1 files changed, 80 insertions, 2 deletions
diff --git a/src/openssl.c b/src/openssl.c
index 3c4a237..63c3985 100644
--- a/src/openssl.c
+++ b/src/openssl.c
@@ -2872,11 +2872,30 @@ static int xe_new(lua_State *L) {
        const char *name = luaL_checkstring(L, 1);
        const char *value = luaL_checkstring(L, 2);
+        ASN1_OBJECT *obj = NULL;
+        ASN1_STRING *oct = NULL;
        CONF *conf = NULL;
        X509V3_CTX cbuf = { 0 }, *ctx = NULL;
        if (!lua_isnil(L, 3)) {
-                const char *cdata = luaL_checkstring(L, 3);
+                size_t len;
+                const char *cdata = luaL_checklstring(L, 3, &len);
+                int crit = !strcmp(value, "critical,DER");
+                if (crit || !strcmp(value, "DER")) {
+                        if (!(obj = OBJ_txt2obj(name, 0)))
+                                goto error;
+                        if (!(oct = ASN1_STRING_new()))
+                                goto error;
+                        if (!ASN1_STRING_set(oct, cdata, len))
+                                goto error;
+                        if (!(*ud = X509_EXTENSION_create_by_OBJ(NULL, obj, crit, oct)))
+                                goto error;
+                        ASN1_OBJECT_free(obj);
+                        ASN1_STRING_free(oct);
+                        return 1;
+                }
                BIO *bio = getbio(L);
                if (BIO_puts(bio, cdata) < 0)
                        goto error;
@@ -2907,6 +2926,12 @@ static int xe_new(lua_State *L) {
        return 1;
 error:
+        if (obj)
+                ASN1_OBJECT_free(obj);
+        if (oct)
+                ASN1_STRING_free(oct);
        if (conf)
                NCONF_free(conf);
@@ -2919,6 +2944,13 @@ static int xe_interpose(lua_State *L) {
 } /* xe_interpose() */
+static int xe_getData(lua_State *L) {
+        ASN1_STRING *data = X509_EXTENSION_get_data(checksimple(L, 1, X509_EXT_CLASS));
+        lua_pushlstring(L, (char *) ASN1_STRING_data(data), ASN1_STRING_length(data));
+        return 1;
+} /* xe_getData() */
 static int xe__gc(lua_State *L) {
        X509_EXTENSION **ud = luaL_checkudata(L, 1, X509_EXT_CLASS);
@@ -2932,7 +2964,8 @@ static int xe__gc(lua_State *L) {
 static const luaL_Reg xe_methods[] = {
-        { NULL,  NULL },
+        { "getData",  &xe_getData },
+        { NULL,       NULL },
 };
 static const luaL_Reg xe_metatable[] = {
@@ -3660,6 +3693,37 @@ static int xc_addExtension(lua_State *L) {
 } /* xc_addExtension() */
+static int xc_getExtension(lua_State *L) {
+        X509 *crt = checksimple(L, 1, X509_CERT_CLASS);
+        const char *name = luaL_checkstring(L, 2);
+        X509_EXTENSION *ext, **ud;
+        ASN1_OBJECT *obj = NULL;
+        if (!(obj = OBJ_txt2obj(name, 0)))
+                goto error;
+        int i = X509_get_ext_by_OBJ(crt, obj, -1);
+        if (i > -1) {
+                ud = prepsimple(L, X509_EXT_CLASS);
+                if (!(ext = X509_get_ext(crt, i)))
+                        goto error;
+                if (!(*ud = X509_EXTENSION_dup(ext)))
+                        goto error;
+        }
+        else lua_pushnil(L);
+        ASN1_OBJECT_free(obj);
+        return 1;
+error:
+        if (obj)
+                ASN1_OBJECT_free(obj);
+        return auxL_error(L, auxL_EOPENSSL, "x509.cert:getExtension");
+} /* xc_getExtension() */
 static int xc_isIssuedBy(lua_State *L) {
        X509 *crt = checksimple(L, 1, X509_CERT_CLASS);
        X509 *issuer = checksimple(L, 2, X509_CERT_CLASS);
@@ -3897,6 +3961,7 @@ static const luaL_Reg xc_methods[] = {
        { "getBasicConstraintsCritical", &xc_getBasicConstraintsCritical },
