comparison: src/x509.c
src/x509.c
- changeset 32
- c47594a84f04
- parent 31
- 87625285de20
- child 33
- cc36229b3be1
equal
deleted
inserted
replaced
| 31:87625285de20 | 32:c47594a84f04 |
|---|---|
| 42 lua_pushlstring(L, buffer, min(sizeof(buffer),len)); | 42 lua_pushlstring(L, buffer, min(sizeof(buffer),len)); |
| 43 } | 43 } |
| 44 | 44 |
| 45 void luasec_push_asn1_string(lua_State* L, ASN1_STRING *string) | 45 void luasec_push_asn1_string(lua_State* L, ASN1_STRING *string) |
| 46 { | 46 { |
| 47 if(string) | 47 if (string) |
| 48 lua_pushlstring(L, (char*)ASN1_STRING_data(string), ASN1_STRING_length(string)); | 48 lua_pushlstring(L, (char*)ASN1_STRING_data(string), ASN1_STRING_length(string)); |
| 49 else | 49 else |
| 50 lua_pushnil(L); | 50 lua_pushnil(L); |
| 51 } | 51 } |
| 52 | 52 |
| 53 int luasec_push_subtable(lua_State* L, int idx) | 53 int luasec_push_subtable(lua_State* L, int idx) |
| 54 { | 54 { |
| 55 | 55 |
| 56 lua_pushvalue(L, -1); | 56 lua_pushvalue(L, -1); |
| 57 lua_gettable(L, idx-1); | 57 lua_gettable(L, idx-1); |
| 58 | 58 |
| 59 if(lua_isnil(L, -1)) | 59 if (lua_isnil(L, -1)) |
| 60 { | 60 { |
| 61 lua_pop(L, 1); | 61 lua_pop(L, 1); |
| 62 lua_newtable(L); | 62 lua_newtable(L); |
| 63 lua_pushvalue(L, -2); | 63 lua_pushvalue(L, -2); |
| 64 lua_pushvalue(L, -2); | 64 lua_pushvalue(L, -2); |
| 65 lua_settable(L, idx-3); | 65 lua_settable(L, idx-3); |
| 66 | 66 |
| 67 lua_replace(L, -2); /* Replace key with table */ | 67 lua_replace(L, -2); /* Replace key with table */ |
| 68 return 1; | 68 return 1; |
| 69 } | 69 } |
| 70 lua_replace(L, -2); /* Replace key with table */ | 70 |
| 71 return 0; | 71 lua_replace(L, -2); /* Replace key with table */ |
| 72 return 0; | |
| 72 } | 73 } |
| 73 | 74 |
| 74 void luasec_push_x509_name(lua_State* L, X509_NAME *name) | 75 void luasec_push_x509_name(lua_State* L, X509_NAME *name) |
| 75 { | 76 { |
| 76 int i, n_entries; | 77 int i, n_entries; |
| 77 lua_newtable(L); | 78 lua_newtable(L); |
| 78 n_entries = X509_NAME_entry_count(name); | 79 n_entries = X509_NAME_entry_count(name); |
| 79 | 80 |
| 80 for(i = 0; i < n_entries; i++) | 81 for (i = 0; i < n_entries; i++) |
| 81 { | 82 { |
| 82 X509_NAME_ENTRY *entry; | 83 X509_NAME_ENTRY *entry; |
| 83 ASN1_OBJECT *object; | 84 ASN1_OBJECT *object; |
| 84 | 85 |
| 85 entry = X509_NAME_get_entry(name, i); | 86 entry = X509_NAME_get_entry(name, i); |
| 122 peer = luasec_to_x509(L, 1); | 123 peer = luasec_to_x509(L, 1); |
| 123 | 124 |
| 124 lua_newtable(L); /* ret */ | 125 lua_newtable(L); /* ret */ |
| 125 | 126 |
| 126 i = -1; | 127 i = -1; |
| 127 while((i = X509_get_ext_by_NID(peer, NID_subject_alt_name, i)) != -1) | 128 while ((i = X509_get_ext_by_NID(peer, NID_subject_alt_name, i)) != -1) |
