Sun, 03 Jul 2011 13:13:36 -0700
ssl: Fix indentation (not sure how this happened)
14
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
1 | /*-------------------------------------------------------------------------- |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
2 | * LuaSec 0.4 |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
3 | * Copyright (C) 2006-2009 Bruno Silvestre |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
4 | * |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
5 | *--------------------------------------------------------------------------*/ |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
6 | |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
7 | #include <string.h> |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
8 | |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
9 | #include <openssl/ssl.h> |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
10 | #include <openssl/x509v3.h> |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
11 | #include <openssl/err.h> |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
12 | |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
13 | #include <lua.h> |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
14 | #include <lauxlib.h> |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
15 | |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
16 | #include "io.h" |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
17 | #include "buffer.h" |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
18 | #include "timeout.h" |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
19 | #include "socket.h" |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
20 | #include "ssl.h" |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
21 | #include "x509.h" |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
22 | |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
23 | #define min(a, b) (a<b)?a:b |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
24 | |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
25 | void luasec_push_x509(lua_State* L, X509 *cert) |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
26 | { |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
27 | p_x509 cert_obj = (p_x509) lua_newuserdata(L, sizeof(t_x509)); |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
28 | cert_obj->cert = cert; |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
29 | luaL_getmetatable(L, "SSL:Certificate"); |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
30 | lua_setmetatable(L, -2); |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
31 | } |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
32 | |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
33 | X509* luasec_to_x509(lua_State* L, int idx) |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
34 | { |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
35 | return ((p_x509)luaL_checkudata(L, idx, "SSL:Certificate"))->cert; |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
36 | } |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
37 | |
20
ad5eb4fd28f5
Move asn1 Lua stack helpers to x509.c from ssl.c
Matthew Wild <mwild1@gmail.com>
parents:
18
diff
changeset
|
38 | void luasec_push_asn1_objname(lua_State* L, ASN1_OBJECT *object, int no_name) |
ad5eb4fd28f5
Move asn1 Lua stack helpers to x509.c from ssl.c
Matthew Wild <mwild1@gmail.com>
parents:
18
diff
changeset
|
39 | { |
ad5eb4fd28f5
Move asn1 Lua stack helpers to x509.c from ssl.c
Matthew Wild <mwild1@gmail.com>
parents:
18
diff
changeset
|
40 | char buffer[256]; |
ad5eb4fd28f5
Move asn1 Lua stack helpers to x509.c from ssl.c
Matthew Wild <mwild1@gmail.com>
parents:
18
diff
changeset
|
41 | int len = OBJ_obj2txt(buffer, sizeof(buffer), object, no_name); |
ad5eb4fd28f5
Move asn1 Lua stack helpers to x509.c from ssl.c
Matthew Wild <mwild1@gmail.com>
parents:
18
diff
changeset
|
42 | lua_pushlstring(L, buffer, min(sizeof(buffer),len)); |
ad5eb4fd28f5
Move asn1 Lua stack helpers to x509.c from ssl.c
Matthew Wild <mwild1@gmail.com>
parents:
18
diff
changeset
|
43 | } |
ad5eb4fd28f5
Move asn1 Lua stack helpers to x509.c from ssl.c
Matthew Wild <mwild1@gmail.com>
parents:
18
diff
changeset
|
44 | |
ad5eb4fd28f5
Move asn1 Lua stack helpers to x509.c from ssl.c
Matthew Wild <mwild1@gmail.com>
parents:
18
diff
changeset
|
45 | void luasec_push_asn1_string(lua_State* L, ASN1_STRING *string) |
ad5eb4fd28f5
Move asn1 Lua stack helpers to x509.c from ssl.c
Matthew Wild <mwild1@gmail.com>
parents:
18
diff
changeset
|
46 | { |
32 | 47 | if (string) |
20
ad5eb4fd28f5
Move asn1 Lua stack helpers to x509.c from ssl.c
Matthew Wild <mwild1@gmail.com>
parents:
18
diff
changeset
|
48 | lua_pushlstring(L, (char*)ASN1_STRING_data(string), ASN1_STRING_length(string)); |
ad5eb4fd28f5
Move asn1 Lua stack helpers to x509.c from ssl.c
Matthew Wild <mwild1@gmail.com>
parents:
18
diff
changeset
|
49 | else |
ad5eb4fd28f5
Move asn1 Lua stack helpers to x509.c from ssl.c
Matthew Wild <mwild1@gmail.com>
parents:
18
diff
changeset
|
50 | lua_pushnil(L); |
ad5eb4fd28f5
Move asn1 Lua stack helpers to x509.c from ssl.c
Matthew Wild <mwild1@gmail.com>
parents:
18
diff
changeset
|
51 | } |
ad5eb4fd28f5
Move asn1 Lua stack helpers to x509.c from ssl.c
Matthew Wild <mwild1@gmail.com>
parents:
18
diff
changeset
|
52 | |
ad5eb4fd28f5
Move asn1 Lua stack helpers to x509.c from ssl.c
Matthew Wild <mwild1@gmail.com>
parents:
18
diff
changeset
|
