diff options
| author | William Ahern <william@server.local> | 2012-10-08 22:57:53 -0700 |
|---|---|---|
| committer | William Ahern <william@server.local> | 2012-10-08 22:57:53 -0700 |
| commit | 2248a54bd21498c95447584cd764193090dd8209 (patch) | |
| tree | d70ffbd29bb1ad9ffae68ccbffaa70c2b968843f | |
| parent | 175b7db5f19623158f74f068f1a6d67f59bbc533 (diff) | |
| download | luaossl-2248a54bd21498c95447584cd764193090dd8209.tar.gz luaossl-2248a54bd21498c95447584cd764193090dd8209.tar.bz2 luaossl-2248a54bd21498c95447584cd764193090dd8209.zip | |
-n
add signing
| -rw-r--r-- | openssl.c | 81 |
1 files changed, 77 insertions, 4 deletions
| @@ -1886,7 +1886,7 @@ static int xc_setLifetime(lua_State *L) { | |||
| 1886 | static int xc_getIssuer(lua_State *L) { | 1886 | static int xc_getIssuer(lua_State *L) { |
| 1887 | X509 *crt = checksimple(L, 1, X509_CERT_CLASS); | 1887 | X509 *crt = checksimple(L, 1, X509_CERT_CLASS); |
| 1888 | X509_NAME *name; | 1888 | X509_NAME *name; |
| 1889 | 1889 | ||
| 1890 | if ((name = X509_get_issuer_name(crt))) | 1890 | if ((name = X509_get_issuer_name(crt))) |
| 1891 | xn_dup(L, name); | 1891 | xn_dup(L, name); |
| 1892 | 1892 | ||
| @@ -1912,7 +1912,7 @@ static int xc_setIssuer(lua_State *L) { | |||
| 1912 | static int xc_getSubject(lua_State *L) { | 1912 | static int xc_getSubject(lua_State *L) { |
| 1913 | X509 *crt = checksimple(L, 1, X509_CERT_CLASS); | 1913 | X509 *crt = checksimple(L, 1, X509_CERT_CLASS); |
| 1914 | X509_NAME *name; | 1914 | X509_NAME *name; |
| 1915 | 1915 | ||
| 1916 | if ((name = X509_get_subject_name(crt))) | 1916 | if ((name = X509_get_subject_name(crt))) |
| 1917 | xn_dup(L, name); | 1917 | xn_dup(L, name); |
| 1918 | 1918 | ||
| @@ -2226,6 +2226,38 @@ static int xc_setPublicKey(lua_State *L) { | |||
| 2226 | } /* xc_setPublicKey() */ | 2226 | } /* xc_setPublicKey() */ |
| 2227 | 2227 | ||
| 2228 | 2228 | ||
| 2229 | static const EVP_MD *xc_signature(lua_State *L, int index, EVP_PKEY *key) { | ||
| 2230 | const char *id; | ||
| 2231 | const EVP_MD *md; | ||
| 2232 | |||
| 2233 | if ((id = luaL_optstring(L, index, NULL))) | ||
| 2234 | return ((md = EVP_get_digestbyname(id)))? md : EVP_md_null(); | ||
| 2235 | |||
| 2236 | switch (EVP_PKEY_type(key->type)) { | ||
| 2237 | case EVP_PKEY_RSA: | ||
| 2238 | return EVP_sha1(); | ||
| 2239 | case EVP_PKEY_DSA: | ||
| 2240 | return EVP_dss1(); | ||
| 2241 | case EVP_PKEY_EC: | ||
| 2242 | return EVP_ecdsa(); | ||
| 2243 | default: | ||
| 2244 | return EVP_md_null(); | ||
| 2245 | } | ||
| 2246 | } /* xc_signature() */ | ||
| 2247 | |||
| 2248 | static int xc_sign(lua_State *L) { | ||
