-n

push lots more ssl work
author: William Ahern <william@server.local> 2012-10-02 20:24:26 -0700
committer: William Ahern <william@server.local> 2012-10-02 20:24:26 -0700
commit: 29ce5454955f7d7bf4c80599b9ab42e4aab0e979 (patch)
tree: 1cc6c8dbdd6730960c0ecfdd581f9cde0f1686cc
parent: ee1f51dd7a1aaa12e0857a698ac99a5d55c897f0 (diff)
download: luaossl-29ce5454955f7d7bf4c80599b9ab42e4aab0e979.tar.gz
luaossl-29ce5454955f7d7bf4c80599b9ab42e4aab0e979.tar.bz2
luaossl-29ce5454955f7d7bf4c80599b9ab42e4aab0e979.zip
2 files changed, 237 insertions, 38 deletions
diff --git a/Makefile b/Makefile
index a7f829b..481174e 100644
--- a/Makefile
+++ b/Makefile
@@ -36,6 +36,13 @@ openssl.o: openssl.c
        $(CC) $(CFLAGS) $(CPPFLAGS) -c -o $@ $<
+install: $(lua52cpath)/_openssl.so
+$(lua52cpath)/_openssl.so: openssl.so
+        mkdir -p $(@D)
+        cp -p $< $@
 .PHONY: clean clean~
 clean:
diff --git a/openssl.c b/openssl.c
index 2c4c032..34b0ca8 100644
--- a/openssl.c
+++ b/openssl.c
@@ -33,9 +33,11 @@
 #include <openssl/err.h>
 #include <openssl/bn.h>
+#include <openssl/asn1.h>
 #include <openssl/x509.h>
 #include <openssl/x509v3.h>
 #include <openssl/evp.h>
+#include <openssl/pem.h>
 #include <lua.h>
 #include <lualib.h>
@@ -113,6 +115,9 @@ static void addclass(lua_State *L, const char *name, const luaL_Reg *methods, co
 } /* addclass() */
+static void initall(lua_State *L);
 /*
 * BIGNUM - openssl.bignum
 *
@@ -455,7 +460,7 @@ static int bn__gc(lua_State *L) {
 static int bn__tostring(lua_State *L) {
-        BIGNUM *bn = checksimple(L, 1, X509_NAME_CLASS);
+        BIGNUM *bn = checksimple(L, 1, BIGNUM_CLASS);
        char *txt;
        if (!(txt = BN_bn2dec(bn)))
@@ -494,13 +499,13 @@ static const luaL_Reg bn_globals[] = {
        { NULL,        NULL },
 };
-int luaopen__openssl_bignum_open(lua_State *L) {
+int luaopen__openssl_bignum(lua_State *L) {
-        addclass(L, BIGNUM_CLASS, bn_methods, bn_metatable);
+        initall(L);
        luaL_newlib(L, bn_globals);
        return 1;
-} /* luaopen__openssl_bignum_open() */
+} /* luaopen__openssl_bignum() */
 /*
@@ -535,16 +540,20 @@ static int xn_interpose(lua_State *L) {
 static int xn_add(lua_State *L) {
        X509_NAME *name = checksimple(L, 1, X509_NAME_CLASS);
-        int nid;
+        const char *nid = luaL_checkstring(L, 2);
-        const char *txt;
        size_t len;
+        const char *txt = luaL_checklstring(L, 3, &len);
+        ASN1_OBJECT *obj;
+        int ok;
-        if (NID_undef == (nid = OBJ_txt2nid(luaL_checkstring(L, 2))))
+        if (!(obj = OBJ_txt2obj(nid, 0)))
-                return luaL_error(L, "x509.name:add: %s: invalid NID", luaL_checkstring(L, 2));
+                return luaL_error(L, "x509.name:add: %s: invalid NID", nid);
-        txt = luaL_checklstring(L, 3, &len);
+        ok = !!X509_NAME_add_entry_by_OBJ(name, obj, MBSTRING_ASC, (unsigned char *)txt, len, -1, 0);
-        if (!(X509_NAME_add_entry_by_NID(name, nid, MBSTRING_ASC, (unsigned char *)txt, len, -1, 0)))
+        ASN1_OBJECT_free(obj);
+        if (!ok)
                return throwssl(L, "x509.name:add");
        lua_pushboolean(L, 1);
@@ -553,6 +562,57 @@ static int xn_add(lua_State *L) {
 } /* xn_add() */
+static int xn_all(lua_State *L) {
+        X509_NAME *name = checksimple(L, 1, X509_NAME_CLASS);
+        int count = X509_NAME_entry_count(name);
+        X509_NAME_ENTRY *entry;
+        ASN1_OBJECT *obj;
+        const char *id;