53 | int luasec_push_subtable(lua_State* L, int idx) |
ad5eb4fd28f5
Move asn1 Lua stack helpers to x509.c from ssl.c
Matthew Wild <mwild1@gmail.com>
parents:
18
diff
changeset
|
54 | { |
ad5eb4fd28f5
Move asn1 Lua stack helpers to x509.c from ssl.c
Matthew Wild <mwild1@gmail.com>
parents:
18
diff
changeset
|
55 | |
32 | 56 | lua_pushvalue(L, -1); |
57 | lua_gettable(L, idx-1); | |
20
ad5eb4fd28f5
Move asn1 Lua stack helpers to x509.c from ssl.c
Matthew Wild <mwild1@gmail.com>
parents:
18
diff
changeset
|
58 | |
32 | 59 | if (lua_isnil(L, -1)) |
60 | { | |
61 | lua_pop(L, 1); | |
62 | lua_newtable(L); | |
63 | lua_pushvalue(L, -2); | |
64 | lua_pushvalue(L, -2); | |
65 | lua_settable(L, idx-3); | |
20
ad5eb4fd28f5
Move asn1 Lua stack helpers to x509.c from ssl.c
Matthew Wild <mwild1@gmail.com>
parents:
18
diff
changeset
|
66 | |
32 | 67 | lua_replace(L, -2); /* Replace key with table */ |
68 | return 1; | |
69 | } | |
70 | ||
71 | lua_replace(L, -2); /* Replace key with table */ | |
72 | return 0; | |
20
ad5eb4fd28f5
Move asn1 Lua stack helpers to x509.c from ssl.c
Matthew Wild <mwild1@gmail.com>
parents:
18
diff
changeset
|
73 | } |
ad5eb4fd28f5
Move asn1 Lua stack helpers to x509.c from ssl.c
Matthew Wild <mwild1@gmail.com>
parents:
18
diff
changeset
|
74 | |
23
20528cb40c4a
x509: Add :issuer() method, change returned format for both :subject() and :issuer() to preserve order
Matthew Wild <mwild1@gmail.com>
parents:
22
diff
changeset
|
75 | void luasec_push_x509_name(lua_State* L, X509_NAME *name) |
14
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
76 | { |
22
c4452dfd6ade
x509: Split :decode() method into two methods, :subject() and :extensions()
Matthew Wild <mwild1@gmail.com>
parents:
20
diff
changeset
|
77 | int i, n_entries; |
23
20528cb40c4a
x509: Add :issuer() method, change returned format for both :subject() and :issuer() to preserve order
Matthew Wild <mwild1@gmail.com>
parents:
22
diff
changeset
|
78 | lua_newtable(L); |
20528cb40c4a
x509: Add :issuer() method, change returned format for both :subject() and :issuer() to preserve order
Matthew Wild <mwild1@gmail.com>
parents:
22
diff
changeset
|
79 | n_entries = X509_NAME_entry_count(name); |
14
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
80 | |
32 | 81 | for (i = 0; i < n_entries; i++) |
14
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
82 | { |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
83 | X509_NAME_ENTRY *entry; |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
84 | ASN1_OBJECT *object; |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
85 | |
23
20528cb40c4a
x509: Add :issuer() method, change returned format for both :subject() and :issuer() to preserve order
Matthew Wild <mwild1@gmail.com>
parents:
22
diff
changeset
|
86 | entry = X509_NAME_get_entry(name, i); |
14
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
87 | object = X509_NAME_ENTRY_get_object(entry); |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
88 | |
22
c4452dfd6ade
x509: Split :decode() method into two methods, :subject() and :extensions()
Matthew Wild <mwild1@gmail.com>
parents:
20
diff
changeset
|
89 | lua_newtable(L); |
14
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
90 | |
22
c4452dfd6ade
x509: Split :decode() method into two methods, :subject() and :extensions()
Matthew Wild <mwild1@gmail.com>
parents:
20
diff
changeset
|
91 | luasec_push_asn1_objname(L, object, 1); |
c4452dfd6ade
x509: Split :decode() method into two methods, :subject() and :extensions()
Matthew Wild <mwild1@gmail.com>
parents:
20
diff
changeset
|
92 | lua_setfield(L, -2, "oid"); |
c4452dfd6ade
x509: Split :decode() method into two methods, :subject() and :extensions()
Matthew Wild <mwild1@gmail.com>
parents:
20
diff
changeset
|
93 | |
c4452dfd6ade
x509: Split :decode() method into two methods, :subject() and :extensions()
Matthew Wild <mwild1@gmail.com>
parents:
20
diff
changeset
|
94 | luasec_push_asn1_objname(L, object, 0); |
c4452dfd6ade
x509: Split :decode() method into two methods, :subject() and :extensions()
Matthew Wild <mwild1@gmail.com>
parents:
20
diff
changeset
|
95 | lua_setfield(L, -2, "name"); |
14
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
96 | |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
97 | luasec_push_asn1_string(L, X509_NAME_ENTRY_get_data(entry)); |
22
c4452dfd6ade
x509: Split :decode() method into two methods, :subject() and :extensions()
Matthew Wild <mwild1@gmail.com>
parents:
20
diff
changeset
|
98 | lua_setfield(L, -2, "value"); |
c4452dfd6ade
x509: Split :decode() method into two methods, :subject() and :extensions()
Matthew Wild <mwild1@gmail.com>
parents:
20
diff
changeset
|
99 | |
14
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
100 | lua_rawseti(L, -2, lua_objlen(L, -2)+1); |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
101 | |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
102 | } |
23
20528cb40c4a
x509: Add :issuer() method, change returned format for both :subject() and :issuer() to preserve order
Matthew Wild <mwild1@gmail.com>
parents:
22
diff
changeset
|
103 | } |
20528cb40c4a
x509: Add :issuer() method, change returned format for both :subject() and :issuer() to preserve order
Matthew Wild <mwild1@gmail.com>
parents:
22
diff
changeset
|
104 | |
20528cb40c4a
x509: Add :issuer() method, change returned format for both :subject() and :issuer() to preserve order
Matthew Wild <mwild1@gmail.com>
parents:
22
diff
changeset
|
105 | |