| 2249 | X509 *crt = checksimple(L, 1, X509_CERT_CLASS); | ||
| 2250 | EVP_PKEY *key = checksimple(L, 2, PUBKEY_CLASS); | ||
| 2251 | |||
| 2252 | if (!X509_sign(crt, key, xc_signature(L, 3, key))) | ||
| 2253 | return throwssl(L, "x509.cert:sign"); | ||
| 2254 | |||
| 2255 | lua_pushboolean(L, 1); | ||
| 2256 | |||
| 2257 | return 1; | ||
| 2258 | } /* xc_sign() */ | ||
| 2259 | |||
| 2260 | |||
| 2229 | static int xc__tostring(lua_State *L) { | 2261 | static int xc__tostring(lua_State *L) { |
| 2230 | X509 *crt = checksimple(L, 1, X509_CERT_CLASS); | 2262 | X509 *crt = checksimple(L, 1, X509_CERT_CLASS); |
| 2231 | int fmt = checkoption(L, 2, "pem", (const char *[]){ "pem", 0 }); | 2263 | int fmt = checkoption(L, 2, "pem", (const char *[]){ "pem", 0 }); |
| @@ -2280,8 +2312,9 @@ static const luaL_Reg xc_methods[] = { | |||
| 2280 | { "setBasicConstraint", &xc_setBasicConstraint }, | 2312 | { "setBasicConstraint", &xc_setBasicConstraint }, |
| 2281 | { "getBasicConstraintsCritical", &xc_getBasicConstraintsCritical }, | 2313 | { "getBasicConstraintsCritical", &xc_getBasicConstraintsCritical }, |
| 2282 | { "setBasicConstraintsCritical", &xc_setBasicConstraintsCritical }, | 2314 | { "setBasicConstraintsCritical", &xc_setBasicConstraintsCritical }, |
| 2283 | { "getPublicKey", &xc_getPublicKey }, | 2315 | { "getPublicKey", &xc_getPublicKey }, |
| 2284 | { "setPublicKey", &xc_setPublicKey }, | 2316 | { "setPublicKey", &xc_setPublicKey }, |
| 2317 | { "sign", &xc_sign }, | ||
| 2285 | { NULL, NULL }, | 2318 | { NULL, NULL }, |
| 2286 | }; | 2319 | }; |
| 2287 | 2320 | ||
| @@ -2374,6 +2407,19 @@ static int xr_setVersion(lua_State *L) { | |||
| 2374 | } /* xr_setVersion() */ | 2407 | } /* xr_setVersion() */ |
| 2375 | 2408 | ||
| 2376 | 2409 | ||
| 2410 | static int xr_getSubjectName(lua_State *L) { | ||
| 2411 | X509_REQ *crt = checksimple(L, 1, X509_CSR_CLASS); | ||
| 2412 | X509_NAME *name; | ||
| 2413 | |||
| 2414 | if ((name = X509_REQ_get_subject_name(crt))) | ||
| 2415 | xn_dup(L, name); | ||
| 2416 | |||
| 2417 | lua_pushboolean(L, 1); | ||
| 2418 | |||
| 2419 | return 1; | ||
| 2420 | } /* xr_getSubjectName() */ | ||
| 2421 | |||
| 2422 | |||
| 2377 | static int xr_setSubjectName(lua_State *L) { | 2423 | static int xr_setSubjectName(lua_State *L) { |
| 2378 | X509_REQ *csr = checksimple(L, 1, X509_CSR_CLASS); | 2424 | X509_REQ *csr = checksimple(L, 1, X509_CSR_CLASS); |
| 2379 | X509_NAME *name = checksimple(L, 2, X509_NAME_CLASS); | 2425 | X509_NAME *name = checksimple(L, 2, X509_NAME_CLASS); |
| @@ -2387,6 +2433,17 @@ static int xr_setSubjectName(lua_State *L) { | |||
