Merge branch '58-pkey-encrypt+decrypt' of https://github.com/daurnimator/luaossl into daurnimator-58-pkey-encrypt+decrypt

author: William Ahern <william@25thandclement.com> 2016-11-23 18:23:27 -0800
committer: William Ahern <william@25thandclement.com> 2016-11-23 18:23:27 -0800
commit: 1e71520fd53ff8735707e2f9c91b4551d6c9a88e (patch)
tree: aac9aca1c7ff561a8d7ed4291975551ba3f504a8
parent: c0febd5bcc823b6df11d39af65297fe24c49163a (diff)
parent: 8327753dd8f85e2a971e778389f974614146e12d (diff)
download: luaossl-1e71520fd53ff8735707e2f9c91b4551d6c9a88e.tar.gz
luaossl-1e71520fd53ff8735707e2f9c91b4551d6c9a88e.tar.bz2
luaossl-1e71520fd53ff8735707e2f9c91b4551d6c9a88e.zip
1 files changed, 129 insertions, 0 deletions
diff --git a/src/openssl.c b/src/openssl.c
index c33d934..8cf79c0 100644
--- a/src/openssl.c
+++ b/src/openssl.c
@@ -3282,6 +3282,122 @@ static int pk_setPrivateKey(lua_State *L) {
 } /* pk_setPrivateKey() */
+static int pk_decrypt(lua_State *L) {
+        size_t outlen, inlen;
+        EVP_PKEY *key = checksimple(L, 1, PKEY_CLASS);
+        EVP_PKEY_CTX *ctx;
+        const char *str = luaL_checklstring(L, 2, &inlen);
+        BIO *bio;
+        BUF_MEM *buf;
+        int rsaPadding = RSA_PKCS1_PADDING; /* default for `openssl rsautl` */
+        int base_type = EVP_PKEY_base_id(key);
+        if (lua_istable(L, 3)) {
+                if (base_type == EVP_PKEY_RSA) {
+                        lua_getfield(L, 3, "rsaPadding");
+                        rsaPadding = luaL_optint(L, -1, rsaPadding);
+                        lua_pop(L, 1);
+                }
+        }
+        bio = getbio(L);
+        BIO_get_mem_ptr(bio, &buf);
+        if (!(ctx = EVP_PKEY_CTX_new(key, NULL)))
+                goto sslerr;
+        if (EVP_PKEY_decrypt_init(ctx) <= 0)
+                goto sslerr;
+        if (base_type == EVP_PKEY_RSA && !EVP_PKEY_CTX_set_rsa_padding(ctx, rsaPadding))
+                goto sslerr;
+        if (EVP_PKEY_decrypt(ctx, NULL, &outlen, str, inlen) <= 0)
+                goto sslerr;
+        if (!BUF_MEM_grow_clean(buf, outlen))
+                goto sslerr;
+        if (EVP_PKEY_decrypt(ctx, buf->data, &outlen, str, inlen) <= 0)
+                goto sslerr;
+        EVP_PKEY_CTX_free(ctx);
+        ctx = NULL;
+        lua_pushlstring(L, buf->data, outlen);
+        BIO_reset(*bio);
+        return 1;
+sslerr:
+        if (ctx) {
+                EVP_PKEY_CTX_free(ctx);
+                ctx = NULL;
+        }
+        BIO_reset(*bio);
+        return auxL_error(L, auxL_EOPENSSL, "pkey:decrypt");
+} /* pk_decrypt() */
+static int pk_encrypt(lua_State *L) {
+        size_t outlen, inlen;
+        EVP_PKEY *key = checksimple(L, 1, PKEY_CLASS);
+        EVP_PKEY_CTX *ctx;
+        const char *str = luaL_checklstring(L, 2, &inlen);
+        BIO *bio;
+        BUF_MEM *buf;
+        int rsaPadding = RSA_PKCS1_PADDING; /* default for `openssl rsautl` */
