-n

wrap basic constraints methods
author: William Ahern <william@server.local> 2012-10-05 20:10:44 -0700
committer: William Ahern <william@server.local> 2012-10-05 20:10:44 -0700
commit: 9b87f5309071f52e85438ca26ff224f9e9abc879 (patch)
tree: 6c2b18103e1711eece283f3d6e11599f0e78b894
parent: e4d2a3e899701a6b0bd88f2820361fb3c24fb231 (diff)
download: luaossl-9b87f5309071f52e85438ca26ff224f9e9abc879.tar.gz
luaossl-9b87f5309071f52e85438ca26ff224f9e9abc879.tar.bz2
luaossl-9b87f5309071f52e85438ca26ff224f9e9abc879.zip
1 files changed, 164 insertions, 0 deletions
diff --git a/openssl.c b/openssl.c
index d491106..fde237c 100644
--- a/openssl.c
+++ b/openssl.c
@@ -62,6 +62,13 @@
 #define stricmp(a, b) strcasecmp((a), (b))
 #define strieq(a, b) (!stricmp((a), (b)))
+#define SAY_(file, func, line, fmt, ...) \
+        fprintf(stderr, "%s:%d: " fmt "%s", __func__, __LINE__, __VA_ARGS__)
+#define SAY(...) SAY_(__FILE__, __func__, __LINE__, __VA_ARGS__, "\n")
+#define HAI SAY("hai")
 static void *prepudata(lua_State *L, size_t size, const char *tname, int (*gc)(lua_State *)) {
        void *p = memset(lua_newuserdata(L, size), 0, size);
@@ -1442,6 +1449,157 @@ static int xc_setSubjectAltCritical(lua_State *L) {
 } /* xc_setSubjectAltCritical() */
+static int xc_getBasicConstraint(lua_State *L) {
+        X509 *crt = checksimple(L, 1, X509_CERT_CLASS);
+        BASIC_CONSTRAINTS *bs;
+        int CA, pathLen;
+        if (!(bs = X509_get_ext_d2i(crt, NID_basic_constraints, 0, 0))) {
+                /* FIXME: detect error or just non-existent */
+                if (lua_gettop(L) > 1)
+                        return 0;
+                lua_newtable(L);
+                return 1;
+        }
+        CA = bs->ca;
+        pathLen = ASN1_INTEGER_get(bs->pathlen);
+        BASIC_CONSTRAINTS_free(bs);
+        if (lua_gettop(L) > 1) {
+                int n = 0, i, top;
+                for (i = 2, top = lua_gettop(L); i <= top; i++) {
+                        switch (luaL_checkoption(L, i, 0, (const char *[]){ "CA", "pathLen", "pathLenConstraint", 0 })) {
+                        case 0:
+                                lua_pushboolean(L, CA);
+                                n++;
+                                break;
+                        case 1:
+                                /* FALL THROUGH */
+                        case 2:
+                                lua_pushinteger(L, pathLen);
+                                n++;
+                                break;
+                        }
+                }
+                return n;
+        } else {
+                lua_newtable(L);
+                lua_pushboolean(L, CA);
+                lua_setfield(L, -2, "CA");
+                lua_pushinteger(L, pathLen);
+                lua_setfield(L, -2, "pathLen");
+                return 1;
+        }
+} /* xc_getBasicConstraint() */
+static int xc_setBasicConstraint(lua_State *L) {
+        X509 *crt = checksimple(L, 1, X509_CERT_CLASS);
+        BASIC_CONSTRAINTS *bs = 0;
+        int CA = -1, pathLen = -1;
+        int critical = 0;
+        luaL_checkany(L, 2);
+        if (lua_istable(L, 2)) {
+                lua_getfield(L, 2, "CA");
+                if (!lua_isnil(L, -1))
+                        CA = lua_toboolean(L, -1);
+                lua_pop(L, 1);
