.
 engine = Name of the random number generator engine to use.

crypto_sha1
crypto_sha1( buffer var, format, result var )
Returns an SHA1 hash of buffer. Secure Hash Algorithm
Returns 1 on success, 0 on failure. (including OpenSSL not being available)
 buffer = value to hash by reference
 output_format = 'hex' or 'binary'. Anything else will result in binary output.
 output = returned sha1 hash value.

crypto_sha256
crypto_sha256( buffer var, format, result var )
Returns an SHA256 hash of buffer. Secure Hash Algorithm. May not be available on platforms running versions of OpenSSL Older than v0.9.8.
Returns 1 on success, 0 on failure. (including OpenSSL not being available)
 buffer = value to hash by reference
 output_format = 'hex' or 'binary'. Anything else will result in binary output.
 output = returned sha1 hash value.

crypto_xor
crypto_xor( buffer var, dest var )
Efficiently performs a bytebybyte XOR of buffer and dest, storing the resulting data in "dest". If "buffer" is longer than "dest", any extra bytes are ignored.
Returns nothing.
 buffer = the data that will be processed.
 dest = the data that will processed against buffer and will contain the results.

rsa_free
rsa_free( rsa var )
Frees memory associated with a previously loaded RSA keypair.
Returns 1 on success, 0 on error.
 rsa = a handle returned by one of the rsa_load_xxx functions

rsa_generate_keypair
rsa_generate_keypair( pubkey_file, privkey_file, bits, e, passphrase )
Generates an RSA keypair, saving the public key in pubkey_file, the private key in privkey_file, and encrypting the private key with passphrase.
Returns 1 on success, 0 on error.
 pubkey_file = The name of the file in which the generated public key is stored
 privkey_file = The name of the file in which the generated private key is stored
 bits = The RSA modulus size, in bits
 e = The public key exponent. Must be an odd number, typically 3, 17 or 65537
 passphrase = The passphrase used to encrypt the private key

rsa_generate_keypair_mem
rsa_generate_keypair_mem( pubkey var, privkey var, bits, e, passphrase )
Generates an RSA keypair, returning the public and private keys in variables, and encrypting the private key with passphrase.
Returns 1 on success, 0 on error.
 pubkey = The variable which receives the generated public key
 privkey = The variable which receives the generated private key
 bits = The RSA modulus size, in bits
 e = The public key exponent. Must be an odd number, typically 3, 17 or 65537
 passphrase = The passphrase used to encrypt the private key

rsa_generate_keypair_mem_cipher
rsa_generate_keypair_mem_cipher( pubkey var, privkey var, bits, e, passphrase, ciphername )
Behaves identical to the legacy counterpart rsa_generate_keypair_mem() except that it allows the caller to specify the cipher used to encrypt the private key (the legacy function always uses desede3cbc).
Returns 1 on success or 0 on error.
 pubkey = The variable which receives the generated public key
 privkey = The variable which receives the generated private key
 bits = The RSA modulus size, in bits
 e = The public key exponent. Must be an odd number, typically 3, 17 or 65537
 passphrase = The passphrase used to encrypt the private key
 ciphername = an OpenSSL cipher identifier, such as "aes128cbc"

rsa_load_privatekey
rsa_load_privatekey( privkey_file, rsa var, passphrase )
Load an encrypted RSA private key from a PKCS#8 file specified by privkey_file, and decrypt it using passphrase.
Returns 1 on success, 0 on error.
 privkey_file = The name of the file containing the encrypted private key
 rsa = A variable which receives an internal reference to the loaded RSA key
 passphrase = The passphrase used to decrypt the private key

rsa_load_privatekey_engine
rsa_load_privatekey_engine( engine, key_id, rsa var )
Load an encryption key based on a key id.
Return value: 1 on success, 0 on failure.
 engine = Name of the encryption engine to use.

key_id = identifier of the key to load

rsa = RSA private key associated with the engine and key ID.

