diff options
author | William Ahern <william@25thandclement.com> | 2016-11-23 18:23:27 -0800 |
---|---|---|
committer | William Ahern <william@25thandclement.com> | 2016-11-23 18:23:27 -0800 |
commit | 1e71520fd53ff8735707e2f9c91b4551d6c9a88e (patch) | |
tree | aac9aca1c7ff561a8d7ed4291975551ba3f504a8 | |
parent | c0febd5bcc823b6df11d39af65297fe24c49163a (diff) | |
parent | 8327753dd8f85e2a971e778389f974614146e12d (diff) | |
download | luaossl-1e71520fd53ff8735707e2f9c91b4551d6c9a88e.tar.gz luaossl-1e71520fd53ff8735707e2f9c91b4551d6c9a88e.tar.bz2 luaossl-1e71520fd53ff8735707e2f9c91b4551d6c9a88e.zip |
Merge branch '58-pkey-encrypt+decrypt' of https://github.com/daurnimator/luaossl into daurnimator-58-pkey-encrypt+decrypt
-rw-r--r-- | src/openssl.c | 129 |
1 files changed, 129 insertions, 0 deletions
diff --git a/src/openssl.c b/src/openssl.c index c33d934..8cf79c0 100644 --- a/src/openssl.c +++ b/src/openssl.c | |||
@@ -3282,6 +3282,122 @@ static int pk_setPrivateKey(lua_State *L) { | |||
3282 | } /* pk_setPrivateKey() */ | 3282 | } /* pk_setPrivateKey() */ |
3283 | 3283 | ||
3284 | 3284 | ||
3285 | static int pk_decrypt(lua_State *L) { | ||
3286 | size_t outlen, inlen; | ||
3287 | EVP_PKEY *key = checksimple(L, 1, PKEY_CLASS); | ||
3288 | EVP_PKEY_CTX *ctx; | ||
3289 | const char *str = luaL_checklstring(L, 2, &inlen); | ||
3290 | BIO *bio; | ||
3291 | BUF_MEM *buf; | ||
3292 | int rsaPadding = RSA_PKCS1_PADDING; /* default for `openssl rsautl` */ | ||
3293 | int base_type = EVP_PKEY_base_id(key); | ||
3294 | |||
3295 | if (lua_istable(L, 3)) { | ||
3296 | if (base_type == EVP_PKEY_RSA) { | ||
3297 | lua_getfield(L, 3, "rsaPadding"); | ||
3298 | rsaPadding = luaL_optint(L, -1, rsaPadding); | ||
3299 | lua_pop(L, 1); | ||
3300 | } | ||
3301 | } | ||
3302 | |||
3303 | bio = getbio(L); | ||
3304 | BIO_get_mem_ptr(bio, &buf); | ||
3305 | |||
3306 | if (!(ctx = EVP_PKEY_CTX_new(key, NULL))) | ||
3307 | goto sslerr; | ||
3308 | |||
3309 | if (EVP_PKEY_decrypt_init(ctx) <= 0) | ||
3310 | goto sslerr; | ||
3311 | |||
3312 | if (base_type == EVP_PKEY_RSA && !EVP_PKEY_CTX_set_rsa_padding(ctx, rsaPadding)) | ||
3313 | goto sslerr; | ||
3314 | |||
3315 | if (EVP_PKEY_decrypt(ctx, NULL, &outlen, str, inlen) <= 0) | ||
3316 | goto sslerr; | ||
3317 | |||
3318 | if (!BUF_MEM_grow_clean(buf, outlen)) | ||
3319 | goto sslerr; | ||
3320 | |||
3321 | if (EVP_PKEY_decrypt(ctx, buf->data, &outlen, str, inlen) <= 0) | ||
3322 | goto sslerr; | ||
3323 | |||
3324 | EVP_PKEY_CTX_free(ctx); | ||
3325 | ctx = NULL; | ||
3326 | |||
3327 | lua_pushlstring(L, buf->data, outlen); | ||
3328 | |||
3329 | BIO_reset(*bio); | ||
3330 | |||
3331 | return 1; | ||
3332 | sslerr: | ||
3333 | if (ctx) { | ||
3334 | EVP_PKEY_CTX_free(ctx); | ||
3335 | ctx = NULL; | ||
3336 | } | ||
3337 | BIO_reset(*bio); | ||
3338 | |||
3339 | return auxL_error(L, auxL_EOPENSSL, "pkey:decrypt"); | ||
3340 | } /* pk_decrypt() */ | ||
3341 | |||
3342 | |||
3343 | static int pk_encrypt(lua_State *L) { | ||
3344 | size_t outlen, inlen; | ||
3345 | EVP_PKEY *key = checksimple(L, 1, PKEY_CLASS); | ||
3346 | EVP_PKEY_CTX *ctx; | ||
3347 | const char *str = luaL_checklstring(L, 2, &inlen); | ||
3348 | BIO *bio; | ||
3349 | BUF_MEM *buf; | ||
3350 | int rsaPadding = RSA_PKCS1_PADDING; /* default for `openssl rsautl` */ | ||
3351 | int base_type = EVP_PKEY_base_id(key); | ||
3352 | |||
3353 | if (lua_istable(L, 3)) { | ||
3354 | if (base_type == EVP_PKEY_RSA) { | ||
3355 | lua_getfield(L, 3, "rsaPadding"); | ||