20528cb40c4a
x509: Add :issuer() method, change returned format for both :subject() and :issuer() to preserve order
Matthew Wild <mwild1@gmail.com>
parents:
22
diff
changeset
|
106 | int meth_subject(lua_State* L) |
20528cb40c4a
x509: Add :issuer() method, change returned format for both :subject() and :issuer() to preserve order
Matthew Wild <mwild1@gmail.com>
parents:
22
diff
changeset
|
107 | { |
20528cb40c4a
x509: Add :issuer() method, change returned format for both :subject() and :issuer() to preserve order
Matthew Wild <mwild1@gmail.com>
parents:
22
diff
changeset
|
108 | luasec_push_x509_name(L, X509_get_subject_name(luasec_to_x509(L, 1))); |
20528cb40c4a
x509: Add :issuer() method, change returned format for both :subject() and :issuer() to preserve order
Matthew Wild <mwild1@gmail.com>
parents:
22
diff
changeset
|
109 | return 1; |
20528cb40c4a
x509: Add :issuer() method, change returned format for both :subject() and :issuer() to preserve order
Matthew Wild <mwild1@gmail.com>
parents:
22
diff
changeset
|
110 | } |
20528cb40c4a
x509: Add :issuer() method, change returned format for both :subject() and :issuer() to preserve order
Matthew Wild <mwild1@gmail.com>
parents:
22
diff
changeset
|
111 | |
20528cb40c4a
x509: Add :issuer() method, change returned format for both :subject() and :issuer() to preserve order
Matthew Wild <mwild1@gmail.com>
parents:
22
diff
changeset
|
112 | int meth_issuer(lua_State* L) |
20528cb40c4a
x509: Add :issuer() method, change returned format for both :subject() and :issuer() to preserve order
Matthew Wild <mwild1@gmail.com>
parents:
22
diff
changeset
|
113 | { |
20528cb40c4a
x509: Add :issuer() method, change returned format for both :subject() and :issuer() to preserve order
Matthew Wild <mwild1@gmail.com>
parents:
22
diff
changeset
|
114 | luasec_push_x509_name(L, X509_get_issuer_name(luasec_to_x509(L, 1))); |
22
c4452dfd6ade
x509: Split :decode() method into two methods, :subject() and :extensions()
Matthew Wild <mwild1@gmail.com>
parents:
20
diff
changeset
|
115 | return 1; |
c4452dfd6ade
x509: Split :decode() method into two methods, :subject() and :extensions()
Matthew Wild <mwild1@gmail.com>
parents:
20
diff
changeset
|
116 | } |
14
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
117 | |
22
c4452dfd6ade
x509: Split :decode() method into two methods, :subject() and :extensions()
Matthew Wild <mwild1@gmail.com>
parents:
20
diff
changeset
|
118 | int meth_extensions(lua_State* L) |
c4452dfd6ade
x509: Split :decode() method into two methods, :subject() and :extensions()
Matthew Wild <mwild1@gmail.com>
parents:
20
diff
changeset
|
119 | { |
c4452dfd6ade
x509: Split :decode() method into two methods, :subject() and :extensions()
Matthew Wild <mwild1@gmail.com>
parents:
20
diff
changeset
|
120 | X509 *peer; |
c4452dfd6ade
x509: Split :decode() method into two methods, :subject() and :extensions()
Matthew Wild <mwild1@gmail.com>
parents:
20
diff
changeset
|
121 | int i, j; |
14
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
122 | |
22
c4452dfd6ade
x509: Split :decode() method into two methods, :subject() and :extensions()
Matthew Wild <mwild1@gmail.com>
parents:
20
diff
changeset
|
123 | peer = luasec_to_x509(L, 1); |
c4452dfd6ade
x509: Split :decode() method into two methods, :subject() and :extensions()
Matthew Wild <mwild1@gmail.com>
parents:
20
diff
changeset
|
124 | |
c4452dfd6ade
x509: Split :decode() method into two methods, :subject() and :extensions()
Matthew Wild <mwild1@gmail.com>
parents:
20
diff
changeset
|
125 | lua_newtable(L); /* ret */ |
14
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
126 | |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
127 | i = -1; |
32 | 128 | while ((i = X509_get_ext_by_NID(peer, NID_subject_alt_name, i)) != -1) |
14
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
129 | { |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
130 | X509_EXTENSION *extension; |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
131 | STACK_OF(GENERAL_NAME) *values; |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
132 | int n_general_names; |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
133 | |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
134 | extension = X509_get_ext(peer, i); |
32 | 135 | if (extension == NULL) |
14
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
136 | break; |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
137 | |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
138 | values = X509V3_EXT_d2i(extension); |
32 | 139 | if (values == NULL) |
14
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
140 | break; |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
141 | |
22
c4452dfd6ade
x509: Split :decode() method into two methods, :subject() and :extensions()
Matthew Wild <mwild1@gmail.com>
parents:
20
diff
changeset
|
142 | /* Push ret[oid] */ |
14
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
143 | luasec_push_asn1_objname(L, extension->object, 1); |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
144 | luasec_push_subtable(L, -2); |
22
c4452dfd6ade
x509: Split :decode() method into two methods, :subject() and :extensions()
Matthew Wild <mwild1@gmail.com>
parents:
20
diff
changeset
|
145 | /* Set ret[oid].name = name */ |
14
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
146 | luasec_push_asn1_objname(L, extension->object, 0); |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