rsa_load_privatekey_mem
rsa_load_privatekey_mem( privkey, rsa var, passphrase )
Loads an encrypted RSA private key from a memory buffer containing PKCS#8 data
Returns 1 on success, 0 on error.
 privkey = The encrypted private key information in PKCS#8 format
 rsa = A variable which receives an internal reference to the loaded RSA key
 passphrase = The passphrase used to decrypt the private key

rsa_load_publickey
rsa_load_publickey( pubkey_file, rsa var )
Load an RSA public key from a PKCS#1 file specified by "pubkey_file".
Returns 1 on success, 0 on error.
 pubkey_file = The name of the file containing the public key
 rsa = A variable which receives an internal reference to the loaded RSA key

rsa_load_publickey_engine
rsa_load_publickey_engine( engine, key_id, rsa var )
Load an encryption key based on a key id.
Return value: 1 on success, 0 on failure.
 engine = Name of the encryption engine to use.

key_id = identifier of the key to load

rsa = RSA public key associated with the engine and key ID.

rsa_load_publickey_mem
rsa_load_publickey_mem( pubkey, rsa var )
Loads an RSA public key from a memory buffer containing PKCS#1 data
Returns 1 on success, 0 on error.
 pubkey = The public key in PKCS#1 format
 rsa = A variable which receives an internal reference to the loaded RSA key

rsa_private_decrypt
rsa_private_decrypt( rsa, encrypted, plaintext var )
Decrypts data previously encrypted using the public key portion of an RSA keypair.
Returns 1 on success, 0 on error.
 rsa = The internal reference to the RSA private key used for decryption
 encrypted = The encrypted ciphertext, in raw binary format
 plaintext = A variable which receives the decrypted plaintext

rsa_private_encrypt
rsa_private_encrypt( rsa, plaintext, encrypted var )
Encrypts data using the private key portion of an RSA keypair.
Returns 1 on success, 0 on error.
 rsa = The internal reference to the RSA private key used for encryption
 plaintext = The data to be encrypted
 encrypted = A variable which receives the encrypted ciphertext in raw binary format

rsa_public_decrypt
rsa_public_decrypt( rsa, encrypted, plaintext var )
Decrypts data previously encrypted using the private key portion of an RSA keypair.
Returns 1 on success, 0 on error.
 rsa = The internal reference to the RSA public key used for decryption
 encrypted = The encrypted ciphertext, in raw binary format
 plaintext = A variable which receives the decrypted plaintext

rsa_public_encrypt
rsa_public_encrypt( rsa, plaintext, encrypted var )
Encrypts data using the public key portion of an RSA keypair.
Returns 1 on success, 0 on error.
 rsa = The internal reference to the RSA public key used for encryption
 plaintext = The data to be encrypted
 encrypted = A variable which receives the encrypted ciphertext in raw binary format

rsa_save_privatekey
rsa_save_privatekey( privkey_file, rsa var, passphrase )
Encrypts and writes a previously loaded RSA private key to a file in PKCS#8 format
Returns 1 on success, 0 on error.
 privkey_file = The name of the file in which the private key is to be stored
 rsa = The internal reference to the RSA private key to be saved
 passphrase = The passphrase used to encrypt the private key

rsa_save_privatekey_mem
rsa_save_privatekey_mem( privkey var, rsa var, passphrase )
Encrypts a previously loaded RSA private key and stores it into a variable in PKCS#8 format
Returns 1 on success, 0 on error.
 privkey = The variable which will receive the encrypted private key
 rsa = The internal reference to the RSA private key to be saved
 passphrase = The passphrase used to encrypt the private key

rsa_save_privatekey_mem_cipher
rsa_save_privatekey_mem_cipher( privkey var, rsa var, passphrase, ciphername )
Behaves identical to the legacy counterpart rsa_save_privatekey_mem() except that it allows the caller to specify the cipher used to encrypt the private key (the legacy function always uses desede3cbc).
 ciphername = an OpenSSL cipher identifier that specifies the cipher to be used. Note that OpenSSL only permits a subset of its supported ciphers to be used for RSA key encryption. For example, only CBC mode ciphers are permitted.