+        int base_type = EVP_PKEY_base_id(key);
+        if (lua_istable(L, 3)) {
+                if (base_type == EVP_PKEY_RSA) {
+                        lua_getfield(L, 3, "rsaPadding");
+                        rsaPadding = luaL_optint(L, -1, rsaPadding);
+                        lua_pop(L, 1);
+                }
+        }
+        bio = getbio(L);
+        BIO_get_mem_ptr(bio, &buf);
+        if (!(ctx = EVP_PKEY_CTX_new(key, NULL)))
+                goto sslerr;
+        if (EVP_PKEY_encrypt_init(ctx) <= 0)
+                goto sslerr;
+        if (base_type == EVP_PKEY_RSA && !EVP_PKEY_CTX_set_rsa_padding(ctx, rsaPadding))
+                goto sslerr;
+        if (EVP_PKEY_encrypt(ctx, NULL, &outlen, str, inlen) <= 0)
+                goto sslerr;
+        if (!BUF_MEM_grow_clean(buf, outlen))
+                goto sslerr;
+        if (EVP_PKEY_encrypt(ctx, buf->data, &outlen, str, inlen) <= 0)
+                goto sslerr;
+        EVP_PKEY_CTX_free(ctx);
+        ctx = NULL;
+        lua_pushlstring(L, buf->data, outlen);
+        BIO_reset(*bio);
+        return 1;
+sslerr:
+        if (ctx) {
+                EVP_PKEY_CTX_free(ctx);
+                ctx = NULL;
+        }
+        BIO_reset(*bio);
+        return auxL_error(L, auxL_EOPENSSL, "pkey:encrypt");
+} /* pk_encrypt() */
 static int pk_sign(lua_State *L) {
        EVP_PKEY *key = checksimple(L, 1, PKEY_CLASS);
        EVP_MD_CTX *md = checksimple(L, 2, DIGEST_CLASS);
@@ -4001,6 +4117,8 @@ static const auxL_Reg pk_methods[] = {
        { "type",          &pk_type },
        { "setPublicKey",  &pk_setPublicKey },
        { "setPrivateKey", &pk_setPrivateKey },
+        { "decrypt",       &pk_decrypt },
+        { "encrypt",       &pk_encrypt },
        { "sign",          &pk_sign },
        { "verify",        &pk_verify },
        { "getDefaultDigestName", &pk_getDefaultDigestName },
@@ -4039,10 +4157,21 @@ static void pk_luainit(lua_State *L, _Bool reset) {
        lua_pop(L, 2);
 } /* pk_luainit() */
+static const auxL_IntegerReg pk_rsa_pad_opts[] = {
+        { "RSA_PKCS1_PADDING", RSA_PKCS1_PADDING }, // PKCS#1 padding
+        { "RSA_SSLV23_PADDING", RSA_SSLV23_PADDING }, // SSLv23 padding
+        { "RSA_NO_PADDING", RSA_NO_PADDING }, // no padding
+        { "RSA_PKCS1_OAEP_PADDING", RSA_PKCS1_OAEP_PADDING }, // OAEP padding (encrypt and decrypt only)
+        { "RSA_X931_PADDING", RSA_X931_PADDING }, // (signature operations only)
+        { "RSA_PKCS1_PSS_PADDING", RSA_PKCS1_PSS_PADDING }, // (sign and verify only)
+        { NULL, 0 },
+};
 int luaopen__openssl_pkey(lua_State *L) {
        initall(L);
        auxL_newlib(L, pk_globals, 0);
+        auxL_setintegers(L, pk_rsa_pad_opts);
        return 1;
 } /* luaopen__openssl_pkey() */
author	William Ahern <william@25thandclement.com>	2016-11-23 18:23:27 -0800
committer	William Ahern <william@25thandclement.com>	2016-11-23 18:23:27 -0800