| 128 { | 129 { |
| 129 X509_EXTENSION *extension; | 130 X509_EXTENSION *extension; |
| 130 STACK_OF(GENERAL_NAME) *values; | 131 STACK_OF(GENERAL_NAME) *values; |
| 131 int n_general_names; | 132 int n_general_names; |
| 132 | 133 |
| 133 extension = X509_get_ext(peer, i); | 134 extension = X509_get_ext(peer, i); |
| 134 if(extension == NULL) | 135 if (extension == NULL) |
| 135 break; | 136 break; |
| 136 | 137 |
| 137 values = X509V3_EXT_d2i(extension); | 138 values = X509V3_EXT_d2i(extension); |
| 138 if(values == NULL) | 139 if (values == NULL) |
| 139 break; | 140 break; |
| 140 | 141 |
| 141 /* Push ret[oid] */ | 142 /* Push ret[oid] */ |
| 142 luasec_push_asn1_objname(L, extension->object, 1); | 143 luasec_push_asn1_objname(L, extension->object, 1); |
| 143 luasec_push_subtable(L, -2); | 144 luasec_push_subtable(L, -2); |
| 144 /* Set ret[oid].name = name */ | 145 /* Set ret[oid].name = name */ |
| 145 luasec_push_asn1_objname(L, extension->object, 0); | 146 luasec_push_asn1_objname(L, extension->object, 0); |
| 146 lua_setfield(L, -2, "name"); | 147 lua_setfield(L, -2, "name"); |
| 147 | 148 |
| 148 n_general_names = sk_GENERAL_NAME_num(values); | 149 n_general_names = sk_GENERAL_NAME_num(values); |
| 149 for(j = 0; j < n_general_names; j++) | 150 for (j = 0; j < n_general_names; j++) |
| 150 { | 151 { |
| 151 GENERAL_NAME *general_name; | 152 GENERAL_NAME *general_name; |
| 152 | 153 |
| 153 general_name = sk_GENERAL_NAME_value(values, j); | 154 general_name = sk_GENERAL_NAME_value(values, j); |
| 154 | 155 |
| 158 { | 159 { |
| 159 OTHERNAME *otherName = general_name->d.otherName; | 160 OTHERNAME *otherName = general_name->d.otherName; |
| 160 | 161 |
| 161 luasec_push_asn1_objname(L, otherName->type_id, 1); | 162 luasec_push_asn1_objname(L, otherName->type_id, 1); |
| 162 | 163 |
| 163 if(luasec_push_subtable(L, -2)) | 164 if (luasec_push_subtable(L, -2)) |
| 164 { | 165 { |
| 165 luasec_push_asn1_objname(L, otherName->type_id, 0); | 166 luasec_push_asn1_objname(L, otherName->type_id, 0); |
| 166 lua_setfield(L, -2, "name"); | 167 lua_setfield(L, -2, "name"); |
| 167 } | 168 } |
| 168 | 169 |
| 173 break; | 174 break; |
| 174 } | 175 } |
| 175 case GEN_DNS: | 176 case GEN_DNS: |
| 176 { | 177 { |
| 177 lua_pushstring(L, "dNSName"); | 178 lua_pushstring(L, "dNSName"); |
| 178 luasec_push_subtable(L, -2); | 179 luasec_push_subtable(L, -2); |
| 179 luasec_push_asn1_string(L, general_name->d.dNSName); | 180 luasec_push_asn1_string(L, general_name->d.dNSName); |
| 180 lua_rawseti(L, -2, lua_objlen(L, -2)+1); | 181 lua_rawseti(L, -2, lua_objlen(L, -2)+1); |
| 181 lua_pop(L, 1); | 182 lua_pop(L, 1); |
| 182 break; | 183 break; |
| 183 } | 184 } |