+        char txt[256];
+        int nid, len;
+        lua_newtable(L);
+        for (int i = 0; i < count; i++) {
+                if (!(entry = X509_NAME_get_entry(name, i)))
+                        continue;
+                lua_newtable(L);
+                obj = X509_NAME_ENTRY_get_object(entry);
+                nid = OBJ_obj2nid(obj);
+                if (0 > (len = OBJ_obj2txt(txt, sizeof txt, obj, 1)))
+                        return throwssl(L, "x509.name:all");
+                lua_pushlstring(L, txt, len);
+                if (nid != NID_undef && ((id = OBJ_nid2ln(nid)) || (id = OBJ_nid2sn(nid))))
+                        lua_pushstring(L, id);
+                else
+                        lua_pushvalue(L, -1);
+                if (nid != NID_undef && (id = OBJ_nid2sn(nid)))
+                        lua_pushstring(L, id);
+                else
+                        lua_pushvalue(L, -1);
+                lua_setfield(L, -4, "sn");
+                lua_setfield(L, -3, "ln");
+                lua_setfield(L, -2, "id");
+                len = ASN1_STRING_length(X509_NAME_ENTRY_get_data(entry));
+                lua_pushlstring(L, (char *)ASN1_STRING_data(X509_NAME_ENTRY_get_data(entry)), len);
+                lua_setfield(L, -2, "blob");
+                lua_rawseti(L, -2, i + 1);
+        }
+        return 1;
+} /* xn_all() */
 static int xn__gc(lua_State *L) {
        X509_NAME **ud = luaL_checkudata(L, 1, X509_NAME_CLASS);
@@ -578,6 +638,7 @@ static int xn__tostring(lua_State *L) {
 static const luaL_Reg xn_methods[] = {
        { "add", &xn_add },
+        { "all", &xn_all },
        { NULL,  NULL },
 };
@@ -594,28 +655,49 @@ static const luaL_Reg xn_globals[] = {
        { NULL,        NULL },
 };
-int luaopen__openssl_x509_name_open(lua_State *L) {
+int luaopen__openssl_x509_name(lua_State *L) {
-        addclass(L, X509_NAME_CLASS, xn_methods, xn_metatable);
+        initall(L);
        luaL_newlib(L, xn_globals);
        return 1;
-} /* luaopen__openssl_x509_name_open() */
+} /* luaopen__openssl_x509_name() */
 /*
- * X509_NAME - openssl.x509.name
+ * X509 - openssl.x509.cert
 *
 * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
 static int xc_new(lua_State *L) {
-        X509 **ud = prepsimple(L, X509_CERT_CLASS);
+        const char *pem;
+        size_t len;
+        X509 **ud;
+        lua_settop(L, 1);
+        ud = prepsimple(L, X509_CERT_CLASS);
+        if ((pem = luaL_optlstring(L, 1, NULL, &len))) {
+                BIO *tmp;
+                int ok;
+                if (!(tmp = BIO_new_mem_buf((char *)pem, len)))
+                        return throwssl(L, "x509.cert.new");
+                ok = !!PEM_read_bio_X509(tmp, ud, 0, ""); /* no password */
+                BIO_free(tmp);
-        if (!(*ud = X509_new()))
+                if (!ok)
-                return throwssl(L, "x509.cert.new");
+                        return throwssl(L, "x509.cert.new");
+        } else {
+                if (!(*ud = X509_new()))
+                        return throwssl(L, "x509.cert.new");
-        X509_gmtime_adj(X509_get_notBefore(*ud), 0);
+                X509_gmtime_adj(X509_get_notBefore(*ud), 0);
-        X509_gmtime_adj(X509_get_notAfter(*ud), 0);
+                X509_gmtime_adj(X509_get_notAfter(*ud), 0);
+        }
        return 1;
 } /* xc_new() */
@@ -648,21 +730,21 @@ static int xc_setVersion(lua_State *L) {
 } /* xc_setVersion() */