        { "setBasicConstraintsCritical", &xc_setBasicConstraintsCritical },
        { "addExtension",  &xc_addExtension },
+        { "getExtension",  &xc_getExtension },
        { "isIssuedBy",    &xc_isIssuedBy },
        { "getPublicKey",  &xc_getPublicKey },
        { "setPublicKey",  &xc_setPublicKey },
@@ -4365,6 +4430,18 @@ error:
 } /* xx_add() */
+static int xx_addExtension(lua_State *L) {
+        X509_CRL *crl = checksimple(L, 1, X509_CRL_CLASS);
+        X509_EXTENSION *ext = checksimple(L, 2, X509_EXT_CLASS);
+        if (!X509_CRL_add_ext(crl, ext, -1))
+                return auxL_error(L, auxL_EOPENSSL, "x509.crl:addExtension");
+        lua_pushboolean(L, 1);
+        return 1;
+} /* xx_addExtension() */
 static int xx_sign(lua_State *L) {
        X509_CRL *crl = checksimple(L, 1, X509_CRL_CLASS);
        EVP_PKEY *key = checksimple(L, 2, PKEY_CLASS);
@@ -4443,6 +4520,7 @@ static const luaL_Reg xx_methods[] = {
        { "getIssuer",      &xx_getIssuer },
        { "setIssuer",      &xx_setIssuer },
        { "add",            &xx_add },
+        { "addExtension",   &xx_addExtension },
        { "sign",           &xx_sign },
        { "text",           &xx_text },
        { "tostring",       &xx__tostring },

diff --git a/src/openssl.c b/src/openssl.c index 3c4a237..63c3985 100644 --- a/src/openssl.c +++ b/src/openssl.c
@@ -2872,11 +2872,30 @@ static int xe_new(lua_State *L) {
2872	const char *name = luaL_checkstring(L, 1);	2872	const char *name = luaL_checkstring(L, 1);
2873	const char *value = luaL_checkstring(L, 2);	2873	const char *value = luaL_checkstring(L, 2);
2874		2874
		2875	ASN1_OBJECT *obj = NULL;
		2876	ASN1_STRING *oct = NULL;
2875	CONF *conf = NULL;	2877	CONF *conf = NULL;
2876	X509V3_CTX cbuf = { 0 }, *ctx = NULL;	2878	X509V3_CTX cbuf = { 0 }, *ctx = NULL;
2877		2879
2878	if (!lua_isnil(L, 3)) {	2880	if (!lua_isnil(L, 3)) {
2879	const char *cdata = luaL_checkstring(L, 3);	2881	size_t len;
		2882	const char *cdata = luaL_checklstring(L, 3, &len);
		2883	int crit = !strcmp(value, "critical,DER");
		2884
		2885	if (crit \|\| !strcmp(value, "DER")) {
		2886	if (!(obj = OBJ_txt2obj(name, 0)))
		2887	goto error;
		2888	if (!(oct = ASN1_STRING_new()))
		2889	goto error;
		2890	if (!ASN1_STRING_set(oct, cdata, len))
		2891	goto error;
		2892	if (!(*ud = X509_EXTENSION_create_by_OBJ(NULL, obj, crit, oct)))
		2893	goto error;
		2894	ASN1_OBJECT_free(obj);
		2895	ASN1_STRING_free(oct);
		2896	return 1;
		2897	}
		2898
2880	BIO *bio = getbio(L);	2899	BIO *bio = getbio(L);
2881	if (BIO_puts(bio, cdata) < 0)	2900	if (BIO_puts(bio, cdata) < 0)
2882	goto error;	2901	goto error;
@@ -2907,6 +2926,12 @@ static int xe_new(lua_State *L) {
2907		2926
2908	return 1;	2927	return 1;
2909	error:	2928	error:
		2929	if (obj)
		2930	ASN1_OBJECT_free(obj);
		2931
		2932	if (oct)
		2933	ASN1_STRING_free(oct);
		2934
2910	if (conf)	2935	if (conf)
2911	NCONF_free(conf);	2936	NCONF_free(conf);
2912		2937
@@ -2919,6 +2944,13 @@ static int xe_interpose(lua_State *L) {
2919	} /* xe_interpose() */	2944	} /* xe_interpose() */
2920		2945
2921		2946
		2947	static int xe_getData(lua_State *L) {
		2948	ASN1_STRING *data = X509_EXTENSION_get_data(checksimple(L, 1, X509_EXT_CLASS));
		2949	lua_pushlstring(L, (char *) ASN1_STRING_data(data), ASN1_STRING_length(data));
		2950	return 1;
		2951	} /* xe_getData() */
		2952
		2953
2922	static int xe__gc(lua_State *L) {	2954	static int xe__gc(lua_State *L) {
2923	X509_EXTENSION **ud = luaL_checkudata(L, 1, X509_EXT_CLASS);	2955	X509_EXTENSION **ud = luaL_checkudata(L, 1, X509_EXT_CLASS);
2924		2956