| 204 int meth_pem(lua_State* L) | 205 int meth_pem(lua_State* L) |
| 205 { | 206 { |
| 206 X509* cert = luasec_to_x509(L, 1); | 207 X509* cert = luasec_to_x509(L, 1); |
| 207 BIO *bio = BIO_new(BIO_s_mem()); | 208 BIO *bio = BIO_new(BIO_s_mem()); |
| 208 char* data; long bytes; | 209 char* data; long bytes; |
| 209 if(!PEM_write_bio_X509(bio, cert)) | 210 if (!PEM_write_bio_X509(bio, cert)) |
| 210 { | 211 { |
| 211 lua_pushnil(L); | 212 lua_pushnil(L); |
| 212 return 1; | 213 return 1; |
| 213 } | 214 } |
| 214 bytes = BIO_get_mem_data(bio, &data); | 215 bytes = BIO_get_mem_data(bio, &data); |
| 215 if(bytes > 0) | 216 if (bytes > 0) |
| 216 lua_pushlstring(L, data, bytes); | 217 lua_pushlstring(L, data, bytes); |
| 217 else | 218 else |
| 218 lua_pushnil(L); | 219 lua_pushnil(L); |
| 219 BIO_free(bio); | 220 BIO_free(bio); |
| 220 return 1; | 221 return 1; |
| 235 unsigned int bytes; | 236 unsigned int bytes; |
| 236 unsigned char buffer[EVP_MAX_MD_SIZE]; | 237 unsigned char buffer[EVP_MAX_MD_SIZE]; |
| 237 char hex_buffer[EVP_MAX_MD_SIZE*2]; | 238 char hex_buffer[EVP_MAX_MD_SIZE*2]; |
| 238 const EVP_MD *digest; | 239 const EVP_MD *digest; |
| 239 cert = luasec_to_x509(L, 1); | 240 cert = luasec_to_x509(L, 1); |
| 240 if(lua_gettop(L) < 2 || strcmp(luaL_checkstring(L, 1), "sha1") == 0) | 241 if (lua_gettop(L) < 2 || strcmp(luaL_checkstring(L, 1), "sha1") == 0) |
| 241 { | 242 { |
| 242 digest = EVP_sha1(); | 243 digest = EVP_sha1(); |
| 243 } | 244 } |
| 244 else | 245 else |
| 245 { | 246 { |
| 246 lua_pushnil(L); | 247 lua_pushnil(L); |
| 247 lua_pushstring(L, "digest algorithm not supported"); | 248 lua_pushstring(L, "digest algorithm not supported"); |
| 248 return 2; | 249 return 2; |
| 249 } | 250 } |
| 250 if(!X509_digest(cert, digest, buffer, &bytes)) | 251 if (!X509_digest(cert, digest, buffer, &bytes)) |
| 251 { | 252 { |
| 252 lua_pushnil(L); | 253 lua_pushnil(L); |
| 253 lua_pushstring(L, "out of memory"); | 254 lua_pushstring(L, "out of memory"); |
| 254 return 2; | 255 return 2; |
| 255 } | 256 } |
| 277 BIO *bio = BIO_new(BIO_s_mem()); | 278 BIO *bio = BIO_new(BIO_s_mem()); |
| 278 const char* data; size_t bytes; | 279 const char* data; size_t bytes; |
| 279 data = luaL_checklstring(L, 1, &bytes); | 280 data = luaL_checklstring(L, 1, &bytes); |
| 280 BIO_write(bio, data, bytes); | 281 BIO_write(bio, data, bytes); |
| 281 cert = PEM_read_bio_X509(bio, NULL, NULL, NULL); | 282 cert = PEM_read_bio_X509(bio, NULL, NULL, NULL); |
| 282 if(cert) | 283 if (cert) |
| 283 luasec_push_x509(L, cert); | 284 luasec_push_x509(L, cert); |
| 284 else | 285 else |
| 285 lua_pushnil(L); | 286 lua_pushnil(L); |
| 286 BIO_free(bio); | 287 BIO_free(bio); |
| 287 return 1; | 288 return 1; |