-static int xc_getSerialNumber(lua_State *L) {
+static int xc_getSerial(lua_State *L) {
        X509 *crt = checksimple(L, 1, X509_CERT_CLASS);
        BIGNUM *serial = bn_push(L);
        ASN1_INTEGER *i;
        if ((i = X509_get_serialNumber(crt))) {
                if (!ASN1_INTEGER_to_BN(i, serial))
-                        return throwssl(L, "x509.cert:getSerialNumber");
+                        return throwssl(L, "x509.cert:getSerial");
        }
        return 1;
-} /* xc_getSerialNumber() */
+} /* xc_getSerial() */
-static int xc_setSerialNumber(lua_State *L) {
+static int xc_setSerial(lua_State *L) {
        X509 *crt = checksimple(L, 1, X509_CERT_CLASS);
        ASN1_INTEGER *serial;
@@ -680,8 +762,8 @@ static int xc_setSerialNumber(lua_State *L) {
 error:
        ASN1_INTEGER_free(serial);
-        return throwssl(L, "x509.cert:setSerialNumber");
+        return throwssl(L, "x509.cert:setSerial");
-} /* xc_setSerialNumber() */
+} /* xc_setSerial() */
 static int xc_digest(lua_State *L) {
@@ -893,20 +975,114 @@ static int xc_getLifetime(lua_State *L) {
 } /* xc_getLifetime() */
-static int xc_issuer(lua_State *L) {
+static int xc_setLifetime(lua_State *L) {
+        X509 *crt = checksimple(L, 1, X509_CERT_CLASS);
+        ASN1_TIME *time;
+        double ut;
+        const char *dt;
+        lua_settop(L, 3);
+        if (lua_isnumber(L, 2)) {
+                ut = lua_tonumber(L, 2);
+                if (!ASN1_TIME_set(X509_get_notBefore(crt), ut))
+                        return throwssl(L, "x509.cert:setLifetime");
+#if 0
+        } else if ((dt = luaL_optstring(L, 2, 0))) {
+                if (!ASN1_TIME_set_string(X509_get_notBefore(crt), dt))
+                        return throwssl(L, "x509.cert:setLifetime");
+#endif
+        }
+        if (lua_isnumber(L, 3)) {
+                ut = lua_tonumber(L, 3);
+                if (!ASN1_TIME_set(X509_get_notAfter(crt), ut))
+                        return throwssl(L, "x509.cert:setLifetime");
+#if 0
+        } else if ((dt = luaL_optstring(L, 3, 0))) {
+                if (!ASN1_TIME_set_string(X509_get_notAfter(crt), dt))
+                        return throwssl(L, "x509.cert:setLifetime");
+#endif
+        }
+        lua_pushboolean(L, 1);
+        return 1;
+} /* xc_setLifetime() */
+static int xc_getIssuer(lua_State *L) {
        X509 *crt = checksimple(L, 1, X509_CERT_CLASS);
        X509_NAME *name;
        
-        lua_settop(L, 2);
        if ((name = X509_get_issuer_name(crt)))
                xn_dup(L, name);
-        if (!lua_isnil(L, 2))
+        return !!name;
-                X509_set_issuer_name(crt, checksimple(L, 2, X509_NAME_CLASS));
+} /* xc_getIssuer() */
+static int xc_setIssuer(lua_State *L) {
+        X509 *crt = checksimple(L, 1, X509_CERT_CLASS);
+        X509_NAME *name = checksimple(L, 2, X509_NAME_CLASS);
+        if (!X509_set_issuer_name(crt, name))
+                return throwssl(L, "x509.cert:setIssuer");
+        return !!name;
+} /* xc_setIssuer() */
+static int xc_getSubject(lua_State *L) {
+        X509 *crt = checksimple(L, 1, X509_CERT_CLASS);
+        X509_NAME *name;
+        
+        if ((name = X509_get_subject_name(crt)))
+                xn_dup(L, name);
+        return !!name;
+} /* xc_getSubject() */
+static int xc_setSubject(lua_State *L) {
+        X509 *crt = checksimple(L, 1, X509_CERT_CLASS);
+        X509_NAME *name = checksimple(L, 2, X509_NAME_CLASS);
