Announcement

Collapse
No announcement yet.

Miva Empresa 5.27 Has Been Released

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    Miva Empresa 5.27 Has Been Released


    Bugs Fixed
    ----------
    23175: x509_load and x509_create leak an X509 pointer
    23231: Segmentation fault on pkcs7_get_certs after failed pkcs7_load_mem
    23260: evp_pkey_derive does not set error when passed an invalid key [index]
    23267: pkcs7_get_signer_info does not set error when passed an invalid key [index]
    23268: pkcs7_get_certs does not set error when passed an invalid key [index]
    23273: x509_get_extensions does not return 0/false on given an invalid certificate [index]
    23274: x509_get_issuer_name does not return 0/false on given an invalid certificate [index]
    23275: x509_get_pubkey does not set error when passed an invalid key [index]
    23277: x509_get_subject_name does not return 0/false on given an invalid certificate [index]
    23280: x509_load_mem with a previously loaded certificate index and a bad certificate destroys existing certificate, segfaults
    23281: evp_pkey_load_mem with existing certificate, invalid pkey will leave index into invalid pkey array contents.
    23282: x509_create is deprecated, but should still work correctly.
    23331: rsa internal storage inconsistent with x509, pkcs7, etc.
    23428: FunctionParameter name lengths for some parameters incorrect.
    23435: Formatting bug for file: builtins/crypto.cpp
    23579: ISAPI (IIS 6 and earlier) no longer supported due to PCI concerns
    23614: test/t_builtin_crypto: tests on functions using OpenSSL 1.0.X should skip if 0.9.x or 1.1.x
    23618: Unsupported OpenSSL routines need graceful [or more graceful] handling
    23648: pkcs7_verify returns "not enough data" on Cent48, cent39
    23652: Incorrect formatting of "routine is unsupported" error
    23661: crypto functions inserting values into an array need to "free" variable being used, crypto_allocate_X needs to null structure pointer consistently.
    23664: Memory leak with non-closing mvt:callcontinue
    23666: Memory leak in LinkPoint commerce library
    23671: MvSMTP attempts to write to a conection after a TLS handshake failure, resulting in SIGPIPE


    New Builtin Functions
    ---------------------
    - x509_load_mem( cert, x509 var )
    Loads and parses the text of an x509 certificate, and gives a certificate reference that refers to the certificate in internal storage.

    Parameters:
    - cert - Text of the certificate
    - x509 - Certificate reference. On success, this will be neither zero nor null

    Return Value:
    - 1 on success
    - 0 on failure

    - x509_get_subject_name( certref var, subjectname var )
    Return X509 name information for the certificate referred to by the certificate reference.

    Parameters:
    - certref - Certificate reference returned from functions such as x509_load_mem
    - subjectname - Structure with members named for the entry names (e.g., "commonName", "countryName", etc.)

    Return Value:
    - 1 on success
    - 0 on failure

    - x509_get_issuer_name( certref var, issuername var )
    Return X509 issuer information for the certificate referred to by the certificate reference.

    Parameters:
    - certref - Certificate reference returned from functions such as x509_load_mem
    - issuername - Structure with members named for the entry names (e.g., "commonName", "countryName", etc.)

    Return Value:
    - 1 on success
    - 0 on failure

    - x509_get_extensions( certref var, extensions var )
    Return X509 extension information for the certificate referred to by the certificate reference.

    Parameters:
    - certref - Certificate reference returned from functions such as x509_load_mem
    - extensions - Structure with members named for the entry names (e.g., "data", "oid", etc.)

    Return Value:
    - 1 on success
    - 0 on failure

    - x509_digest( x509 var, digestname, digest var )
    Return the digest of the given certificate referred to by the certificate reference, using the specified hash algorithm.

    Parameters:
    - x509 - Certificate reference returned from functions such as x509_load_mem
    - digestname - Hash algorithm name, such as "md5" or "sha256". Supported digest algorithms will vary between OpenSSL installations
    - digest - Hash value of the certificate

    Return Value:
    - 1 on success
    - 0 on failure

    - x509_pubkey_digest( x509 var, digestname, digest var )
    Return the digest of the public key portion of the given certificate referred to by the certificate reference, using the specified hash algorithm.

