summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorWilliam Ahern <william@25thandclement.com>2016-11-23 18:23:27 -0800
committerWilliam Ahern <william@25thandclement.com>2016-11-23 18:23:27 -0800
commit1e71520fd53ff8735707e2f9c91b4551d6c9a88e (patch)
treeaac9aca1c7ff561a8d7ed4291975551ba3f504a8
parentc0febd5bcc823b6df11d39af65297fe24c49163a (diff)
parent8327753dd8f85e2a971e778389f974614146e12d (diff)
downloadluaossl-1e71520fd53ff8735707e2f9c91b4551d6c9a88e.tar.gz
luaossl-1e71520fd53ff8735707e2f9c91b4551d6c9a88e.tar.bz2
luaossl-1e71520fd53ff8735707e2f9c91b4551d6c9a88e.zip
Merge branch '58-pkey-encrypt+decrypt' of https://github.com/daurnimator/luaossl into daurnimator-58-pkey-encrypt+decrypt
-rw-r--r--src/openssl.c129
1 files changed, 129 insertions, 0 deletions
diff --git a/src/openssl.c b/src/openssl.c
index c33d934..8cf79c0 100644
--- a/src/openssl.c
+++ b/src/openssl.c
@@ -3282,6 +3282,122 @@ static int pk_setPrivateKey(lua_State *L) {
3282} /* pk_setPrivateKey() */ 3282} /* pk_setPrivateKey() */
3283 3283
3284 3284
3285static int pk_decrypt(lua_State *L) {
3286 size_t outlen, inlen;
3287 EVP_PKEY *key = checksimple(L, 1, PKEY_CLASS);
3288 EVP_PKEY_CTX *ctx;
3289 const char *str = luaL_checklstring(L, 2, &inlen);
3290 BIO *bio;
3291 BUF_MEM *buf;
3292 int rsaPadding = RSA_PKCS1_PADDING; /* default for `openssl rsautl` */
3293 int base_type = EVP_PKEY_base_id(key);
3294
3295 if (lua_istable(L, 3)) {
3296 if (base_type == EVP_PKEY_RSA) {
3297 lua_getfield(L, 3, "rsaPadding");
3298 rsaPadding = luaL_optint(L, -1, rsaPadding);
3299 lua_pop(L, 1);
3300 }
3301 }
3302
3303 bio = getbio(L);
3304 BIO_get_mem_ptr(bio, &buf);
3305
3306 if (!(ctx = EVP_PKEY_CTX_new(key, NULL)))
3307 goto sslerr;
3308
3309 if (EVP_PKEY_decrypt_init(ctx) <= 0)
3310 goto sslerr;
3311
3312 if (base_type == EVP_PKEY_RSA && !EVP_PKEY_CTX_set_rsa_padding(ctx, rsaPadding))
3313 goto sslerr;
3314
3315 if (EVP_PKEY_decrypt(ctx, NULL, &outlen, str, inlen) <= 0)
3316 goto sslerr;
3317
3318 if (!BUF_MEM_grow_clean(buf, outlen))
3319 goto sslerr;
3320
3321 if (EVP_PKEY_decrypt(ctx, buf->data, &outlen, str, inlen) <= 0)
3322 goto sslerr;
3323
3324 EVP_PKEY_CTX_free(ctx);
3325 ctx = NULL;
3326
3327 lua_pushlstring(L, buf->data, outlen);
3328
3329 BIO_reset(*bio);
3330
3331 return 1;
3332sslerr:
3333 if (ctx) {
3334 EVP_PKEY_CTX_free(ctx);
3335 ctx = NULL;
3336 }
3337 BIO_reset(*bio);
3338
3339 return auxL_error(L, auxL_EOPENSSL, "pkey:decrypt");
3340} /* pk_decrypt() */
3341
3342
3343static int pk_encrypt(lua_State *L) {
3344 size_t outlen, inlen;
3345 EVP_PKEY *key = checksimple(L, 1, PKEY_CLASS);
3346 EVP_PKEY_CTX *ctx;
3347 const char *str = luaL_checklstring(L, 2, &inlen);
3348 BIO *bio;
3349 BUF_MEM *buf;
3350 int rsaPadding = RSA_PKCS1_PADDING; /* default for `openssl rsautl` */
3351 int base_type = EVP_PKEY_base_id(key);
3352
3353 if (lua_istable(L, 3)) {
3354 if (base_type == EVP_PKEY_RSA) {
3355 lua_getfield(L, 3, "rsaPadding");