+        if (!X509_set_subject_name(crt, name))
+                return throwssl(L, "x509.cert:setSubject");
        return !!name;
-} /* xc_issuer() */
+} /* xc_setSubject() */
+static int xc__tostring(lua_State *L) {
+        X509 *crt = checksimple(L, 1, X509_CERT_CLASS);
+        int fmt = luaL_checkoption(L, 2, "pem", (const char *[]){ "pem", 0 });
+        BIO *tmp;
+        char *pem;
+        long len;
+        if (!(tmp = BIO_new(BIO_s_mem())))
+                return throwssl(L, "x509.cert:__tostring");
+        if (!PEM_write_bio_X509(tmp, crt)) {
+                BIO_free(tmp);
+                return throwssl(L, "x509.cert:__tostring");
+        }
+        len = BIO_get_mem_data(tmp, &pem);
+        /* FIXME: leaks on panic */
+        lua_pushlstring(L, pem, len);
+        BIO_free(tmp);
+        return 1;
+} /* xc__tostring() */
 static int xc__gc(lua_State *L) {
@@ -920,12 +1096,22 @@ static int xc__gc(lua_State *L) {
 static const luaL_Reg xc_methods[] = {
-        { "getVersion", &xc_getVersion },
+        { "getVersion",   &xc_getVersion },
-        { "setVersion", &xc_setVersion },
+        { "setVersion",   &xc_setVersion },
-        { NULL,      NULL },
+        { "getSerial",    &xc_getSerial },
+        { "setSerial",    &xc_setSerial },
+        { "digest",       &xc_digest },
+        { "getLifetime",  &xc_getLifetime },
+        { "setLifetime",  &xc_setLifetime },
+        { "getIssuer",    &xc_getIssuer },
+        { "setIssuer",    &xc_setIssuer },
+        { "getSubject",   &xc_getSubject },
+        { "setSubject",   &xc_setSubject },
+        { NULL,           NULL },
 };
 static const luaL_Reg xc_metatable[] = {
+        { "__tostring", &xc__tostring },
        { "__gc",       &xc__gc },
        { NULL,         NULL },
 };
@@ -937,17 +1123,23 @@ static const luaL_Reg xc_globals[] = {
        { NULL,        NULL },
 };
-int luaopen__openssl_x509_cert_open(lua_State *L) {
+int luaopen__openssl_x509_cert(lua_State *L) {
-        addclass(L, X509_CERT_CLASS, xc_methods, xc_metatable);
+        initall(L);
        luaL_newlib(L, xc_globals);
        return 1;
-} /* luaopen__openssl_x509_cert_open() */
+} /* luaopen__openssl_x509_cert() */
+static void initall(lua_State *L) {
+        ERR_load_crypto_strings();
+        OpenSSL_add_all_algorithms();
+        addclass(L, BIGNUM_CLASS, bn_methods, bn_metatable);
+        addclass(L, X509_NAME_CLASS, xn_methods, xn_metatable);
+        addclass(L, X509_CERT_CLASS, xc_methods, xc_metatable);
+} /* initall() */
 #endif /* L_OPENSSL_H */
author	William Ahern <william@server.local>	2012-10-02 20:24:26 -0700
committer	William Ahern <william@server.local>	2012-10-02 20:24:26 -0700
commit	29ce5454955f7d7bf4c80599b9ab42e4aab0e979 (patch)
tree	1cc6c8dbdd6730960c0ecfdd581f9cde0f1686cc
parent	ee1f51dd7a1aaa12e0857a698ac99a5d55c897f0 (diff)
download	luaossl-29ce5454955f7d7bf4c80599b9ab42e4aab0e979.tar.gz luaossl-29ce5454955f7d7bf4c80599b9ab42e4aab0e979.tar.bz2 luaossl-29ce5454955f7d7bf4c80599b9ab42e4aab0e979.zip

diff --git a/Makefile b/Makefile index a7f829b..481174e 100644 --- a/Makefile +++ b/Makefile
@@ -36,6 +36,13 @@ openssl.o: openssl.c
36	$(CC) $(CFLAGS) $(CPPFLAGS) -c -o $@ $<	36	$(CC) $(CFLAGS) $(CPPFLAGS) -c -o $@ $<
37		37
38		38
		39	install: $(lua52cpath)/_openssl.so
		40
		41	$(lua52cpath)/_openssl.so: openssl.so
		42	mkdir -p $(@D)
		43	cp -p $< $@
		44
		45
39	.PHONY: clean clean~	46	.PHONY: clean clean~
