Merge branch 'kunkku-pkcs12'

author: william <william@25tandclement.com> 2014-07-15 21:07:44 -0700
committer: william <william@25tandclement.com> 2014-07-15 21:07:44 -0700
commit: a5b46c650b477cdc673bc52a58a39232460f29fc (patch)
tree: 9f2e002aa24a552b89cf1565173f9122cde513b1 /src
parent: fe955f0f54278f0208c1e1ccec0b5497e5918e6a (diff)
parent: 97c5e6aff52b83fa66f1bea644078d2da2880336 (diff)
download: luaossl-a5b46c650b477cdc673bc52a58a39232460f29fc.tar.gz
luaossl-a5b46c650b477cdc673bc52a58a39232460f29fc.tar.bz2
luaossl-a5b46c650b477cdc673bc52a58a39232460f29fc.zip
3 files changed, 135 insertions, 0 deletions
diff --git a/src/GNUmakefile b/src/GNUmakefile
index 75e8c3a..240a773 100644
--- a/src/GNUmakefile
+++ b/src/GNUmakefile
@@ -96,6 +96,7 @@ MODS$(1)_$(d) = \
        $$(DESTDIR)$(3)/openssl/x509/chain.lua \
        $$(DESTDIR)$(3)/openssl/x509/crl.lua \
        $$(DESTDIR)$(3)/openssl/x509/store.lua \
+        $$(DESTDIR)$(3)/openssl/pkcs12.lua \
        $$(DESTDIR)$(3)/openssl/ssl/context.lua \
        $$(DESTDIR)$(3)/openssl/ssl.lua \
        $$(DESTDIR)$(3)/openssl/digest.lua \
diff --git a/src/openssl.c b/src/openssl.c
index e1c3b8d..b183524 100644
--- a/src/openssl.c
+++ b/src/openssl.c
@@ -65,6 +65,7 @@
 #include <openssl/asn1.h>
 #include <openssl/x509.h>
 #include <openssl/x509v3.h>
+#include <openssl/pkcs12.h>
 #include <openssl/evp.h>
 #include <openssl/pem.h>
 #include <openssl/ssl.h>
@@ -89,6 +90,7 @@
 #define X509_CRL_CLASS   "X509_CRL*"
 #define X509_STORE_CLASS "X509_STORE*"
 #define X509_STCTX_CLASS "X509_STORE_CTX*"
+#define PKCS12_CLASS     "PKCS12*"
 #define SSL_CTX_CLASS    "SSL_CTX*"
 #define SSL_CLASS        "SSL*"
 #define DIGEST_CLASS     "EVP_MD_CTX"     /* not a pointer */
@@ -364,6 +366,18 @@ static _Bool loadfield(lua_State *L, int index, const char *k, int type, void *p
 } /* loadfield() */
+static void *loadfield_udata(lua_State *L, int index, const char *k, const char *tname) {
+        if (!getfield(L, index, k))
+                return NULL;
+        void **p = luaL_checkudata(L, -1, tname);
+        lua_pop(L, 1); /* table keeps reference */
+        return *p;
+} /* loadfield_udata() */
 static const char *pushnid(lua_State *L, int nid) {
        const char *txt;
        ASN1_OBJECT *obj;
@@ -3644,6 +3658,124 @@ int luaopen__openssl_x509_store_context(lua_State *L) {
 /*
+ * PKCS12 - openssl.pkcs12
+ *
+ * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
+static int p12_new(lua_State *L) {
+        char *pass = NULL;
+        loadfield(L, 1, "password", LUA_TSTRING, &pass);
+        EVP_PKEY *key = loadfield_udata(L, 1, "key", PKEY_CLASS);
+        STACK_OF(X509) *certs = loadfield_udata(L, 1, "certs", X509_CHAIN_CLASS);
+        PKCS12 **ud = prepsimple(L, PKCS12_CLASS);
+        int i;
+        int no_kcert = 0;
+        X509 *cert = NULL;
+        X509 *kcert = NULL;
+        STACK_OF(X509) *ca;
+        if (!(ca = sk_X509_new_null()))
+                goto error;
+        for (i = 0; i < sk_X509_num(certs); i++) {
+                cert = sk_X509_value(certs, i);
+                if (key && X509_check_private_key(cert, key)) {
+                        if (!(kcert = X509_dup(cert)))
+                                goto error;
+                        X509_keyid_set1(kcert, NULL, 0);
+                        X509_alias_set1(kcert, NULL, 0);
+                }
