parse CRLs from PEM and DER formats

1 files changed, 30 insertions, 3 deletions

diff --git a/src/openssl.c b/src/openssl.c
index 757bbf0..9845bcc 100644
--- a/src/openssl.c
+++ b/src/openssl.c
@@ -3070,14 +3070,41 @@ int luaopen__openssl_x509_csr(lua_State *L) {
  * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
 
 static int xx_new(lua_State *L) {
+        const char *data;
+        size_t len;
         X509_CRL **ud;
 
+        lua_settop(L, 2);
+
         ud = prepsimple(L, X509_CRL_CLASS);
 
-        if (!(*ud = X509_CRL_new()))
-                return throwssl(L, "x509.crl.new");
+        if ((data = luaL_optlstring(L, 1, NULL, &len))) {
+                int type = optencoding(L, 2, "*", X509_ANY|X509_PEM|X509_DER);
+                BIO *tmp;
+                int ok = 0;
+
+                if (!(tmp = BIO_new_mem_buf((char *)data, len)))
+                        return throwssl(L, "x509.crl.new");
+
+                if (type == X509_PEM || type == X509_ANY) {
+                        ok = !!(*ud = PEM_read_bio_X509_CRL(tmp, NULL, 0, "")); /* no password */
+                }
+
+                if (!ok && (type == X509_DER || type == X509_ANY)) {
+                        ok = !!(*ud = d2i_X509_CRL_bio(tmp, NULL));
+                }
 
-        X509_gmtime_adj(X509_CRL_get_lastUpdate(*ud), 0);
+                BIO_free(tmp);
+
+                if (!ok)
+                        return throwssl(L, "x509.crl.new");
+        }
+        else {
+                if (!(*ud = X509_CRL_new()))
+                        return throwssl(L, "x509.crl.new");
+
+                X509_gmtime_adj(X509_CRL_get_lastUpdate(*ud), 0);
+        }
 
         return 1;
 } /* xx_new() */