40		47
41	clean:	48	clean:


diff --git a/openssl.c b/openssl.c index 2c4c032..34b0ca8 100644 --- a/openssl.c +++ b/openssl.c
@@ -33,9 +33,11 @@
33		33
34	#include <openssl/err.h>	34	#include <openssl/err.h>
35	#include <openssl/bn.h>	35	#include <openssl/bn.h>
		36	#include <openssl/asn1.h>
36	#include <openssl/x509.h>	37	#include <openssl/x509.h>
37	#include <openssl/x509v3.h>	38	#include <openssl/x509v3.h>
38	#include <openssl/evp.h>	39	#include <openssl/evp.h>
		40	#include <openssl/pem.h>
39		41
40	#include <lua.h>	42	#include <lua.h>
41	#include <lualib.h>	43	#include <lualib.h>
@@ -113,6 +115,9 @@ static void addclass(lua_State L, const char name, const luaL_Reg *methods, co
113	} /* addclass() */	115	} /* addclass() */
114		116
115		117
		118	static void initall(lua_State *L);
		119
		120
116	/*	121	/*
117	* BIGNUM - openssl.bignum	122	* BIGNUM - openssl.bignum
118	*	123	*
@@ -455,7 +460,7 @@ static int bn__gc(lua_State *L) {
455		460
456		461
457	static int bn__tostring(lua_State *L) {	462	static int bn__tostring(lua_State *L) {
458	BIGNUM *bn = checksimple(L, 1, X509_NAME_CLASS);	463	BIGNUM *bn = checksimple(L, 1, BIGNUM_CLASS);
459	char *txt;	464	char *txt;
460		465
461	if (!(txt = BN_bn2dec(bn)))	466	if (!(txt = BN_bn2dec(bn)))
@@ -494,13 +499,13 @@ static const luaL_Reg bn_globals[] = {
494	{ NULL, NULL },	499	{ NULL, NULL },
495	};	500	};
496		501
497	int luaopen__openssl_bignum_open(lua_State *L) {	502	int luaopen__openssl_bignum(lua_State *L) {
498	addclass(L, BIGNUM_CLASS, bn_methods, bn_metatable);	503	initall(L);
499		504
500	luaL_newlib(L, bn_globals);	505	luaL_newlib(L, bn_globals);
501		506
502	return 1;	507	return 1;
503	} /* luaopen__openssl_bignum_open() */	508	} /* luaopen__openssl_bignum() */
504		509
505		510
506	/*	511	/*
@@ -535,16 +540,20 @@ static int xn_interpose(lua_State *L) {
535		540
536	static int xn_add(lua_State *L) {	541	static int xn_add(lua_State *L) {
537	X509_NAME *name = checksimple(L, 1, X509_NAME_CLASS);	542	X509_NAME *name = checksimple(L, 1, X509_NAME_CLASS);
538	int nid;	543	const char *nid = luaL_checkstring(L, 2);
539	const char *txt;
540	size_t len;	544	size_t len;
		545	const char *txt = luaL_checklstring(L, 3, &len);
		546	ASN1_OBJECT *obj;
		547	int ok;
541		548
542	if (NID_undef == (nid = OBJ_txt2nid(luaL_checkstring(L, 2))))	549	if (!(obj = OBJ_txt2obj(nid, 0)))
543	return luaL_error(L, "x509.name:add: %s: invalid NID", luaL_checkstring(L, 2));	550	return luaL_error(L, "x509.name:add: %s: invalid NID", nid);
544		551
545	txt = luaL_checklstring(L, 3, &len);	552	ok = !!X509_NAME_add_entry_by_OBJ(name, obj, MBSTRING_ASC, (unsigned char *)txt, len, -1, 0);
546		553
547	if (!(X509_NAME_add_entry_by_NID(name, nid, MBSTRING_ASC, (unsigned char *)txt, len, -1, 0)))	554	ASN1_OBJECT_free(obj);
		555
		556	if (!ok)
548	return throwssl(L, "x509.name:add");	557	return throwssl(L, "x509.name:add");
549		558
550	lua_pushboolean(L, 1);	559	lua_pushboolean(L, 1);
@@ -553,6 +562,57 @@ static int xn_add(lua_State *L) {
553	} /* xn_add() */	562	} /* xn_add() */
554		563
555		564
		565	static int xn_all(lua_State *L) {
		566	X509_NAME *name = checksimple(L, 1, X509_NAME_CLASS);
		567	int count = X509_NAME_entry_count(name);
		568	X509_NAME_ENTRY *entry;
		569	ASN1_OBJECT *obj;
		570	const char *id;
		571	char txt[256];
		572	int nid, len;
		573
		574	lua_newtable(L);
		575
		576	for (int i = 0; i < count; i++) {
		577	if (!(entry = X509_NAME_get_entry(name, i)))
