/*** verify x509_req signature @function verify @treturn boolean result true for verify pass */ static LUA_FUNCTION(openssl_csr_verify) { X509_REQ *csr = CHECK_OBJECT(1, X509_REQ, "openssl.x509_req"); EVP_PKEY * self_key = X509_REQ_get_pubkey(csr); if (self_key) { lua_pushboolean(L, X509_REQ_verify(csr, self_key) == 1); EVP_PKEY_free(self_key); } else lua_pushboolean(L, 0); return 1; };
NUITKA_MAY_BE_UNUSED static bool EXCEPTION_MATCH_BOOL_SINGLE( PyObject *exception_value, PyObject *exception_checked ) { CHECK_OBJECT( exception_value ); CHECK_OBJECT( exception_checked ); // We need to check the class. if ( PyExceptionInstance_Check( exception_value ) ) { exception_value = PyExceptionInstance_Class( exception_value ); } // Lets be optimistic. If it matches, we would be wasting our time. if ( exception_value == exception_checked ) { return true; } if ( PyExceptionClass_Check( exception_value ) ) { // Save the current exception, if any, we must preserve it. PyObject *save_exception_type, *save_exception_value; PyTracebackObject *save_exception_tb; FETCH_ERROR_OCCURRED( &save_exception_type, &save_exception_value, &save_exception_tb ); int res = PyObject_IsSubclass( exception_value, exception_checked ); // This function must not fail, so print the error here */ if (unlikely( res == -1 )) { PyErr_WriteUnraisable( exception_value ); } RESTORE_ERROR_OCCURRED( save_exception_type, save_exception_value, save_exception_tb ); return res == 1; } return false; }
static int openssl_engine_name(lua_State*L){ ENGINE* eng = CHECK_OBJECT(1,ENGINE,"openssl.engine"); const char*id = NULL; int ret = 0; if(lua_isstring(L, 2)){ id = luaL_checkstring(L, 2); ret = ENGINE_set_name(eng,id); lua_pushboolean(L, ret); return 1; } lua_pushstring(L, ENGINE_get_name(eng)); return 1; }
static LUA_FUNCTION(openssl_ts_req_export) { TS_REQ *ts_req = CHECK_OBJECT(1, TS_REQ, "openssl.ts_req"); unsigned char *data = NULL; int len = i2d_TS_REQ(ts_req, &data); if (len > 0) { lua_pushlstring(L, data, (size_t)len); OPENSSL_free(data); return 1; } return 0; }
static LUA_FUNCTION(openssl_digest_info) { EVP_MD *md = CHECK_OBJECT(1, EVP_MD, "openssl.evp_digest"); lua_newtable(L); AUXILIAR_SET(L, -1, "nid", EVP_MD_nid(md), integer); AUXILIAR_SET(L, -1, "name", EVP_MD_name(md), string); AUXILIAR_SET(L, -1, "size", EVP_MD_size(md), integer); AUXILIAR_SET(L, -1, "block_size", EVP_MD_block_size(md), integer); AUXILIAR_SET(L, -1, "pkey_type", EVP_MD_pkey_type(md), integer); AUXILIAR_SET(L, -1, "flags", EVP_MD_type(md), integer); return 1; }
static LUA_FUNCTION(openssl_digest_ctx_reset) { EVP_MD_CTX *ctx = CHECK_OBJECT(1, EVP_MD_CTX, "openssl.evp_digest_ctx"); const EVP_MD *md = EVP_MD_CTX_md(ctx); ENGINE* e = ctx->engine; int ret = EVP_MD_CTX_cleanup(ctx); if (ret) { EVP_MD_CTX_init(ctx); EVP_DigestInit_ex(ctx, md, e); } return openssl_pushresult(L, ret); }
static int openssl_cms_content(lua_State *L) { CMS_ContentInfo *cms = CHECK_OBJECT(1, CMS_ContentInfo, "openssl.cms"); ASN1_OCTET_STRING** content = CMS_get0_content(cms); if (content && *content) { lua_pushnil(L); return 1; } lua_pushnil(L); return 1; }