+                else sk_X509_push(ca, cert);
+        }
+        if (key && !kcert) {
+                no_kcert = 1;
+                goto error;
+        }
+        if (!(*ud = PKCS12_create(pass, NULL, key, kcert, ca, 0, 0, 0, 0, 0)))
+                goto error;
+        if (kcert)
+                X509_free(kcert);
+        sk_X509_free(ca);
+        return 1;
+error:
+        if (kcert)
+                X509_free(kcert);
+        if (ca)
+                sk_X509_free(ca);
+        if (no_kcert)
+                luaL_argerror(L, 1, lua_pushfstring(L, "certificate matching the key not found"));
+        return throwssl(L, "pkcs12.new");
+} /* p12_new() */
+static int p12_interpose(lua_State *L) {
+        return interpose(L, PKCS12_CLASS);
+} /* p12_interpose() */
+static int p12__tostring(lua_State *L) {
+        PKCS12 *p12 = checksimple(L, 1, PKCS12_CLASS);
+        BIO *bio = getbio(L);
+        char *data;
+        long len;
+        if (!i2d_PKCS12_bio(bio, p12))
+                return throwssl(L, "pkcs12:__tostring");
+        len = BIO_get_mem_data(bio, &data);
+        lua_pushlstring(L, data, len);
+        return 1;
+} /* p12__tostring() */
+static int p12__gc(lua_State *L) {
+        PKCS12 **ud = luaL_checkudata(L, 1, PKCS12_CLASS);
+        PKCS12_free(*ud);
+        *ud = NULL;
+        return 0;
+} /* p12__gc() */
+static const luaL_Reg p12_methods[] = {
+        { "tostring", &p12__tostring },
+        { NULL,         NULL },
+};
+static const luaL_Reg p12_metatable[] = {
+        { "__tostring", &p12__tostring },
+        { "__gc",       &p12__gc },
+        { NULL,         NULL },
+};
+static const luaL_Reg p12_globals[] = {
+        { "new",       &p12_new },
+        { "interpose", &p12_interpose },
+        { NULL,        NULL },
+};
+int luaopen__openssl_pkcs12(lua_State *L) {
+        initall(L);
+        luaL_newlib(L, p12_globals);
+        return 1;
+} /* luaopen__openssl_pkcs12() */
+/*
 * SSL_CTX - openssl.ssl.context
 *
 * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
@@ -4840,6 +4972,7 @@ static void initall(lua_State *L) {
        addclass(L, X509_CRL_CLASS, xx_methods, xx_metatable);
        addclass(L, X509_CHAIN_CLASS, xl_methods, xl_metatable);
        addclass(L, X509_STORE_CLASS, xs_methods, xs_metatable);
+        addclass(L, PKCS12_CLASS, p12_methods, p12_metatable);
        addclass(L, SSL_CTX_CLASS, sx_methods, sx_metatable);
        addclass(L, SSL_CLASS, ssl_methods, ssl_metatable);
        addclass(L, DIGEST_CLASS, md_methods, md_metatable);
diff --git a/src/openssl.pkcs12.lua b/src/openssl.pkcs12.lua
new file mode 100644
index 0000000..d8f70c2
--- /dev/null
+++ b/src/openssl.pkcs12.lua
@@ -0,0 +1 @@
+return require('_openssl.pkcs12')
author	william <william@25tandclement.com>	2014-07-15 21:07:44 -0700
committer	william <william@25tandclement.com>	2014-07-15 21:07:44 -0700
commit	a5b46c650b477cdc673bc52a58a39232460f29fc (patch)
tree	9f2e002aa24a552b89cf1565173f9122cde513b1 /src
parent	fe955f0f54278f0208c1e1ccec0b5497e5918e6a (diff)
parent	97c5e6aff52b83fa66f1bea644078d2da2880336 (diff)
download	luaossl-a5b46c650b477cdc673bc52a58a39232460f29fc.tar.gz luaossl-a5b46c650b477cdc673bc52a58a39232460f29fc.tar.bz2 luaossl-a5b46c650b477cdc673bc52a58a39232460f29fc.zip

diff --git a/src/GNUmakefile b/src/GNUmakefile index 75e8c3a..240a773 100644 --- a/src/GNUmakefile +++ b/src/GNUmakefile