		578	continue;
		579
		580	lua_newtable(L);
		581
		582	obj = X509_NAME_ENTRY_get_object(entry);
		583	nid = OBJ_obj2nid(obj);
		584
		585	if (0 > (len = OBJ_obj2txt(txt, sizeof txt, obj, 1)))
		586	return throwssl(L, "x509.name:all");
		587
		588	lua_pushlstring(L, txt, len);
		589
		590	if (nid != NID_undef && ((id = OBJ_nid2ln(nid)) \|\| (id = OBJ_nid2sn(nid))))
		591	lua_pushstring(L, id);
		592	else
		593	lua_pushvalue(L, -1);
		594
		595	if (nid != NID_undef && (id = OBJ_nid2sn(nid)))
		596	lua_pushstring(L, id);
		597	else
		598	lua_pushvalue(L, -1);
		599
		600	lua_setfield(L, -4, "sn");
		601	lua_setfield(L, -3, "ln");
		602	lua_setfield(L, -2, "id");
		603
		604	len = ASN1_STRING_length(X509_NAME_ENTRY_get_data(entry));
		605	lua_pushlstring(L, (char *)ASN1_STRING_data(X509_NAME_ENTRY_get_data(entry)), len);
		606
		607	lua_setfield(L, -2, "blob");
		608
		609	lua_rawseti(L, -2, i + 1);
		610	}
		611
		612	return 1;
		613	} /* xn_all() */
		614
		615
556	static int xn__gc(lua_State *L) {	616	static int xn__gc(lua_State *L) {
557	X509_NAME **ud = luaL_checkudata(L, 1, X509_NAME_CLASS);	617	X509_NAME **ud = luaL_checkudata(L, 1, X509_NAME_CLASS);
558		618
@@ -578,6 +638,7 @@ static int xn__tostring(lua_State *L) {
578		638
579	static const luaL_Reg xn_methods[] = {	639	static const luaL_Reg xn_methods[] = {
580	{ "add", &xn_add },	640	{ "add", &xn_add },
		641	{ "all", &xn_all },
581	{ NULL, NULL },	642	{ NULL, NULL },
582	};	643	};
583		644
@@ -594,28 +655,49 @@ static const luaL_Reg xn_globals[] = {
594	{ NULL, NULL },	655	{ NULL, NULL },
595	};	656	};
596		657
597	int luaopen__openssl_x509_name_open(lua_State *L) {	658	int luaopen__openssl_x509_name(lua_State *L) {
598	addclass(L, X509_NAME_CLASS, xn_methods, xn_metatable);	659	initall(L);
599		660
600	luaL_newlib(L, xn_globals);	661	luaL_newlib(L, xn_globals);
601		662
602	return 1;	663	return 1;
603	} /* luaopen__openssl_x509_name_open() */	664	} /* luaopen__openssl_x509_name() */
604		665
605		666
606	/*	667	/*
607	* X509_NAME - openssl.x509.name	668	* X509 - openssl.x509.cert
608	*	669	*
609	* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */	670	* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
610		671
611	static int xc_new(lua_State *L) {	672	static int xc_new(lua_State *L) {
612	X509 **ud = prepsimple(L, X509_CERT_CLASS);	673	const char *pem;
		674	size_t len;
		675	X509 **ud;
		676
		677	lua_settop(L, 1);
		678
		679	ud = prepsimple(L, X509_CERT_CLASS);
		680
		681	if ((pem = luaL_optlstring(L, 1, NULL, &len))) {
		682	BIO *tmp;
		683	int ok;
		684
		685	if (!(tmp = BIO_new_mem_buf((char *)pem, len)))
		686	return throwssl(L, "x509.cert.new");
		687
		688	ok = !!PEM_read_bio_X509(tmp, ud, 0, ""); /* no password */
		689
		690	BIO_free(tmp);
613		691
614	if (!(*ud = X509_new()))	692	if (!ok)
615	return throwssl(L, "x509.cert.new");	693	return throwssl(L, "x509.cert.new");
		694	} else {
		695	if (!(*ud = X509_new()))
		696	return throwssl(L, "x509.cert.new");
616		697
617	X509_gmtime_adj(X509_get_notBefore(*ud), 0);	698	X509_gmtime_adj(X509_get_notBefore(*ud), 0);
618	X509_gmtime_adj(X509_get_notAfter(*ud), 0);	699	X509_gmtime_adj(X509_get_notAfter(*ud), 0);
		700	}
619		701
620	return 1;	702	return 1;
621	} /* xc_new() */	703	} /* xc_new() */
@@ -648,21 +730,21 @@ static int xc_setVersion(lua_State *L) {
648	} /* xc_setVersion() */	730	} /* xc_setVersion() */
649		731
650		732