3356 | rsaPadding = luaL_optint(L, -1, rsaPadding); | ||
3357 | lua_pop(L, 1); | ||
3358 | } | ||
3359 | } | ||
3360 | |||
3361 | bio = getbio(L); | ||
3362 | BIO_get_mem_ptr(bio, &buf); | ||
3363 | |||
3364 | if (!(ctx = EVP_PKEY_CTX_new(key, NULL))) | ||
3365 | goto sslerr; | ||
3366 | |||
3367 | if (EVP_PKEY_encrypt_init(ctx) <= 0) | ||
3368 | goto sslerr; | ||
3369 | |||
3370 | if (base_type == EVP_PKEY_RSA && !EVP_PKEY_CTX_set_rsa_padding(ctx, rsaPadding)) | ||
3371 | goto sslerr; | ||
3372 | |||
3373 | if (EVP_PKEY_encrypt(ctx, NULL, &outlen, str, inlen) <= 0) | ||
3374 | goto sslerr; | ||
3375 | |||
3376 | if (!BUF_MEM_grow_clean(buf, outlen)) | ||
3377 | goto sslerr; | ||
3378 | |||
3379 | if (EVP_PKEY_encrypt(ctx, buf->data, &outlen, str, inlen) <= 0) | ||
3380 | goto sslerr; | ||
3381 | |||
3382 | EVP_PKEY_CTX_free(ctx); | ||
3383 | ctx = NULL; | ||
3384 | |||
3385 | lua_pushlstring(L, buf->data, outlen); | ||
3386 | |||
3387 | BIO_reset(*bio); | ||
3388 | |||
3389 | return 1; | ||
3390 | sslerr: | ||
3391 | if (ctx) { | ||
3392 | EVP_PKEY_CTX_free(ctx); | ||
3393 | ctx = NULL; | ||
3394 | } | ||
3395 | BIO_reset(*bio); | ||
3396 | |||
3397 | return auxL_error(L, auxL_EOPENSSL, "pkey:encrypt"); | ||
3398 | } /* pk_encrypt() */ | ||
3399 | |||
3400 | |||
3285 | static int pk_sign(lua_State *L) { | 3401 | static int pk_sign(lua_State *L) { |
3286 | EVP_PKEY *key = checksimple(L, 1, PKEY_CLASS); | 3402 | EVP_PKEY *key = checksimple(L, 1, PKEY_CLASS); |
3287 | EVP_MD_CTX *md = checksimple(L, 2, DIGEST_CLASS); | 3403 | EVP_MD_CTX *md = checksimple(L, 2, DIGEST_CLASS); |
@@ -4001,6 +4117,8 @@ static const auxL_Reg pk_methods[] = { | |||
4001 | { "type", &pk_type }, | 4117 | { "type", &pk_type }, |
4002 | { "setPublicKey", &pk_setPublicKey }, | 4118 | { "setPublicKey", &pk_setPublicKey }, |
4003 | { "setPrivateKey", &pk_setPrivateKey }, | 4119 | { "setPrivateKey", &pk_setPrivateKey }, |
4120 | { "decrypt", &pk_decrypt }, | ||
4121 | { "encrypt", &pk_encrypt }, | ||
4004 | { "sign", &pk_sign }, | 4122 | { "sign", &pk_sign }, |
4005 | { "verify", &pk_verify }, | 4123 | { "verify", &pk_verify }, |
4006 | { "getDefaultDigestName", &pk_getDefaultDigestName }, | 4124 | { "getDefaultDigestName", &pk_getDefaultDigestName }, |
@@ -4039,10 +4157,21 @@ static void pk_luainit(lua_State *L, _Bool reset) { | |||
4039 | lua_pop(L, 2); | 4157 | lua_pop(L, 2); |
4040 | } /* pk_luainit() */ | 4158 | } /* pk_luainit() */ |
4041 | 4159 | ||
4160 | static const auxL_IntegerReg pk_rsa_pad_opts[] = { | ||
4161 | { "RSA_PKCS1_PADDING", RSA_PKCS1_PADDING }, // PKCS#1 padding | ||
4162 | { "RSA_SSLV23_PADDING", RSA_SSLV23_PADDING }, // SSLv23 padding | ||
4163 | { "RSA_NO_PADDING", RSA_NO_PADDING }, // no padding | ||
4164 | { "RSA_PKCS1_OAEP_PADDING", RSA_PKCS1_OAEP_PADDING }, // OAEP padding (encrypt and decrypt only) | ||
4165 | { "RSA_X931_PADDING", RSA_X931_PADDING }, // (signature operations only) | ||
4166 | { "RSA_PKCS1_PSS_PADDING", RSA_PKCS1_PSS_PADDING }, // (sign and verify only) | ||
4167 | { NULL, 0 }, | ||
4168 | }; | ||
4169 | |||
4042 | int luaopen__openssl_pkey(lua_State *L) { | 4170 | int luaopen__openssl_pkey(lua_State *L) { |
4043 | initall(L); | 4171 | initall(L); |
4044 | 4172 | ||
4045 | auxL_newlib(L, pk_globals, 0); | 4173 | auxL_newlib(L, pk_globals, 0); |
4174 | auxL_setintegers(L, pk_rsa_pad_opts); | ||
4046 | 4175 | ||
4047 | return 1; | 4176 | return 1; |
4048 | } /* luaopen__openssl_pkey() */ | 4177 | } /* luaopen__openssl_pkey() */ |