+                lua_getfield(L, 2, "pathLen");
+                pathLen = luaL_optint(L, -1, pathLen);
+                lua_pop(L, 1);
+                lua_getfield(L, 2, "pathLenConstraint");
+                pathLen = luaL_optint(L, -1, pathLen);
+                lua_pop(L, 1);
+                if (!(bs = BASIC_CONSTRAINTS_new()))
+                        goto error;
+        } else {
+                lua_settop(L, 3);
+                switch (luaL_checkoption(L, 2, 0, (const char *[]){ "CA", "pathLen", "pathLenConstraint", 0 })) {
+                case 0:
+                        luaL_checktype(L, 3, LUA_TBOOLEAN);
+                        CA = lua_toboolean(L, 3);
+                        break;
+                case 1:
+                        /* FALL THROUGH */
+                case 2:
+                        pathLen = luaL_checkint(L, 3);
+                        break;
+                }
+                if (!(bs = X509_get_ext_d2i(crt, NID_basic_constraints, &critical, 0))) {
+                        /* FIXME: detect whether error or just non-existent */
+                        if (!(bs = BASIC_CONSTRAINTS_new()))
+                                goto error;
+                }
+        }
+        if (CA != -1)
+                bs->ca = CA;
+        if (pathLen >= 0) {
+                ASN1_INTEGER_free(bs->pathlen);
+                if (!(bs->pathlen = M_ASN1_INTEGER_new()))
+                        goto error;
+                if (!ASN1_INTEGER_set(bs->pathlen, pathLen))
+                        goto error;
+        }
+        if (!X509_add1_ext_i2d(crt, NID_basic_constraints, bs, critical, X509V3_ADD_REPLACE))
+                goto error;
+        BASIC_CONSTRAINTS_free(bs);
+        lua_pushboolean(L, 1);
+        return 1;
+error:
+        BASIC_CONSTRAINTS_free(bs);
+        return throwssl(L, "x509.cert:setBasicConstraint");
+} /* xc_setBasicConstraint() */
+static int xc_getBasicConstraintsCritical(lua_State *L) {
+        X509 *crt = checksimple(L, 1, X509_CERT_CLASS);
+        lua_pushboolean(L, xc_getCritical(crt, NID_basic_constraints));
+        return 1;
+} /* xc_getBasicConstraintsCritical() */
+static int xc_setBasicConstraintsCritical(lua_State *L) {
+        X509 *crt = checksimple(L, 1, X509_CERT_CLASS);
+        luaL_checkany(L, 2);
+        xc_setCritical(crt, NID_basic_constraints, lua_toboolean(L, 2));
+        lua_pushboolean(L, 1);
+        return 1;
+} /* xc_setBasicConstraintsCritical() */
 static int xc__tostring(lua_State *L) {
        X509 *crt = checksimple(L, 1, X509_CERT_CLASS);
        int fmt = luaL_checkoption(L, 2, "pem", (const char *[]){ "pem", 0 });
@@ -1500,6 +1658,12 @@ static const luaL_Reg xc_methods[] = {
        { "setIssuerAltCritical",  &xc_setIssuerAltCritical },
        { "getSubjectAltCritical", &xc_getSubjectAltCritical },
        { "setSubjectAltCritical", &xc_setSubjectAltCritical },
+        { "getBasicConstraints", &xc_getBasicConstraint },
+        { "getBasicConstraint",  &xc_getBasicConstraint },
+        { "setBasicConstraints", &xc_setBasicConstraint },
+        { "setBasicConstraint",  &xc_setBasicConstraint },
+        { "getBasicConstraintsCritical", &xc_getBasicConstraintsCritical },
+        { "setBasicConstraintsCritical", &xc_setBasicConstraintsCritical },
        { NULL,            NULL },