commit	1e71520fd53ff8735707e2f9c91b4551d6c9a88e (patch)
tree	aac9aca1c7ff561a8d7ed4291975551ba3f504a8
parent	c0febd5bcc823b6df11d39af65297fe24c49163a (diff)
parent	8327753dd8f85e2a971e778389f974614146e12d (diff)
download	luaossl-1e71520fd53ff8735707e2f9c91b4551d6c9a88e.tar.gz luaossl-1e71520fd53ff8735707e2f9c91b4551d6c9a88e.tar.bz2 luaossl-1e71520fd53ff8735707e2f9c91b4551d6c9a88e.zip

diff --git a/src/openssl.c b/src/openssl.c index c33d934..8cf79c0 100644 --- a/src/openssl.c +++ b/src/openssl.c
@@ -3282,6 +3282,122 @@ static int pk_setPrivateKey(lua_State *L) {
3282	} /* pk_setPrivateKey() */	3282	} /* pk_setPrivateKey() */
3283		3283
3284		3284
		3285	static int pk_decrypt(lua_State *L) {
		3286	size_t outlen, inlen;
		3287	EVP_PKEY *key = checksimple(L, 1, PKEY_CLASS);
		3288	EVP_PKEY_CTX *ctx;
		3289	const char *str = luaL_checklstring(L, 2, &inlen);
		3290	BIO *bio;
		3291	BUF_MEM *buf;
		3292	int rsaPadding = RSA_PKCS1_PADDING; /* default for `openssl rsautl` */
		3293	int base_type = EVP_PKEY_base_id(key);
		3294
		3295	if (lua_istable(L, 3)) {
		3296	if (base_type == EVP_PKEY_RSA) {
		3297	lua_getfield(L, 3, "rsaPadding");
		3298	rsaPadding = luaL_optint(L, -1, rsaPadding);
		3299	lua_pop(L, 1);
		3300	}
		3301	}
		3302
		3303	bio = getbio(L);
		3304	BIO_get_mem_ptr(bio, &buf);
		3305
		3306	if (!(ctx = EVP_PKEY_CTX_new(key, NULL)))
		3307	goto sslerr;
		3308
		3309	if (EVP_PKEY_decrypt_init(ctx) <= 0)
		3310	goto sslerr;
		3311
		3312	if (base_type == EVP_PKEY_RSA && !EVP_PKEY_CTX_set_rsa_padding(ctx, rsaPadding))
		3313	goto sslerr;
		3314
		3315	if (EVP_PKEY_decrypt(ctx, NULL, &outlen, str, inlen) <= 0)
		3316	goto sslerr;
		3317
		3318	if (!BUF_MEM_grow_clean(buf, outlen))
		3319	goto sslerr;
		3320
		3321	if (EVP_PKEY_decrypt(ctx, buf->data, &outlen, str, inlen) <= 0)
		3322	goto sslerr;
		3323
		3324	EVP_PKEY_CTX_free(ctx);
		3325	ctx = NULL;
		3326
		3327	lua_pushlstring(L, buf->data, outlen);
		3328
		3329	BIO_reset(*bio);
		3330
		3331	return 1;
		3332	sslerr:
		3333	if (ctx) {
		3334	EVP_PKEY_CTX_free(ctx);
		3335	ctx = NULL;
		3336	}
		3337	BIO_reset(*bio);
		3338
		3339	return auxL_error(L, auxL_EOPENSSL, "pkey:decrypt");
		3340	} /* pk_decrypt() */
		3341
		3342
		3343	static int pk_encrypt(lua_State *L) {
		3344	size_t outlen, inlen;
		3345	EVP_PKEY *key = checksimple(L, 1, PKEY_CLASS);
		3346	EVP_PKEY_CTX *ctx;
		3347	const char *str = luaL_checklstring(L, 2, &inlen);
		3348	BIO *bio;
		3349	BUF_MEM *buf;
		3350	int rsaPadding = RSA_PKCS1_PADDING; /* default for `openssl rsautl` */
		3351	int base_type = EVP_PKEY_base_id(key);
		3352
		3353	if (lua_istable(L, 3)) {
		3354	if (base_type == EVP_PKEY_RSA) {
		3355	lua_getfield(L, 3, "rsaPadding");
		3356	rsaPadding = luaL_optint(L, -1, rsaPadding);
		3357	lua_pop(L, 1);
		3358	}
		3359	}
		3360
		3361	bio = getbio(L);
		3362	BIO_get_mem_ptr(bio, &buf);
		3363