@@ -2932,7 +2964,8 @@ static int xe__gc(lua_State *L) {
2932		2964
2933		2965
2934	static const luaL_Reg xe_methods[] = {	2966	static const luaL_Reg xe_methods[] = {
2935	{ NULL, NULL },	2967	{ "getData", &xe_getData },
		2968	{ NULL, NULL },
2936	};	2969	};
2937		2970
2938	static const luaL_Reg xe_metatable[] = {	2971	static const luaL_Reg xe_metatable[] = {
@@ -3660,6 +3693,37 @@ static int xc_addExtension(lua_State *L) {
3660	} /* xc_addExtension() */	3693	} /* xc_addExtension() */
3661		3694
3662		3695
		3696	static int xc_getExtension(lua_State *L) {
		3697	X509 *crt = checksimple(L, 1, X509_CERT_CLASS);
		3698	const char *name = luaL_checkstring(L, 2);
		3699
		3700	X509_EXTENSION ext, *ud;
		3701	ASN1_OBJECT *obj = NULL;
		3702
		3703	if (!(obj = OBJ_txt2obj(name, 0)))
		3704	goto error;
		3705
		3706	int i = X509_get_ext_by_OBJ(crt, obj, -1);
		3707	if (i > -1) {
		3708	ud = prepsimple(L, X509_EXT_CLASS);
		3709	if (!(ext = X509_get_ext(crt, i)))
		3710	goto error;
		3711	if (!(*ud = X509_EXTENSION_dup(ext)))
		3712	goto error;
		3713	}
		3714	else lua_pushnil(L);
		3715
		3716	ASN1_OBJECT_free(obj);
		3717	return 1;
		3718
		3719	error:
		3720	if (obj)
		3721	ASN1_OBJECT_free(obj);
		3722
		3723	return auxL_error(L, auxL_EOPENSSL, "x509.cert:getExtension");
		3724	} /* xc_getExtension() */
		3725
		3726
3663	static int xc_isIssuedBy(lua_State *L) {	3727	static int xc_isIssuedBy(lua_State *L) {
3664	X509 *crt = checksimple(L, 1, X509_CERT_CLASS);	3728	X509 *crt = checksimple(L, 1, X509_CERT_CLASS);
3665	X509 *issuer = checksimple(L, 2, X509_CERT_CLASS);	3729	X509 *issuer = checksimple(L, 2, X509_CERT_CLASS);
@@ -3897,6 +3961,7 @@ static const luaL_Reg xc_methods[] = {
3897	{ "getBasicConstraintsCritical", &xc_getBasicConstraintsCritical },	3961	{ "getBasicConstraintsCritical", &xc_getBasicConstraintsCritical },
3898	{ "setBasicConstraintsCritical", &xc_setBasicConstraintsCritical },	3962	{ "setBasicConstraintsCritical", &xc_setBasicConstraintsCritical },
3899	{ "addExtension", &xc_addExtension },	3963	{ "addExtension", &xc_addExtension },
		3964	{ "getExtension", &xc_getExtension },
3900	{ "isIssuedBy", &xc_isIssuedBy },	3965	{ "isIssuedBy", &xc_isIssuedBy },
3901	{ "getPublicKey", &xc_getPublicKey },	3966	{ "getPublicKey", &xc_getPublicKey },
3902	{ "setPublicKey", &xc_setPublicKey },	3967	{ "setPublicKey", &xc_setPublicKey },
@@ -4365,6 +4430,18 @@ error:
4365	} /* xx_add() */	4430	} /* xx_add() */
4366		4431
4367		4432
		4433	static int xx_addExtension(lua_State *L) {
		4434	X509_CRL *crl = checksimple(L, 1, X509_CRL_CLASS);
		4435	X509_EXTENSION *ext = checksimple(L, 2, X509_EXT_CLASS);
		4436
		4437	if (!X509_CRL_add_ext(crl, ext, -1))
		4438	return auxL_error(L, auxL_EOPENSSL, "x509.crl:addExtension");
		4439
		4440	lua_pushboolean(L, 1);
		4441
		4442	return 1;
		4443	} /* xx_addExtension() */
		4444
4368	static int xx_sign(lua_State *L) {	4445	static int xx_sign(lua_State *L) {
4369	X509_CRL *crl = checksimple(L, 1, X509_CRL_CLASS);	4446	X509_CRL *crl = checksimple(L, 1, X509_CRL_CLASS);
4370	EVP_PKEY *key = checksimple(L, 2, PKEY_CLASS);	4447	EVP_PKEY *key = checksimple(L, 2, PKEY_CLASS);
@@ -4443,6 +4520,7 @@ static const luaL_Reg xx_methods[] = {
4443	{ "getIssuer", &xx_getIssuer },	4520	{ "getIssuer", &xx_getIssuer },
4444	{ "setIssuer", &xx_setIssuer },	4521	{ "setIssuer", &xx_setIssuer },
4445	{ "add", &xx_add },	4522	{ "add", &xx_add },
		4523	{ "addExtension", &xx_addExtension },
4446	{ "sign", &xx_sign },	4524	{ "sign", &xx_sign },
4447	{ "text", &xx_text },	4525	{ "text", &xx_text },
4448	{ "tostring", &xx__tostring },	4526	{ "tostring", &xx__tostring },