Knowledgebase:
Miva Empresa/Mia/Script Compiler v5.27 Release Notes
Posted by Wayne Smith on 03 March 2017 03:39 PM

Miva Empresa/Mia/Script Compiler v5.27 Release Notes

----------------------------------------------------

Bugs Fixed

----------

23175: x509_load and x509_create leak an X509 pointer

23231: Segmentation fault on pkcs7_get_certs after failed pkcs7_load_mem

23260: evp_pkey_derive does not set error when passed an invalid key [index]

23267: pkcs7_get_signer_info does not set error when passed an invalid key [index]

23268: pkcs7_get_certs does not set error when passed an invalid key [index]

23273: x509_get_extensions does not return 0/false on given an invalid certificate [index]

23274: x509_get_issuer_name does not return 0/false on given an invalid certificate [index]

23275: x509_get_pubkey does not set error when passed an invalid key [index]

23277: x509_get_subject_name does not return 0/false on given an invalid certificate [index]

23280: x509_load_mem with a previously loaded certificate index and a bad certificate destroys existing certificate, segfaults

23281: evp_pkey_load_mem with existing certificate, invalid pkey will leave index into invalid pkey array contents.

23282: x509_create is deprecated, but should still work correctly.

23331: rsa internal storage inconsistent with x509, pkcs7, etc.

23428: FunctionParameter name lengths for some parameters incorrect.

23435: Formatting bug for file: builtins/crypto.cpp

23579: ISAPI (IIS 6 and earlier) no longer supported due to PCI concerns

23614: test/t_builtin_crypto: tests on functions using OpenSSL 1.0.X should skip if 0.9.x or 1.1.x

23618: Unsupported OpenSSL routines need graceful [or more graceful] handling

23648: pkcs7_verify returns "not enough data" on Cent48, cent39

23652: Incorrect formatting of "routine is unsupported" error

23661: crypto functions inserting values into an array need to "free" variable being used, crypto_allocate_X needs to null structure pointer consistently.

23664: Memory leak with non-closing mvt:callcontinue

23666: Memory leak in LinkPoint commerce library

23671: MvSMTP attempts to write to a conection after a TLS handshake failure, resulting in SIGPIPE

 

New Builtin Functions

---------------------

- x509_load_mem( cert, x509 var )

Loads and parses the text of an x509 certificate, and gives a certificate reference that refers to the certificate in internal storage.

 

Parameters:

- cert - Text of the certificate

- x509 - Certificate reference. On success, this will be neither zero nor null

 

Return Value:

- 1 on success

- 0 on failure

 

- x509_get_subject_name( certref var, subjectname var )

Return X509 name information for the certificate referred to by the certificate reference.

 

Parameters:

- certref - Certificate reference returned from functions such as x509_load_mem

- subjectname - Structure with members named for the entry names (e.g., "commonName", "countryName", etc.)

 

Return Value:

- 1 on success

- 0 on failure

 

- x509_get_issuer_name( certref var, issuername var )

Return X509 issuer information for the certificate referred to by the certificate reference.

 

Parameters:

- certref - Certificate reference returned from functions such as x509_load_mem

- issuername - Structure with members named for the entry names (e.g., "commonName", "countryName", etc.)

 

Return Value:

- 1 on success

- 0 on failure

 

- x509_get_extensions( certref var, extensions var )

Return X509 extension information for the certificate referred to by the certificate reference.

 

Parameters:

- certref - Certificate reference returned from functions such as x509_load_mem

- extensions - Structure with members named for the entry names (e.g., "data", "oid", etc.)

 

Return Value:

- 1 on success

- 0 on failure

 

- x509_digest( x509 var, digestname, digest var )

Return the digest of the given certificate referred to by the certificate reference, using the specified hash algorithm.

 

Parameters:- x509 - Certificate reference returned from functions such as x509_load_mem

- digestname - Hash algorithm name, such as "md5" or "sha256". Supported digest algorithms will vary between OpenSSL installations

- digest - Hash value of the certificate

 

Return Value:

- 1 on success

- 0 on failure

 

- x509_pubkey_digest( x509 var, digestname, digest var )

Return the digest of the public key portion of the given certificate referred to by the certificate reference, using the specified hash algorithm.