651	static int xc_getSerialNumber(lua_State *L) {	733	static int xc_getSerial(lua_State *L) {
652	X509 *crt = checksimple(L, 1, X509_CERT_CLASS);	734	X509 *crt = checksimple(L, 1, X509_CERT_CLASS);
653	BIGNUM *serial = bn_push(L);	735	BIGNUM *serial = bn_push(L);
654	ASN1_INTEGER *i;	736	ASN1_INTEGER *i;
655		737
656	if ((i = X509_get_serialNumber(crt))) {	738	if ((i = X509_get_serialNumber(crt))) {
657	if (!ASN1_INTEGER_to_BN(i, serial))	739	if (!ASN1_INTEGER_to_BN(i, serial))
658	return throwssl(L, "x509.cert:getSerialNumber");	740	return throwssl(L, "x509.cert:getSerial");
659	}	741	}
660		742
661	return 1;	743	return 1;
662	} /* xc_getSerialNumber() */	744	} /* xc_getSerial() */
663		745
664		746
665	static int xc_setSerialNumber(lua_State *L) {	747	static int xc_setSerial(lua_State *L) {
666	X509 *crt = checksimple(L, 1, X509_CERT_CLASS);	748	X509 *crt = checksimple(L, 1, X509_CERT_CLASS);
667	ASN1_INTEGER *serial;	749	ASN1_INTEGER *serial;
668		750
@@ -680,8 +762,8 @@ static int xc_setSerialNumber(lua_State *L) {
680	error:	762	error:
681	ASN1_INTEGER_free(serial);	763	ASN1_INTEGER_free(serial);
682		764
683	return throwssl(L, "x509.cert:setSerialNumber");	765	return throwssl(L, "x509.cert:setSerial");
684	} /* xc_setSerialNumber() */	766	} /* xc_setSerial() */
685		767
686		768
687	static int xc_digest(lua_State *L) {	769	static int xc_digest(lua_State *L) {
@@ -893,20 +975,114 @@ static int xc_getLifetime(lua_State *L) {
893	} /* xc_getLifetime() */	975	} /* xc_getLifetime() */
894		976
895		977
896	static int xc_issuer(lua_State *L) {	978	static int xc_setLifetime(lua_State *L) {
		979	X509 *crt = checksimple(L, 1, X509_CERT_CLASS);
		980	ASN1_TIME *time;
		981	double ut;
		982	const char *dt;
		983
		984	lua_settop(L, 3);
		985
		986	if (lua_isnumber(L, 2)) {
		987	ut = lua_tonumber(L, 2);
		988
		989	if (!ASN1_TIME_set(X509_get_notBefore(crt), ut))
		990	return throwssl(L, "x509.cert:setLifetime");
		991	#if 0
		992	} else if ((dt = luaL_optstring(L, 2, 0))) {
		993	if (!ASN1_TIME_set_string(X509_get_notBefore(crt), dt))
		994	return throwssl(L, "x509.cert:setLifetime");
		995	#endif
		996	}
		997
		998	if (lua_isnumber(L, 3)) {
		999	ut = lua_tonumber(L, 3);
		1000
		1001	if (!ASN1_TIME_set(X509_get_notAfter(crt), ut))
		1002	return throwssl(L, "x509.cert:setLifetime");
		1003	#if 0
		1004	} else if ((dt = luaL_optstring(L, 3, 0))) {
		1005	if (!ASN1_TIME_set_string(X509_get_notAfter(crt), dt))
		1006	return throwssl(L, "x509.cert:setLifetime");
		1007	#endif
		1008	}
		1009
		1010	lua_pushboolean(L, 1);
		1011
		1012	return 1;
		1013	} /* xc_setLifetime() */
		1014
		1015
		1016	static int xc_getIssuer(lua_State *L) {
897	X509 *crt = checksimple(L, 1, X509_CERT_CLASS);	1017	X509 *crt = checksimple(L, 1, X509_CERT_CLASS);
898	X509_NAME *name;	1018	X509_NAME *name;
899		1019
900	lua_settop(L, 2);
901
902	if ((name = X509_get_issuer_name(crt)))	1020	if ((name = X509_get_issuer_name(crt)))
903	xn_dup(L, name);	1021	xn_dup(L, name);
904		1022
905	if (!lua_isnil(L, 2))	1023	return !!name;
906	X509_set_issuer_name(crt, checksimple(L, 2, X509_NAME_CLASS));	1024	} /* xc_getIssuer() */
		1025
		1026
		1027	static int xc_setIssuer(lua_State *L) {
		1028	X509 *crt = checksimple(L, 1, X509_CERT_CLASS);
		1029	X509_NAME *name = checksimple(L, 2, X509_NAME_CLASS);
		1030
		1031	if (!X509_set_issuer_name(crt, name))
		1032	return throwssl(L, "x509.cert:setIssuer");
		1033