 };
author	William Ahern <william@server.local>	2012-10-05 20:10:44 -0700
committer	William Ahern <william@server.local>	2012-10-05 20:10:44 -0700
commit	9b87f5309071f52e85438ca26ff224f9e9abc879 (patch)
tree	6c2b18103e1711eece283f3d6e11599f0e78b894
parent	e4d2a3e899701a6b0bd88f2820361fb3c24fb231 (diff)
download	luaossl-9b87f5309071f52e85438ca26ff224f9e9abc879.tar.gz luaossl-9b87f5309071f52e85438ca26ff224f9e9abc879.tar.bz2 luaossl-9b87f5309071f52e85438ca26ff224f9e9abc879.zip

diff --git a/openssl.c b/openssl.c index d491106..fde237c 100644 --- a/openssl.c +++ b/openssl.c
@@ -62,6 +62,13 @@
62	#define stricmp(a, b) strcasecmp((a), (b))	62	#define stricmp(a, b) strcasecmp((a), (b))
63	#define strieq(a, b) (!stricmp((a), (b)))	63	#define strieq(a, b) (!stricmp((a), (b)))
64		64
		65	#define SAY_(file, func, line, fmt, ...) \
		66	fprintf(stderr, "%s:%d: " fmt "%s", __func__, __LINE__, __VA_ARGS__)
		67
		68	#define SAY(...) SAY_(__FILE__, __func__, __LINE__, __VA_ARGS__, "\n")
		69
		70	#define HAI SAY("hai")
		71
65		72
66	static void prepudata(lua_State L, size_t size, const char tname, int (gc)(lua_State *)) {	73	static void prepudata(lua_State L, size_t size, const char tname, int (gc)(lua_State *)) {
67	void *p = memset(lua_newuserdata(L, size), 0, size);	74	void *p = memset(lua_newuserdata(L, size), 0, size);
@@ -1442,6 +1449,157 @@ static int xc_setSubjectAltCritical(lua_State *L) {
1442	} /* xc_setSubjectAltCritical() */	1449	} /* xc_setSubjectAltCritical() */
1443		1450
1444		1451
		1452	static int xc_getBasicConstraint(lua_State *L) {
		1453	X509 *crt = checksimple(L, 1, X509_CERT_CLASS);
		1454	BASIC_CONSTRAINTS *bs;
		1455	int CA, pathLen;
		1456
		1457	if (!(bs = X509_get_ext_d2i(crt, NID_basic_constraints, 0, 0))) {
		1458	/* FIXME: detect error or just non-existent */
		1459
		1460	if (lua_gettop(L) > 1)
		1461	return 0;
		1462
		1463	lua_newtable(L);
		1464
		1465	return 1;
		1466	}
		1467
		1468	CA = bs->ca;
		1469	pathLen = ASN1_INTEGER_get(bs->pathlen);
		1470
		1471	BASIC_CONSTRAINTS_free(bs);
		1472
		1473	if (lua_gettop(L) > 1) {
		1474	int n = 0, i, top;
		1475
		1476	for (i = 2, top = lua_gettop(L); i <= top; i++) {
		1477	switch (luaL_checkoption(L, i, 0, (const char *[]){ "CA", "pathLen", "pathLenConstraint", 0 })) {
		1478	case 0:
		1479	lua_pushboolean(L, CA);
		1480	n++;
		1481	break;
		1482	case 1:
		1483	/* FALL THROUGH */
		1484	case 2:
		1485	lua_pushinteger(L, pathLen);
		1486	n++;
		1487	break;
		1488	}
		1489	}
		1490
		1491	return n;
		1492	} else {
		1493	lua_newtable(L);
		1494
		1495	lua_pushboolean(L, CA);
		1496	lua_setfield(L, -2, "CA");
		1497
		1498	lua_pushinteger(L, pathLen);
		1499	lua_setfield(L, -2, "pathLen");
		1500
		1501	return 1;
		1502	}
		1503	} /* xc_getBasicConstraint() */
		1504
		1505
		1506	static int xc_setBasicConstraint(lua_State *L) {
		1507	X509 *crt = checksimple(L, 1, X509_CERT_CLASS);
		1508	BASIC_CONSTRAINTS *bs = 0;
		1509	int CA = -1, pathLen = -1;
		1510	int critical = 0;
		1511
		1512	luaL_checkany(L, 2);
		1513
		1514	if (lua_istable(L, 2)) {
		1515	lua_getfield(L, 2, "CA");
		1516	if (!lua_isnil(L, -1))
		1517	CA = lua_toboolean(L, -1);
		1518	lua_pop(L, 1);
		1519
		1520	lua_getfield(L, 2, "pathLen");
		1521	pathLen = luaL_optint(L, -1, pathLen);
		1522	lua_pop(L, 1);
		1523
