-n

push bignum work

1 files changed, 587 insertions, 8 deletions

diff --git a/openssl.c b/openssl.c
index 3cbedec..949176a 100644
--- a/openssl.c
+++ b/openssl.c
@@ -26,9 +26,12 @@
 #ifndef L_OPENSSL_H
 #define L_OPENSSH_H
 
+#include <limits.h>     /* INT_MAX INT_MIN */
 #include <string.h>     /* memset(3) */
+#include <math.h>       /* fabs(3) floor(3) round(3) isfinite(3) */
 
 #include <openssl/err.h>
+#include <openssl/bn.h>
 #include <openssl/x509.h>
 #include <openssl/x509v3.h>
 
@@ -37,8 +40,13 @@
 #include <lauxlib.h>
 
 
-#define X509_NAME_CLASS "X.509 Name"
-#define X509_CERT_CLASS "X.509 Cert"
+#define X509_NAME_CLASS "OpenSSL X.509 Name"
+#define X509_CERT_CLASS "OpenSSL X.509 Cert"
+#define BIGNUM_CLASS    "OpenSSL BN"
+
+
+#define countof(a) (sizeof (a) / sizeof *(a))
+#define endof(a) (&(a)[countof(a)])
 
 
 static void *prepudata(lua_State *L, const char *tname, size_t size) {
@@ -50,7 +58,7 @@ static void *prepudata(lua_State *L, const char *tname, size_t size) {
 
 static void *prepsimple(lua_State *L, const char *tname) {
         void **p = prepudata(L, tname, sizeof (void *));
-        return *p;
+        return p;
 } /* presimple() */
 
 
@@ -60,9 +68,18 @@ static void *checksimple(lua_State *L, int index, const char *tname) {
 } /* checksimple() */
 
 
-static int throwssl(lua_State *L, const char *func) {
-        /* FIXME */
-        return luaL_error(L, "%s: SSL error (%lu)", func, ERR_get_error());
+static int throwssl(lua_State *L, const char *fun) {
+        unsigned long code;
+        const char *file;
+        int line;
+        char txt[256];
+
+        code = ERR_get_error_line(&file, &line);
+        ERR_clear_error();
+
+        ERR_error_string_n(code, txt, sizeof txt);
+
+        return luaL_error(L, "%s: %s:%d:%s", fun, file, line, txt);
 } /* throwssl() */
 
 
@@ -93,6 +110,372 @@ static void addclass(lua_State *L, const char *name, const luaL_Reg *methods, co
 