147 | lua_setfield(L, -2, "name"); |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
148 | |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
149 | n_general_names = sk_GENERAL_NAME_num(values); |
32 | 150 | for (j = 0; j < n_general_names; j++) |
14
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
151 | { |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
152 | GENERAL_NAME *general_name; |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
153 | |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
154 | general_name = sk_GENERAL_NAME_value(values, j); |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
155 | |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
156 | switch(general_name->type) |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
157 | { |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
158 | case GEN_OTHERNAME: |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
159 | { |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
160 | OTHERNAME *otherName = general_name->d.otherName; |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
161 | |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
162 | luasec_push_asn1_objname(L, otherName->type_id, 1); |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
163 | |
32 | 164 | if (luasec_push_subtable(L, -2)) |
14
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
165 | { |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
166 | luasec_push_asn1_objname(L, otherName->type_id, 0); |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
167 | lua_setfield(L, -2, "name"); |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
168 | } |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
169 | |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
170 | luasec_push_asn1_string(L, otherName->value->value.asn1_string); |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
171 | lua_rawseti(L, -2, lua_objlen(L, -2)+1); |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
172 | |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
173 | lua_pop(L, 1); |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
174 | break; |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
175 | } |
33
cc36229b3be1
x509: Flesh out the SAN types
Paul Aurich <paul@darkrain42.org>
parents:
32
diff
changeset
|
176 | case GEN_EMAIL: |
cc36229b3be1
x509: Flesh out the SAN types
Paul Aurich <paul@darkrain42.org>
parents:
32
diff
changeset
|
177 | lua_pushstring(L, "rfc822Name"); |
cc36229b3be1
x509: Flesh out the SAN types
Paul Aurich <paul@darkrain42.org>
parents:
32
diff
changeset
|
178 | luasec_push_subtable(L, -2); |
cc36229b3be1
x509: Flesh out the SAN types
Paul Aurich <paul@darkrain42.org>
parents:
32
diff
changeset
|
179 | luasec_push_asn1_string(L, general_name->d.rfc822Name); |
cc36229b3be1
x509: Flesh out the SAN types
Paul Aurich <paul@darkrain42.org>
parents:
32
diff
changeset
|
180 | lua_rawseti(L, -2, lua_objlen(L, -2)+1); |
cc36229b3be1
x509: Flesh out the SAN types
Paul Aurich <paul@darkrain42.org>
parents:
32
diff
changeset
|
181 | lua_pop(L, 1); |
cc36229b3be1
x509: Flesh out the SAN types
Paul Aurich <paul@darkrain42.org>
parents:
32
diff
changeset
|
182 | break; |
14
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
183 | case GEN_DNS: |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
184 | lua_pushstring(L, "dNSName"); |
32 | 185 | luasec_push_subtable(L, -2); |
14
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
186 | luasec_push_asn1_string(L, general_name->d.dNSName); |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
187 | lua_rawseti(L, -2, lua_objlen(L, -2)+1); |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
188 | lua_pop(L, 1); |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
189 | break; |
33
cc36229b3be1
x509: Flesh out the SAN types
Paul Aurich <paul@darkrain42.org>
parents:
32
diff
changeset
|
190 | case GEN_X400: |
cc36229b3be1
x509: Flesh out the SAN types
Paul Aurich <paul@darkrain42.org>
parents:
32
diff
changeset
|
191 | /* x400Address */ |
cc36229b3be1
x509: Flesh out the SAN types
Paul Aurich <paul@darkrain42.org>
parents:
32
diff
changeset
|
192 | break; |
cc36229b3be1
x509: Flesh out the SAN types
Paul Aurich <paul@darkrain42.org>
parents:
32
diff
changeset
|
193 | case GEN_DIRNAME: |
cc36229b3be1
x509: Flesh out the SAN types
Paul Aurich <paul@darkrain42.org>
parents:
32
diff
changeset
|
194 | /* directoryName */ |
cc36229b3be1
x509: Flesh out the SAN types
Paul Aurich <paul@darkrain42.org>
parents:
32
diff
changeset
|
195 | break; |
cc36229b3be1
x509: Flesh out the SAN types
Paul Aurich <paul@darkrain42.org>
parents:
32
diff
changeset
|
196 | case GEN_EDIPARTY: |
cc36229b3be1
x509: Flesh out the SAN types
Paul Aurich <paul@darkrain42.org>
parents:
32
diff
changeset
|
197 | /* ediPartyName */ |
cc36229b3be1
x509: Flesh out the SAN types
Paul Aurich <paul@darkrain42.org>
parents:
32
diff
changeset
|
198 | break; |
cc36229b3be1
x509: Flesh out the SAN types
Paul Aurich <paul@darkrain42.org>
parents:
32
diff
changeset
|
199 | case GEN_URI: |
cc36229b3be1
x509: Flesh out the SAN types
Paul Aurich <paul@darkrain42.org>
parents:
32
diff
changeset
|
200 | lua_pushstring(L, "uniformResourceIdentifier"); |
cc36229b3be1
x509: Flesh out the SAN types
Paul Aurich <paul@darkrain42.org>
parents:
32
diff
changeset
|
201 | luasec_push_subtable(L, -2); |
cc36229b3be1
x509: Flesh out the SAN types
Paul Aurich <paul@darkrain42.org>
parents:
32
diff
changeset
|