		1034	return !!name;
		1035	} /* xc_setIssuer() */
		1036
		1037
		1038	static int xc_getSubject(lua_State *L) {
		1039	X509 *crt = checksimple(L, 1, X509_CERT_CLASS);
		1040	X509_NAME *name;
		1041
		1042	if ((name = X509_get_subject_name(crt)))
		1043	xn_dup(L, name);
		1044
		1045	return !!name;
		1046	} /* xc_getSubject() */
		1047
		1048
		1049	static int xc_setSubject(lua_State *L) {
		1050	X509 *crt = checksimple(L, 1, X509_CERT_CLASS);
		1051	X509_NAME *name = checksimple(L, 2, X509_NAME_CLASS);
		1052
		1053	if (!X509_set_subject_name(crt, name))
		1054	return throwssl(L, "x509.cert:setSubject");
907		1055
908	return !!name;	1056	return !!name;
909	} /* xc_issuer() */	1057	} /* xc_setSubject() */
		1058
		1059
		1060	static int xc__tostring(lua_State *L) {
		1061	X509 *crt = checksimple(L, 1, X509_CERT_CLASS);
		1062	int fmt = luaL_checkoption(L, 2, "pem", (const char *[]){ "pem", 0 });
		1063	BIO *tmp;
		1064	char *pem;
		1065	long len;
		1066
		1067	if (!(tmp = BIO_new(BIO_s_mem())))
		1068	return throwssl(L, "x509.cert:__tostring");
		1069
		1070	if (!PEM_write_bio_X509(tmp, crt)) {
		1071	BIO_free(tmp);
		1072
		1073	return throwssl(L, "x509.cert:__tostring");
		1074	}
		1075
		1076	len = BIO_get_mem_data(tmp, &pem);
		1077
		1078	/* FIXME: leaks on panic */
		1079
		1080	lua_pushlstring(L, pem, len);
		1081
		1082	BIO_free(tmp);
		1083
		1084	return 1;
		1085	} /* xc__tostring() */
910		1086
911		1087
912	static int xc__gc(lua_State *L) {	1088	static int xc__gc(lua_State *L) {
@@ -920,12 +1096,22 @@ static int xc__gc(lua_State *L) {
920		1096
921		1097
922	static const luaL_Reg xc_methods[] = {	1098	static const luaL_Reg xc_methods[] = {
923	{ "getVersion", &xc_getVersion },	1099	{ "getVersion", &xc_getVersion },
924	{ "setVersion", &xc_setVersion },	1100	{ "setVersion", &xc_setVersion },
925	{ NULL, NULL },	1101	{ "getSerial", &xc_getSerial },
		1102	{ "setSerial", &xc_setSerial },
		1103	{ "digest", &xc_digest },
		1104	{ "getLifetime", &xc_getLifetime },
		1105	{ "setLifetime", &xc_setLifetime },
		1106	{ "getIssuer", &xc_getIssuer },
		1107	{ "setIssuer", &xc_setIssuer },
		1108	{ "getSubject", &xc_getSubject },
		1109	{ "setSubject", &xc_setSubject },
		1110	{ NULL, NULL },
926	};	1111	};
927		1112
928	static const luaL_Reg xc_metatable[] = {	1113	static const luaL_Reg xc_metatable[] = {
		1114	{ "__tostring", &xc__tostring },
929	{ "__gc", &xc__gc },	1115	{ "__gc", &xc__gc },
930	{ NULL, NULL },	1116	{ NULL, NULL },
931	};	1117	};
@@ -937,17 +1123,23 @@ static const luaL_Reg xc_globals[] = {
937	{ NULL, NULL },	1123	{ NULL, NULL },
938	};	1124	};
939		1125
940	int luaopen__openssl_x509_cert_open(lua_State *L) {	1126	int luaopen__openssl_x509_cert(lua_State *L) {
941	addclass(L, X509_CERT_CLASS, xc_methods, xc_metatable);	1127	initall(L);
942		1128
943	luaL_newlib(L, xc_globals);	1129	luaL_newlib(L, xc_globals);
944		1130
945	return 1;	1131	return 1;
946	} /* luaopen__openssl_x509_cert_open() */	1132	} /* luaopen__openssl_x509_cert() */
947
948		1133
949		1134
		1135	static void initall(lua_State *L) {
		1136	ERR_load_crypto_strings();
		1137	OpenSSL_add_all_algorithms();
950		1138
		1139	addclass(L, BIGNUM_CLASS, bn_methods, bn_metatable);
		1140	addclass(L, X509_NAME_CLASS, xn_methods, xn_metatable);
		1141	addclass(L, X509_CERT_CLASS, xc_methods, xc_metatable);
		1142	} /* initall() */
951		1143
952		1144
953	#endif /* L_OPENSSL_H */	1145	#endif /* L_OPENSSL_H */