 
 /*
+ * BIGNUM - openssl.bignum
+ *
+ * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
+
+static BIGNUM *bn_push(lua_State *L) {
+        BIGNUM **ud = prepsimple(L, BIGNUM_CLASS);
+
+        if (!(*ud = BN_new()))
+                throwssl(L, "bignum.new");
+
+        return *ud;
+} /* bn_push() */
+
+
+static int bn_new(lua_State *L) {
+        bn_push(L);
+
+        return 1;
+} /* bn_new() */
+
+
+static int bn_interpose(lua_State *L) {
+        return interpose(L, BIGNUM_CLASS);
+} /* bn_interpose() */
+
+
+/* return integral part */
+static inline double intof(double f) {
+        return (isfinite(f))? floor(fabs(f)) : 0.0;
+} /* intof() */
+
+
+/* convert integral to BN_ULONG. returns success or failure. */
+static _Bool int2ul(BN_ULONG *ul, double f) {
+        int exp;
+
+        frexp(f, &exp);
+
+        if (exp > (int)sizeof *ul * 8)
+                return 0;
+
+        *ul = (BN_ULONG)f;
+
+        return 1;
+} /* int2ul() */
+
+
+/* convert integral BIGNUM. returns success or failure. */
+static _Bool int2bn(BIGNUM **bn, double q) {
+        unsigned char nib[32], bin[32], *p;
+        size_t i, n;
+        double r;
+
+        p = nib;
+
+        while (q >= 1.0 && p < endof(nib)) {
+                r = fmod(q, 256.0);
+                *p++ = r;
+                q = round((q - r) / 256.0);
+        }
+
+        n = p - nib;
+
+        for (i = 0; i < n; i++) {
+                bin[i] = *--p;
+        }
+
+        if (!(*bn = BN_bin2bn(bin, n, *bn)))
+                return 0;
+
+        return 1;
+} /* int2bn() */
+
+
+/* convert double to BIGNUM. returns success or failure. */
+static _Bool f2bn(BIGNUM **bn, double f) {
+        double i = intof(f);
+        BN_ULONG lu;
+
+        if (int2ul(&lu, i)) {
+                if (!*bn && !(*bn = BN_new()))
+                        return 0;
+
+                if (!BN_set_word(*bn, lu))
+                        return 0;
+        } else if (!int2bn(bn, i))
+                return 0;
+
+        BN_set_negative(*bn, signbit(f));
+
+        return 1;
+} /* f2bn() */
+
+
+static BIGNUM *checkbig(lua_State *L, int index, _Bool *lvalue) {
+        BIGNUM **bn;
+        const char *dec;
+        size_t len;
+
+        index = lua_absindex(L, index);
+
+        switch (lua_type(L, index)) {
+        case LUA_TSTRING:
+                *lvalue = 0;
+
+                dec = lua_tolstring(L, index, &len);
+
+                luaL_argcheck(L, len > 0 && *dec, index, "invalid big number string");
+
+                bn = prepsimple(L, BIGNUM_CLASS);
+
+                if (!BN_dec2bn(bn, dec))
+                        throwssl(L, "bignum");
+
+                lua_replace(L, index);
+
+                return *bn;
+        case LUA_TNUMBER:
+                *lvalue = 0;
+
+                bn = prepsimple(L, BIGNUM_CLASS);
+
+                if (!f2bn(bn, lua_tonumber(L, index)))