rsa_sign
rsa_sign( rsa, buffer, signature var )
Generates a digital signature using SHA1 and an RSA private key
Returns 1 on success, 0 on failure. Requires OpenSSL 0.9.7 or greater.
 rsa = The internal reference to the RSA private key to be used
 buffer = The data to be signed
 signature = A variable which receives the signature in raw binary format

rsa_verify
rsa_verify( rsa, buffer, signature )
Verifies a digital signature previously generated by rsa_sign
Returns 1 on success, 0 on verification failure or error. Requires OpenSSL 0.9.7 or greater.
 rsa = The internal reference to the RSA public key used for verification
 buffer = The data for which the signature is to be verified
 signature = The signature to verify, in raw binary format

x509_create
x509_create( cert, x509 var )
Create an X509 Certificate from the PEM format data in "cert" where cert = PEM format certificate, x509 =Index into an internal array of certificates.
Returns 1 on sucess, 0 on error.

x509_free
x509_free( rsa var )
Deletes an x509 from the internal array of x509 certificates where x509 = Index into internal array of x509 certificates.
Returns 1 on success, 0 on error.

x509_load
x509_load( cert, x509 var )
Load an X509 Certificate from the file specified by "cert" where cert = File containing an x509 certificate, x509 = Index into an internal array of certificates.
Returns 1 on sucess, 0 on error.

x509_rsa_publickey
x509_rsa_publickey( x509 var, rsa var )
Extracts the RSA public key from the X509 specified by "x509" and stores it in "rsa" where x509 = Index into internal array of x509 certificates, rsa =Index into internal array of RSA public keys.
Returns 1 on success, 0 on error.

x509_verify
x509_verify( x509 var, trusted_certs )
Verifies that the X509 certificate specified by "x509" was issued by one of the X509 certificates (in PEM format) in "trusted_certs", where x509 = Index into internal array of certificates, trusted_certs = Certificates (in PEM text format) to find the x50
Returns 1 on successful find, 0 if certificate isn't in trusted_certs, or other error.

x509_load_mem
x509_load_mem( cert, x509 var )
Loads and parses the text of an x509 certificate, and gives a certificate reference that refers to the certificate in internal storage.
Returns 1 on success, 0 on failure
 cert = Text of the certificate
 x509 = Certificate reference. On success, this will be neither zero nor null

x509_get_subject_name
x509_get_subject_name( certref var, subjectname var )
Return X509 name information for the certificate referred to by the certificate reference.
Returns 1 on success, 0 on failure
 certref = Certificate reference returned from functions such as x509_load_mem
 subjectname = Structure with members named for the entry names (e.g., "commonName", "countryName", etc.)

x509_get_issuer_name
x509_get_issuer_name( certref var, issuername var )
Return X509 issuer information for the certificate referred to by the certificate reference.
Returns 1 on success, 0 on failure
 certref = Certificate reference returned from functions such as x509_load_mem
 issuername = Structure with members named for the entry names (e.g., "commonName", "countryName", etc.)

x509_get_extensions
x509_get_extensions( certref var, extensions var )
Return X509 extension information for the certificate referred to by the certificate reference.
Returns 1 on success, 0 on failure
 certref = Certificate reference returned from functions such as x509_load_mem
 extensions = Structure with members named for the entry names (e.g., "data", "oid", etc.)

x509_digest
x509_digest( x509 var, digestname, digest var )
Return the digest of the given certificate referred to by the certificate reference, using the specified hash algorithm.
Returns 1 on success, 0 on failure
 x509 = Certificate reference returned from functions such as x509_load_mem
 digestname = Hash algorithm name, such as "md5" or "sha256". Supported digest algorithms will vary between OpenSSL installations
 digest = Hash value of the certificate

x509_pubkey_digest
x509_pubkey_digest( x509 var, digestname, digest var )
Return the digest of the public key portion of the given certificate referred to by the certificate reference, using the specified hash algorithm.
Returns 1 on success, 0 on failure
 x509 = Certificate reference returned from functions such as x509_load_mem
 digestname = Hash algorithm name, such as "md5" or "sha256". Supported digest algorithms will vary between OpenSSL installations
 digest = Hash value of the public key of the certificate