3356 rsaPadding = luaL_optint(L, -1, rsaPadding);
3357 lua_pop(L, 1);
3358 }
3359 }
3360
3361 bio = getbio(L);
3362 BIO_get_mem_ptr(bio, &buf);
3363
3364 if (!(ctx = EVP_PKEY_CTX_new(key, NULL)))
3365 goto sslerr;
3366
3367 if (EVP_PKEY_encrypt_init(ctx) <= 0)
3368 goto sslerr;
3369
3370 if (base_type == EVP_PKEY_RSA && !EVP_PKEY_CTX_set_rsa_padding(ctx, rsaPadding))
3371 goto sslerr;
3372
3373 if (EVP_PKEY_encrypt(ctx, NULL, &outlen, str, inlen) <= 0)
3374 goto sslerr;
3375
3376 if (!BUF_MEM_grow_clean(buf, outlen))
3377 goto sslerr;
3378
3379 if (EVP_PKEY_encrypt(ctx, buf->data, &outlen, str, inlen) <= 0)
3380 goto sslerr;
3381
3382 EVP_PKEY_CTX_free(ctx);
3383 ctx = NULL;
3384
3385 lua_pushlstring(L, buf->data, outlen);
3386
3387 BIO_reset(*bio);
3388
3389 return 1;
3390sslerr:
3391 if (ctx) {
3392 EVP_PKEY_CTX_free(ctx);
3393 ctx = NULL;
3394 }
3395 BIO_reset(*bio);
3396
3397 return auxL_error(L, auxL_EOPENSSL, "pkey:encrypt");
3398} /* pk_encrypt() */
3399
3400
3285static int pk_sign(lua_State *L) { 3401static int pk_sign(lua_State *L) {
3286 EVP_PKEY *key = checksimple(L, 1, PKEY_CLASS); 3402 EVP_PKEY *key = checksimple(L, 1, PKEY_CLASS);
3287 EVP_MD_CTX *md = checksimple(L, 2, DIGEST_CLASS); 3403 EVP_MD_CTX *md = checksimple(L, 2, DIGEST_CLASS);
@@ -4001,6 +4117,8 @@ static const auxL_Reg pk_methods[] = {
4001 { "type", &pk_type }, 4117 { "type", &pk_type },
4002 { "setPublicKey", &pk_setPublicKey }, 4118 { "setPublicKey", &pk_setPublicKey },
4003 { "setPrivateKey", &pk_setPrivateKey }, 4119 { "setPrivateKey", &pk_setPrivateKey },
4120 { "decrypt", &pk_decrypt },
4121 { "encrypt", &pk_encrypt },
4004 { "sign", &pk_sign }, 4122 { "sign", &pk_sign },
4005 { "verify", &pk_verify }, 4123 { "verify", &pk_verify },
4006 { "getDefaultDigestName", &pk_getDefaultDigestName }, 4124 { "getDefaultDigestName", &pk_getDefaultDigestName },
@@ -4039,10 +4157,21 @@ static void pk_luainit(lua_State *L, _Bool reset) {
4039 lua_pop(L, 2); 4157 lua_pop(L, 2);
4040} /* pk_luainit() */ 4158} /* pk_luainit() */
4041 4159
4160static const auxL_IntegerReg pk_rsa_pad_opts[] = {
4161 { "RSA_PKCS1_PADDING", RSA_PKCS1_PADDING }, // PKCS#1 padding
4162 { "RSA_SSLV23_PADDING", RSA_SSLV23_PADDING }, // SSLv23 padding
4163 { "RSA_NO_PADDING", RSA_NO_PADDING }, // no padding
4164 { "RSA_PKCS1_OAEP_PADDING", RSA_PKCS1_OAEP_PADDING }, // OAEP padding (encrypt and decrypt only)
4165 { "RSA_X931_PADDING", RSA_X931_PADDING }, // (signature operations only)
4166 { "RSA_PKCS1_PSS_PADDING", RSA_PKCS1_PSS_PADDING }, // (sign and verify only)
4167 { NULL, 0 },
4168};
4169
4042int luaopen__openssl_pkey(lua_State *L) { 4170int luaopen__openssl_pkey(lua_State *L) {
4043 initall(L); 4171 initall(L);
4044 4172
4045 auxL_newlib(L, pk_globals, 0); 4173 auxL_newlib(L, pk_globals, 0);
4174 auxL_setintegers(L, pk_rsa_pad_opts);
4046 4175
4047 return 1; 4176 return 1;
4048} /* luaopen__openssl_pkey() */ 4177} /* luaopen__openssl_pkey() */