| 2387 | } /* xr_setSubjectName() */ | 2433 | } /* xr_setSubjectName() */ |
| 2388 | 2434 | ||
| 2389 | 2435 | ||
| 2436 | static int xr_getPublicKey(lua_State *L) { | ||
| 2437 | X509_REQ *csr = checksimple(L, 1, X509_CSR_CLASS); | ||
| 2438 | EVP_PKEY **key = prepsimple(L, PUBKEY_CLASS); | ||
| 2439 | |||
| 2440 | if (!(*key = X509_REQ_get_pubkey(csr))) | ||
| 2441 | return throwssl(L, "x509.cert:getPublicKey"); | ||
| 2442 | |||
| 2443 | return 1; | ||
| 2444 | } /* xr_getPublicKey() */ | ||
| 2445 | |||
| 2446 | |||
| 2390 | static int xr_setPublicKey(lua_State *L) { | 2447 | static int xr_setPublicKey(lua_State *L) { |
| 2391 | X509_REQ *csr = checksimple(L, 1, X509_CSR_CLASS); | 2448 | X509_REQ *csr = checksimple(L, 1, X509_CSR_CLASS); |
| 2392 | EVP_PKEY *key = checksimple(L, 2, PUBKEY_CLASS); | 2449 | EVP_PKEY *key = checksimple(L, 2, PUBKEY_CLASS); |
| @@ -2400,6 +2457,19 @@ static int xr_setPublicKey(lua_State *L) { | |||
| 2400 | } /* xr_setPublicKey() */ | 2457 | } /* xr_setPublicKey() */ |
| 2401 | 2458 | ||
| 2402 | 2459 | ||
| 2460 | static int xr_sign(lua_State *L) { | ||
| 2461 | X509_REQ *csr = checksimple(L, 1, X509_CSR_CLASS); | ||
| 2462 | EVP_PKEY *key = checksimple(L, 2, PUBKEY_CLASS); | ||
| 2463 | |||
| 2464 | if (!X509_REQ_sign(csr, key, xc_signature(L, 3, key))) | ||
| 2465 | return throwssl(L, "x509.csr:sign"); | ||
| 2466 | |||
| 2467 | lua_pushboolean(L, 1); | ||
| 2468 | |||
| 2469 | return 1; | ||
| 2470 | } /* xr_sign() */ | ||
| 2471 | |||
| 2472 | |||
| 2403 | static int xr__tostring(lua_State *L) { | 2473 | static int xr__tostring(lua_State *L) { |
| 2404 | X509_REQ *csr = checksimple(L, 1, X509_CSR_CLASS); | 2474 | X509_REQ *csr = checksimple(L, 1, X509_CSR_CLASS); |
| 2405 | int fmt = checkoption(L, 2, "pem", (const char *[]){ "pem", 0 }); | 2475 | int fmt = checkoption(L, 2, "pem", (const char *[]){ "pem", 0 }); |
| @@ -2430,8 +2500,11 @@ static int xr__gc(lua_State *L) { | |||
| 2430 | static const luaL_Reg xr_methods[] = { | 2500 | static const luaL_Reg xr_methods[] = { |
| 2431 | { "getVersion", &xr_getVersion }, | 2501 | { "getVersion", &xr_getVersion }, |
| 2432 | { "setVersion", &xr_setVersion }, | 2502 | { "setVersion", &xr_setVersion }, |
| 2503 | { "getSubjectName", &xr_getSubjectName }, | ||
| 2433 | { "setSubjectName", &xr_setSubjectName }, | 2504 | { "setSubjectName", &xr_setSubjectName }, |
| 2505 | { "getPublicKey", &xr_getPublicKey }, | ||
| 2434 | { "setPublicKey", &xr_setPublicKey }, | 2506 | { "setPublicKey", &xr_setPublicKey }, |
| 2507 | { "sign", &xr_sign }, | ||
| 2435 | { NULL, NULL }, | 2508 | { NULL, NULL }, |
| 2436 | }; | 2509 | }; |
| 2437 | 2510 | ||