/** @ingroup SystemInfo * @brief Get the configuration parameters used to initialize the API. * * This function returns the configuration parameters that were used to * initialize the API. * * @param value_p WO: Pointer in which to store revision info. * * @par Externals: * None. * * @return * N8_STATUS_OK: The function worked correctly. * N8_INVALID_OBJECT: The output pointer is NULL. * * @par Errors: * N8_INVALID_OBJECT as described in the return section. * * @par Locks: * None. * * @par Assumptions: * This function can not be called until the initialization of the API * is complete. The value_p pointer points to a "reasonable" location. *****************************************************************************/ static N8_Status_t setInitInfo(N8_Buffer_t *value_p) { N8_Status_t ret = N8_STATUS_OK; DBG(("setInitInfo\n")); do { CHECK_OBJECT(value_p, ret); n8_getConfigInfo((N8_ConfigAPI_t *)value_p); }while (FALSE); DBG(("setInitInfo - OK\n")); return ret; }
/* mem */ static LUA_FUNCTION(openssl_bio_get_mem) { BIO* bio = CHECK_OBJECT(1, BIO, "openssl.bio"); if (BIO_method_type(bio) == BIO_TYPE_MEM) { BUF_MEM* mem; BIO_get_mem_ptr(bio, &mem); lua_pushlstring(L, mem->data, mem->length); return 1; } luaL_error(L, "#1 BIO must be memory type"); return 0; }
static LUA_FUNCTION(openssl_verifyInit) { const EVP_MD *md = get_digest(L, 1); EVP_PKEY* pkey = CHECK_OBJECT(2, EVP_PKEY, "openssl.evp_pkey"); ENGINE* e = lua_gettop(L) > 2 ? CHECK_OBJECT(3, ENGINE, "openssl.engine") : NULL; EVP_PKEY_CTX *pctx = 0; EVP_MD_CTX *ctx = EVP_MD_CTX_create(); luaL_argcheck(L, !openssl_pkey_is_private(pkey), 2, "need public key"); if (ctx) { int ret = EVP_DigestVerifyInit(ctx, &pctx, md, e, pkey); if (ret) { PUSH_OBJECT(ctx, "openssl.evp_digest_ctx"); } else return openssl_pushresult(L, ret); } else lua_pushnil(L); return 1; }
static int openssl_xext_export(lua_State* L) { X509_EXTENSION *x = CHECK_OBJECT(1, X509_EXTENSION, "openssl.x509_extension"); unsigned char* p = NULL; int len = i2d_X509_EXTENSION(x, &p); if (len > 0) { lua_pushlstring(L, (const char *) p, len); } else lua_pushnil(L); return 1; };
static int openssl_cms_EncryptedData_decrypt(lua_State*L) { CMS_ContentInfo *cms = CHECK_OBJECT(1, CMS_ContentInfo, "openssl.cms"); size_t klen; const char* key = luaL_checklstring(L, 2, &klen); BIO* dcont = load_bio_object(L, 3); BIO* out = load_bio_object(L, 4); unsigned int flags = luaL_optint(L, 5, 0); int ret = CMS_EncryptedData_decrypt(cms, (const unsigned char*)key, klen, dcont, out, flags); return openssl_pushresult(L, ret); }
static LUA_FUNCTION(openssl_pkcs7_verify) { int ret = 0; PKCS7 *p7 = CHECK_OBJECT(1, PKCS7, "openssl.pkcs7"); STACK_OF(X509) *signers = lua_isnoneornil(L, 2) ? NULL : openssl_sk_x509_fromtable(L, 2); X509_STORE *store = lua_isnoneornil(L, 3) ? NULL : CHECK_OBJECT(3, X509_STORE, "openssl.x509_store"); BIO* in = lua_isnoneornil(L, 4) ? NULL : load_bio_object(L, 4); long flags = luaL_optint(L, 5, 0); BIO* out = BIO_new(BIO_s_mem()); if (!store) flags |= PKCS7_NOVERIFY; if (PKCS7_verify(p7, signers, store, in, out, flags) == 1) { if (out && (flags & PKCS7_DETACHED) == 0) { BUF_MEM *bio_buf; BIO_get_mem_ptr(out, &bio_buf); lua_pushlstring(L, bio_buf->data, bio_buf->length); } else { lua_pushboolean(L, 1); } ret += 1; } else { ret = openssl_pushresult(L, 0); } if (signers) sk_X509_pop_free(signers, X509_free); if (out) BIO_free(out); if (in) BIO_free(in); return ret; }
static int openssl_xname_info(lua_State*L) { X509_NAME* name = CHECK_OBJECT(1, X509_NAME, "openssl.x509_name"); int i; int n_entries = X509_NAME_entry_count(name); lua_newtable(L); for (i = 0; i < n_entries; i++) { X509_NAME_ENTRY* entry = X509_NAME_get_entry(name, i); openssl_push_xname_entry(L, entry); lua_rawseti(L, -2, i + 1); } return 1; };