202 | luasec_push_asn1_string(L, general_name->d.uniformResourceIdentifier); |
cc36229b3be1
x509: Flesh out the SAN types
Paul Aurich <paul@darkrain42.org>
parents:
32
diff
changeset
|
203 | lua_rawseti(L, -2, lua_objlen(L, -2)+1); |
cc36229b3be1
x509: Flesh out the SAN types
Paul Aurich <paul@darkrain42.org>
parents:
32
diff
changeset
|
204 | lua_pop(L, 1); |
cc36229b3be1
x509: Flesh out the SAN types
Paul Aurich <paul@darkrain42.org>
parents:
32
diff
changeset
|
205 | break; |
cc36229b3be1
x509: Flesh out the SAN types
Paul Aurich <paul@darkrain42.org>
parents:
32
diff
changeset
|
206 | case GEN_IPADD: |
cc36229b3be1
x509: Flesh out the SAN types
Paul Aurich <paul@darkrain42.org>
parents:
32
diff
changeset
|
207 | lua_pushstring(L, "iPAddress"); |
cc36229b3be1
x509: Flesh out the SAN types
Paul Aurich <paul@darkrain42.org>
parents:
32
diff
changeset
|
208 | luasec_push_subtable(L, -2); |
cc36229b3be1
x509: Flesh out the SAN types
Paul Aurich <paul@darkrain42.org>
parents:
32
diff
changeset
|
209 | luasec_push_asn1_string(L, general_name->d.iPAddress); |
cc36229b3be1
x509: Flesh out the SAN types
Paul Aurich <paul@darkrain42.org>
parents:
32
diff
changeset
|
210 | lua_rawseti(L, -2, lua_objlen(L, -2)+1); |
cc36229b3be1
x509: Flesh out the SAN types
Paul Aurich <paul@darkrain42.org>
parents:
32
diff
changeset
|
211 | lua_pop(L, 1); |
cc36229b3be1
x509: Flesh out the SAN types
Paul Aurich <paul@darkrain42.org>
parents:
32
diff
changeset
|
212 | break; |
cc36229b3be1
x509: Flesh out the SAN types
Paul Aurich <paul@darkrain42.org>
parents:
32
diff
changeset
|
213 | case GEN_RID: |
cc36229b3be1
x509: Flesh out the SAN types
Paul Aurich <paul@darkrain42.org>
parents:
32
diff
changeset
|
214 | /* registeredID */ |
cc36229b3be1
x509: Flesh out the SAN types
Paul Aurich <paul@darkrain42.org>
parents:
32
diff
changeset
|
215 | break; |
14
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
216 | default: |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
217 | break; |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
218 | } |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
219 | } |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
220 | |
22
c4452dfd6ade
x509: Split :decode() method into two methods, :subject() and :extensions()
Matthew Wild <mwild1@gmail.com>
parents:
20
diff
changeset
|
221 | lua_pop(L, 1); /* ret[oid] */ |
14
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
222 | i++; /* Next extension */ |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
223 | } |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
224 | return 1; |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
225 | } |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
226 | |
24
bbf12f9be71c
x509: Add :valid_at() method to discover whether a certificate would be valid at the given timestamp
Matthew Wild <mwild1@gmail.com>
parents:
23
diff
changeset
|
227 | int meth_valid_at(lua_State* L) |
bbf12f9be71c
x509: Add :valid_at() method to discover whether a certificate would be valid at the given timestamp
Matthew Wild <mwild1@gmail.com>
parents:
23
diff
changeset
|
228 | { |
bbf12f9be71c
x509: Add :valid_at() method to discover whether a certificate would be valid at the given timestamp
Matthew Wild <mwild1@gmail.com>
parents:
23
diff
changeset
|
229 | X509* cert = luasec_to_x509(L, 1); |
bbf12f9be71c
x509: Add :valid_at() method to discover whether a certificate would be valid at the given timestamp
Matthew Wild <mwild1@gmail.com>
parents:
23
diff
changeset
|
230 | time_t time = luaL_checkinteger(L, 2); |
27
3e0325d39a61
x509: valid_at matches "not after" and "not before"
Paul Aurich <paul@darkrain42.org>
parents:
26
diff
changeset
|
231 | lua_pushboolean(L, (X509_cmp_time(X509_get_notAfter(cert), &time) >= 0 |
3e0325d39a61
x509: valid_at matches "not after" and "not before"
Paul Aurich <paul@darkrain42.org>
parents:
26
diff
changeset
|
232 | && X509_cmp_time(X509_get_notBefore(cert), &time) <= 0)); |
24
bbf12f9be71c
x509: Add :valid_at() method to discover whether a certificate would be valid at the given timestamp
Matthew Wild <mwild1@gmail.com>
parents:
23
diff
changeset
|
233 | return 1; |
bbf12f9be71c
x509: Add :valid_at() method to discover whether a certificate would be valid at the given timestamp
Matthew Wild <mwild1@gmail.com>
parents:
23
diff
changeset
|
234 | } |
bbf12f9be71c
x509: Add :valid_at() method to discover whether a certificate would be valid at the given timestamp
Matthew Wild <mwild1@gmail.com>
parents:
23
diff
changeset
|
235 | |
16
0cefcdd5b635
Add :pem() method to certificates
Matthew Wild <mwild1@gmail.com>
parents:
15
diff
changeset
|
236 | int meth_pem(lua_State* L) |
0cefcdd5b635
Add :pem() method to certificates
Matthew Wild <mwild1@gmail.com>
parents:
15
diff
changeset
|
237 | { |
0cefcdd5b635
Add :pem() method to certificates
Matthew Wild <mwild1@gmail.com>
parents:
15
diff
changeset
|
238 | X509* cert = luasec_to_x509(L, 1); |
0cefcdd5b635
Add :pem() method to certificates
Matthew Wild <mwild1@gmail.com>
parents:
15
diff
changeset
|
239 | BIO *bio = BIO_new(BIO_s_mem()); |
0cefcdd5b635
Add :pem() method to certificates
Matthew Wild <mwild1@gmail.com>
parents:
15
diff
changeset
|
240 | char* data; long bytes; |
32 | 241 | if (!PEM_write_bio_X509(bio, cert)) |
16
0cefcdd5b635
Add :pem() method to certificates
Matthew Wild <mwild1@gmail.com>
parents:
15
diff
changeset
|
242 | { |
0cefcdd5b635
Add :pem() method to certificates
Matthew Wild <mwild1@gmail.com>