		1524	lua_getfield(L, 2, "pathLenConstraint");
		1525	pathLen = luaL_optint(L, -1, pathLen);
		1526	lua_pop(L, 1);
		1527
		1528	if (!(bs = BASIC_CONSTRAINTS_new()))
		1529	goto error;
		1530	} else {
		1531	lua_settop(L, 3);
		1532
		1533	switch (luaL_checkoption(L, 2, 0, (const char *[]){ "CA", "pathLen", "pathLenConstraint", 0 })) {
		1534	case 0:
		1535	luaL_checktype(L, 3, LUA_TBOOLEAN);
		1536	CA = lua_toboolean(L, 3);
		1537
		1538	break;
		1539	case 1:
		1540	/* FALL THROUGH */
		1541	case 2:
		1542	pathLen = luaL_checkint(L, 3);
		1543
		1544	break;
		1545	}
		1546
		1547	if (!(bs = X509_get_ext_d2i(crt, NID_basic_constraints, &critical, 0))) {
		1548	/* FIXME: detect whether error or just non-existent */
		1549	if (!(bs = BASIC_CONSTRAINTS_new()))
		1550	goto error;
		1551	}
		1552	}
		1553
		1554	if (CA != -1)
		1555	bs->ca = CA;
		1556
		1557	if (pathLen >= 0) {
		1558	ASN1_INTEGER_free(bs->pathlen);
		1559
		1560	if (!(bs->pathlen = M_ASN1_INTEGER_new()))
		1561	goto error;
		1562
		1563	if (!ASN1_INTEGER_set(bs->pathlen, pathLen))
		1564	goto error;
		1565	}
		1566
		1567	if (!X509_add1_ext_i2d(crt, NID_basic_constraints, bs, critical, X509V3_ADD_REPLACE))
		1568	goto error;
		1569
		1570	BASIC_CONSTRAINTS_free(bs);
		1571
		1572	lua_pushboolean(L, 1);
		1573
		1574	return 1;
		1575	error:
		1576	BASIC_CONSTRAINTS_free(bs);
		1577
		1578	return throwssl(L, "x509.cert:setBasicConstraint");
		1579	} /* xc_setBasicConstraint() */
		1580
		1581
		1582	static int xc_getBasicConstraintsCritical(lua_State *L) {
		1583	X509 *crt = checksimple(L, 1, X509_CERT_CLASS);
		1584
		1585	lua_pushboolean(L, xc_getCritical(crt, NID_basic_constraints));
		1586
		1587	return 1;
		1588	} /* xc_getBasicConstraintsCritical() */
		1589
		1590
		1591	static int xc_setBasicConstraintsCritical(lua_State *L) {
		1592	X509 *crt = checksimple(L, 1, X509_CERT_CLASS);
		1593
		1594	luaL_checkany(L, 2);
		1595	xc_setCritical(crt, NID_basic_constraints, lua_toboolean(L, 2));
		1596
		1597	lua_pushboolean(L, 1);
		1598
		1599	return 1;
		1600	} /* xc_setBasicConstraintsCritical() */
		1601
		1602
1445	static int xc__tostring(lua_State *L) {	1603	static int xc__tostring(lua_State *L) {
1446	X509 *crt = checksimple(L, 1, X509_CERT_CLASS);	1604	X509 *crt = checksimple(L, 1, X509_CERT_CLASS);
1447	int fmt = luaL_checkoption(L, 2, "pem", (const char *[]){ "pem", 0 });	1605	int fmt = luaL_checkoption(L, 2, "pem", (const char *[]){ "pem", 0 });
@@ -1500,6 +1658,12 @@ static const luaL_Reg xc_methods[] = {
1500	{ "setIssuerAltCritical", &xc_setIssuerAltCritical },	1658	{ "setIssuerAltCritical", &xc_setIssuerAltCritical },
1501	{ "getSubjectAltCritical", &xc_getSubjectAltCritical },	1659	{ "getSubjectAltCritical", &xc_getSubjectAltCritical },
1502	{ "setSubjectAltCritical", &xc_setSubjectAltCritical },	1660	{ "setSubjectAltCritical", &xc_setSubjectAltCritical },
		1661	{ "getBasicConstraints", &xc_getBasicConstraint },
		1662	{ "getBasicConstraint", &xc_getBasicConstraint },
		1663	{ "setBasicConstraints", &xc_setBasicConstraint },
		1664	{ "setBasicConstraint", &xc_setBasicConstraint },
		1665	{ "getBasicConstraintsCritical", &xc_getBasicConstraintsCritical },
		1666	{ "setBasicConstraintsCritical", &xc_setBasicConstraintsCritical },
1503	{ NULL, NULL },	1667	{ NULL, NULL },
1504	};	1668	};
1505		1669