diff options
| author | Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi> | 2014-05-06 18:59:27 +0300 |
|---|---|---|
| committer | Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi> | 2014-06-01 00:05:22 +0300 |
| commit | 1caa952f22f06ef58cd153e7bcffacef660e423d (patch) | |
| tree | e6cc3702a5d50bdf25f36f810fee251d3b420f88 /src | |
| parent | ad5867b4c5c85ac4ade3cd2d4884ade0e1fae5a5 (diff) | |
| download | luaossl-1caa952f22f06ef58cd153e7bcffacef660e423d.tar.gz luaossl-1caa952f22f06ef58cd153e7bcffacef660e423d.tar.bz2 luaossl-1caa952f22f06ef58cd153e7bcffacef660e423d.zip | |
method for adding arbitrary certificate extensions
Diffstat (limited to 'src')
| -rw-r--r-- | src/openssl.c | 45 |
1 files changed, 45 insertions, 0 deletions
diff --git a/src/openssl.c b/src/openssl.c index c589d6c..a0af882 100644 --- a/src/openssl.c +++ b/src/openssl.c | |||
| @@ -2496,6 +2496,50 @@ static int xc_setBasicConstraintsCritical(lua_State *L) { | |||
| 2496 | } /* xc_setBasicConstraintsCritical() */ | 2496 | } /* xc_setBasicConstraintsCritical() */ |
| 2497 | 2497 | ||
| 2498 | 2498 | ||
| 2499 | static int xc_addExtension(lua_State *L) { | ||
| 2500 | X509 *crt = checksimple(L, 1, X509_CERT_CLASS); | ||
| 2501 | char *name = (char *) luaL_checkstring(L, 2); | ||
| 2502 | char *value = (char *) luaL_checkstring(L, 3); | ||
| 2503 | |||
| 2504 | int ok = 1; | ||
| 2505 | |||
| 2506 | BIO *bio = NULL; | ||
| 2507 | CONF *conf = NULL; | ||
| 2508 | X509V3_CTX *ctx = NULL; | ||
| 2509 | X509_EXTENSION *ext = NULL; | ||
| 2510 | |||
| 2511 | if (lua_gettop(L) > 3) { | ||
| 2512 | char *cdata = (char *) luaL_checkstring(L, 4); | ||
| 2513 | |||
| 2514 | bio = BIO_new(BIO_s_mem()); | ||
| 2515 | if (!bio) goto error; | ||
| 2516 | if (BIO_puts(bio, cdata) < 0) goto error; | ||
| 2517 | |||
| 2518 | conf = NCONF_new(NULL); | ||
| 2519 | if (!conf) goto error; | ||
| 2520 | if (!NCONF_load_bio(conf, bio, NULL)) goto error; | ||
| 2521 | |||
| 2522 | ctx = (X509V3_CTX *) malloc(sizeof (X509V3_CTX)); | ||
| 2523 | X509V3_set_nconf(ctx, conf); | ||
| 2524 | } | ||
| 2525 | |||
| 2526 | ext = X509V3_EXT_nconf(conf, ctx, name, value); | ||
| 2527 | |||
| 2528 | if (ext && X509_add_ext(crt, ext, -1)) goto done; | ||
| 2529 | |||
| 2530 | error: | ||
| 2531 | ok = 0; | ||
| 2532 | |||
| 2533 | done: | ||
| 2534 | if (ext) X509_EXTENSION_free(ext); | ||
| 2535 | if (ctx) free(ctx); | ||
| 2536 | if (conf) NCONF_free(conf); | ||
| 2537 | if (bio) BIO_free(bio); | ||
| 2538 | |||
| 2539 | return ok ? 0 : throwssl(L, "x509.cert:addExtension"); | ||
| 2540 | } /* xc_addExtension() */ | ||
| 2541 | |||
| 2542 | |||
| 2499 | static int xc_isIssuedBy(lua_State *L) { | 2543 | static int xc_isIssuedBy(lua_State *L) { |
| 2500 | X509 *crt = checksimple(L, 1, X509_CERT_CLASS); | 2544 | X509 *crt = checksimple(L, 1, X509_CERT_CLASS); |
| 2501 | X509 *issuer = checksimple(L, 2, X509_CERT_CLASS); | 2545 | X509 *issuer = checksimple(L, 2, X509_CERT_CLASS); |
| @@ -2651,6 +2695,7 @@ static const luaL_Reg xc_methods[] = { | |||
| 2651 | { "setBasicConstraint", &xc_setBasicConstraint }, | 2695 | { "setBasicConstraint", &xc_setBasicConstraint }, |
| 2652 | { "getBasicConstraintsCritical", &xc_getBasicConstraintsCritical }, | 2696 | { "getBasicConstraintsCritical", &xc_getBasicConstraintsCritical }, |
| 2653 | { "setBasicConstraintsCritical", &xc_setBasicConstraintsCritical }, | 2697 | { "setBasicConstraintsCritical", &xc_setBasicConstraintsCritical }, |
| 2698 | { "addExtension", &xc_addExtension }, | ||
| 2654 | { "isIssuedBy", &xc_isIssuedBy }, | 2699 | { "isIssuedBy", &xc_isIssuedBy }, |
| 2655 | { "getPublicKey", &xc_getPublicKey }, | 2700 | { "getPublicKey", &xc_getPublicKey }, |
| 2656 | { "setPublicKey", &xc_setPublicKey }, | 2701 | { "setPublicKey", &xc_setPublicKey }, |