crypto_evp_encrypt_auth
crypto_evp_encrypt_auth( ciphername, key, iv, aad, plaintext, encrypted var, tag var )
Encrypt the data in "plaintext" using the ciphername, key, and initial vector, returning the encrypted data in "encrypted" and a tag value in "tag" to be used to ensure that the ciphertext and AAD are not tampered with in transit.
Returns 1 on success, 0 on failure
 ciphername = Name of cipher to use. An example is "aes256gcm"
 key = Key value
 iv = Initial vector
 aad = Additional authenticated data
 plaintext = Plaintext to encrypt
 encrypted = Resulting encrypted value
 tag = tag value

pkcs7_load_mem
pkcs7_load_mem( cert, format, pkcs7 var )
Load a list of PKCS7 structures in the specified format into memory, and return a structure reference that refers to the structure(s) in internal storage.
Returns 1 on success, 0 on failure
 cert = Text of a list of pkcs7 structures
 format = Format of the structure(s) passed in. Valid values are "der", "pem", or "pkcs12", with "der" used if the format is missing or any other values are passed
 pkcs7 = Structure array reference. On success, this will be neither zero nor null

pkcs7_get_certs
pkcs7_get_certs( pkcs7 var, x509s var )
Given a structure reference such as returned from pkcs7_load_mem, return certificate references for the x509 certificates that are embedded therein.
Returns Count of array elements returned, 1 on failure
 pkcs7 = Structure reference
 x509s = Array of x509 certificate references

pkcs7_verify
pkcs7_verify( pkcs7 var, root_x509 var, content )
Given a pkcs7 structure reference and root x509 certificate reference, verify the pkcs7 structure and the signed content (if provided).
Returns 1 on success, 0 on failure
 pkcs7 = PKCS7 structure reference
 root_x509 = Root x509 certificate reference
 content = Optional content if not present in the PKCS structure

pkcs7_free
pkcs7_free( pkcs7 var )
Remove a pkcs7 structure from internal memory. The passed pkcs7 structure reference is unchanged on failure (invalid reference) or set to 0 on success.
Returns 1 on success, 0 on failure
 pkcs7 = PKCS7 structure reference

evp_pkey_load_mem
evp_pkey_load_mem( data, format, passphrase, pkey var )
Given a EVP PKEY structure in the given format and a passphrase, verifies the PKEY structure and stores it in internal storage, and returns a reference to the internal storage. ⇨ Version 5.32  now supports the DER and PEM formats.
Returns 1 on success, 0 on failure
 data = EVP PKEY structure text
 format = Format of the PKEY structure text. Only "pkcs12" is supported
 passphrase = Passphrase for the PKEY structure
 pkey = Structure reference

evp_pkey_load_pubkey_mem
evp_pkey_load_pubkey_mem( data, format, pkey var )
Given EVP PKEY information in the given format, parse and load the public key from it and return a reference to the internal storage.
Returns 1 on success, 0 on failure
 data = EVP PKEY text
 format = Format of the EVP PKEY text. Valid values are "pem" and "der"
 pkey = Structure reference to internal storage

evp_pkey_derive
evp_pkey_derive( privkey var, peer var, key var )
Given structure references to a EVP PKEY structure with a secret key and a peer public key, derive a shared secret key and return the text in "key".
Returns 1 on success, 0 on failure
 privkey = EVP PKEY structure reference
 peer = EVP PKEY structure reference
 key = Returned text of shared secret key

evp_pkey_free
evp_pkey_free( key var )
Remove an EVP_PKEY structure from internal memory. The passed EVP_PKEY structure reference is unchanged on failure (invalid reference) or set to 0 on success.
Returns 1 on success, 0 on failure
 key = EVP_PKEY structure reference

crypto_next_error
crypto_next_error()
A string value containing the appropriate crypto error

crypto_clear_error
crypto_clear_error()
Clear out all crypto errors.

crypto_evp_sign
crypto_evp_sign( digestname, privkey, buffer, signature var )
1 on success, 0 on failure

crypto_evp_verify
crypto_evp_verify( digestname, pubkey, buffer, signature )
1 on success, 0 on failure

evp_pkey_load_pubkey_x509
evp_pkey_load_pubkey_x509( x509 var, pkey var )
Loads a PKEY reference from an x509 public key reference
1 on success, 0 on failure
 x509 = Certificate reference returned from functions such as x509_load_mem
 pkey = Structure reference