parents:
15
diff
changeset
|
243 | lua_pushnil(L); |
0cefcdd5b635
Add :pem() method to certificates
Matthew Wild <mwild1@gmail.com>
parents:
15
diff
changeset
|
244 | return 1; |
0cefcdd5b635
Add :pem() method to certificates
Matthew Wild <mwild1@gmail.com>
parents:
15
diff
changeset
|
245 | } |
0cefcdd5b635
Add :pem() method to certificates
Matthew Wild <mwild1@gmail.com>
parents:
15
diff
changeset
|
246 | bytes = BIO_get_mem_data(bio, &data); |
32 | 247 | if (bytes > 0) |
16
0cefcdd5b635
Add :pem() method to certificates
Matthew Wild <mwild1@gmail.com>
parents:
15
diff
changeset
|
248 | lua_pushlstring(L, data, bytes); |
0cefcdd5b635
Add :pem() method to certificates
Matthew Wild <mwild1@gmail.com>
parents:
15
diff
changeset
|
249 | else |
0cefcdd5b635
Add :pem() method to certificates
Matthew Wild <mwild1@gmail.com>
parents:
15
diff
changeset
|
250 | lua_pushnil(L); |
0cefcdd5b635
Add :pem() method to certificates
Matthew Wild <mwild1@gmail.com>
parents:
15
diff
changeset
|
251 | BIO_free(bio); |
0cefcdd5b635
Add :pem() method to certificates
Matthew Wild <mwild1@gmail.com>
parents:
15
diff
changeset
|
252 | return 1; |
0cefcdd5b635
Add :pem() method to certificates
Matthew Wild <mwild1@gmail.com>
parents:
15
diff
changeset
|
253 | } |
0cefcdd5b635
Add :pem() method to certificates
Matthew Wild <mwild1@gmail.com>
parents:
15
diff
changeset
|
254 | |
17
4e3da35cc9ab
x509: Add :digest() method to return cert sha1 fingerprint
Matthew Wild <mwild1@gmail.com>
parents:
16
diff
changeset
|
255 | const char* hex_tab = "0123456789abcdef"; |
4e3da35cc9ab
x509: Add :digest() method to return cert sha1 fingerprint
Matthew Wild <mwild1@gmail.com>
parents:
16
diff
changeset
|
256 | void to_hex(const char* in, int length, char* out) { |
4e3da35cc9ab
x509: Add :digest() method to return cert sha1 fingerprint
Matthew Wild <mwild1@gmail.com>
parents:
16
diff
changeset
|
257 | int i; |
4e3da35cc9ab
x509: Add :digest() method to return cert sha1 fingerprint
Matthew Wild <mwild1@gmail.com>
parents:
16
diff
changeset
|
258 | for (i = 0; i < length; i++) { |
4e3da35cc9ab
x509: Add :digest() method to return cert sha1 fingerprint
Matthew Wild <mwild1@gmail.com>
parents:
16
diff
changeset
|
259 | out[i*2] = hex_tab[(in[i] >> 4) & 0xF]; |
4e3da35cc9ab
x509: Add :digest() method to return cert sha1 fingerprint
Matthew Wild <mwild1@gmail.com>
parents:
16
diff
changeset
|
260 | out[i*2+1] = hex_tab[(in[i]) & 0xF]; |
4e3da35cc9ab
x509: Add :digest() method to return cert sha1 fingerprint
Matthew Wild <mwild1@gmail.com>
parents:
16
diff
changeset
|
261 | } |
4e3da35cc9ab
x509: Add :digest() method to return cert sha1 fingerprint
Matthew Wild <mwild1@gmail.com>
parents:
16
diff
changeset
|
262 | } |
4e3da35cc9ab
x509: Add :digest() method to return cert sha1 fingerprint
Matthew Wild <mwild1@gmail.com>
parents:
16
diff
changeset
|
263 | |
4e3da35cc9ab
x509: Add :digest() method to return cert sha1 fingerprint
Matthew Wild <mwild1@gmail.com>
parents:
16
diff
changeset
|
264 | int meth_digest(lua_State* L) |
4e3da35cc9ab
x509: Add :digest() method to return cert sha1 fingerprint
Matthew Wild <mwild1@gmail.com>
parents:
16
diff
changeset
|
265 | { |
4e3da35cc9ab
x509: Add :digest() method to return cert sha1 fingerprint
Matthew Wild <mwild1@gmail.com>
parents:
16
diff
changeset
|
266 | X509 *cert; |
4e3da35cc9ab
x509: Add :digest() method to return cert sha1 fingerprint
Matthew Wild <mwild1@gmail.com>
parents:
16
diff
changeset
|
267 | unsigned int bytes; |
4e3da35cc9ab
x509: Add :digest() method to return cert sha1 fingerprint
Matthew Wild <mwild1@gmail.com>
parents:
16
diff
changeset
|
268 | unsigned char buffer[EVP_MAX_MD_SIZE]; |
4e3da35cc9ab
x509: Add :digest() method to return cert sha1 fingerprint
Matthew Wild <mwild1@gmail.com>
parents:
16
diff
changeset
|
269 | char hex_buffer[EVP_MAX_MD_SIZE*2]; |
4e3da35cc9ab
x509: Add :digest() method to return cert sha1 fingerprint
Matthew Wild <mwild1@gmail.com>
parents:
16
diff
changeset
|
270 | const EVP_MD *digest; |
4e3da35cc9ab
x509: Add :digest() method to return cert sha1 fingerprint
Matthew Wild <mwild1@gmail.com>
parents:
16
diff
changeset
|
271 | cert = luasec_to_x509(L, 1); |
35
4994321eae31
x509.c: Fix parameter index to cert:digest()
Matthew Wild <mwild1@gmail.com>
parents:
33
diff
changeset
|
272 | if (lua_gettop(L) < 2 || strcmp(luaL_checkstring(L, 2), "sha1") == 0) |
17
4e3da35cc9ab
x509: Add :digest() method to return cert sha1 fingerprint
Matthew Wild <mwild1@gmail.com>
parents:
16
diff
changeset
|
273 | { |
4e3da35cc9ab
x509: Add :digest() method to return cert sha1 fingerprint
Matthew Wild <mwild1@gmail.com>
parents:
16
diff
changeset
|
274 | digest = EVP_sha1(); |
4e3da35cc9ab
x509: Add :digest() method to return cert sha1 fingerprint
Matthew Wild <mwild1@gmail.com>
parents:
16
diff
changeset
|
275 | } |
4e3da35cc9ab
x509: Add :digest() method to return cert sha1 fingerprint
Matthew Wild <mwild1@gmail.com>
parents:
16
diff
changeset
|
276 | else |
4e3da35cc9ab
x509: Add :digest() method to return cert sha1 fingerprint
Matthew Wild <mwild1@gmail.com>
parents:
16
diff
changeset
|
277 | { |
4e3da35cc9ab
x509: Add :digest() method to return cert sha1 fingerprint
Matthew Wild <mwild1@gmail.com>
parents:
16
diff
changeset
|
278 | lua_pushnil(L); |
4e3da35cc9ab
x509: Add :digest() method to return cert sha1 fingerprint
Matthew Wild <mwild1@gmail.com>
parents:
16
diff
changeset
|
279 | lua_pushstring(L, "digest algorithm not supported"); |
