42 lua_pushlstring(L, buffer, min(sizeof(buffer),len)); |
42 lua_pushlstring(L, buffer, min(sizeof(buffer),len)); |
43 } |
43 } |
44 |
44 |
45 void luasec_push_asn1_string(lua_State* L, ASN1_STRING *string) |
45 void luasec_push_asn1_string(lua_State* L, ASN1_STRING *string) |
46 { |
46 { |
47 if(string) |
47 if (string) |
48 lua_pushlstring(L, (char*)ASN1_STRING_data(string), ASN1_STRING_length(string)); |
48 lua_pushlstring(L, (char*)ASN1_STRING_data(string), ASN1_STRING_length(string)); |
49 else |
49 else |
50 lua_pushnil(L); |
50 lua_pushnil(L); |
51 } |
51 } |
52 |
52 |
53 int luasec_push_subtable(lua_State* L, int idx) |
53 int luasec_push_subtable(lua_State* L, int idx) |
54 { |
54 { |
55 |
55 |
56 lua_pushvalue(L, -1); |
56 lua_pushvalue(L, -1); |
57 lua_gettable(L, idx-1); |
57 lua_gettable(L, idx-1); |
58 |
58 |
59 if(lua_isnil(L, -1)) |
59 if (lua_isnil(L, -1)) |
60 { |
60 { |
61 lua_pop(L, 1); |
61 lua_pop(L, 1); |
62 lua_newtable(L); |
62 lua_newtable(L); |
63 lua_pushvalue(L, -2); |
63 lua_pushvalue(L, -2); |
64 lua_pushvalue(L, -2); |
64 lua_pushvalue(L, -2); |
65 lua_settable(L, idx-3); |
65 lua_settable(L, idx-3); |
66 |
66 |
67 lua_replace(L, -2); /* Replace key with table */ |
67 lua_replace(L, -2); /* Replace key with table */ |
68 return 1; |
68 return 1; |
69 } |
69 } |
70 lua_replace(L, -2); /* Replace key with table */ |
70 |
71 return 0; |
71 lua_replace(L, -2); /* Replace key with table */ |
|
72 return 0; |
72 } |
73 } |
73 |
74 |
74 void luasec_push_x509_name(lua_State* L, X509_NAME *name) |
75 void luasec_push_x509_name(lua_State* L, X509_NAME *name) |
75 { |
76 { |
76 int i, n_entries; |
77 int i, n_entries; |
77 lua_newtable(L); |
78 lua_newtable(L); |
78 n_entries = X509_NAME_entry_count(name); |
79 n_entries = X509_NAME_entry_count(name); |
79 |
80 |
80 for(i = 0; i < n_entries; i++) |
81 for (i = 0; i < n_entries; i++) |
81 { |
82 { |
82 X509_NAME_ENTRY *entry; |
83 X509_NAME_ENTRY *entry; |
83 ASN1_OBJECT *object; |
84 ASN1_OBJECT *object; |
84 |
85 |
85 entry = X509_NAME_get_entry(name, i); |
86 entry = X509_NAME_get_entry(name, i); |
122 peer = luasec_to_x509(L, 1); |
123 peer = luasec_to_x509(L, 1); |
123 |
124 |
124 lua_newtable(L); /* ret */ |
125 lua_newtable(L); /* ret */ |
125 |
126 |
126 i = -1; |
127 i = -1; |
127 while((i = X509_get_ext_by_NID(peer, NID_subject_alt_name, i)) != -1) |
128 while ((i = X509_get_ext_by_NID(peer, NID_subject_alt_name, i)) != -1) |
128 { |
129 { |
129 X509_EXTENSION *extension; |
130 X509_EXTENSION *extension; |
130 STACK_OF(GENERAL_NAME) *values; |
131 STACK_OF(GENERAL_NAME) *values; |
131 int n_general_names; |
132 int n_general_names; |
132 |
133 |
133 extension = X509_get_ext(peer, i); |
134 extension = X509_get_ext(peer, i); |
134 if(extension == NULL) |
135 if (extension == NULL) |
135 break; |
136 break; |
136 |
137 |
137 values = X509V3_EXT_d2i(extension); |
138 values = X509V3_EXT_d2i(extension); |
138 if(values == NULL) |
139 if (values == NULL) |
139 break; |
140 break; |
140 |
141 |
141 /* Push ret[oid] */ |
142 /* Push ret[oid] */ |
142 luasec_push_asn1_objname(L, extension->object, 1); |
143 luasec_push_asn1_objname(L, extension->object, 1); |
143 luasec_push_subtable(L, -2); |
144 luasec_push_subtable(L, -2); |
144 /* Set ret[oid].name = name */ |
145 /* Set ret[oid].name = name */ |
145 luasec_push_asn1_objname(L, extension->object, 0); |
146 luasec_push_asn1_objname(L, extension->object, 0); |
146 lua_setfield(L, -2, "name"); |
147 lua_setfield(L, -2, "name"); |
147 |
148 |
148 n_general_names = sk_GENERAL_NAME_num(values); |
149 n_general_names = sk_GENERAL_NAME_num(values); |
149 for(j = 0; j < n_general_names; j++) |
150 for (j = 0; j < n_general_names; j++) |
150 { |
151 { |
151 GENERAL_NAME *general_name; |
152 GENERAL_NAME *general_name; |
152 |
153 |