@@ -96,6 +96,7 @@ MODS$(1)_$(d) = \
96	$$(DESTDIR)$(3)/openssl/x509/chain.lua \	96	$$(DESTDIR)$(3)/openssl/x509/chain.lua \
97	$$(DESTDIR)$(3)/openssl/x509/crl.lua \	97	$$(DESTDIR)$(3)/openssl/x509/crl.lua \
98	$$(DESTDIR)$(3)/openssl/x509/store.lua \	98	$$(DESTDIR)$(3)/openssl/x509/store.lua \
		99	$$(DESTDIR)$(3)/openssl/pkcs12.lua \
99	$$(DESTDIR)$(3)/openssl/ssl/context.lua \	100	$$(DESTDIR)$(3)/openssl/ssl/context.lua \
100	$$(DESTDIR)$(3)/openssl/ssl.lua \	101	$$(DESTDIR)$(3)/openssl/ssl.lua \
101	$$(DESTDIR)$(3)/openssl/digest.lua \	102	$$(DESTDIR)$(3)/openssl/digest.lua \


diff --git a/src/openssl.c b/src/openssl.c index e1c3b8d..b183524 100644 --- a/src/openssl.c +++ b/src/openssl.c
@@ -65,6 +65,7 @@
65	#include <openssl/asn1.h>	65	#include <openssl/asn1.h>
66	#include <openssl/x509.h>	66	#include <openssl/x509.h>
67	#include <openssl/x509v3.h>	67	#include <openssl/x509v3.h>
		68	#include <openssl/pkcs12.h>
68	#include <openssl/evp.h>	69	#include <openssl/evp.h>
69	#include <openssl/pem.h>	70	#include <openssl/pem.h>
70	#include <openssl/ssl.h>	71	#include <openssl/ssl.h>
@@ -89,6 +90,7 @@
89	#define X509_CRL_CLASS "X509_CRL*"	90	#define X509_CRL_CLASS "X509_CRL*"
90	#define X509_STORE_CLASS "X509_STORE*"	91	#define X509_STORE_CLASS "X509_STORE*"
91	#define X509_STCTX_CLASS "X509_STORE_CTX*"	92	#define X509_STCTX_CLASS "X509_STORE_CTX*"
		93	#define PKCS12_CLASS "PKCS12*"
92	#define SSL_CTX_CLASS "SSL_CTX*"	94	#define SSL_CTX_CLASS "SSL_CTX*"
93	#define SSL_CLASS "SSL*"	95	#define SSL_CLASS "SSL*"
94	#define DIGEST_CLASS "EVP_MD_CTX" /* not a pointer */	96	#define DIGEST_CLASS "EVP_MD_CTX" /* not a pointer */
@@ -364,6 +366,18 @@ static _Bool loadfield(lua_State L, int index, const char k, int type, void *p
364	} /* loadfield() */	366	} /* loadfield() */
365		367
366		368
		369	static void loadfield_udata(lua_State L, int index, const char k, const char tname) {
		370	if (!getfield(L, index, k))
		371	return NULL;
		372
		373	void **p = luaL_checkudata(L, -1, tname);
		374
		375	lua_pop(L, 1); /* table keeps reference */
		376
		377	return *p;
		378	} /* loadfield_udata() */
		379
		380
367	static const char pushnid(lua_State L, int nid) {	381	static const char pushnid(lua_State L, int nid) {
368	const char *txt;	382	const char *txt;
369	ASN1_OBJECT *obj;	383	ASN1_OBJECT *obj;
@@ -3644,6 +3658,124 @@ int luaopen__openssl_x509_store_context(lua_State *L) {
3644		3658
3645		3659
3646	/*	3660	/*
		3661	* PKCS12 - openssl.pkcs12
		3662	*
		3663	* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
		3664
		3665	static int p12_new(lua_State *L) {
		3666	char *pass = NULL;
		3667	loadfield(L, 1, "password", LUA_TSTRING, &pass);
		3668
		3669	EVP_PKEY *key = loadfield_udata(L, 1, "key", PKEY_CLASS);
		3670	STACK_OF(X509) *certs = loadfield_udata(L, 1, "certs", X509_CHAIN_CLASS);
		3671
		3672	PKCS12 **ud = prepsimple(L, PKCS12_CLASS);
		3673
		3674	int i;
		3675	int no_kcert = 0;
		3676	X509 *cert = NULL;
		3677	X509 *kcert = NULL;
		3678	STACK_OF(X509) *ca;
		3679
		3680	if (!(ca = sk_X509_new_null()))
		3681	goto error;
		3682
		3683	for (i = 0; i < sk_X509_num(certs); i++) {
		3684	cert = sk_X509_value(certs, i);
		3685	if (key && X509_check_private_key(cert, key)) {
		3686	if (!(kcert = X509_dup(cert)))
		3687	goto error;
		3688	X509_keyid_set1(kcert, NULL, 0);