+                        throwssl(L, "bignum");
+
+                lua_replace(L, index);
+
+                return *bn;
+        default:
+                *lvalue = 1;
+
+                return checksimple(L, index, BIGNUM_CLASS);
+        } /* switch() */
+} /* checkbig() */
+
+
+static void bn_prepops(lua_State *L, BIGNUM **r, BIGNUM **a, BIGNUM **b, _Bool commute) {
+        _Bool lvalue = 1;
+
+        lua_settop(L, 2); /* a, b */
+
+        *a = checkbig(L, 1, &lvalue);
+
+        if (!lvalue && commute)
+                lua_pushvalue(L, 1);
+
+        *b = checkbig(L, 2, &lvalue);
+
+        if (!lvalue && commute && lua_gettop(L) < 3)
+                lua_pushvalue(L, 2);
+
+        if (lua_gettop(L) < 3)
+                bn_push(L);
+
+        *r = *(BIGNUM **)lua_touserdata(L, 3);
+} /* bn_prepops() */
+
+
+static int ctx__gc(lua_State *L) {
+        BN_CTX **ctx = lua_touserdata(L, 1);
+
+        BN_CTX_free(*ctx);
+        *ctx = NULL;
+
+        return 0;
+} /* ctx__gc() */
+
+static BN_CTX *getctx(lua_State *L) {
+        BN_CTX **ctx;
+
+        lua_pushcfunction(L, &ctx__gc);
+        lua_gettable(L, LUA_REGISTRYINDEX);
+
+        if (lua_isnil(L, -1)) {
+                lua_pop(L, 1);
+
+                ctx = lua_newuserdata(L, sizeof *ctx);
+                *ctx = NULL;
+
+                lua_newtable(L);
+                lua_pushcfunction(L, &ctx__gc);
+                lua_setfield(L, -2, "__gc");
+                lua_setmetatable(L, -2);
+
+                if (!(*ctx = BN_CTX_new()))
+                        throwssl(L, "bignum");
+
+                lua_pushcfunction(L, &ctx__gc);
+                lua_pushvalue(L, -2);
+                lua_settable(L, LUA_REGISTRYINDEX);
+                
+        }
+
+        ctx = lua_touserdata(L, -1);
+        lua_pop(L, 1);
+
+        return *ctx;
+} /* getctx() */
+
+
+static int bn__add(lua_State *L) {
+        BIGNUM *r, *a, *b;
+
+        bn_prepops(L, &r, &a, &b, 1);
+
+        if (!BN_add(r, a, b))
+                return throwssl(L, "bignum:__add");
+
+        return 1;
+} /* bn__add() */
+
+
+static int bn__sub(lua_State *L) {
+        BIGNUM *r, *a, *b;
+
+        bn_prepops(L, &r, &a, &b, 0);
+
+        if (!BN_sub(r, a, b))
+                return throwssl(L, "bignum:__sub");
+
+        return 1;
+} /* bn__sub() */
+
+
+static int bn__mul(lua_State *L) {
+        BIGNUM *r, *a, *b;
+
+        bn_prepops(L, &r, &a, &b, 1);
+
+        if (!BN_mul(r, a, b, getctx(L)))
+                return throwssl(L, "bignum:__mul");
+
+        return 1;
+} /* bn__mul() */
+
+
+static int bn__div(lua_State *L) {
+        BIGNUM *r, *a, *b;
+        BN_CTX *ctx;
+
+        bn_prepops(L, &r, &a, &b, 0);
+
+        if (!BN_div(r, NULL, a, b, getctx(L)))
+                return throwssl(L, "bignum:__div");
+
+        return 1;
+} /* bn__div() */
+
+