4e3da35cc9ab
x509: Add :digest() method to return cert sha1 fingerprint
Matthew Wild <mwild1@gmail.com>
parents:
16
diff
changeset
|
280 | return 2; |
4e3da35cc9ab
x509: Add :digest() method to return cert sha1 fingerprint
Matthew Wild <mwild1@gmail.com>
parents:
16
diff
changeset
|
281 | } |
32 | 282 | if (!X509_digest(cert, digest, buffer, &bytes)) |
17
4e3da35cc9ab
x509: Add :digest() method to return cert sha1 fingerprint
Matthew Wild <mwild1@gmail.com>
parents:
16
diff
changeset
|
283 | { |
4e3da35cc9ab
x509: Add :digest() method to return cert sha1 fingerprint
Matthew Wild <mwild1@gmail.com>
parents:
16
diff
changeset
|
284 | lua_pushnil(L); |
4e3da35cc9ab
x509: Add :digest() method to return cert sha1 fingerprint
Matthew Wild <mwild1@gmail.com>
parents:
16
diff
changeset
|
285 | lua_pushstring(L, "out of memory"); |
4e3da35cc9ab
x509: Add :digest() method to return cert sha1 fingerprint
Matthew Wild <mwild1@gmail.com>
parents:
16
diff
changeset
|
286 | return 2; |
4e3da35cc9ab
x509: Add :digest() method to return cert sha1 fingerprint
Matthew Wild <mwild1@gmail.com>
parents:
16
diff
changeset
|
287 | } |
4e3da35cc9ab
x509: Add :digest() method to return cert sha1 fingerprint
Matthew Wild <mwild1@gmail.com>
parents:
16
diff
changeset
|
288 | to_hex((char*)buffer, bytes, hex_buffer); |
4e3da35cc9ab
x509: Add :digest() method to return cert sha1 fingerprint
Matthew Wild <mwild1@gmail.com>
parents:
16
diff
changeset
|
289 | lua_pushlstring(L, hex_buffer, bytes*2); |
4e3da35cc9ab
x509: Add :digest() method to return cert sha1 fingerprint
Matthew Wild <mwild1@gmail.com>
parents:
16
diff
changeset
|
290 | return 1; |
4e3da35cc9ab
x509: Add :digest() method to return cert sha1 fingerprint
Matthew Wild <mwild1@gmail.com>
parents:
16
diff
changeset
|
291 | } |
4e3da35cc9ab
x509: Add :digest() method to return cert sha1 fingerprint
Matthew Wild <mwild1@gmail.com>
parents:
16
diff
changeset
|
292 | |
25
4bc25168aa1c
x509: Add __gc to free X509 object on destruction
Matthew Wild <mwild1@gmail.com>
parents:
24
diff
changeset
|
293 | int meth_destroy(lua_State* L) |
4bc25168aa1c
x509: Add __gc to free X509 object on destruction
Matthew Wild <mwild1@gmail.com>
parents:
24
diff
changeset
|
294 | { |
4bc25168aa1c
x509: Add __gc to free X509 object on destruction
Matthew Wild <mwild1@gmail.com>
parents:
24
diff
changeset
|
295 | X509_free(luasec_to_x509(L, 1)); |
4bc25168aa1c
x509: Add __gc to free X509 object on destruction
Matthew Wild <mwild1@gmail.com>
parents:
24
diff
changeset
|
296 | return 0; |
4bc25168aa1c
x509: Add __gc to free X509 object on destruction
Matthew Wild <mwild1@gmail.com>
parents:
24
diff
changeset
|
297 | } |
4bc25168aa1c
x509: Add __gc to free X509 object on destruction
Matthew Wild <mwild1@gmail.com>
parents:
24
diff
changeset
|
298 | |
31
87625285de20
ssl.core: Add __tostring metamethod
Paul Aurich <paul@darkrain42.org>
parents:
29
diff
changeset
|
299 | int meth_tostring(lua_State *L) |
87625285de20
ssl.core: Add __tostring metamethod
Paul Aurich <paul@darkrain42.org>
parents:
29
diff
changeset
|
300 | { |
87625285de20
ssl.core: Add __tostring metamethod
Paul Aurich <paul@darkrain42.org>
parents:
29
diff
changeset
|
301 | X509 *cert = luasec_to_x509(L, 1); |
87625285de20
ssl.core: Add __tostring metamethod
Paul Aurich <paul@darkrain42.org>
parents:
29
diff
changeset
|
302 | lua_pushfstring(L, "X509 certificate: %p", cert); |
87625285de20
ssl.core: Add __tostring metamethod
Paul Aurich <paul@darkrain42.org>
parents:
29
diff
changeset
|
303 | return 1; |
87625285de20
ssl.core: Add __tostring metamethod
Paul Aurich <paul@darkrain42.org>
parents:
29
diff
changeset
|
304 | } |
87625285de20
ssl.core: Add __tostring metamethod
Paul Aurich <paul@darkrain42.org>
parents:
29
diff
changeset
|
305 | |
26
bbff42d46512
x509: Add ssl.cert_from_pem()
Matthew Wild <mwild1@gmail.com>
parents:
25
diff
changeset
|
306 | int cert_from_pem(lua_State* L) |
bbff42d46512
x509: Add ssl.cert_from_pem()
Matthew Wild <mwild1@gmail.com>
parents:
25
diff
changeset
|
307 | { |
bbff42d46512
x509: Add ssl.cert_from_pem()
Matthew Wild <mwild1@gmail.com>
parents:
25
diff
changeset
|
308 | X509 *cert; |
bbff42d46512
x509: Add ssl.cert_from_pem()
Matthew Wild <mwild1@gmail.com>
parents:
25
diff
changeset
|
309 | BIO *bio = BIO_new(BIO_s_mem()); |
bbff42d46512
x509: Add ssl.cert_from_pem()
Matthew Wild <mwild1@gmail.com>
parents:
25
diff
changeset
|
310 | const char* data; size_t bytes; |
bbff42d46512
x509: Add ssl.cert_from_pem()
Matthew Wild <mwild1@gmail.com>
parents:
25
diff
changeset
|
311 | data = luaL_checklstring(L, 1, &bytes); |
bbff42d46512
x509: Add ssl.cert_from_pem()
Matthew Wild <mwild1@gmail.com>
parents:
25
diff
changeset
|
312 | BIO_write(bio, data, bytes); |
bbff42d46512
x509: Add ssl.cert_from_pem()
Matthew Wild <mwild1@gmail.com>
parents:
25
diff
changeset
|
313 | cert = PEM_read_bio_X509(bio, NULL, NULL, NULL); |
32 | 314 | if (cert) |
26
bbff42d46512
x509: Add ssl.cert_from_pem()
Matthew Wild <mwild1@gmail.com>
parents:
25
diff
changeset
|
315 | luasec_push_x509(L, cert); |
bbff42d46512
x509: Add ssl.cert_from_pem()
Matthew Wild <mwild1@gmail.com>
parents:
25
diff
changeset
|
316 | else |
bbff42d46512
x509: Add ssl.cert_from_pem()
Matthew Wild <mwild1@gmail.com>
parents:
25
diff
changeset
|
317 | lua_pushnil(L); |
bbff42d46512
x509: Add ssl.cert_from_pem()
Matthew Wild <mwild1@gmail.com>
parents:
25
diff
changeset
|
318 | BIO_free(bio); |
bbff42d46512