 

Parameters:

- x509 - Certificate reference returned from functions such as x509_load_mem

- digestname - Hash algorithm name, such as "md5" or "sha256". Supported digest algorithms will vary between OpenSSL installations

- digest - Hash value of the public key of the certificate

 

Return Value:

- 1 on success

- 0 on failure

 

- crypto_evp_encrypt_auth( ciphername, key, iv, aad, plaintext, encrypted var, tag var )

Encrypt the data in "plaintext" using the ciphername, key, and initial vector, returning the encrypted data in "encrypted" and a tag value in "tag" to be used to ensure that the ciphertext and AAD are not tampered with in transit.

 

Parameters:

- ciphername - Name of cipher to use. An example is "aes-256-gcm"

- key - Key value

- iv - Initial vector

- aad - Additional authenticated data

- plaintext - Plaintext to encrypt

- encrypted - Resulting encrypted value

- tag - tag value

 

Return Value:

- 1 on success

- 0 on failure

 

- pkcs7_load_mem( cert, format, pkcs7 var )

Load a list of PKCS7 structures in the specified format into memory, and return a structure reference that refers to the structure(s) in internal storage.

 

Parameters:

- cert - Text of a list of pkcs7 structures

- format - Format of the structure(s) passed in. Valid values are "der", "pem", or "pkcs12", with "der" used if the format is missing or any other values are passed

- pkcs7 - Structure array reference. On success, this will be neither zero nor null

 

Return Value:

- 1 on success

- 0 on failure

 

- pkcs7_get_certs( pkcs7 var, x509s var )

Given a structure reference such as returned from pkcs7_load_mem, return certificate references for the x509 certificates that are embedded therein.

 

Parameters:

- pkcs7 - Structure reference

- x509s - Array of x509 certificate references

 

Return Value:

- Count of x509 certificate references returned

- -1 on failure

 

- pkcs7_get_signer_info( pkcs7 var, output var )

Given a structure reference such as returned from pkcs7_load_mem, return an array of structures containing signer info.

 

Parameters:

- pkcs7 - Structure reference

- output - Array of structures containing signing information. Each structure will contain members named "version", "issuer", "issuerSerial", "messageDigest" and "signingTime"

 

Return Value:

- Count of array elements returned

- -1 on failure

 

- pkcs7_verify( pkcs7 var, root_x509 var, content )

Given a pkcs7 structure reference and root x509 certificate reference, verify the pkcs7 structure and the signed content (if provided).

 

Parameters:

- pkcs7 - PKCS7 structure reference

- root_x509 - Root x509 certificate reference

- content - Optional content if not present in the PKCS structure

 

Return Value:

- 1 on success

- 0 on failure

 

- pkcs7_free( pkcs7 var )

Remove a pkcs7 structure from internal memory. The passed pkcs7 structure reference is unchanged on failure (invalid reference) or set to 0 on success.

 

Parameters:

- pkcs7 - PKCS7 structure reference

 

Return Value:

- 1 on success

- 0 on failure

 

- evp_pkey_load_mem( data, format, passphrase, pkey var )

Given a EVP PKEY structure in the given format and a passphrase, verifies the PKEY structure and stores it in internal storage, and returns a reference to the internal storage.

 

Parameters:

- data - EVP PKEY structure text

- format - Format of the PKEY structure text. Only "pkcs12" is supported

- passphrase - Passphrase for the PKEY structure

- pkey - Structure reference

 

Return Value:

- 1 on success

- 0 on failure

 

- evp_pkey_load_pubkey_mem( data, format, pkey var )

Given EVP PKEY information in the given format, parse and load the public key from it and return a reference to the internal storage.

 

Parameters:

- data - EVP PKEY text

- format - Format of the EVP PKEY text. Valid values are "pem" and "der"

- pkey - Structure reference to internal storage

 

Return Value:

- 1 on success

- 0 on failure

 

- evp_pkey_derive( privkey var, peer var, key var )

Given structure references to a EVP PKEY structure with a secret key and a peer public key, derive a shared secret key and return the text in "key".

 

Parameters:

- privkey - EVP PKEY structure reference

- peer - EVP PKEY structure reference

- key - Returned text of shared secret key

 

Return Value:

- 1 on success

- 0 on failure

 

 

(0 vote(s))
This article was helpful
This article was not helpful

Comments (0)
Post a new comment
 
 
Full Name:
Email:
Comments:
CAPTCHA Verification 
 
Please enter the text you see in the image into the textbox below. This is required to prevent automated registrations and form submissions.

Help Desk Software by Kayako support.miva.com/supportsuite/index.php?