+static int bn__mod(lua_State *L) {
+        BIGNUM *r, *a, *b;
+        BN_CTX *ctx;
+
+        bn_prepops(L, &r, &a, &b, 0);
+
+        if (!BN_mod(r, a, b, getctx(L)))
+                return throwssl(L, "bignum:__mod");
+
+        return 1;
+} /* bn__mod() */
+
+
+static int bn__pow(lua_State *L) {
+        BIGNUM *r, *a, *b;
+        BN_CTX *ctx;
+
+        bn_prepops(L, &r, &a, &b, 0);
+
+        if (!BN_exp(r, a, b, getctx(L)))
+                return throwssl(L, "bignum:__pow");
+
+        return 1;
+} /* bn__pow() */
+
+
+static int bn__eq(lua_State *L) {
+        BIGNUM *a = checksimple(L, 1, BIGNUM_CLASS);
+        BIGNUM *b = checksimple(L, 2, BIGNUM_CLASS);
+
+        lua_pushboolean(L, 0 == BN_cmp(a, b));
+
+        return 1;
+} /* bn__eq() */
+
+
+static int bn__lt(lua_State *L) {
+        BIGNUM *a = checksimple(L, 1, BIGNUM_CLASS);
+        BIGNUM *b = checksimple(L, 2, BIGNUM_CLASS);
+        int cmp = BN_cmp(a, b);
+
+        lua_pushboolean(L, cmp == -1);
+
+        return 1;
+} /* bn__lt() */
+
+
+static int bn__le(lua_State *L) {
+        BIGNUM *a = checksimple(L, 1, BIGNUM_CLASS);
+        BIGNUM *b = checksimple(L, 2, BIGNUM_CLASS);
+        int cmp = BN_cmp(a, b);
+
+        lua_pushboolean(L, cmp <= 0);
+
+        return 1;
+} /* bn__le() */
+
+
+static int bn__gc(lua_State *L) {
+        BIGNUM **ud = luaL_checkudata(L, 1, BIGNUM_CLASS);
+
+        BN_free(*ud);
+        *ud = NULL;
+
+        return 0;
+} /* bn__gc() */
+
+
+static int bn__tostring(lua_State *L) {
+        BIGNUM *bn = checksimple(L, 1, X509_NAME_CLASS);
+        char *txt;
+
+        if (!(txt = BN_bn2dec(bn)))
+                throwssl(L, "bignum:__tostring");
+
+        lua_pushstring(L, txt);
+
+        return 1;
+} /* bn__tostring() */
+
+
+static const luaL_Reg bn_methods[] = {
+        { NULL,  NULL },
+};
+
+static const luaL_Reg bn_metatable[] = {
+        { "__add",      &bn__add },
+        { "__sub",      &bn__sub },
+        { "__mul",      &bn__mul },
+        { "__div",      &bn__div },
+        { "__mod",      &bn__mod },
+        { "__pow",      &bn__pow },
+        { "__eq",       &bn__eq },
+        { "__lt",       &bn__lt },
+        { "__le",       &bn__le },
+        { "__gc",       &bn__gc },
+        { "__tostring", &bn__tostring },
+        { NULL,         NULL },
+};
+
+
+static const luaL_Reg bn_globals[] = {
+        { "new",       &bn_new },
+        { "interpose", &bn_interpose },
+        { NULL,        NULL },
+};
+
+int luaopen__openssl_bignum_open(lua_State *L) {
+        addclass(L, BIGNUM_CLASS, bn_methods, bn_metatable);
+
+        luaL_newlib(L, bn_globals);
+
+        return 1;
+} /* luaopen__openssl_bignum_open() */
+
+
+/*
  * X509_NAME - openssl.x509.name
  *
  * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
@@ -152,14 +535,28 @@ static int xn__gc(lua_State *L) {
 } /* xn__gc() */
 