x509: Add ssl.cert_from_pem()
Matthew Wild <mwild1@gmail.com>
parents:
25
diff
changeset
|
319 | return 1; |
bbff42d46512
x509: Add ssl.cert_from_pem()
Matthew Wild <mwild1@gmail.com>
parents:
25
diff
changeset
|
320 | } |
bbff42d46512
x509: Add ssl.cert_from_pem()
Matthew Wild <mwild1@gmail.com>
parents:
25
diff
changeset
|
321 | |
14
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
322 | /** |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
323 | * Certificate metamethods |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
324 | */ |
31
87625285de20
ssl.core: Add __tostring metamethod
Paul Aurich <paul@darkrain42.org>
parents:
29
diff
changeset
|
325 | static luaL_Reg methods[] = { |
22
c4452dfd6ade
x509: Split :decode() method into two methods, :subject() and :extensions()
Matthew Wild <mwild1@gmail.com>
parents:
20
diff
changeset
|
326 | {"subject", meth_subject}, |
23
20528cb40c4a
x509: Add :issuer() method, change returned format for both :subject() and :issuer() to preserve order
Matthew Wild <mwild1@gmail.com>
parents:
22
diff
changeset
|
327 | {"issuer", meth_issuer}, |
22
c4452dfd6ade
x509: Split :decode() method into two methods, :subject() and :extensions()
Matthew Wild <mwild1@gmail.com>
parents:
20
diff
changeset
|
328 | {"extensions", meth_extensions}, |
24
bbf12f9be71c
x509: Add :valid_at() method to discover whether a certificate would be valid at the given timestamp
Matthew Wild <mwild1@gmail.com>
parents:
23
diff
changeset
|
329 | {"valid_at", meth_valid_at}, |
18 | 330 | {"pem", meth_pem}, |
331 | {"digest", meth_digest}, | |
332 | {NULL, NULL} | |
14
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
333 | }; |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
334 | |
26
bbff42d46512
x509: Add ssl.cert_from_pem()
Matthew Wild <mwild1@gmail.com>
parents:
25
diff
changeset
|
335 | /** |
bbff42d46512
x509: Add ssl.cert_from_pem()
Matthew Wild <mwild1@gmail.com>
parents:
25
diff
changeset
|
336 | * ssl.x509 functions |
bbff42d46512
x509: Add ssl.cert_from_pem()
Matthew Wild <mwild1@gmail.com>
parents:
25
diff
changeset
|
337 | */ |
bbff42d46512
x509: Add ssl.cert_from_pem()
Matthew Wild <mwild1@gmail.com>
parents:
25
diff
changeset
|
338 | static luaL_Reg funcs[] = { |
bbff42d46512
x509: Add ssl.cert_from_pem()
Matthew Wild <mwild1@gmail.com>
parents:
25
diff
changeset
|
339 | {"cert_from_pem", cert_from_pem}, |
bbff42d46512
x509: Add ssl.cert_from_pem()
Matthew Wild <mwild1@gmail.com>
parents:
25
diff
changeset
|
340 | {NULL, NULL} |
bbff42d46512
x509: Add ssl.cert_from_pem()
Matthew Wild <mwild1@gmail.com>
parents:
25
diff
changeset
|
341 | }; |
bbff42d46512
x509: Add ssl.cert_from_pem()
Matthew Wild <mwild1@gmail.com>
parents:
25
diff
changeset
|
342 | |
31
87625285de20
ssl.core: Add __tostring metamethod
Paul Aurich <paul@darkrain42.org>
parents:
29
diff
changeset
|
343 | /** |
87625285de20
ssl.core: Add __tostring metamethod
Paul Aurich <paul@darkrain42.org>
parents:
29
diff
changeset
|
344 | * Context metamethods. |
87625285de20
ssl.core: Add __tostring metamethod
Paul Aurich <paul@darkrain42.org>
parents:
29
diff
changeset
|
345 | */ |
87625285de20
ssl.core: Add __tostring metamethod
Paul Aurich <paul@darkrain42.org>
parents:
29
diff
changeset
|
346 | static luaL_Reg meta[] = { |
87625285de20
ssl.core: Add __tostring metamethod
Paul Aurich <paul@darkrain42.org>
parents:
29
diff
changeset
|
347 | {"__gc", meth_destroy}, |
87625285de20
ssl.core: Add __tostring metamethod
Paul Aurich <paul@darkrain42.org>
parents:
29
diff
changeset
|
348 | {"__tostring", meth_tostring}, |
87625285de20
ssl.core: Add __tostring metamethod
Paul Aurich <paul@darkrain42.org>
parents:
29
diff
changeset
|
349 | {NULL, NULL} |
87625285de20
ssl.core: Add __tostring metamethod
Paul Aurich <paul@darkrain42.org>
parents:
29
diff
changeset
|
350 | }; |
87625285de20
ssl.core: Add __tostring metamethod
Paul Aurich <paul@darkrain42.org>
parents:
29
diff
changeset
|
351 | |
14
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
352 | LUASEC_API int luaopen_ssl_x509(lua_State *L) |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
353 | { |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
354 | /* Register the functions and tables */ |
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
355 | luaL_newmetatable(L, "SSL:Certificate"); |
31
87625285de20
ssl.core: Add __tostring metamethod
Paul Aurich <paul@darkrain42.org>
parents:
29
diff
changeset
|
356 | luaL_register(L, NULL, meta); |
87625285de20
ssl.core: Add __tostring metamethod
Paul Aurich <paul@darkrain42.org>
parents:
29
diff
changeset
|
357 | |
14
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
358 | lua_newtable(L); |
31
87625285de20
ssl.core: Add __tostring metamethod
Paul Aurich <paul@darkrain42.org>
parents:
29
diff
changeset
|
359 | luaL_register(L, NULL, methods); |
14
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
360 | lua_setfield(L, -2, "__index"); |
26
bbff42d46512
x509: Add ssl.cert_from_pem()
Matthew Wild <mwild1@gmail.com>
parents:
25
diff
changeset
|
361 | |
bbff42d46512
x509: Add ssl.cert_from_pem()
Matthew Wild <mwild1@gmail.com>
parents:
25
diff
changeset
|
362 | luaL_register(L, "ssl.x509", funcs); |
15
f1de983ff659
src/x509.c: Fix compiler warning, return module table
Matthew Wild <mwild1@gmail.com>
parents:
14
diff
changeset
|
363 | return 1; |
14
1927b7b32faf
Split X509 decoding into a separate module, ssl.x509
Matthew Wild <mwild1@gmail.com>
parents:
diff
changeset
|
364 | } |