static int openssl_xname_digest(lua_State*L) { X509_NAME* xname = CHECK_OBJECT(1, X509_NAME, "openssl.x509_name"); const EVP_MD* md = get_digest(L, 2); unsigned char buf [EVP_MAX_MD_SIZE]; unsigned int len = sizeof(buf); int ret = X509_NAME_digest(xname, md, buf, &len); if (ret == 1) lua_pushlstring(L, (const char *) buf, len); else return openssl_pushresult(L, ret); return 1; };
static int openssl_xname_i2d(lua_State*L) { X509_NAME* xn = CHECK_OBJECT(1, X509_NAME, "openssl.x509_name"); unsigned char* out = NULL; int len = i2d_X509_NAME(xn, &out); if (len > 0) { lua_pushlstring(L, (const char *)out, len); CRYPTO_free(out); return 1; } else return openssl_pushresult(L, len); };
/*** return x509_name as table @function info @tparam[opt=false] boolean asobject table key will use asn1_object or short name of asn1_object @treturn table names @see new */ static int openssl_xname_info(lua_State*L) { X509_NAME* name = CHECK_OBJECT(1, X509_NAME, "openssl.x509_name"); int obj = lua_isnoneornil(L, 2) ? 0 : lua_toboolean(L, 2); int i, n; lua_newtable(L); for (i = 0, n = X509_NAME_entry_count(name); i < n; i++) { X509_NAME_ENTRY* entry = X509_NAME_get_entry(name, i); openssl_push_xname_entry(L, entry, obj); lua_rawseti(L, -2, i + 1); } return 1; };
static LUA_FUNCTION(openssl_digest) { const EVP_MD *md = NULL; if (lua_istable(L, 1)) { if (lua_getmetatable(L, 1) && lua_equal(L, 1, -1)) { lua_pop(L, 1); lua_remove(L, 1); } else luaL_error(L, "call function with invalid state"); } if (lua_isstring(L, 1)) { md = EVP_get_digestbyname(lua_tostring(L, 1)); } else if (auxiliar_isclass(L, "openssl.evp_digest", 1)) { md = CHECK_OBJECT(1, EVP_MD, "openssl.evp_digest"); } else luaL_error(L, "argument #1 must be a string identity digest method or an openssl.evp_digest object"); if (md) { size_t inl; unsigned char buf[EVP_MAX_MD_SIZE]; unsigned int blen = sizeof(buf); const char* in = luaL_checklstring(L, 2, &inl); int raw = (lua_isnoneornil(L, 3)) ? 0 : lua_toboolean(L, 3); int status = EVP_Digest(in, inl, buf, &blen, md, NULL); if (status) { if (raw) lua_pushlstring(L, (const char*)buf, blen); else { char hex[2 * EVP_MAX_MD_SIZE + 1]; to_hex((const char*) buf, blen, hex); lua_pushstring(L, hex); } } else luaL_error(L, "EVP_Digest method fail"); } else luaL_error(L, "argument #1 is not a valid digest algorithm or openssl.evp_digest object"); return 1; };
static int openssl_xattr_type(lua_State*L) { X509_ATTRIBUTE* attr = CHECK_OBJECT(1, X509_ATTRIBUTE, "openssl.x509_attribute"); int loc = luaL_optint(L, 2, 0); ASN1_TYPE *type = X509_ATTRIBUTE_get0_type(attr, loc); if (type) { openssl_push_asn1type(L, type);; return 1; } else lua_pushnil(L); return 1; }
static int openssl_ssl_peer(lua_State*L) { SSL* s = CHECK_OBJECT(1, SSL, "openssl.ssl"); X509* x = SSL_get_peer_certificate(s); STACK_OF(X509) *sk = SSL_get_peer_cert_chain(s); PUSH_OBJECT(x, "openssl.x509"); if (sk) { sk = openssl_sk_x509_dup(sk); PUSH_OBJECT(sk, "openssl.stack_of_x509"); return 2; } return 1; }
void assembleRequest( const string &ns, BSONObj query, int nToReturn, int nToSkip, const BSONObj *fieldsToReturn, int queryOptions, Message &toSend ) { CHECK_OBJECT( query , "assembleRequest query" ); // see query.h for the protocol we are using here. BufBuilder b; int opts = queryOptions; b.append(opts); b.append(ns.c_str()); b.append(nToSkip); b.append(nToReturn); query.appendSelfToBufBuilder(b); if ( fieldsToReturn ) fieldsToReturn->appendSelfToBufBuilder(b); toSend.setData(dbQuery, b.buf(), b.len()); }