 
+static int xn__tostring(lua_State *L) {
+        X509_NAME *name = checksimple(L, 1, X509_NAME_CLASS);
+        char txt[1024] = { 0 };
+
+        /* FIXME: oneline is deprecated */
+        X509_NAME_oneline(name, txt, sizeof txt);
+
+        lua_pushstring(L, txt);
+
+        return 1;
+} /* xn__tostring() */
+
+
 static const luaL_Reg xn_methods[] = {
         { "add", &xn_add },
         { NULL,  NULL },
 };
 
 static const luaL_Reg xn_metatable[] = {
-        { "__gc", &xn__gc },
-        { NULL,   NULL },
+        { "__gc",       &xn__gc },
+        { "__tostring", &xn__tostring },
+        { NULL,         NULL },
 };
 
 
@@ -178,5 +575,187 @@ int luaopen__openssl_x509_name_open(lua_State *L) {
 } /* luaopen__openssl_x509_name_open() */
 
 
+/*
+ * X509_NAME - openssl.x509.name
+ *
+ * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
+
+static int xc_new(lua_State *L) {
+        X509 **ud = prepsimple(L, X509_CERT_CLASS);
+
+        if (!(*ud = X509_new()))
+                return throwssl(L, "x509.cert.new");
+
+        X509_gmtime_adj(X509_get_notBefore(*ud), 0);
+        X509_gmtime_adj(X509_get_notAfter(*ud), 0);
+
+        return 1;
+} /* xc_new() */
+
+
+static int xc_interpose(lua_State *L) {
+        return interpose(L, X509_CERT_CLASS);
+} /* xc_interpose() */
+
+
+static int xc_getVersion(lua_State *L) {
+        X509 *crt = checksimple(L, 1, X509_CERT_CLASS);
+
+        lua_pushinteger(L, X509_get_version(crt) + 1);
+
+        return 1;
+} /* xc_getVersion() */
+
+
+static int xc_setVersion(lua_State *L) {
+        X509 *crt = checksimple(L, 1, X509_CERT_CLASS);
+        int version = luaL_checkint(L, 2);
+
+        if (!X509_set_version(crt, version - 1))
+                return luaL_error(L, "x509.cert:setVersion: %d: invalid version", version);
+
+        lua_pushboolean(L, 1);
+
+        return 1;
+} /* xc_setVersion() */
+
+
+static int xc_getSerialNumber(lua_State *L) {
+        X509 *crt = checksimple(L, 1, X509_CERT_CLASS);
+        BIGNUM *srl = bn_push(L);
+        ASN1_INTEGER *num;
+
+        if ((num = X509_get_serialNumber(crt))) {
+                if (!ASN1_INTEGER_to_BN(num, srl))
+                        return throwssl(L, "x509.cert.getSerialNumber");
+        }
+
+        return 1;
+} /* xc_getSerialNumber() */
+
+
+static int xc_setSerialNumber(lua_State *L) {
+        X509 *crt = checksimple(L, 1, X509_CERT_CLASS);
+        ASN1_INTEGER *srl = NULL;
+        int ok;
+
+        luaL_checkany(L, 2);
+
+        if (lua_isstring(L, 2)) {
+                BIGNUM *num = NULL;
+
+                if (!BN_dec2bn(&num, lua_tostring(L, 2)))
+                        goto error;
+
+                if (!(srl = ASN1_INTEGER_new()) || !(BN_to_ASN1_INTEGER(num, srl)))
+                        goto error;
+
+                ok = X509_set_serialNumber(crt, srl);
+                ASN1_INTEGER_free(srl);
+
+                if (!ok)
+                        goto error;
+        } else {
+                BIGNUM *num = checksimple(L, 2, BIGNUM_CLASS);
+
+                if (!(srl = ASN1_INTEGER_new()) || !(BN_to_ASN1_INTEGER(num, srl)))
+                        goto error;
+
+                ok = X509_set_serialNumber(crt, srl);
+                ASN1_INTEGER_free(srl);
+
+                if (!ok)
+                        goto error;
+        }
+
+        lua_pushboolean(L, 1);
+
+        return 1;
+error:
+        return throwssl(L, "x509.cert.setSerialNumber");
+} /* xc_setSerialNumber() */
+
+
+#if 0
+static int xc_digest(lua_State *L) {
+        X509 *crt = checksimple(L, 1, X509_CERT_CLASS);
+        const char *type = luaL_optstring(L, 2, "sha1");
+        const EVP_MD *dgst;
+        unsigned char md[EVP_MAX_MD_SIZE];
+        unsigned int len;
+
+        if (!(dgst = EVP_getdigestbyname(type)))
+                return luaL_error(L, "x509.cert:digest: %s: invalid digest type", type);
+
+        X509_digest(crt, dgst, md, &len);
+
+        lua_pushlstring(L, md, len);
+
+        return 1;
+} /* xc_digest() */
+#endif
+
+static int xc_lifetime(lua_State *L) {
+        X509 *crt = checksimple(L, 1, X509_CERT_CLASS);
+        return 0;
+} /* xc_lifetime() */
+
+
+static int xc_issuer(lua_State *L) {
+        X509 *crt = checksimple(L, 1, X509_CERT_CLASS);
+        X509_NAME *name;
+        
+        lua_settop(L, 2);
+
+        if ((name = X509_get_issuer_name(crt)))
+                xn_dup(L, name);
+
+        if (!lua_isnil(L, 2))
+                X509_set_issuer_name(crt, checksimple(L, 2, X509_NAME_CLASS));
+
+        return !!name;
+} /* xc_issuer() */
+
+
+static int xc__gc(lua_State *L) {
+        X509 **ud = luaL_checkudata(L, 1, X509_CERT_CLASS);
+
+        X509_free(*ud);
+        *ud = NULL;
+
+        return 0;
+} /* xc__gc() */
+
+
+static const luaL_Reg xc_methods[] = {
+        { "getVersion", &xc_getVersion },
+        { "setVersion", &xc_setVersion },
+        { NULL,      NULL },
+};
+
+static const luaL_Reg xc_metatable[] = {
+        { "__gc",       &xc__gc },
+        { NULL,         NULL },
+};
+
+
+static const luaL_Reg xc_globals[] = {
+        { "new",       &xc_new },
+        { "interpose", &xc_interpose },
+        { NULL,        NULL },
+};
+
+int luaopen__openssl_x509_cert_open(lua_State *L) {
+        addclass(L, X509_CERT_CLASS, xc_methods, xc_metatable);
+
+        luaL_newlib(L, xc_globals);
+
+        return 1;
+} /* luaopen__openssl_x509_cert_open() */
+
+
+
+
+
 
 #endif /* L_OPENSSL_H */