153 general_name = sk_GENERAL_NAME_value(values, j); |
154 general_name = sk_GENERAL_NAME_value(values, j); |
154 |
155 |
158 { |
159 { |
159 OTHERNAME *otherName = general_name->d.otherName; |
160 OTHERNAME *otherName = general_name->d.otherName; |
160 |
161 |
161 luasec_push_asn1_objname(L, otherName->type_id, 1); |
162 luasec_push_asn1_objname(L, otherName->type_id, 1); |
162 |
163 |
163 if(luasec_push_subtable(L, -2)) |
164 if (luasec_push_subtable(L, -2)) |
164 { |
165 { |
165 luasec_push_asn1_objname(L, otherName->type_id, 0); |
166 luasec_push_asn1_objname(L, otherName->type_id, 0); |
166 lua_setfield(L, -2, "name"); |
167 lua_setfield(L, -2, "name"); |
167 } |
168 } |
168 |
169 |
173 break; |
174 break; |
174 } |
175 } |
175 case GEN_DNS: |
176 case GEN_DNS: |
176 { |
177 { |
177 lua_pushstring(L, "dNSName"); |
178 lua_pushstring(L, "dNSName"); |
178 luasec_push_subtable(L, -2); |
179 luasec_push_subtable(L, -2); |
179 luasec_push_asn1_string(L, general_name->d.dNSName); |
180 luasec_push_asn1_string(L, general_name->d.dNSName); |
180 lua_rawseti(L, -2, lua_objlen(L, -2)+1); |
181 lua_rawseti(L, -2, lua_objlen(L, -2)+1); |
181 lua_pop(L, 1); |
182 lua_pop(L, 1); |
182 break; |
183 break; |
183 } |
184 } |
204 int meth_pem(lua_State* L) |
205 int meth_pem(lua_State* L) |
205 { |
206 { |
206 X509* cert = luasec_to_x509(L, 1); |
207 X509* cert = luasec_to_x509(L, 1); |
207 BIO *bio = BIO_new(BIO_s_mem()); |
208 BIO *bio = BIO_new(BIO_s_mem()); |
208 char* data; long bytes; |
209 char* data; long bytes; |
209 if(!PEM_write_bio_X509(bio, cert)) |
210 if (!PEM_write_bio_X509(bio, cert)) |
210 { |
211 { |
211 lua_pushnil(L); |
212 lua_pushnil(L); |
212 return 1; |
213 return 1; |
213 } |
214 } |
214 bytes = BIO_get_mem_data(bio, &data); |
215 bytes = BIO_get_mem_data(bio, &data); |
215 if(bytes > 0) |
216 if (bytes > 0) |
216 lua_pushlstring(L, data, bytes); |
217 lua_pushlstring(L, data, bytes); |
217 else |
218 else |
218 lua_pushnil(L); |
219 lua_pushnil(L); |
219 BIO_free(bio); |
220 BIO_free(bio); |
220 return 1; |
221 return 1; |
235 unsigned int bytes; |
236 unsigned int bytes; |
236 unsigned char buffer[EVP_MAX_MD_SIZE]; |
237 unsigned char buffer[EVP_MAX_MD_SIZE]; |
237 char hex_buffer[EVP_MAX_MD_SIZE*2]; |
238 char hex_buffer[EVP_MAX_MD_SIZE*2]; |
238 const EVP_MD *digest; |
239 const EVP_MD *digest; |
239 cert = luasec_to_x509(L, 1); |
240 cert = luasec_to_x509(L, 1); |
240 if(lua_gettop(L) < 2 || strcmp(luaL_checkstring(L, 1), "sha1") == 0) |
241 if (lua_gettop(L) < 2 || strcmp(luaL_checkstring(L, 1), "sha1") == 0) |
241 { |
242 { |
242 digest = EVP_sha1(); |
243 digest = EVP_sha1(); |
243 } |
244 } |
244 else |
245 else |
245 { |
246 { |
246 lua_pushnil(L); |
247 lua_pushnil(L); |
247 lua_pushstring(L, "digest algorithm not supported"); |
248 lua_pushstring(L, "digest algorithm not supported"); |
248 return 2; |
249 return 2; |
249 } |
250 } |
250 if(!X509_digest(cert, digest, buffer, &bytes)) |
251 if (!X509_digest(cert, digest, buffer, &bytes)) |
251 { |
252 { |
252 lua_pushnil(L); |
253 lua_pushnil(L); |
253 lua_pushstring(L, "out of memory"); |
254 lua_pushstring(L, "out of memory"); |
254 return 2; |
255 return 2; |
255 } |
256 } |
277 BIO *bio = BIO_new(BIO_s_mem()); |
278 BIO *bio = BIO_new(BIO_s_mem()); |
278 const char* data; size_t bytes; |
279 const char* data; size_t bytes; |
279 data = luaL_checklstring(L, 1, &bytes); |
280 data = luaL_checklstring(L, 1, &bytes); |
280 BIO_write(bio, data, bytes); |
281 BIO_write(bio, data, bytes); |
281 cert = PEM_read_bio_X509(bio, NULL, NULL, NULL); |
282 cert = PEM_read_bio_X509(bio, NULL, NULL, NULL); |
282 if(cert) |
283 if (cert) |
283 luasec_push_x509(L, cert); |
284 luasec_push_x509(L, cert); |
284 else |
285 else |
285 lua_pushnil(L); |
286 lua_pushnil(L); |
286 BIO_free(bio); |
287 BIO_free(bio); |
287 return 1; |
288 return 1; |