static void RAISE_GENERATOR_EXCEPTION( struct Nuitka_GeneratorObject *generator ) { CHECK_OBJECT( generator->m_exception_type ); RESTORE_ERROR_OCCURRED( generator->m_exception_type, generator->m_exception_value, generator->m_exception_tb ); generator->m_exception_type = NULL; generator->m_exception_value = NULL; generator->m_exception_tb = NULL; }
NUITKA_MAY_BE_UNUSED static bool BINARY_OPERATION_INPLACE( binary_api api, PyObject **operand1, PyObject *operand2 ) { assert( operand1 ); CHECK_OBJECT( *operand1 ); CHECK_OBJECT( operand2 ); // TODO: There is not really much point in these things. PyObject *result = BINARY_OPERATION( api, *operand1, operand2 ); if (unlikely( result == NULL )) { return false; } // We got an object handed, that we have to release. Py_DECREF( *operand1 ); // That's our return value then. As we use a dedicated variable, it's // OK that way. *operand1 = result; return true; }
static int openssl_xext_critical(lua_State* L) { X509_EXTENSION *x = CHECK_OBJECT(1, X509_EXTENSION, "openssl.x509_extension"); if (lua_isnone(L, 2)) { lua_pushboolean(L, X509_EXTENSION_get_critical(x)); return 1; } else { int ret = X509_EXTENSION_set_critical(x, lua_toboolean(L, 2)); return openssl_pushresult(L, ret); } };
static int openssl_ssl_ctx_timeout(lua_State*L) { SSL_CTX* ctx = CHECK_OBJECT(1, SSL_CTX, "openssl.ssl_ctx"); long t; if (!lua_isnoneornil(L, 2)) { t = SSL_CTX_set_timeout(ctx, luaL_checkint(L, 2)); lua_pushinteger(L, t); return 1; } t = SSL_CTX_get_timeout(ctx); lua_pushinteger(L, t); return 1; }
static int openssl_engine_flags(lua_State*L) { ENGINE* eng = CHECK_OBJECT(1, ENGINE, "openssl.engine"); int ret = 0; if (lua_isstring(L, 2)) { int flags = luaL_checkint(L, 2); ret = ENGINE_set_flags(eng, flags); lua_pushboolean(L, ret); return 1; } lua_pushinteger(L, ENGINE_get_flags(eng)); return 1; }
static LUA_FUNCTION(openssl_crl_add_revocked) { X509_CRL *crl = CHECK_OBJECT(1, X509_CRL, "openssl.x509_crl"); BIGNUM* sn = BN_get(L, 2); time_t t = lua_tointeger(L, 3); int reason = reason_get(L, 4); int ret = 0; X509_REVOKED* revoked = create_revoked(L, sn, t, reason); ret = X509_CRL_add0_revoked(crl, revoked); lua_pushboolean(L, ret); BN_free(sn); return 1; }
PyObject *FIND_ATTRIBUTE_IN_CLASS(PyClassObject *klass, PyObject *attr_name) { CHECK_OBJECT(klass); CHECK_OBJECT(attr_name); assert(PyClass_Check(klass)); assert(PyString_CheckExact(attr_name)); PyObject *result = GET_STRING_DICT_VALUE((PyDictObject *)klass->cl_dict, (PyStringObject *)attr_name); if (result == NULL) { Py_ssize_t base_count = PyTuple_Size(klass->cl_bases); for (Py_ssize_t i = 0; i < base_count; i++) { result = FIND_ATTRIBUTE_IN_CLASS((PyClassObject *)PyTuple_GetItem(klass->cl_bases, i), attr_name); if (result != NULL) { break; } } } return result; }
static LUA_FUNCTION(openssl_bio_get_ssl) { BIO* bio = CHECK_OBJECT(1, BIO, "openssl.bio"); SSL* ssl = NULL; int ret = BIO_get_ssl(bio, &ssl); if (ret == 1) { openssl_newvalue(L, ssl); PUSH_OBJECT(ssl, "openssl.ssl"); openssl_refrence(L, ssl, +1); return 1; } return 0; }
NUITKA_MAY_BE_UNUSED static PyObject *IMPORT_NAME( PyObject *module, PyObject *import_name ) { CHECK_OBJECT( module ); CHECK_OBJECT( import_name ); PyObject *result = PyObject_GetAttr( module, import_name ); if (unlikely( result == NULL )) { if ( EXCEPTION_MATCH_BOOL_SINGLE( GET_ERROR_OCCURRED(), PyExc_AttributeError ) ) { #if PYTHON_VERSION < 340 PyErr_Format( PyExc_ImportError, "cannot import name %s", Nuitka_String_AsString( import_name )); #else PyErr_Format( PyExc_ImportError, "cannot import name '%s'", Nuitka_String_AsString( import_name )); #endif } return NULL; } return result; }