		3689	X509_alias_set1(kcert, NULL, 0);
		3690	}
		3691	else sk_X509_push(ca, cert);
		3692	}
		3693	if (key && !kcert) {
		3694	no_kcert = 1;
		3695	goto error;
		3696	}
		3697
		3698	if (!(*ud = PKCS12_create(pass, NULL, key, kcert, ca, 0, 0, 0, 0, 0)))
		3699	goto error;
		3700
		3701	if (kcert)
		3702	X509_free(kcert);
		3703	sk_X509_free(ca);
		3704
		3705	return 1;
		3706
		3707	error:
		3708	if (kcert)
		3709	X509_free(kcert);
		3710	if (ca)
		3711	sk_X509_free(ca);
		3712
		3713	if (no_kcert)
		3714	luaL_argerror(L, 1, lua_pushfstring(L, "certificate matching the key not found"));
		3715
		3716	return throwssl(L, "pkcs12.new");
		3717	} /* p12_new() */
		3718
		3719
		3720	static int p12_interpose(lua_State *L) {
		3721	return interpose(L, PKCS12_CLASS);
		3722	} /* p12_interpose() */
		3723
		3724
		3725	static int p12__tostring(lua_State *L) {
		3726	PKCS12 *p12 = checksimple(L, 1, PKCS12_CLASS);
		3727	BIO *bio = getbio(L);
		3728	char *data;
		3729	long len;
		3730
		3731	if (!i2d_PKCS12_bio(bio, p12))
		3732	return throwssl(L, "pkcs12:__tostring");
		3733
		3734	len = BIO_get_mem_data(bio, &data);
		3735
		3736	lua_pushlstring(L, data, len);
		3737
		3738	return 1;
		3739	} /* p12__tostring() */
		3740
		3741
		3742	static int p12__gc(lua_State *L) {
		3743	PKCS12 **ud = luaL_checkudata(L, 1, PKCS12_CLASS);
		3744
		3745	PKCS12_free(*ud);
		3746	*ud = NULL;
		3747
		3748	return 0;
		3749	} /* p12__gc() */
		3750
		3751
		3752	static const luaL_Reg p12_methods[] = {
		3753	{ "tostring", &p12__tostring },
		3754	{ NULL, NULL },
		3755	};
		3756
		3757	static const luaL_Reg p12_metatable[] = {
		3758	{ "__tostring", &p12__tostring },
		3759	{ "__gc", &p12__gc },
		3760	{ NULL, NULL },
		3761	};
		3762
		3763	static const luaL_Reg p12_globals[] = {
		3764	{ "new", &p12_new },
		3765	{ "interpose", &p12_interpose },
		3766	{ NULL, NULL },
		3767	};
		3768
		3769	int luaopen__openssl_pkcs12(lua_State *L) {
		3770	initall(L);
		3771
		3772	luaL_newlib(L, p12_globals);
		3773
		3774	return 1;
		3775	} /* luaopen__openssl_pkcs12() */
		3776
		3777
		3778	/*
3647	* SSL_CTX - openssl.ssl.context	3779	* SSL_CTX - openssl.ssl.context
3648	*	3780	*
3649	* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */	3781	* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
@@ -4840,6 +4972,7 @@ static void initall(lua_State *L) {
4840	addclass(L, X509_CRL_CLASS, xx_methods, xx_metatable);	4972	addclass(L, X509_CRL_CLASS, xx_methods, xx_metatable);
4841	addclass(L, X509_CHAIN_CLASS, xl_methods, xl_metatable);	4973	addclass(L, X509_CHAIN_CLASS, xl_methods, xl_metatable);
4842	addclass(L, X509_STORE_CLASS, xs_methods, xs_metatable);	4974	addclass(L, X509_STORE_CLASS, xs_methods, xs_metatable);
		4975	addclass(L, PKCS12_CLASS, p12_methods, p12_metatable);
4843	addclass(L, SSL_CTX_CLASS, sx_methods, sx_metatable);	4976	addclass(L, SSL_CTX_CLASS, sx_methods, sx_metatable);
4844	addclass(L, SSL_CLASS, ssl_methods, ssl_metatable);	4977	addclass(L, SSL_CLASS, ssl_methods, ssl_metatable);
4845	addclass(L, DIGEST_CLASS, md_methods, md_metatable);	4978	addclass(L, DIGEST_CLASS, md_methods, md_metatable);


diff --git a/src/openssl.pkcs12.lua b/src/openssl.pkcs12.lua new file mode 100644 index 0000000..d8f70c2 --- /dev/null +++ b/src/openssl.pkcs12.lua
@@ -0,0 +1 @@
			return require('_openssl.pkcs12')