    Parameters:
    - x509 - Certificate reference returned from functions such as x509_load_mem
    - digestname - Hash algorithm name, such as "md5" or "sha256". Supported digest algorithms will vary between OpenSSL installations
    - digest - Hash value of the public key of the certificate

    Return Value:
    - 1 on success
    - 0 on failure

    - crypto_evp_encrypt_auth( ciphername, key, iv, aad, plaintext, encrypted var, tag var )
    Encrypt the data in "plaintext" using the ciphername, key, and initial vector, returning the encrypted data in "encrypted" and a tag value in "tag" to be used to ensure that the ciphertext and AAD are not tampered with in transit.

    Parameters:
    - ciphername - Name of cipher to use. An example is "aes-256-gcm"
    - key - Key value
    - iv - Initial vector
    - aad - Additional authenticated data
    - plaintext - Plaintext to encrypt
    - encrypted - Resulting encrypted value
    - tag - tag value

    Return Value:
    - 1 on success
    - 0 on failure

    - pkcs7_load_mem( cert, format, pkcs7 var )
    Load a list of PKCS7 structures in the specified format into memory, and return a structure reference that refers to the structure(s) in internal storage.

    Parameters:
    - cert - Text of a list of pkcs7 structures
    - format - Format of the structure(s) passed in. Valid values are "der", "pem", or "pkcs12", with "der" used if the format is missing or any other values are passed
    - pkcs7 - Structure array reference. On success, this will be neither zero nor null

    Return Value:
    - 1 on success
    - 0 on failure

    - pkcs7_get_certs( pkcs7 var, x509s var )
    Given a structure reference such as returned from pkcs7_load_mem, return certificate references for the x509 certificates that are embedded therein.

    Parameters:
    - pkcs7 - Structure reference
    - x509s - Array of x509 certificate references

    Return Value:
    - Count of x509 certificate references returned
    - -1 on failure

    - pkcs7_get_signer_info( pkcs7 var, output var )
    Given a structure reference such as returned from pkcs7_load_mem, return an array of structures containing signer info.

    Parameters:
    - pkcs7 - Structure reference
    - output - Array of structures containing signing information. Each structure will contain members named "version", "issuer", "issuerSerial", "messageDigest" and "signingTime"

    Return Value:
    - Count of array elements returned
    - -1 on failure

    - pkcs7_verify( pkcs7 var, root_x509 var, content )
    Given a pkcs7 structure reference and root x509 certificate reference, verify the pkcs7 structure and the signed content (if provided).

    Parameters:
    - pkcs7 - PKCS7 structure reference
    - root_x509 - Root x509 certificate reference
    - content - Optional content if not present in the PKCS structure

    Return Value:
    - 1 on success
    - 0 on failure

    - pkcs7_free( pkcs7 var )
    Remove a pkcs7 structure from internal memory. The passed pkcs7 structure reference is unchanged on failure (invalid reference) or set to 0 on success.

    Parameters:
    - pkcs7 - PKCS7 structure reference

    Return Value:
    - 1 on success
    - 0 on failure

    - evp_pkey_load_mem( data, format, passphrase, pkey var )
    Given a EVP PKEY structure in the given format and a passphrase, verifies the PKEY structure and stores it in internal storage, and returns a reference to the internal storage.

    Parameters:
    - data - EVP PKEY structure text
    - format - Format of the PKEY structure text. Only "pkcs12" is supported
    - passphrase - Passphrase for the PKEY structure
    - pkey - Structure reference

    Return Value:
    - 1 on success
    - 0 on failure

    - evp_pkey_load_pubkey_mem( data, format, pkey var )
    Given EVP PKEY information in the given format, parse and load the public key from it and return a reference to the internal storage.

    Parameters:
    - data - EVP PKEY text
    - format - Format of the EVP PKEY text. Valid values are "pem" and "der"
    - pkey - Structure reference to internal storage

    Return Value:
    - 1 on success
    - 0 on failure

    - evp_pkey_derive( privkey var, peer var, key var )
    Given structure references to a EVP PKEY structure with a secret key and a peer public key, derive a shared secret key and return the text in "key".

    Parameters:
    - privkey - EVP PKEY structure reference
    - peer - EVP PKEY structure reference
    - key - Returned text of shared secret key

    Return Value:
    - 1 on success
    - 0 on failure
    Brennan Heyde
    VP Product
    Miva, Inc.
    [email protected]
    https://www.miva.com
Working...
X