		3364	if (!(ctx = EVP_PKEY_CTX_new(key, NULL)))
		3365	goto sslerr;
		3366
		3367	if (EVP_PKEY_encrypt_init(ctx) <= 0)
		3368	goto sslerr;
		3369
		3370	if (base_type == EVP_PKEY_RSA && !EVP_PKEY_CTX_set_rsa_padding(ctx, rsaPadding))
		3371	goto sslerr;
		3372
		3373	if (EVP_PKEY_encrypt(ctx, NULL, &outlen, str, inlen) <= 0)
		3374	goto sslerr;
		3375
		3376	if (!BUF_MEM_grow_clean(buf, outlen))
		3377	goto sslerr;
		3378
		3379	if (EVP_PKEY_encrypt(ctx, buf->data, &outlen, str, inlen) <= 0)
		3380	goto sslerr;
		3381
		3382	EVP_PKEY_CTX_free(ctx);
		3383	ctx = NULL;
		3384
		3385	lua_pushlstring(L, buf->data, outlen);
		3386
		3387	BIO_reset(*bio);
		3388
		3389	return 1;
		3390	sslerr:
		3391	if (ctx) {
		3392	EVP_PKEY_CTX_free(ctx);
		3393	ctx = NULL;
		3394	}
		3395	BIO_reset(*bio);
		3396
		3397	return auxL_error(L, auxL_EOPENSSL, "pkey:encrypt");
		3398	} /* pk_encrypt() */
		3399
		3400
3285	static int pk_sign(lua_State *L) {	3401	static int pk_sign(lua_State *L) {
3286	EVP_PKEY *key = checksimple(L, 1, PKEY_CLASS);	3402	EVP_PKEY *key = checksimple(L, 1, PKEY_CLASS);
3287	EVP_MD_CTX *md = checksimple(L, 2, DIGEST_CLASS);	3403	EVP_MD_CTX *md = checksimple(L, 2, DIGEST_CLASS);
@@ -4001,6 +4117,8 @@ static const auxL_Reg pk_methods[] = {
4001	{ "type", &pk_type },	4117	{ "type", &pk_type },
4002	{ "setPublicKey", &pk_setPublicKey },	4118	{ "setPublicKey", &pk_setPublicKey },
4003	{ "setPrivateKey", &pk_setPrivateKey },	4119	{ "setPrivateKey", &pk_setPrivateKey },
		4120	{ "decrypt", &pk_decrypt },
		4121	{ "encrypt", &pk_encrypt },
4004	{ "sign", &pk_sign },	4122	{ "sign", &pk_sign },
4005	{ "verify", &pk_verify },	4123	{ "verify", &pk_verify },
4006	{ "getDefaultDigestName", &pk_getDefaultDigestName },	4124	{ "getDefaultDigestName", &pk_getDefaultDigestName },
@@ -4039,10 +4157,21 @@ static void pk_luainit(lua_State *L, _Bool reset) {
4039	lua_pop(L, 2);	4157	lua_pop(L, 2);
4040	} /* pk_luainit() */	4158	} /* pk_luainit() */
4041		4159
		4160	static const auxL_IntegerReg pk_rsa_pad_opts[] = {
		4161	{ "RSA_PKCS1_PADDING", RSA_PKCS1_PADDING }, // PKCS#1 padding
		4162	{ "RSA_SSLV23_PADDING", RSA_SSLV23_PADDING }, // SSLv23 padding
		4163	{ "RSA_NO_PADDING", RSA_NO_PADDING }, // no padding
		4164	{ "RSA_PKCS1_OAEP_PADDING", RSA_PKCS1_OAEP_PADDING }, // OAEP padding (encrypt and decrypt only)
		4165	{ "RSA_X931_PADDING", RSA_X931_PADDING }, // (signature operations only)
		4166	{ "RSA_PKCS1_PSS_PADDING", RSA_PKCS1_PSS_PADDING }, // (sign and verify only)
		4167	{ NULL, 0 },
		4168	};
		4169
4042	int luaopen__openssl_pkey(lua_State *L) {	4170	int luaopen__openssl_pkey(lua_State *L) {
4043	initall(L);	4171	initall(L);
4044		4172
4045	auxL_newlib(L, pk_globals, 0);	4173	auxL_newlib(L, pk_globals, 0);
		4174	auxL_setintegers(L, pk_rsa_pad_opts);
4046		4175
4047	return 1;	4176	return 1;
4048	} /* luaopen__openssl_pkey() */	4177	} /* luaopen__openssl_pkey() */